Yea that sounds like a nice way to do things. I could see there being security concerns that devs can directly access data streams from their local setup. For places with data controls I could see this being a no-go.

I guess you could have an anonymizer which consumes the production pub-sub and then anonymizes the data for consumption by non-prod environments.