All posts
August 25, 20222 min read

BigQuery Data Masking Shell Completion

Protecting sensitive data is essential for privacy and compliance. BigQuery, Google’s fully-managed data warehouse, offers built-in features to obscure sensitive information through data masking. With shell completion, you can create and manage these data masking rules more efficiently, saving both time and effort. In this guide, we’ll explore how to leverage BigQuery’s data masking capabilities with shell completion, so you can secure your datasets and streamline workflows. What is BigQuery D

Free White Paper

Data Masking (Static) + BigQuery IAM: The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Free. No spam. Unsubscribe anytime.
Andrios Robert

Protecting sensitive data is essential for privacy and compliance. BigQuery, Google’s fully-managed data warehouse, offers built-in features to obscure sensitive information through data masking. With shell completion, you can create and manage these data masking rules more efficiently, saving both time and effort. In this guide, we’ll explore how to leverage BigQuery’s data masking capabilities with shell completion, so you can secure your datasets and streamline workflows.

What is BigQuery Data Masking?

Data masking in BigQuery allows you to control access to sensitive information. This feature replaces real data with dummy values, like altering a user’s Social Security number or bank details. Unlike encryption, masking applies directly to query results, providing unobtrusive security in response to user roles.

Masking helps ensure that sensitive fields remain hidden but still allow analytics using the altered versions of data. This is particularly valuable for adhering to compliance standards like GDPR and HIPAA.

Why Use Shell Completion for Data Masking in BigQuery?

Shell completion offers a faster, error-free way to run commands in your CLI (Command-Line Interface). As you work with the bq tool—BigQuery’s CLI—you run commands to configure data masking rules, policies, or settings.

Manual typing invites human error, especially for complex commands. Shell completion addresses this issue by predicting and auto-completing command structures. This ensures efficiency and correctness while managing security settings.

When paired with the bq CLI, shell completion makes your BigQuery data masking operations faster and reduces the cognitive load of remembering syntax.

Setting Up Data Masking Rules in BigQuery

To start data masking with BigQuery and leverage shell completion benefits, you’ll need to configure masking policies. Here's a quick overview:

Step 1: Enable BigQuery Data Masking Features

First, make sure your BigQuery project has data masking configurations enabled. For this, you may need admin privileges.

Run the following:

Continue reading? Get the full guide.

Data Masking (Static) + BigQuery IAM: Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.
gcloud services enable bigquery.googleapis.com

Step 2: Create a Masking Policy

Masking policies specify which dataset tables or columns to obscure and define user access roles to determine visibility. For example, you might want to mask all personal email addresses from regular users but reveal them to admins.

Here's how you can create a masking policy:

bq mk --masking_policy=my_policy --rule-type=MASKING --table=my_dataset.my_table --column=user_email --masking-expression=XXX-XX

Step 3: Assign Policies Using Roles

Add the newly created policy to the roles that will need access to masked or unmasked fields. Use the CLI for quick updates.

Enabling Shell Completion for BigQuery

Shell completion simplifies the process of managing sensitive data policies in BigQuery. Here’s how to set it up:

Step 1: Enable Shell Completion

If you’re using Bash or Zsh, run the command:

source <(bq completion)

For persistent shell completion, add it to your .bashrc (Bash) or .zshrc (Zsh) file:

echo 'source <(bq completion)' >> ~/.bashrc

OR

echo 'source <(bq completion)' >> ~/.zshrc

Step 2: Test and Confirm Completion

Once enabled, try typing a bq command partially and press the Tab key. The CLI should now automatically suggest or complete BigQuery commands for masking policies, datasets, and roles.

How Shell Completion Simplifies BigQuery Data Masking

Using shell completion with BigQuery's bq tool delivers several advantages for managing masking policies:

  • Reduced Errors: Prevent typos in table names, columns, and options.
  • Faster Execution: Auto-complete long CLI commands, saving development time.
  • Consistency: Ensure standard constructs are applied across teams working on data masking policies.

Optimize Security While Saving Time

BigQuery data masking combined with shell completion helps streamline sensitive information protection. By reducing manual errors and speeding up the process of policy configuration, developers and teams can ensure robust security while staying productive.

Want to see a demo of how to accelerate workflows like this? Check out Hoop.dev. Spin up a sandbox environment and experience BigQuery shell completion live in minutes.

Secure smarter. Work faster. Explore now here.

Get started

See hoop.dev in action

One gateway for every database, container, and AI agent. Deploy in minutes.

Get a demoMore posts