
Function New-SecretScope
            Creates a new secret scope.
            Creates a new secret scope.
            Official API Documentation:
            .PARAMETER ScopeName
            Scope name requested by the user. Scope names are unique. This field is required.
            .PARAMETER InitialManagePrincipal
            The principal that is initially granted MANAGE permission to the created scope.
            New-SecretScope -Name "MyScope" -InitialManagePrincipal <initial_manage_principal>
            #AUTOMATED_TEST:Add secret scope
            $newFile = Add-DatabricksFSFile -Path "/myTestFolder/myFile1.txt" -Overwrite $true
            Close-DatabricksFSFile -Handle $newFile.handle

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName, 
        [Parameter(Mandatory = $false, Position = 2)] [string] $InitialManagePrincipal = $null


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/scopes/create"
    $requestMethod = "POST"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{
        scope = $ScopeName 
    $parameters | Add-Property -Name "initial_manage_principal" -Value $InitialManagePrincipal
    $parameters = $parameters | ConvertTo-Json -Depth 10

    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Remove-SecretScope
            Deletes a secret scope.
            Deletes a secret scope.
            Official API Documentation:
            .PARAMETER ScopeName
            Name of the scope to delete. This field is required.
            Remove-SecretScope -Name "MyScope"

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/scopes/delete"
    $requestMethod = "POST"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{
        scope = $ScopeName 
    $parameters = $parameters | ConvertTo-Json -Depth 10

    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Get-SecretScope
            Lists all secret scopes available in the workspace.
            Lists all secret scopes available in the workspace.
            Official API Documentation:

    param ()


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/scopes/list"
    $requestMethod = "GET"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{}
    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Add-Secret
            Inserts a secret under the provided scope with the given name. If a secret already exists with the same name, this command overwrites the existing secret's value. The server encrypts the secret using the secret scope's encryption settings before storing it. You must have WRITE or MANAGE permission on the secret scope.
            Inserts a secret under the provided scope with the given name. If a secret already exists with the same name, this command overwrites the existing secret's value. The server encrypts the secret using the secret scope's encryption settings before storing it. You must have WRITE or MANAGE permission on the secret scope.
            Official API Documentation:
            .PARAMETER StringValue
            The value to be stored. Note that the value will be stored in UTF-8 (MB4) form.
            .PARAMETER BytesValue
            The value to be stored. Note that the value will be stored as bytes.
            .PARAMETER ScopeName
            The name of the scope to which the secret will be associated with. This field is required.
            .PARAMETER SecretName
            A unique name to identify the secret. This field is required.
            Add-Secret -ScopeName "MyScope" -SecretName "MyKey" -StringValue "MySecretValue"

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName, 
        [Parameter(Mandatory = $true, Position = 2)] [string] $SecretName,
        [Parameter(ParameterSetName = "StringValue", Mandatory = $true, Position = 3)] [string] $StringValue, 
        [Parameter(ParameterSetName = "BinaryValue", Mandatory = $true, Position = 3)] [byte[]] $BytesValue


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/put"
    $requestMethod = "POST"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    switch ($PSCmdlet.ParameterSetName) 
        "StringValue" {
            #Set parameters
            $parameters = @{
                string_value  = $StringValue

        "BytesValue" {
            #Set parameters
            $parameters = @{
                bytes_value  = $BytesValue

    $parameters | Add-Property -Name "scope" -Value $ScopeName
    $parameters | Add-Property -Name "key" -Value $SecretName
    $parameters = $parameters | ConvertTo-Json -Depth 10

    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Remove-Secret
            Deletes the secret stored in this secret scope. You must have WRITE or MANAGE permission on the secret scope.
            Deletes the secret stored in this secret scope. You must have WRITE or MANAGE permission on the secret scope.
            Official API Documentation:
            .PARAMETER ScopeName
            The name of the scope that contains the secret to delete. This field is required.
            .PARAMETER Key
            Name of the secret to delete. This field is required.
            Remove-Secret -ScopeName "MyScope" -SecretName "MySecret"

