Add-DataGatewayClusterUser
Add user and associated permissions to cluster
Syntax
Default (Default)
Add-DataGatewayClusterUser
[-Scope <PowerBIUserScope>]
-GatewayClusterId <Guid>
-PrincipalObjectId <Guid>
[-AllowedDataSourceTypes <DatasourceType[]>]
-Role <GatewayPrincipalRole>
[-RegionKey <String>]
[<CommonParameters>]
Description
Add user and associated permissions to cluster
Examples
Example 1
PS C:\> $userToAdd = $(Get-AzADUser -ObjectId "testUpn@tenant.com").Id
PS C:\> $dsTypes = New-Object 'System.Collections.Generic.List[Microsoft.PowerBI.ServiceContracts.Api.DatasourceType]'
PS C:\> $dsTypes.Add([Microsoft.DataMovement.Powershell.GatewayClient.Gateways.Entities.DataSourceType]::Sql)
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $dsTypes -Role ConnectionCreatorWithReshare
This example adds the user "testUpn@tenant.com" in the role of ConnectionCreatorWithReshare to the gateway cluster for SQL datasource types.
Example 2
PS C:\> $userToAdd = $(Get-AzADUser -ObjectId "testUpn@tenant.com").Id
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $null -Role Admin
This example adds the user "adminTestUpn@tenant.com" in the role of Admin to the gateway cluster for all datasource types.
Note, the AllowedDataSourceTypes must be null when the role is admin (implying all datasource types are allowed).
Example 3
PS C:\> $userToAdd = $(Get-AzADUser -ObjectId "testUpn@tenant.com").Id
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $null -Role Admin -RegionKey brazilsouth
This example adds the user "adminTestUpn@tenant.com" in the role of Admin to the gateway cluster for all datasource types.
Note, the AllowedDataSourceTypes must be null when the role is admin (implying all datasource types are allowed).
This command is run in the Brazil south region, so the gateway cluster ID provided should be in that region.
Example 4
PS C:\> $userToAdd = $(Get-AzADServicePrincipal -ApplicationId DC8F2C49-9087-4B27-966B-3DB5094C2E77).Id
PS C:\> Add-DataGatewayClusterUser -GatewayClusterId DC8F2C49-5731-4B27-966B-3DB5094C2E77 -PrincipalObjectId $userToAdd -AllowedDataSourceTypes $null -Role Admin -RegionKey brazilsouth
This example adds the the service principal for application id DC8F2C49-9087-4B27-966B-3DB5094C2E77 in the role of Admin to the gateway cluster for all datasource types. For more information, see Get-AzADServicePrincipal. Note that the AllowedDataSourceTypes must be null when the role is admin (implying all datasource types are allowed). This command is run in the Brazil south region, so the gateway cluster ID provided should be in that region.
Parameters
-AllowedDataSourceTypes
Datasource types that are allowed for this user/role combination. This must be null if the role is admin(implying all datasource types are allowed). The list of data source type may change based on supported data sources. Note: This parameter applies only for PowerApps and Flow.
Parameter properties
| Type: | DatasourceType[] |
| Default value: | None |
| Accepted values: | Sql, AnalysisServices, SAPHana, File, Folder, Oracle, Teradata, SharePointList, Web, OData, DB2, MySql, PostgreSql, Sybase, Extension, SAPBW, AzureTables, AzureBlobs, Informix, ODBC, Excel, SharePoint, PubNub, MQ, BizTalk, GoogleAnalytics, CustomHttpApi, Exchange, Facebook, HDInsight, AzureMarketplace, ActiveDirectory, Hdfs, SharePointDocLib, PowerQueryMashup, OleDb, AdoDotNet, R, LOB, Salesforce, CustomConnector, SAPBWMessageServer, AdobeAnalytics, Essbase, AzureDataLakeStorage, SapErp, UIFlow, CDPA, EventHub, Unknown |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-GatewayClusterId
Gateway cluster to which the user should be added
Parameter properties
| Type: | Guid |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | Cluster, Id |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PrincipalObjectId
Azure Active Directory (AAD) principal object ID (i.e. user ID) to add to the gateway cluster
Parameter properties
| Type: | Guid |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | User |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RegionKey
The Azure region associated with the specified gateway cluster. Not providing a -RegionKey will run the command in the default region for your tenant.
To get the list of available region parameters run the Get-DataGatewayRegion command
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Role
Role to apply to this user on the cluster. Users can be added as admins, connection creators(Can Use) or Connection Creators with sharing(Can use + Share) capability. Connection creators(Can Use) and Connection Creators with sharing(Can use + Share) capability apply only for PowerApps and Flow.
Parameter properties
| Type: | GatewayPrincipalRole |
| Default value: | None |
| Accepted values: | Admin, ConnectionCreator, ConnectionCreatorWithReshare |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Scope
Security Scope to run the command. This would determine if you are running this command in the scope of a Tenant/Service admin or a Gateway Admin
Parameter properties
| Type: | PowerBIUserScope |
| Default value: | Individual |
| Accepted values: | Individual, Organization |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.