SQLMesh macros used for ❄️ Dynamic Masking Policies implementation ✏️, and the Snowflake Hooker CLI (sfhook) ⭐

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Project description

sqlmeshsm

SQLMesh macros used for ❄️ Dynamic Masking Policies implementation ✏️, and the Snowflake Hooker CLI (sfhook) ⭐

List of macros:

Hooks:

sfhook drop_masking_policy -c {config.yml} -mp {func}

Data Masking Development

1. Installation

pip install sqlmesh_snow_mask --upgrade

In your (sqlmesh-project-dir)/macros/__init__.py, let's import our lib:

from sqlmeshsm import macros

2. Create masking policy functions

For example, the customer table needs the following masking policies:

First Name: mask with * except the first 3 characters, fixed length of 10, no masking of null
Last Name: mask with the first character of First Name, no masking of null

There are 2 masking functions, they must be created with following requirements:

📂 Files located under (your-sqlmesh-project)/macros/snow-mask-ddl
🆎 File name format: {mp_schema}.{mp_function_name}

-- /snow-mask-ddl/mp_schema.mp_first_name.sql
CREATE MASKING POLICY IF NOT EXISTS @schema.mp_first_name AS (
    masked_column string
) RETURNS string ->
    LEFT(CASE 
        WHEN masked_column IS NOT NULL THEN LEFT(masked_column, 3)
        ELSE NULL
    END || '**********', 10);

-- /snow-mask-ddl/mp_schema.mp_last_name.sql
CREATE MASKING POLICY IF NOT EXISTS @schema.mp_last_name AS (
    masked_column string,
    first_name_column string
) RETURNS string ->
    CASE 
        WHEN masked_column IS NOT NULL THEN LEFT(first_name_column, 1)
        ELSE NULL
    END;

@schema is the keyword to indicate the schema name which matches to the first part of the file name

3. Decide to mask model's columns

/* /models/my_customer_model.sql */
MODEL(
    name my_schema.my_customer_model
    kind FULL
    ...
)

/* REGISTER the masking funcs */
@create_masking_policy(mp_schema.mp_first_name)
@create_masking_policy(mp_schema.mp_last_name)

/* MODEL SQL CODE HERE */

/* USE the masking funcs */
@apply_masking_policy(first_name, mp_schema.mp_first_name)
@apply_masking_policy(my_schema.my_customer_model, last_name, mp_schema.mp_last_name, ['first_name'])

Let's plan and apply it now: sqlmesh plan --select-model my_schema.my_customer_model

4. (Optional) Decide to clean up the masking policies

Let's run the built-in hooks:

sfhook drop_masking_policy -c /path/to/sqlmesh/config.yml -mp you_mp_function_name

Try sfhook -h for more options.

Voila! Happy Masking 🎉

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

0.1.0b5 pre-release

Sep 23, 2023

0.1.0b4 pre-release

Sep 16, 2023

This version

0.1.0b3 pre-release

Sep 7, 2023

0.1.0b2 pre-release

Sep 5, 2023

0.1.0b1 pre-release

Sep 5, 2023

0.1.0b0 pre-release

Sep 5, 2023

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sqlmeshsm-0.1.0b3.tar.gz (10.4 kB view hashes)

Uploaded Sep 7, 2023 Source

Built Distribution

sqlmeshsm-0.1.0b3-py3-none-any.whl (10.0 kB view hashes)

Uploaded Sep 7, 2023 Python 3

Hashes for sqlmeshsm-0.1.0b3.tar.gz

Hashes for sqlmeshsm-0.1.0b3.tar.gz
Algorithm	Hash digest
SHA256	`39a15b7b0eeef9ede128af5cda7261df54b67449ada4f40e96a1b6e7ff8bddb7`
MD5	`3e5d50232572123e07375cddad2ebe2f`
BLAKE2b-256	`e79cd672ef7df81ab8909a95472fc6e2f75e6ecf3f383c4335538295a50098cd`

Hashes for sqlmeshsm-0.1.0b3-py3-none-any.whl

Hashes for sqlmeshsm-0.1.0b3-py3-none-any.whl
Algorithm	Hash digest
SHA256	`37ac97f389acaa58eaec91d65c0aaefa7f0579dcd3f865aca2a9e77c47d54e21`
MD5	`631e3005726dc47717570a21ab9b845a`
BLAKE2b-256	`8b7ecf04bbd4dedbcf339a32cfe10a534e3185d98cb5b09c1d2674c145580ce8`