DatabricksDsc

0.7.0-preview0002

This module contains class-based DSC resources for Databricks and Unity Catalog with a focus on Azure.

Minimum PowerShell version

5.0

This is a prerelease version of DatabricksDsc.

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name DatabricksDsc -RequiredVersion 0.7.0-preview0002 -AllowPrerelease

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name DatabricksDsc -Version 0.7.0-preview0002 -Prerelease

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

(c) Gijs Reijn. All rights reserved.

Package Details

Author(s)

  • Gijs Reijn

Tags

DSC DSCResourceKit DSCResource Databricks DesiredStateConfiguration

Functions

Get-DatabricksSecret Get-DatabricksSecretScope Get-DatabricksUser New-DatabricksSecret New-DatabricksSecretScope New-DatabricksUser Remove-DatabricksSecret Remove-DatabricksSecretScope Remove-DatabricksUser Set-DatabricksUser

DSCResources

DatabricksAccountMetastoreAssignment DatabricksAccountRuleset DatabricksAccountServicePrincipal DatabricksAccountUser DatabricksAccountWorkspacePermissionAssignment DatabricksClusterPolicy DatabricksClusterPolicyPermission DatabricksGroup DatabricksGroupMember DatabricksSecret DatabricksSecretScope DatabricksServicePrincipal DatabricksSqlWarehouse DatabricksSqlWarehousePermission DatabricksUser DatabricksWorkspaceObjectPermission

Dependencies

This module has no dependencies.

Release Notes

## [0.7.0-preview0002] - 2026-01-08

### Added

- Added `DatabricksWorkspaceObjectPermission` resource for managing workspace object permissions
 - Manages permissions for workspace objects such as notebooks, directories, and repos
 - Key property: `WorkspacePath` (e.g., '/Shared/notebook', '/Repos/my-repo', '/Users/user@example.com/folder')
 - Configurable properties:
   - `AccessControlList`: Array of access control entries with:
     - `GroupName`, `UserName`, or `ServicePrincipalName` (mutually exclusive)
     - `PermissionLevel`: CAN_MANAGE, CAN_READ, CAN_RUN, or CAN_EDIT
   - `_exist`: Set to `$false` to remove all permissions
 - Automatically resolves workspace paths to object IDs and types using workspace/get-status API
 - Uses workspace-level Permissions API:
   - Get: `GET /api/2.0/permissions/{object_type}/{object_id}`
   - Update: `PATCH /api/2.0/permissions/{object_type}/{object_id}`
   - Delete: `PUT /api/2.0/permissions/{object_type}/{object_id}` with empty ACL
 - Includes complex type: `WorkspaceObjectAccessControlEntry` (with IComparable and IEquatable)
 - Includes enum: `WorkspaceObjectPermissionLevel`
 - Includes comprehensive unit tests for class and type definitions
 - Includes example configurations for notebooks, directories, and repositories
- Added `DatabricksAccountRuleset` resource for managing account access control rule sets
 - Manages rule sets that control access to account-level resources (service principals, groups, tag policies)
 - Key properties: `Name` (full rule set name in format: accounts/<ACCOUNT_ID>/resourceType/<RESOURCE_ID>/ruleSets/default)
 - Configurable properties:
   - `GrantRules`: Array of grant rules defining access permissions with:
     - `Principals`: Array of principal identifiers (e.g., "users/user@company.com", "groups/groupname")
     - `Role`: The role being granted (e.g., "roles/servicePrincipal.user")
 - Uses account-level Access Control Proxy API (preview):
   - Get: `GET /api/2.0/preview/accounts/access-control/rule-sets`
   - Update: `PUT /api/2.0/preview/accounts/access-control/rule-sets`
 - Follows read-modify-write pattern with ETags for optimistic concurrency control
 - Implements intelligent rule merging:
   - Get() returns all grant rules from the rule set
   - Set() preserves existing grant rules not managed by this resource
   - Only updates/replaces grant rules with matching roles specified in GrantRules property
   - Prevents accidental deletion of rules managed by other resources or processes
 - Includes complex type: `RulesetGrantRule`
 - Includes comprehensive unit tests for class and type definitions
 - Includes example configurations for service principals, groups, and multiple roles
 - Note: No delete or export methods as rule sets can only be updated

FileList

Version History

Version Downloads Last updated
0.7.1 45 1/8/2026
0.7.0-previe... (current version) 3 1/8/2026
0.7.0-previe... 3 12/22/2025
0.6.1-previe... 3 12/17/2025
0.6.0 1,067 12/12/2025
0.6.0-previe... 3 11/30/2025
0.6.0-previe... 3 11/30/2025
0.5.0 545 11/27/2025
0.5.0-previe... 3 11/27/2025
0.4.2 55 11/26/2025
0.4.2-previe... 3 11/25/2025
0.4.1 74 11/23/2025
0.4.0-previe... 3 11/23/2025
0.4.0-previe... 3 11/22/2025
0.3.0 4 11/21/2025
0.3.0-previe... 3 11/21/2025
0.2.1 6 11/19/2025
0.2.0-previe... 5 11/19/2025
Show more