Add-DataGatewayClusterUser
Add user and associated permissions to cluster
Syntax
Add-DataGatewayClusterUser
[-Scope <PowerBIUserScope>]
-GatewayClusterId <Guid>
-PrincipalObjectId <Guid>
[-AllowedDataSourceTypes <DatasourceType[]>]
-Role <GatewayPrincipalRole>
[-RegionKey <String>]
[<CommonParameters>]
Description
Add user and associated permissions to cluster
Examples
Example 1
PS C:\> $userToAdd = $(Get-AzADUser -ObjectId "[email protected]").Id
PS C:\> $dsTypes = New-Object 'System.Collections.Generic.List[Microsoft.PowerBI.ServiceContracts.Api.DatasourceType]'
PS C:\> $dsTypes.Add([Microsoft.DataMovement.Powershell.GatewayClient.Gateways.Entities.DataSourceType]::Sql)
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $dsTypes -Role ConnectionCreatorWithReshare
This example adds the user "[email protected]" in the role of ConnectionCreatorWithReshare to the gateway cluster for SQL datasource types.
Example 2
PS C:\> $userToAdd = $(Get-AzADUser -ObjectId "[email protected]").Id
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $null -Role Admin
This example adds the user "[email protected]" in the role of Admin to the gateway cluster for all datasource types.
Note, the AllowedDataSourceTypes
must be null when the role is admin (implying all datasource types are allowed).
Example 3
PS C:\> $userToAdd = $(Get-AzADUser -ObjectId "[email protected]").Id
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $null -Role Admin -RegionKey brazilsouth
This example adds the user "[email protected]" in the role of Admin to the gateway cluster for all datasource types.
Note, the AllowedDataSourceTypes
must be null when the role is admin (implying all datasource types are allowed).
This command is run in the Brazil south region, so the gateway cluster ID provided should be in that region.
Example 4
PS C:\> $userToAdd = $(Get-AzADServicePrincipal -ApplicationId DC8F2C49-9087-4B27-966B-3DB5094C2E77).Id
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $null -Role Admin -RegionKey brazilsouth
This example adds the the service principal for application id DC8F2C49-9087-4B27-966B-3DB5094C2E77 in the role of Admin to the gateway cluster for all datasource types. For more information, see Get-AzADServicePrincipal. Note that the AllowedDataSourceTypes
must be null when the role is admin (implying all datasource types are allowed). This command is run in the Brazil south region, so the gateway cluster ID provided should be in that region.
Parameters
-AllowedDataSourceTypes
Datasource types that are allowed for this user/role combination. This must be null if the role is admin(implying all datasource types are allowed). The list of data source type may change based on supported data sources. Note: This parameter applies only for PowerApps and Flow.
Type: | DatasourceType[] |
Accepted values: | Sql, AnalysisServices, SAPHana, File, Folder, Oracle, Teradata, SharePointList, Web, OData, DB2, MySql, PostgreSql, Sybase, Extension, SAPBW, AzureTables, AzureBlobs, Informix, ODBC, Excel, SharePoint, PubNub, MQ, BizTalk, GoogleAnalytics, CustomHttpApi, Exchange, Facebook, HDInsight, AzureMarketplace, ActiveDirectory, Hdfs, SharePointDocLib, PowerQueryMashup, OleDb, AdoDotNet, R, LOB, Salesforce, CustomConnector, SAPBWMessageServer, AdobeAnalytics, Essbase, AzureDataLakeStorage, SapErp, UIFlow, CDPA, EventHub, Unknown |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GatewayClusterId
Gateway cluster to which the user should be added
Type: | Guid |
Aliases: | Cluster, Id |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PrincipalObjectId
Azure Active Directory (AAD) principal object ID (i.e. user ID) to add to the gateway cluster
Type: | Guid |
Aliases: | User |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RegionKey
The Azure region associated with the specified gateway cluster. Not providing a -RegionKey
will run the command in the default region for your tenant.
To get the list of available region parameters run the Get-DataGatewayRegion
command
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Role
Role to apply to this user on the cluster. Users can be added as admins, connection creators(Can Use) or Connection Creators with sharing(Can use + Share) capability. Connection creators(Can Use) and Connection Creators with sharing(Can use + Share) capability apply only for PowerApps and Flow.
Type: | GatewayPrincipalRole |
Accepted values: | Admin, ConnectionCreator, ConnectionCreatorWithReshare |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Scope
Security Scope to run the command. This would determine if you are running this command in the scope of a Tenant/Service admin or a Gateway Admin
Type: | PowerBIUserScope |
Accepted values: | Individual, Organization |
Position: | Named |
Default value: | Individual |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
None
Outputs
System.Void