Privacy Dynamics launched last year with a beautiful and powerful web UI, which makes it easy and fast to connect your data, configure your de-identification requirements, and replicate safe data to any data store.

Complexity Creeps In

As we've grown, our customer deployments have gotten more complex. A single customer may want to use Privacy Dynamics across dozens of projects, representing several databases and environments. For example, a customer may load raw data from an API into S3, load that into a raw Snowflake database, and transform that data into an analytics Snowflake database. To protect their customers' information, they may want de-identified replicas at each stage of that process, to enable safe development of data pipelines. And finally, they might maintain multiple environments, each with a subset of the production data, and need de-identified replicas of each environments' data. This can result in dozens of projects, each with its own configuration, for even a simple 3-step pipeline.

Managing a deployment of this scale through a web UI can be a pain; governing it is even worse.

Configuration-as-Code

Fortunately, the solution to this type of problem is well-known: configuration-as-code (CAC). CAC is a mature practice seen often in DevOps and Software Engineering to bring scalability and governance to complex systems requiring extensive configuration. With configuration-as-code, you define your configuration in text files that get checked into source control; there, they can be reviewed and tested before being applied to production. Since it's text, programs can read the configuration and apply it automatically, possibly as a step in a CI/CD system.

Recently, we launched a new Privacy Dynamics API client and CLI that allows our customers like Stride Funding to manage their complex deployments.

The client is written in Python. The CLI operates on YAML config files and bi-directionally syncs updates between the UI and the config files. The client is installable with the Python package manager, pip; after adding API credentials, you can export the current configuration of your Privacy Dynamics projects with:

pvcy export

After making changes to the YAML config file, you can push those changes back to the application with:

pvcy sync

We also support a specific, additional use case that we often see: copying configuration between projects, for example, to create a prod-environment project from a development-environment project. For this, you can use the copy command, supplying the UUID of the source and destination projects:

pvcy copy <source-uuid> <destination-uuid> <another-destination-uuid...>

We're excited about giving our largest customers this new superpower and enabling data privacy and governance at scale. We can't wait to see how they use it.

If you would like to use the new API client and CLI, please reach out! We are currently supporting both new and existing customers with this workflow.