I am trying to create a new Amazon EMR cluster, but I receive an error message that says the EMR_DefaultRole or EMR_EC2_DefaultRole is not valid.

The creation and deletion of instance profiles associated with the default roles are automatically handled by the console. This error can occur if the instance profile associated with the EMR_DefaultRole or EMR_EC2_DefaultRole is not configured correctly, or if the current configuration for the instance profile is no longer sufficient to launch an EMR cluster.

As a workaround, you can delete both EMR_DefaultRole and EMR_EC2_DefaultRole and the instance profile associated with them. Deleting a role does not automatically delete the instance profile, so you need to delete it manually.

Using the IAM console to delete the roles and instance profile

In the IAM Management Console, choose Roles from the left navigation pane. Select the EMR_DefaultRole and EMR_EC2_DefaultRole roles, choose Role Actions, and then choose Delete Role from the drop-down menu.

Using the AWS CLI to delete the roles and instance profile

When you use the AWS CLI to delete a role, you must first delete the policies associated with the role. Also, if you want to delete the associated instance profile that contains the role, you must delete it separately.

To remove EMR default roles and instance profile, follow these steps using the AWS Command Line Interface (CLI).

Remove the EMR_EC2_DefaultRole and instance profile.

$ aws iam remove-role-from-instance-profile --instance-profile-name EMR_EC2_DefaultRole --role-name EMR_EC2_DefaultRole

$ aws iam delete-instance-profile --instance-profile-name EMR_EC2_DefaultRole

$ aws iam detach-role-policy --role-name EMR_EC2_DefaultRole --policy-arn arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role

$ aws iam delete-role --role-name EMR_EC2_DefaultRole

Remove the EMR_DefaultRole.

$ aws iam detach-role-policy --role-name EMR_DefaultRole --policy-arn arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole

$ aws iam delete-role --role-name EMR_DefaultRole

Creating new default roles

Use the AWS CLI to create new default roles.

$ aws emr create-default-roles

After making these changes, you should be able to successfully provision a new cluster.

EMR, CLI, IAM, instance profile, default roles, EMR_DefaultRole, EMR_EC2_DefaultRole


Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2016-09-30