# Register an Oracle Connection

{% hint style="info" %}
**Immuta policies will not be automatically enforced in Oracle**

While you can author and apply subscription and data policies on Oracle data sources within Immuta, these policies will not be enforced natively in the Oracle platform. You can use [Immuta webhooks](https://documentation.immuta.com/saas/developer-guides/api-intro/immuta-v1-api/configure-your-instance-of-immuta/webhooks#webhook-overview) to be notified about changes to user access and make appropriate access updates in Oracle using your own process.

To use this integration, contact your Immuta representative.
{% endhint %}

## Requirement

* [Amazon RDS for Oracle](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Oracle.html)

## Permissions

The user registering the connection must have the permissions below.

* `APPLICATION_ADMIN` Immuta permission
* Either of the following Oracle system privileges:
  * `GRANT ANY ROLE`
  * `GRANT ANY PRIVILEGE`

## Create the database user

1. [Create a new database user in Oracle to serve as the Immuta system account](https://docs.oracle.com/en/database/oracle/oracle-database/19/sqlrf/CREATE-USER.html). Immuta will use this system account continuously to crawl the connection.
2. [Grant this account the `SELECT` Oracle privilege](https://docs.oracle.com/en/database/oracle/oracle-database/19/sqlrf/GRANT.html#GUID-20B4E2C0-A7F8-4BC8-A5E8-BE61BDC41AC3) on the system views listed below:
   * `V$DATABASE`
   * `CDB_PDBS`
   * `SYS.DBA_USERS`
   * `SYS.DBA_TABLES`
   * `SYS.DBA_VIEWS`
   * `SYS.DBA_MVIEWS`
   * `SYS.DBA_TAB_COLUMNS`
   * `SYS.DBA_OBJECTS`
   * `SYS.DBA_CONSTRAINTS`
   * `SYS.DBA_CONS_COLUMNS`

## Register an Oracle connection

1. In Immuta, click <i class="fa-database">:database:</i> **Data** and select **Connections** in the navigation menu.
2. Click the **+ Add Connection** button.
3. Select the **Oracle** tile.
4. Select **RDS** as the deployment method.
5. Enter the host connection information:
   1. **Display Name:** This is the name of your new connection. This name will be used in the API (`connectionKey`), in data source names from the host, and on the connections page. Avoid the use of periods (`.`) or [restricted words](#user-content-fn-1)[^1] in your connection name.
   2. **Hostname**: URL of your Oracle instance.
   3. **Port**: Port configured for Oracle.
   4. **Database**: The Oracle database you want to connect to. All databases in the host will be registered.
   5. **Region**: The region of the AWS account with your Oracle instance.
6. Enter the **username** and **password** of the [Oracle database user you created above](#create-the-database-user).
7. Click **Save connection**.

[^1]: Your display name cannot be any of the following words: `data`, `connection`, `object`, `crawl`, `search`, `settings`, `metadata`, `permission`, `sync`, `bulk`, and `upgrade`.