DATA OPS
Weekly Postgres PII Drift Audit Report
Once a week, an agent crawls your Postgres analytics database for unclassified columns, samples and classifies them for PII.
How it runs
The automated pipeline, trigger to output.
- TriggerWeekly schedule
- ActionEnumerate all columns and diff vs. classification registryPostgres
- ActionSample and classify unclassified columnsOpenAI
- LogicAssemble coverage stats and new findings
- ActionWrite governance report to Notion pageNotion
- OutputPush PII-coverage gauge and metrics to DatadogDatadog
What it does
Runs a weekly full-coverage audit: an agent enumerates every column in the Postgres analytics schema, compares against a known classification registry, samples and classifies the unclassified ones, and produces a governance report in Notion plus a PII-coverage metric in Datadog to track drift over time.
When to use it
Use it for a recurring compliance artifact — a defensible weekly record showing what fraction of warehouse columns are classified and which new ones slipped through.
How it works
- 1A weekly schedule starts the audit.
- 2The agent lists all columns from information_schema and diffs them against the existing classification registry.
- 3For each unclassified column it samples distinct values and classifies the PII type and confidence.
- 4It assembles a structured report: total columns, classified percentage, and the new sensitive findings.
- 5The report is written to a Notion governance page.
- 6A coverage gauge and new-PII count are pushed to Datadog for trend dashboards and alerts.
Set it up
What you configure once, before turning it on.
- 1Connect PostgresAny Postgres URL — query, write, migrate.
- 2Connect OpenAIModels, embeddings, files.
- 3Connect NotionPages, databases, comments.
- 4Connect DatadogMetrics, traces, log search.
- 5Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 6Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 7Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More Data Ops workflows
Snowflake column type-drift sentinel with Linear fix ticket
Snapshots the data types of every column in your tracked Snowflake schemas on a schedule, diffs against the last snapshot.
Daily BigQuery Scheduled-Query Cost Attribution to Owners
Each morning, totals the prior day's on-demand bytes-billed per scheduled query, maps each query to its owner from a label, and posts a per-owner cost leaderboard to Slack.
BigQuery dropped/renamed column sentinel with PagerDuty incident
Detects when a column is dropped or renamed in your governed BigQuery datasets and, because that breaks downstream queries hard, pages the on-call via PagerDuty and posts…
PR-time Snowflake schema contract check on dbt model changes
When a pull request changes a dbt model, it compares the model's declared output columns against the live Snowflake table it will replace and blocks the merge with a GitHub check…
Agent-triaged warehouse drift with impact analysis and runbook update
On a webhook from your warehouse audit log, an agent investigates the changed column, traces which downstream models and dashboards depend on it.
Cross-warehouse replication schema mismatch reconciler
Compares the column shape of mirrored tables between BigQuery and Snowflake and, when a replicated table has drifted out of sync between the two, opens an Asana task for the data…
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.