Anonymizer
Anonymizer is a toolkit to help you to automate production data anonymization for test environments and compliancy., (*1)
Features:
- Scramble data by column
- Maintains referential integrity
- Consistent output state on multiple runs of same source data
- Truncate entire tables
- Drop tables or individual columns
- Store configuration (DSN + Filename) in a .env file
Usage
- Scan your application's database schema and decide which columns contain sensitive information. For example:
user.email
or request.ip
, etc.
- Create a configuration file (example below) for your application that lists all the sensitive columns with a method for anonymization.
-
Run anonymizer on your test database:, (*2)
vendor/bin/anonymizer, (*3)
This file defines which columns needs to be anonymized, and using which method. Additionally you truncate or drop entire tables or columns., (*4)
Here's an example:, (*5)
---
columns:
user.email:
method: faker
arguments:
formatter: email
cascades:
- user_email.address
- comment.email
request.ip:
method: faker
arguments:
formatter: ipv5
cascades:
- exception.ip
truncate:
- table1
- table2
drop:
- user.ip
- request.agent
- tmp*
- *.password
All columns are listed in tableName.columnName
format. For each column a method
is defined, with some optional arguments
. Most common is the faker
method, that takes a formatter
as an argument (i.e. email, userName, city, ipv4, etc - see the faker docs for more), (*6)
If you have any columns in other tables that reference this column, you can list them in the cascades
key (optional). This will ensure that the external columns are updated with the same new value so their references still work., (*7)
Wildcards
You can use wildcards (*, ?) in tablenames of the drop
list., (*8)
Configuration
You can use the environment (or a .env file) to pass ANONYMIZER_DSN (or PDO) and ANONYMIZER_FILENAME values to the anonymizer run
command. These values will be used to connect to the database, and read the specified configuration yaml file., (*9)
Optionally: configure ANONYMIZER_CONFIG_PATH
to point to a directory of .conf
files containing database connection details. This will be registered as an INI Backend to the Connector service to resolve db connections from config files., (*10)
About the "randomly" generated data
- The faker is initialized with the same seed every run (0). This ensures that multiple runs of anonymizer on the same source data result in the same anonymized data.
- The faker method ensures all generated values are unique within a single table. This prevents problems with references etc
- If you list cascades that contain values that are not defined in the source table, they will be updated to NULL. This prevents sensitive data lingering around in cascades accidentally. In a properly integrity-checked database this scenario would not happen.
Verbosity / schema
anonymizer analyzes the schema (tablenames + columnnames) before running. This information is used by the wildcard functionality.
You can run anonymizer with -v
to increase the verbosity to view this data. This can help you to verify if you're not seeing any tables or columns that should be dropped., (*11)
License
MIT. Please refer to the license file for details., (*12)
Brought to you by the LinkORB Engineering team
Check out our other projects at linkorb.com/engineering., (*13)
Btw, we're hiring!, (*14)