Instance Profile API

The Instance Profile API allows admins to add, list, and remove instances profiles that users can launch clusters with. Regular users can list the instance profiles available to them. See Secure Access to S3 Buckets using IAM Roles for more information.


Profiles Add

Endpoint HTTP Method
2.0/instance-profiles/add POST

Registers an instance profile in Databricks. In the UI, you can then give users the permission to use this instance profile when launching clusters.

This API is only available to admin users.

An example request:

{
  "instance_profile_arn": "arn:aws:iam::123456789:instance-profile/datascience-role"
}

Request Structure

Field Name Type Description
instance_profile_arn STRING The AWS ARN of the instance profile to register with Databricks. It should look like: arn:aws:iam::<account-id>:instance-profile/<name>. This field is required.
skip_validation BOOL By default, Databricks validates that it has sufficient permissions to launch instances with the instance profile. This validation uses AWS dry-run mode for the RunInstances API. If validation fails with an error message that does not indicate an IAM related permission issue, (e.g. “Your requested instance type is not supported in your requested Availability Zone”), you may pass this flag to skip the validation and forcibly add the instance profile.

Profiles List

Endpoint HTTP Method
2.0/instance-profiles/list GET

Lists the instance profiles that the calling user can use to launch a cluster.

This API is available to all users.

An example response:

{
  "instance_profiles": ["arn:aws:iam::123456789:instance-profile/datascience-role"]
}

Response Structure

Field Name Type Description
instance_profiles An array of InstanceProfile A list of instance profiles that the user can access.

Profiles Remove

Endpoint HTTP Method
2.0/instance-profiles/remove POST

Removes the instance profile with the provided ARN. Existing clusters with this instance profile will continue to function.

This API is only accessible to admin users.

An example request:

{
  "instance_profile_arn": "arn:aws:iam::123456789:instance-profile/datascience-role"
}

Request Structure

Field Name Type Description
instance_profile_arn STRING The arn of the instance profile to remove. This field is required.

Data Structures

InstanceProfile

An IAM instance profile that can be attached to instances when launching a cluster.

Field Name Type Description
instance_profile_arn STRING The AWS ARN of the instance profile to register with Databricks. It should look like: arn:aws:iam::<account-id>:instance-profile/<name>. This field is required.