diff --git a/databricks-workspace-e2/main.tf b/databricks-workspace-e2/main.tf
index e0393532..1cad8da9 100644
--- a/databricks-workspace-e2/main.tf
+++ b/databricks-workspace-e2/main.tf
@@ -46,3 +46,13 @@ resource "databricks_mws_workspaces" "databricks" {
   storage_configuration_id = databricks_mws_storage_configurations.databricks.storage_configuration_id
   network_id               = databricks_mws_networks.networking.network_id
 }
+
+data "databricks_user" "tfe_service_principal" {
+  user_name = var.tfe_service_principal_name
+}
+
+resource "databricks_mws_permission_assignment" {
+  workspace_id = databricks_mws_workspaces.databricks.workspace_id
+  principal_id = databricks_user.tfe_service_principal.id
+  permissions  = ["ADMIN"]
+}
\ No newline at end of file
diff --git a/databricks-workspace-e2/variables.tf b/databricks-workspace-e2/variables.tf
index d74bfb5c..eba370a6 100644
--- a/databricks-workspace-e2/variables.tf
+++ b/databricks-workspace-e2/variables.tf
@@ -55,4 +55,10 @@ variable "workspace_name_override" {
   type        = string
   default     = null
   description = "Override the workspace name. If not set, the workspace name will be set to the project, env, and service."
+}
+
+variable "tfe_service_principal_name" {
+  type        = string
+  default     = null
+  description = "Name for the service principal for Terraform Enterprise, if available. Will be added as a workspace admin"
 }
\ No newline at end of file