Other databases
Status: Exploration · Priority: 6
Extend Brume’s support beyond PostgreSQL to:
- MySQL (and MariaDB)
- SQL Server
- MongoDB
Why it matters
Section titled “Why it matters”PostgreSQL is Brume’s first-class home, but many teams operate polyglot data stacks. Asking them to maintain a different pseudonymization tool per engine fragments their compliance story and multiplies the secrets they have to protect.
What it’ll unlock
Section titled “What it’ll unlock”- A single pseudonymization tool across heterogeneous stacks.
- Shared
BRUME_HMAC_SECRET/BRUME_FPE_KEYacross engines, with cross-enginelinked_columnskeeping the same fake value coherent. - A consolidated DPO sign-off across the whole data platform, not just one engine.
Order of attack (tentative)
Section titled “Order of attack (tentative)”- MySQL / MariaDB — closest cousin to Postgres, similar FK and constraint model, reuses most of the pipeline.
- SQL Server — more enterprise demand, requires careful handling of schema and identity columns.
- MongoDB — different paradigm (document store, no FKs). Needs a different abstraction layer;
linked_columnsbecomes the primary mechanism.
Open design questions
Section titled “Open design questions”- One unified config schema vs. per-engine YAML.
- How to map FPE on engines without a native equivalent to Postgres’s domain types.
- Schema discovery on MongoDB — strict schema vs. sampled.