# Getting Started with Domains

{% hint style="info" %}
**Private preview**

This feature is in preview and available to select accounts. Reach out to your Immuta representative for details.
{% endhint %}

Domains are containers of data sources that allow you to assign data ownership and access management to specific business units, subject matter experts, or teams at the nexus of cross-functional groups. Instead of centralizing your data governance and giving users too much governance over all your data, you control how much power they have over data sources by granting them permission within domains in Immuta.

## Create a domain

**Required Immuta permission**: `GOVERNANCE`

1. Navigate to the **Domains** page.
2. Click **+ New Domain**.
3. Enter a **Name** and **Description** for your domain.
4. Click **Save**.

To create a domain using the API, see the [Domains API guide](https://documentation.immuta.com/2024.2/developer-guides/api-intro/immuta-v1-api/manage-data-access/domains-api#create-a-new-domain). For more information about domains, see the [Domains reference guide](https://documentation.immuta.com/2024.2/secure-your-data/domains/domains).

## Assign domain permissions

**Required Immuta permission**: `USER_ADMIN`

User administrators can assign domain permissions from the [domain permissions tab](#domain-permissions-tab) or the [people page](#people-page). See instructions for both methods below.

### Domain permissions tab

1. Click **Domains** and navigate to the domain.
2. Go to the **Permissions** tab and click **+ Grant Permissions**.
3. Opt to select additional domains to apply the permission assignments to.
4. Choose how to assign the permission:
   * **Individual selected users**: Select this option from the dropdown and then search for individual users to grant the permission to.
   * **Users in group**: Select this option from the dropdown and then search for groups to grant the permission to.
5. Select the **Manage Policies** permission to allow them to create policies that will apply to the data sources within the domain.
6. Review your changes and click **Grant Permissions**.

To assign permissions using the API, see the [Domains API guide](https://documentation.immuta.com/2024.2/developer-guides/api-intro/immuta-v1-api/manage-data-access/domains-api#assign-domain-permissions). For a list of permissions associated with domains, see the [Domains reference guide](https://documentation.immuta.com/2024.2/secure-your-data/domains#permissions).

### People page

1. Click **People** in the left navigation menu and select **Users** or **Groups**.
2. Select your user or group and then click the **Settings** tab.
3. Click **+ Add Domain Permissions**.
4. Select the **Domain** for which the user or group should have the permission.
5. Opt to select additional users or groups to grant the permission to within the selected domains.
6. Select the **Manage Policies** permission to allow them to create policies that will apply to the data sources within the domain.
7. Review your changes and click **Grant Permissions**.

## Assign existing data sources to a domain

**Required Immuta permission**: `GOVERNANCE`

1. Navigate to the **Domains** page and select your domain.
2. Click the **Data Sources** tab, and then click **+ Add Data Sources**.
3. Select the **checkboxes** for the data sources you want to add to your domain.
4. Click **+ Add to Domain**.

To assign data sources using the API, see the [Domains API guide](https://documentation.immuta.com/2024.2/developer-guides/api-intro/immuta-v1-api/manage-data-access/domains-api#add-domain-data-sources). For more information about domain data sources, see the [Domains reference guide](https://documentation.immuta.com/2024.2/secure-your-data/domains#domain-data-sources).

## Protect your data

**Required Immuta permission**: `GOVERNANCE` or `Manage Policies`

1. Navigate to the **Domains** page and select your domain.
2. Click the **Subscription Policies** or **Data Policies** tab.
3. Click **Create Policy** and select **Subscription Policy** or **Data Policy**.
4. Write your [subscription policy](https://documentation.immuta.com/2024.2/secure-your-data/authoring-policies-in-secure/section-contents/how-to-guides/subscription-policy-tutorial) or [data policy](https://documentation.immuta.com/2024.2/secure-your-data/authoring-policies-in-secure/data-policies/data-policy-overview) as outlined in the policies how-to guide.
5. When building your policy, your domain should automatically be added in the **What domain(s) should this policy be restricted to?** section. However, you can select more domains that you have the `Manage Policies` permission for here as well. This step will assign the policy to all data sources added to that domain.

For more information about domain policies, see the [Domains reference guide](https://documentation.immuta.com/2024.2/secure-your-data/domains#domain-policies).

## Delete a domain

**Required Immuta permission**: `GOVERNANCE`

1. Navigate to the **Domains** page and select your domain.
2. Click **Remove Domain**.
3. **Confirm** your changes.

To delete a domain using the API, see the [Domains API guide](https://documentation.immuta.com/2024.2/developer-guides/api-intro/immuta-v1-api/manage-data-access/domains-api#delete-a-domain).