Data masking is a crucial step in safeguarding sensitive information, especially in databases used for development, testing, or analytics. When working with PostgreSQL and Snowflake, combining pgcli—a popular command-line interface for PostgreSQL—with Snowflake’s data masking capabilities can create a seamless and efficient data management workflow.
This blog will show you how to leverage these tools for secure and streamlined operations. We'll also introduce how Hoop.dev can help you implement this setup effortlessly so you can see it live in minutes.
Why Data Masking Matters
Data breaches, compliance requirements, and privacy concerns make protection of sensitive data a top priority. Snowflake's dynamic data masking ensures sensitive information like social security numbers or credit card data is hidden from unauthorized users while still enabling database functionality. This balances security with real-time usability.
Yet, when working in multi-tool ecosystems, you need efficient database access and execution. This is where pgcli enters the picture.
What is Pgcli?
Pgcli is an enhanced command-line interface for PostgreSQL designed to speed up database interactions. With features like autocompletion and syntax highlighting, pgcli simplifies querying and managing databases. But how does it fit with Snowflake?
While pgcli doesn’t natively support Snowflake, its PostgreSQL-centric features often serve as part of a developer’s workflow for managing non-sensitive datasets—making it a companion tool when working with masked Snowflake data.
Setting Up Data Masking in Snowflake
Snowflake provides a dynamic and flexible way to protect sensitive information using data masking policies. Here’s a quick setup workflow:
1. Create a Masking Policy
CREATE MASKING POLICY mask_credit_card AS (val STRING)
RETURNS STRING ->
CASE
WHEN CURRENT_ROLE IN ('DATA_VIEWER') THEN '************'
ELSE val
END;
This policy hides credit card information from users unless their role explicitly authorizes visibility.
2. Apply the Policy to a Table
ALTER TABLE customers MODIFY COLUMN credit_card_number
SET MASKING POLICY mask_credit_card;
Now, all queries to customers.credit_card_number will respect the masking policy automatically.
3. Test Permissions
Use SQL commands to test different roles and confirm that data views match expectations.
Integrating Pgcli in Your Workflow with Masked Snowflake Data
Although pgcli cannot connect directly to Snowflake, many teams use it to interact with PostgreSQL for related tasks while pairing it with Snowflake via intermediate tools. Here’s a practical combination for a secure, efficient setup:
- Query masked data in Snowflake using your typical BI or SQL editor.
- Push protected or aggregated results to PostgreSQL for downstream access.
- Use pgcli for quick queries, edits, or administrative tasks in PostgreSQL.
This hybrid approach allows you to leverage dynamic data masking in Snowflake while maintaining developer productivity.
Benefits of This Approach
- Data Security: Enforce dynamic access control via Snowflake masking policies.
- Developer Efficiency: Keep workflows fast and intuitive with pgcli for PostgreSQL tasks.
- Flexibility: Combine insights from PostgreSQL and Snowflake without compromising security.
Bring It All Together with Hoop.dev
Building secure and efficient workflows shouldn’t feel overwhelming. With Hoop.dev, you can instantly connect your database tools, including Snowflake and PostgreSQL, and manage their interplay with ease.
Experience smooth database interactions and powerful data security out of the box. See how this works in minutes at Hoop.dev.
Protect your sensitive data and simplify your workflows with the best tools at your disposal—start today.