Skip to main content

PostgreSQL Data Masking Tricks

Hi,

SQL Server announced Dynamic Data Masking feature not long ago and I'm Postgresql DBA! PostgreSQL does not have like that feature yet. So, what if we need data masking on our database's tables?

If you need make strict your database tables and hide your column but not that all follow bellow function!

This function shows only the first and last two characters.

If you looking for some solution for your table's column and if it is the character you can create bellow function in your database and enjoy it!


CREATE OR REPLACE FUNCTION dba.pg_datamask_column(col character varying)
  RETURNS character varying AS
$BODY$
begin 
if (select length(col))<=2 then return col;
elsif (select length(col))=3 or (select length(col))=4 then return  (select replace(col,right(col,2),'xx'));
else return (select 
replace(substring(col from 1 for length(col)-2),
right(substring(col from 1 for length(col)-2),length(col)-4),'xxxx')||right(col,2));
end if;
end
$BODY$
LANGUAGE 'plpgsql'
  COST 100;


You will not be able to apply these changes on your main table but you can create a view which is included columns with dba.pg_datamask_column functions. So after revoking all privileges on the main table, you can grant select permission to a specific user. Finally, that user can see all main table's column and you sure that user can not see a specific column which has some data privacy.

Loves,

Comments

Popular posts from this blog

pg_ctl: command not found

Hi, If you can not reach pg_ctl command in bash also you are sure this command exists in your server, check $PATH. -bash-4.2$ echo $PATH /usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin So, the directory of pg_ctl is not seem in PATH. Input directory of pg_ctl and check it then run it.

PostgreSQL Foreign Data Wrappers

Hi all, I would like to mention about generating Foreign Data Wrappers(FDW) on PostgreSQL 9.6. FDW is used for remote access to tables from external data storage. If needed to use remote table in a query, you can use FDW tables. For instance you can get a table from remote database, but there is a condition. The condition is that user should have proper privileges on FDW table. There is two extension for FDW on PostgreSQL. First one is used for accessing PostgreSQL database to PostgreSQL database, called postgres_fdw . Second one is used for accessing PostgreSQL database to different databases (SQL Server, Sysbase) called tds_fdw .  Foreign Data Wrappers feature lets you to cross-query between remote database tables. Postgres_fdw and tds_fdw has different structure. Tds_fdw usign Tabular Data Stream application layer protocol to transfer data between database server and client. Generating Tds_fdw and Postgres_fdw is similar. I share an example for generating FDW between tw...

PostgreSQL High Availability - Patroni 2

Patroni kurulumuyla ilgili oldukça fazla kaynak bulunmakta fakat kurulum ve yönetimini beraber barındıran kaynağa denk gelmedim. Bu yazıda hem Patroni kurulumu hem de kurulum sonrası yönetimiyle alakalı detaylara ulaşabilirsiniz. PostgreSQL cluster'larının yönetimi için kullanılan Patroni ile ilgili temel bilgilerin yer aldığı Autofailover üzerine hazırladığım yazı serisine aşağıdaki linklerden erişebilirsiniz. PostgreSQL ve Autofailover PostgreSQL'de Autofailover ve Patroni 1 (Giriş) PostgreSQL'de Autofailover ve Patroni 2 (Kurulum, Konfigürasyon ve Yönetim) PostgreSQL'de Autofailover ve Patroni 3 (Mevcut PostgreSQL Cluster'inin Patroni'ye Geçirilmesi) Patroni, PostgreSQL veritabanlarının kurulumundan ve konfigürasyonundan sorumludur. Yani Patroni'yi kurduğumuz sunucular aynı zamanda Patroni ile kurulmuş PostgreSQL'leri barındıracak. Üç node'lu PostgreSQL ve üç node'lu ETCD cluster'larını oluşturacağım. Kuruluma önce üç no...