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName, 
        [Parameter(Mandatory = $true, Position = 2)] [string] $SecretName


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/delete"
    $requestMethod = "POST"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{
        scope = $ScopeName 
        key = $SecretName 
    $parameters = $parameters | ConvertTo-Json -Depth 10

    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Get-Secret
            Lists the secret keys that are stored at this scope. This is a metadata-only operation; secret data cannot be retrieved using this API. Users need READ permission to make this call.
            Lists the secret keys that are stored at this scope. This is a metadata-only operation; secret data cannot be retrieved using this API. Users need READ permission to make this call.
            Official API Documentation:
            .PARAMETER ScopeName
            The name of the scope whose secrets you want to list. This field is required.
            Get-Secret -ScopeName "MyScope"

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/list"
    $requestMethod = "GET"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{
        scope = $ScopeName 
    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Add-SecretScopeACL
            Creates or overwrites the ACL associated with the given principal (user or group) on the specified scope point. In general, a user or group will use the most powerful permission available to them, and permissions are ordered as follows:
            Creates or overwrites the ACL associated with the given principal (user or group) on the specified scope point. In general, a user or group will use the most powerful permission available to them, and permissions are ordered as follows:
            Official API Documentation:
            .PARAMETER ScopeName
            The name of the scope to apply permissions to. This field is required.
            .PARAMETER Principal
            The principal to which the permission is applied. This field is required.
            .PARAMETER Permission
            The permission level applied to the principal. This field is required.
            Add-SecretScopeACL -Scope "MyScope" -Principal "data-scientists" -Permission Read

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName, 
        [Parameter(Mandatory = $true, Position = 2)] [string] $Principal, 
        [Parameter(Mandatory = $true, Position = 3)] [string] [ValidateSet("Manage", "Read", "Write")] $Permission


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/acls/put"
    $requestMethod = "POST"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{
        scope = $ScopeName 
        principal = $Principal 
        permission = $Permission 
    $parameters = $parameters | ConvertTo-Json -Depth 10

    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Remove-SecretScopeACL
            Deletes the given ACL on the given scope.
            Deletes the given ACL on the given scope.
            Official API Documentation:
            .PARAMETER ScopeName
            The name of the scope to remove permissions from. This field is required.
            .PARAMETER Principal
            The principal to remove an existing ACL from. This field is required.
            Remove-SecretScopeACL -ScopeName "MyScope" -Principal "data-scientists"

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName, 
        [Parameter(Mandatory = $true, Position = 2)] [string] $Principal


    Write-Verbose "Setting final ApiURL ..."
    $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/acls/delete"
    $requestMethod = "POST"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{
        scope = $ScopeName 
        principal = $Principal 
    $parameters = $parameters | ConvertTo-Json -Depth 10

    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result

Function Get-SecretScopeACL
            Describes the details about the given ACL, such as the group and permission.
            Describes the details about the given ACL, such as the group and permission.
            Official API Documentation:
            Official API Documentation:
            .PARAMETER ScopeName
            The name of the scope to fetch ACL information from. This field is required.
            .PARAMETER Principal
            The principal to fetch ACL information for. This field is required.
            Get-SecretScopeACL -ScopeName "MyScope" -Principal "data-scientists"

        [Parameter(Mandatory = $true, Position = 1)] [string] $ScopeName, 
        [Parameter(Mandatory = $false, Position = 2)] [string] $Principal = $null


    Write-Verbose "Setting final ApiURL ..."
    if($Principal -eq $null)
        $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/acls/list"
        $apiUrl = Get-ApiUrl -ApiEndpoint "/2.0/secrets/acls/get"
    $requestMethod = "GET"
    Write-Verbose "API Call: $requestMethod $apiUrl"

    #Set headers
    $headers = Get-RequestHeader

    Write-Verbose "Setting Parameters for API call ..."
    #Set parameters
    $parameters = @{
        scope = $ScopeName 
    $parameters | Add-Property -Name "principal" -Value $Principal
    $result = Invoke-RestMethod -Uri $apiUrl -Method $requestMethod -Headers $headers -Body $parameters

    return $result