cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

unable to add new instance profile

Go to solution
164079
Contributor II

‎11-10-2022 01:56 AM

Hi team,

I want to start adding more instance profile per team . when adding it via TF , im getting the below error:

imageIm able BTW to add and change other databricks resources via TF .

This is my new code block:

imageThe new role created by the TF but wasnt added to databricks, so i decided add it manually via my workspace console and im receiving the below error:

imageSo i assume there is a general issue adding new instance profile to my workspace and its not related to a TF issue.

Please advise

Thanks!

Preview file
175 KB
Preview file
35 KB
Preview file
64 KB
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Vivian_Wilfred
Honored Contributor
Honored Contributor

‎11-10-2022 03:28 AM

Hi @Avi Edri​ ,

The error you see on terraform and the workspace console does not seem to be related.

For the console error:

Have you added iam:passRole permissions to the instance profile on your E2 policy? Check this doc-

https://docs.databricks.com/administration-guide/cloud-configurations/aws/instance-profiles.html#ste...

For the terraform error:

Have you configured the databricks URL in the "host" parament while declaring the databricks provider? The databricks_instance_profile tf resource is looking for a workspace URL where it should create the instance profile. Authenticate the provider with the host and a PAT token and retry -

https://registry.terraform.io/providers/databricks/databricks/latest/docs#authenticating-with-hostna...

View solution in original post

3 REPLIES 3

Go to solution
Vivian_Wilfred
Honored Contributor
Honored Contributor

‎11-10-2022 03:28 AM

Hi @Avi Edri​ ,

The error you see on terraform and the workspace console does not seem to be related.

For the console error:

Have you added iam:passRole permissions to the instance profile on your E2 policy? Check this doc-

https://docs.databricks.com/administration-guide/cloud-configurations/aws/instance-profiles.html#ste...

For the terraform error:

Have you configured the databricks URL in the "host" parament while declaring the databricks provider? The databricks_instance_profile tf resource is looking for a workspace URL where it should create the instance profile. Authenticate the provider with the host and a PAT token and retry -

https://registry.terraform.io/providers/databricks/databricks/latest/docs#authenticating-with-hostna...

Go to solution
164079
Contributor II

‎11-10-2022 03:57 AM

Thank you @Vivian Wilfred​ 

You are so correct,

So regarding the console adding error, i added this iampass with my new role and i am able to add new instance profile via workspace console.

Regarding the TF ,I added the workspace provider and it is also works now. this is great.

I have one last question, I couldnt find the main iam policy attached to the cross account role on the databricks TF module ( same policy i added the iam pass with my new role. so i had to add those config manually. can you maybe tell me if i can control this policy via the TF?

imageAnd its called by the TF as: aws_iam_role_policy.this

but couldnt find it

Thanks!

Preview file
81 KB
0 Kudos

Go to solution
164079
Contributor II

‎11-10-2022 06:39 AM

Thank you @Vivian Wilfred​ 

all ok now, with the databricks console and the TF

Have a graet day!

0 Kudos
Announcements