Skip to content
Quickstart

Your first pseudonymization

This tutorial walks you through the full Brume flow on a minimal example. You’ll write a configuration, audit it, then run the actual pseudonymization.

Copy the example .env file next to your brume.yml:

Terminal window
cp .env.template .env

Fill in the two secrets and the connection strings for source and target:

Terminal window
# Secrets — keep these safe, their leak invalidates the pseudonymization
BRUME_HMAC_SECRET=replace-me-with-a-long-random-string
BRUME_FPE_KEY=replace-me-16ch-min
# Source (read-only account recommended)
BRUME_SOURCE_HOST=db.prod.internal
BRUME_SOURCE_PORT=5432
BRUME_SOURCE_DB=app_production
BRUME_SOURCE_USER=brume_reader
BRUME_SOURCE_PASSWORD=...
# Target — another Postgres, or a directory for .sql output
BRUME_TARGET_HOST=localhost
BRUME_TARGET_PORT=5432
BRUME_TARGET_DB=app_dev
BRUME_TARGET_USER=app
BRUME_TARGET_PASSWORD=...

See the .env reference for the full list of variables.

Start with a single table — users — and pseudonymize email, phone and the primary key.

extraction:
fk_depth: 3
tables:
- table: users
anonymization:
tables:
- table: users
columns:
- name: id
strategy: FPE_ID # automatically propagated to FKs pointing to users.id
- name: email
strategy: FAKE
type: EMAIL
- name: phone
strategy: MASK
type: PHONE
- name: notes
strategy: NULLIFY

See the brume.yml reference for the full schema.

plan is a command that estimates row volumes, walks foreign keys up to fk_depth, and most importantly lists PII columns not covered by any rule, it never extract anything.:

Terminal window
brume plan

Read the output carefully. Any column flagged as uncovered will be copied as-is — fix the config before going further.

dry-run executes the full pipeline but writes nothing (the target is a NullSink). It catches configuration errors that plan doesn’t — invalid strategies, type mismatches on FAKE, JSONB paths that don’t resolve:

Terminal window
brume dry-run

5. Run the pseudonymization — brume execute

Section titled “5. Run the pseudonymization — brume execute”

When plan and dry-run are clean, run for real:

Terminal window
brume execute

Brume copies the selected subset, transforms each column according to your rules, and writes to the target. Two runs with the same hmac-secret + fpe-key produce identical results — your pipeline is reproducible.