Chapter 32. Data Masking

Table of Contents

32.1. Data Masking via pg_dump
32.2. Data Masking via Logical Replication

Data masking (also known as data anonymization) is a feature that allows for transfer of table data to another database or cluster without leaking confidential information. The typical use case is that application developers, who have no direct access to the production database, need a database as similar to the production database as possible, both for testing and troubleshooting.

To mask particular column, you need to define a masking expression for it. For example:

ALTER TABLE people ALTER COLUMN email SET MASK md5(email);

ALTER TABLE people ALTER COLUMN email SET MASK NULL;

Once the masking expression exists, there are two ways to transfer the data.