Is there an existing issue for this?

• I have searched the existing issues

Problem statement

Many customers are using the AWS Instance Profiles, and we need to ensure that the relevant UC Storage Credential exists to map onto an instance profile.

Related issues:

• Create EXTERNAL LOCATIONs to map to External Tables (Azure) #100
• [FEATURE]: databricks labs ucx uc-compatible-roles for AWS #861
• Added baseline for getting Azure Resource Role Assignments #764
• Add databricks labs ucx create-uber-principal command to automate the creation of SPN with storage access to all locations #693
• Migrate Azure Service Principals that access storage to UC Storage Credentials #339

Proposed Solution

1. check all instance profiles
2. check all storage credentials
3. see which instance profiles have matching storage credentials
4. report what credentials are missing
5. prompt-confirm creation of storage credential from instance profile
6. prompt for trust relationship between an instance profile and UC for prod environment
7. give user three options: terraform config, invoke AWS CLI, pick an existing role

Additional Context

No response