azure.databricks.cicd.tools

2.0.52

Public/Add-DatabricksUser.ps1

                                <#

.SYNOPSIS

    Add a user to Databricks workspace with entitlements and groups

.DESCRIPTION

    Add a user to Databricks workspace with entitlements and groups. If the user exists the error will be ignored but note that the entitlments and groups requested will not be applied

.PARAMETER BearerToken

    Your Databricks Bearer token to authenticate to your workspace (see User Settings in Databricks WebUI)

.PARAMETER Region

    Azure Region - must match the URL of your Databricks workspace, example northeurope

.PARAMETER Username

    Email address (matched to AAD) for the user

.PARAMETER Entitlements

    List of entitlements for the user (such as allow-cluster-create )

.PARAMETER Groups

    List of GroupId's to be added to (See Get-DatabricksGroups)

.EXAMPLE 

    C:\PS> Add-DatabricksUser -BearerToken $BearerToken -Region $Region -Username BillyBob@datathirst.net

    This example creates a group called acme

.NOTES

    Author: Simon D'Morias/Data Thirst Ltd

#>

Function Add-DatabricksUser

{

    [cmdletbinding()]

    param (

        [parameter(Mandatory=$false)][string]$BearerToken,

        [parameter(Mandatory=$false)][string]$Region,

        [parameter(Mandatory=$true)][string]$Username,

        [parameter(Mandatory=$false)][string[]]$Entitlements,

        [parameter(Mandatory=$false)][string[]]$Groups

    )

    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

    $Headers = GetHeaders $PSBoundParameters

    $uri = "$global:DatabricksURI" + (Get-SCIMURL "Users")

    $schemaR = Add-SCIMSchema "urn:ietf:params:scim:schemas:core:2.0:User"

    $entitlementsR = (Add-SCIMValueArray "entitlements" $Entitlements)

    $groupsR = (Add-SCIMValueArray "groups" $Groups)

    $usernameR = @{"userName"=$Username}

    $Body = ($schemaR + $EntitlementsR+ $usernameR + $groupsR) | ConvertTo-Json -Depth 10 

    Try {

        $Request = Invoke-RestMethod -Method Post -Body $Body -Uri $uri -Headers $Headers -ContentType "application/scim+json"

    }

    Catch {

        if ($_.Exception.Response -eq $null) {

            throw $_.Exception.Message

        } else {

            if ($_.Exception.Response.StatusCode.value__ -eq 409){

                Write-Warning "User exists - entitlements and groups may differ to requested"

            }

            else {

                throw $_.ErrorDetails.Message

            }    

        }  

    }

    return $Request

}