Amazon Aurora PostgreSQL introduces dynamic data masking

[Amazon Aurora](https://aws.amazon.com/rds/aurora/) PostgreSQL-Compatible Edition now supports dynamic data masking through the new pg\_columnmask extension, allowing you to simplify the protection of sensitive data in your database. pg\_columnmask extends Aurora's security capabilities by enabling column-level protection that complements PostgreSQL's native row-level security and column level grants. Using pg\_columnmask, you can control access to sensitive data through SQL-based masking policies and define how data appears to users at query time based on their roles, helping you comply with data privacy regulations like GDPR, HIPAA, and PCI DSS. With pg\_columnmask, you can create flexible masking policies using built-in or user-defined functions. You can completely hide information, replace partial values with wildcards, or define custom masking approaches. Further, you can apply multiple masking policies to a single column and control their precedence using weights. pg\_columnmask helps protect data in complex queries with WHERE, JOIN, ORDER BY, or GROUP BY clauses. Data is masked at the database level during query processing, leaving stored data unmodified. pg\_columnmask is available for Aurora PostgreSQL version 16.10 and higher, and 17.6 and higher in all AWS Regions where Aurora PostgreSQL is available. To learn more, review our [blog post](https://aws.amazon.com/blogs/database/protect-sensitive-data-with-dynamic-data-masking-for-amazon-aurora-postgresql/) and visit [technical documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Security.DynamicMasking.html).