instance_profiles
Creates, updates, deletes, gets or lists an instance_profiles resource.
Overview
| Name | instance_profiles |
| Type | Resource |
| Id | databricks_workspace.compute.instance_profiles |
Fields
The following fields are returned by SELECT queries:
- list
| Name | Datatype | Description |
|---|---|---|
iam_role_arn | string | The AWS IAM role ARN of the role associated with the instance profile. This field is required if your role name and instance profile name do not match and you want to use the instance profile with [Databricks SQL Serverless]. Otherwise, this field is optional. [Databricks SQL Serverless]: https://docs.databricks.com/sql/admin/serverless.html |
instance_profile_arn | string | |
is_meta_instance_profile | boolean | Boolean flag indicating whether the instance profile should only be used in credential passthrough scenarios. If true, it means the instance profile contains an meta IAM role which could assume a wide range of roles. Therefore it should always be used with authorization. This field is optional, the default value is `false`. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list | select | deployment_name | List the instance profiles that the calling user can use to launch a cluster. | |
add | insert | deployment_name, instance_profile_arn | Registers an instance profile in Databricks. In the UI, you can then give users the permission to use | |
edit | replace | deployment_name, instance_profile_arn | The only supported field to change is the optional IAM role ARN associated with the instance profile. | |
remove | delete | deployment_name | Remove the instance profile with the provided ARN. Existing clusters with this instance profile will |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
deployment_name | string | The Databricks Workspace Deployment Name (default: dbc-abcd0123-a1bc) |
SELECT examples
- list
List the instance profiles that the calling user can use to launch a cluster.
SELECT
iam_role_arn,
instance_profile_arn,
is_meta_instance_profile
FROM databricks_workspace.compute.instance_profiles
WHERE deployment_name = '{{ deployment_name }}' -- required
;
INSERT examples
- add
- Manifest
Registers an instance profile in Databricks. In the UI, you can then give users the permission to use
INSERT INTO databricks_workspace.compute.instance_profiles (
instance_profile_arn,
iam_role_arn,
is_meta_instance_profile,
skip_validation,
deployment_name
)
SELECT
'{{ instance_profile_arn }}' /* required */,
'{{ iam_role_arn }}',
{{ is_meta_instance_profile }},
{{ skip_validation }},
'{{ deployment_name }}'
;
# Description fields are for documentation purposes
- name: instance_profiles
props:
- name: deployment_name
value: "{{ deployment_name }}"
description: Required parameter for the instance_profiles resource.
- name: instance_profile_arn
value: "{{ instance_profile_arn }}"
description: |
The AWS ARN of the instance profile to register with Databricks. This field is required.
- name: iam_role_arn
value: "{{ iam_role_arn }}"
description: |
The AWS IAM role ARN of the role associated with the instance profile. This field is required if your role name and instance profile name do not match and you want to use the instance profile with [Databricks SQL Serverless]. Otherwise, this field is optional. [Databricks SQL Serverless]: https://docs.databricks.com/sql/admin/serverless.html
- name: is_meta_instance_profile
value: {{ is_meta_instance_profile }}
description: |
Boolean flag indicating whether the instance profile should only be used in credential passthrough scenarios. If true, it means the instance profile contains an meta IAM role which could assume a wide range of roles. Therefore it should always be used with authorization. This field is optional, the default value is `false`.
- name: skip_validation
value: {{ skip_validation }}
description: |
By default, Databricks validates that it has sufficient permissions to launch instances with the instance profile. This validation uses AWS dry-run mode for the RunInstances API. If validation fails with an error message that does not indicate an IAM related permission issue, (e.g. “Your requested instance type is not supported in your requested availability zone”), you can pass this flag to skip the validation and forcibly add the instance profile.
REPLACE examples
- edit
The only supported field to change is the optional IAM role ARN associated with the instance profile.
REPLACE databricks_workspace.compute.instance_profiles
SET
instance_profile_arn = '{{ instance_profile_arn }}',
iam_role_arn = '{{ iam_role_arn }}',
is_meta_instance_profile = {{ is_meta_instance_profile }}
WHERE
deployment_name = '{{ deployment_name }}' --required
AND instance_profile_arn = '{{ instance_profile_arn }}' --required;
DELETE examples
- remove
Remove the instance profile with the provided ARN. Existing clusters with this instance profile will
DELETE FROM databricks_workspace.compute.instance_profiles
WHERE deployment_name = '{{ deployment_name }}' --required
;