cancel
Showing results for 
Search instead for 
Did you mean: 
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Showing results for 
Search instead for 
Did you mean: 

Why does Databricks need ec2:CreateTags and ec2:DeleteTags permissions in the cross-account IAM role?

MoJaMa
Valued Contributor II
Valued Contributor II
1 REPLY 1

MoJaMa
Valued Contributor II
Valued Contributor II

These permissions are one of the list described here in Step 6.c

https://docs.databricks.com/administration-guide/account-api/iam-role.html

It is required because we use tags to identify the owners, and other minimum information, of clusters on AWS. It is not possible to remove these permissions.

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!