Test against real data, not real customer data
Your customers' real names, emails and card numbers are sitting in dev right now
Safe Test Data removes the risk of leaked data
Every time a team copies production into dev, test or a sandbox for realistic data, the personal data comes with it, into an environment far more people can reach. Safe Test Data removes it before the copy ever leaves production.
One snapshot in, a sanitised copy out
Point it at a snapshot
Give it an RDS snapshot, from this account or shared in from another.
Build a throwaway copy
A CloudFormation stack restores the snapshot into an isolated database with a Fargate task. Production is never connected.
Scrub with your rules
Your scrub script runs from S3, masking, obfuscating or trimming the data exactly how you decide.
Validate the scrub
Validation queries run against the scrubbed copy. If any real names, emails or card numbers remain, the wash fails and nothing is released.
Restore anywhere
Load the sanitised copy straight into dev, staging or a local container in one step, or take it as a SQL dump or a clean snapshot.
It tears itself down
When the wash finishes the environment is destroyed. No copy left behind, nothing left running.
The personal data is gone, and proven gone
Scrub rules run inside the throwaway environment, against the restored snapshot, then validation queries check the result. A copy is only released once the personal data is provably gone, so nothing sensitive travels into dev, test or a sandbox.
- Mask or obfuscate names, emails and card numbers
- Validate the scrub, the wash fails if any personal data remains
- Resets the database password and can set known dev logins, so production credentials never travel with the copy
- Trim and subset large tables so dev is smaller and cheaper than production
Prod-like data on every developer's machine
It starts from a real production snapshot and scrubs in place, so the copy keeps production's schema, volumes and relationships. Only the personal data changes, swapped for realistic stand-ins. Developers build against data that behaves like the real thing, not thin synthetic data that hides the bugs real data finds.
- Real production shape: volumes, relationships and edge cases, not generated rows
- Personal fields swapped for realistic values, so the copy still looks and behaves like prod
- Pull the sanitised dump from S3 to a laptop, or build a Docker image with it
- One command to restore, no hand-run pg_restore or mysql import
Every database you run, in your AWS accounts
One tool covers the databases you run, whatever the engine, and it runs entirely in your AWS accounts on Fargate. Point it at an instance and it washes every database in one pass, not one at a time, and can assume a role into another account when the snapshot lives somewhere else.
- MySQL, PostgreSQL and SQL Server, including Aurora MySQL and Aurora PostgreSQL
- Washes every database on the instance in one run, skipping the system ones
- Each database lands as its own named, sanitised dump in S3
Built by base2Services
The pipeline we built to give our managed customers realistic data in lower environments, without copying their customers' personal data along with it.
base2Services is an AWS Advanced Consulting Partner specialising in platform engineering and managed AWS operations. This is part of how we run AWS for people, not a side project. If you would rather not run it yourself, the team that built it can run it against your snapshots whenever you need a fresh environment.
Keeps regulated data out of development