What is it?
AEGIS is a PII Data Privacy Vault REST API built in Go. Instead of storing raw sensitive data — emails, phone numbers, card numbers, Aadhaar, PAN — in your application database, you send them to AEGIS, get back an opaque token, and store that token. Only authorized roles can retrieve the real data, and every access is logged.
How it works
- Tokenize — store PII in the vault and receive an opaque token for your app database.
- Detokenize — retrieve raw or masked values based on the caller’s role.
- Audit — every STORE, DETOKENIZE, and DELETE is logged with actor, IP, and outcome.
Role-based access
Four roles with different access levels: ADMIN, ANALYST, SERVICE, and VIEWER. Sensitive
fields like card numbers can be fully denied for some roles while others get masked output — for
example, john@example.com becomes j***@example.com.
Security design
- AES-256-GCM with a fresh nonce per record — authenticated encryption, no ciphertext patterns.
- Soft deletes — audit trail stays intact; records are inaccessible via normal API flows.
- Append-only audit logs — immutable access history for breach detection.
- JWT roles — no DB lookup per request for authorization.
Run it locally
cp .env.example .env
docker-compose up --build
API is live at http://localhost:8080. Full curl walkthrough and API reference are in the
GitHub repo.
What’s next
Planned LLM proxy layer — tokenize PII before prompts reach external models, detokenize responses, and log every exposure in the audit trail.