AWS EMR Cluster fails to launch

Question

I am trying to launch an AWS EMR Cluster from the AWS Console, and am getting the following error:

Failed to provision ec2 instances because 'IAM Instance Profile "arn:aws:iam::553706642095:instance-profile/EMR_EC2_DefaultRole" has no associated IAM Roles

Any one know what this means and how to resolve it?

The following is the role policy:

{
  "Statement": [
    {
      "Action": [
        "cloudwatch:*",
        "dynamodb:*",
        "ec2:Describe*",
        "elasticmapreduce:Describe*",
        "rds:Describe*",
        "s3:*",
        "sdb:*",
        "sns:*",
        "sqs:*"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}

Its trust policy document is:

{
  "Version": "2008-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": "ec2.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Answer 1

I finally resolved this issue. This was confusing because the instance-profile and the role use the same name by default. Full steps outline below, but you may be able to skip various steps.

1. Create default roles (if error, downgrade to awscli version 1.10.30)

   aws emr create-default-roles

2. Create instance profile if it doesn't already exist:

   aws iam create-instance-profile --instance-profile-name EMR_EC2_DefaultRole

3. Verify that instance profile exists but doesn't have any roles:

   aws iam get-instance-profile --instance-profile-name EMR_EC2_DefaultRole

4. Add the role using:

   aws iam add-role-to-instance-profile --instance-profile-name EMR_EC2_DefaultRole --role-name EMR_EC2_DefaultRole