Bytebase is a database DevSecOps platform designed for developers, security, DBA, and platform engineering teams. While it offers an intuitive GUI for managing database schema changes and access control, some teams may want to integrate Bytebase into their existing DevOps platforms using the Bytebase API.
In the previous tutorial, you learned how to set up a GitHub Action that utilizes the Bytebase API to define semantic types and global masking rule. In this tutorial, we will explore how to apply column masking and masking exemption.
This is Part 2 of our tutorial series on implementing automated database masking using GitHub Actions:
In this tutorial, you’ll learn how to automate column masking and masking exemption using GitHub Actions and the Bytebase API. This integration allows you to:
Here is a merged pull request as an example.
The complete code for this tutorial is available at: example-database-security
This tutorial skips the setup part, if you haven’t set up the Bytebase and GitHub Action, please follow Setup Instructions section in the previous tutorial.
Column Masking lets you specify table columns different semantic type to mask the data differently.
Go to a database page, then pick a table, you can specify semantic type by clicking pen icon on table detail page.
Find the step Apply column masking
, which will apply the column masking to the database via API. First it will parse all the column masking files and then do a loop to apply the column masking to the database one by one. The code it calls Bytebase API is as follows:
By changing file masking/databases/**/**/database-catalog.json
, create a PR and then merge, the change will be applied.
Log in Bytebase console, at the workspace level, go to the database page, you can see the column semantic type is applied.
Masking Exemption lets you exempt users from data masking and see the unmasked data.
Go to a project page, then click Manage > Masking Exemptions, you can grant masking exemption to the database.
Find the step Apply masking exception
, which will apply the masking exception to the database and the process is similar, the code it calls Bytebase API is as follows:
By changing file masking/projects/**/masking-exception.json
, create a PR and then merge, the change will be applied.
Log in Bytebase console, go to the project Sample Project
, click Manage > Masking Exemptions, you can see the masking exemption is applied.
Bytebase is a database DevSecOps platform designed for developers, security, DBA, and platform engineering teams. While it offers an intuitive GUI for managing database schema changes and access control, some teams may want to integrate Bytebase into their existing DevOps platforms using the Bytebase API.
In the previous tutorial, you learned how to set up a GitHub Action that utilizes the Bytebase API to define semantic types and global masking rule. In this tutorial, we will explore how to apply column masking and masking exemption.
This is Part 2 of our tutorial series on implementing automated database masking using GitHub Actions:
In this tutorial, you’ll learn how to automate column masking and masking exemption using GitHub Actions and the Bytebase API. This integration allows you to:
Here is a merged pull request as an example.
The complete code for this tutorial is available at: example-database-security
This tutorial skips the setup part, if you haven’t set up the Bytebase and GitHub Action, please follow Setup Instructions section in the previous tutorial.
Column Masking lets you specify table columns different semantic type to mask the data differently.
Go to a database page, then pick a table, you can specify semantic type by clicking pen icon on table detail page.
Find the step Apply column masking
, which will apply the column masking to the database via API. First it will parse all the column masking files and then do a loop to apply the column masking to the database one by one. The code it calls Bytebase API is as follows:
By changing file masking/databases/**/**/database-catalog.json
, create a PR and then merge, the change will be applied.
Log in Bytebase console, at the workspace level, go to the database page, you can see the column semantic type is applied.
Masking Exemption lets you exempt users from data masking and see the unmasked data.
Go to a project page, then click Manage > Masking Exemptions, you can grant masking exemption to the database.
Find the step Apply masking exception
, which will apply the masking exception to the database and the process is similar, the code it calls Bytebase API is as follows:
By changing file masking/projects/**/masking-exception.json
, create a PR and then merge, the change will be applied.
Log in Bytebase console, go to the project Sample Project
, click Manage > Masking Exemptions, you can see the masking exemption is applied.