The extension can be used to put dynamic masks on certain users or permanently modify sensitive data. Various masking techniques are available : randomization, partial scrambling, custom rules, etc.
Here’s a basic example :
Imagine a
peopletable=# SELECT * FROM people; id | name | phone ------+----------------+------------ T800 | Schwarzenegger | 0609110911Step 1. Activate the masking engine
=# CREATE EXTENSION IF NOT EXISTS anon CASCADE; =# SELECT anon.mask_init();Step 2. Declare a masked user
=# CREATE ROLE skynet; =# COMMENT ON ROLE skynet IS 'MASKED';Step 3. Declare the masking rules
=# COMMENT ON COLUMN people.name IS 'MASKED WITH FUNCTION anon.random_last_name()'; =# COMMENT ON COLUMN people.phone IS 'MASKED WITH FUNCTION anon.partial(phone,2,$$******$$,2)';Step 4. Connect with the masked user
=# \! psql test -U skynet -c 'SELECT * FROM people;' id | name | phone ------+----------+------------ T800 | Nunziata | 06******11Of course this project is a work in progress. I need your feedback and ideas ! Let me know what you think of this tool, how it fits your needs and what features are missing.