Instance Profiles API 2.0

The Instance Profiles API allows admins to add, list, and remove instance profiles that users can launch clusters with. Regular users can list the instance profiles available to them. See Secure access to S3 buckets using instance profiles for more information.

Important

To access Databricks REST APIs, you must authenticate.

Add

Endpoint

HTTP Method

2.0/instance-profiles/add

POST

Register an instance profile. In the UI, you can select the instance profile when launching clusters.

This API is only available to admin users.

Example 

curl --netrc -X POST \
https://dbc-a1b2345c-d6e7.cloud.databricks.com/api/2.0/instance-profiles/add \
--data '{ "instance_profile_arn": "arn:aws:iam::123456789012:instance-profile/my-profile" }'

{}

Request structure

Field Name

Type

Description

instance_profile_arn

STRING

The AWS ARN of the instance profile to register with Databricks. It should look like: arn:aws:iam::<account-id>:instance-profile/<name>. This field is required.

is_meta_instance_profile

BOOL

Whether the instance profile is a meta instance profile. Used only in IAM credential passthrough. This field is optional.

skip_validation

BOOL

By default, Databricks validates that it has sufficient permissions to launch instances with the instance profile. This validation uses AWS dry-run mode for the RunInstances API. If validation fails with an error message that does not indicate an IAM related permission issue, (e.g. “Your requested instance type is not supported in your requested availability zone”), you can pass this flag to skip the validation and forcibly add the instance profile.

List

Endpoint

HTTP Method

2.0/instance-profiles/list

GET

List the instance profiles that the calling user can use to launch a cluster.

This API is available to all users.

Example 

curl --netrc -X GET \
https://dbc-a1b2345c-d6e7.cloud.databricks.com/api/2.0/instance-profiles/list \
| jq .

{
  "instance_profiles": [
    {
      "instance_profile_arn": "arn:aws:iam::123456789012:instance-profile/my-profile",
      "is_meta_instance_profile": false
    }
  ]
}

Response structure

Field Name

Type

Description

instance_profiles

An array of InstanceProfile

A list of instance profiles that the user can access.

Remove

Endpoint

HTTP Method

2.0/instance-profiles/remove

POST

Remove the instance profile with the provided ARN. Existing clusters with this instance profile will continue to function.

This API is only accessible to admin users.

Example 

curl --netrc -X POST \
https://dbc-a1b2345c-d6e7.cloud.databricks.com/api/2.0/instance-profiles/remove \
--data '{ "instance_profile_arn": "arn:aws:iam::123456789012:instance-profile/my-profile" }'

{}

Request structure

Field Name

Type

Description

instance_profile_arn

STRING

The ARN of the instance profile to remove. This field is required.

Data structures

In this section:

InstanceProfile

An IAM instance profile that can be attached to instances when launching a cluster.

Field Name

Type

Description

instance_profile_arn

STRING

The AWS ARN of the instance profile to register with Databricks. It should look like: arn:aws:iam::<account-id>:instance-profile/<name>. This field is required.

is_meta_instance_profile

BOOL

Whether the instance profile is a meta instance profile. Used only in IAM credential passthrough. For more information, see Set up a meta instance profile.