Set up Oracle
Configure an Oracle user with the required permissions to enable Atlan to extract metadata from your Oracle database. You need Oracle database administrator access to run these commands.
Prerequisites
Before you begin, make sure you have:
- Oracle Database version 11.2 or later
- Oracle database administrator access or equivalent privileges
- Access to run SQL commands in your Oracle database
Create user
Create a dedicated user for Atlan to connect to your Oracle database.
- Create a new user with basic authentication:
CREATE USER <username> IDENTIFIED BY <password>;
GRANT CREATE SESSION TO <username>;
- Replace
<username>with the username you want to create. - Replace
<password>with a secure password for that username.
Grant permissions
Grant the necessary permissions to enable Atlan to extract metadata from Oracle.
- Least Permission (Recommended)
- Legacy Permission (Deprecated)
Grant metadata extraction permissions
- Run the following commands to grant permissions for metadata extraction:
GRANT SELECT_CATALOG_ROLE TO <username>;
GRANT SELECT ON DBA_TABLES TO <username>;
GRANT SELECT ON DBA_VIEWS TO <username>;
GRANT SELECT ON DBA_TAB_COLUMNS TO <username>;
GRANT SELECT ON DBA_SYNONYMS TO <username>;
Replace <username> with the username you created.
This approach is deprecated. Switch to the Least Permission (Recommended) approach described in the other tab.
Run the following commands to grant permissions for metadata extraction:
GRANT SELECT ANY TABLE TO <username>;
GRANT SELECT ANY SEQUENCE TO <username>;
Replace <username> with the username you created.
Grant query and preview permissions
Grant additional permissions to enable users to query and preview data in Atlan.
- Specific tables
- All tables
Grant access to specific tables or views.
- Run the following command for each table you want to provide access to:
GRANT SELECT ON <schema_name>.<table_name> TO <username>;
- Replace
<schema_name>with the name of the schema. - Replace
<table_name>with the name of the table or view. - Replace
<username>with the username you created.
Grant access to all tables across schemas.
- Run the following command to grant access to all tables:
GRANT SELECT ANY TABLE TO <username>;
- Replace
<username>with the username you created.
This permission grants access to query tables or views in any schema except SYS and AUDSYS. Oracle recommends granting ANY privileges only to trusted users.
Set up TCPS
If your organization requires encrypted connections to Oracle, configure TCPS (TCP with SSL/TLS) to encrypt data in transit between the Atlan connector and your Oracle database.
Prerequisites
Before you begin, make sure you have:
- Oracle database administrator access with permissions to modify the listener configuration
- Access to the server hosting your Oracle database listener
Configure TCPS on your Oracle database
- Enable TCPS on your Oracle database listener by adding a TCPS endpoint to your
listener.oraconfiguration. After this step, your listener accepts connections on a TCPS port. For details, see Oracle's Configuring TLS Authentication guide. - Create an Oracle Wallet containing the SSL/TLS certificates required for your authentication mode. For details, see Using Oracle Wallet Manager.
- One-way TLS: The wallet must contain the server's CA certificate.
- Two-way TLS (mutual): The wallet must contain the server's CA certificate, the client certificate, and the client private key.
Once your Oracle database is configured, package the wallet directory into a .zip file and upload it when configuring the Oracle crawler workflow.
Next steps
- Crawl Oracle: Create a crawler workflow to extract metadata from Oracle