민감한 정보 보호는 구조화된 데이터 내에서 민감한 정보를 감지, 분류, 익명화할 수 있습니다. 콘텐츠를 테이블을 익명화할 때 구조 및 열은 민감한 정보 보호에 일부 사용 사례에 더 나은 결과를 제공하는 데 사용할 수 있는 추가 정보를 제공합니다. 예를 들어 전체 테이블 구조 대신 단일 열에서 특정 데이터 유형을 스캔할 수 있습니다.
이 주제에서는 구조화된 텍스트 내에서 민감한 정보의 익명화를 구성하는 방법을 예시로 제공합니다. 익명화는 레코드 변환을 통해 사용 설정됩니다. 이러한 변환은 표 형식 텍스트 데이터에서 특정 infoType으로 식별되는 값 또는 표 형식 데이터의 전체 열에 적용됩니다.
이 주제에서는 암호화 해시 방법을 사용하는 표 형식 데이터 변환도 예시로 제공합니다. 암호화 변환 메서드는 암호화 키 요구 사항으로 인해 고유합니다.
다음 예시에서 제공된 JSON은 "deidentifyConfig"(DeidentifyConfig) 속성 내에서 모든 익명화 요청에 삽입할 수 있습니다. 'API 탐색기 예시' 링크를 클릭하여 API 탐색기의 JSON 예시를 사용해 보세요.
검사 없이 열 변환
콘텐츠가 이미 알려진 특정 열을 변환하려면 검사를 건너 뛰고 변환을 직접 지정할 수 있습니다. 표 다음에 나오는 예시에서 버킷은 '행복 점수' 열을 10씩 증가시킵니다.
| 입력 | 변환된 테이블 | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
C#
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyUsingTableBucketing
{
public static Table DeidentifyData(
string projectId,
Table tableToInspect = null)
{
// Instantiate dlp client.
var dlp = DlpServiceClient.Create();
// Construct the table if null.
if (tableToInspect == null)
{
var row1 = new Value[]
{
new Value { StringValue = "101" },
new Value { StringValue = "Charles Dickens" },
new Value { StringValue = "95" }
};
var row2 = new Value[]
{
new Value { StringValue = "22" },
new Value { StringValue = "Jane Austin" },
new Value { StringValue = "21" }
};
var row3 = new Value[]
{
new Value { StringValue = "55" },
new Value { StringValue = "Mark Twain" },
new Value { StringValue = "75" }
};
tableToInspect = new Table
{
Headers =
{
new FieldId { Name = "AGE" },
new FieldId { Name = "PATIENT" },
new FieldId { Name = "HAPPINESS SCORE" }
},
Rows =
{
new Table.Types.Row { Values = { row1 } },
new Table.Types.Row { Values = { row2 } },
new Table.Types.Row { Values = { row3 } }
}
};
}
// Construct the table content item.
var contentItem = new ContentItem { Table = tableToInspect };
// Specify how the content should be de-identified.
var fixedSizeBucketingConfig = new FixedSizeBucketingConfig
{
BucketSize = 10,
LowerBound = new Value { IntegerValue = 0 },
UpperBound = new Value { IntegerValue = 100 },
};
// Specify the fields to be encrypted.
var fields = new FieldId[] { new FieldId { Name = "HAPPINESS SCORE" } };
// Associate the encryption with the specified field.
var fieldTransformation = new FieldTransformation
{
PrimitiveTransformation = new PrimitiveTransformation
{
FixedSizeBucketingConfig = fixedSizeBucketingConfig
},
Fields = { fields }
};
// Construct the deidentify config.
var deidentifyConfig = new DeidentifyConfig
{
RecordTransformations = new RecordTransformations
{
FieldTransformations = { fieldTransformation }
}
};
// Construct the request.
var request = new DeidentifyContentRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
DeidentifyConfig = deidentifyConfig,
Item = contentItem,
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the response.
Console.WriteLine(response.Item.Table);
return response.Item.Table;
}
}
Go
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deIdentifyTableBucketing de-identifies data using table bucketing
func deIdentifyTableBucketing(w io.Writer, projectID string) error {
// projectId := "your-project-id"
// table := "your-table-value"
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "22"}},
{Type: &dlppb.Value_StringValue{StringValue: "Jane Austen"}},
{Type: &dlppb.Value_StringValue{StringValue: "21"}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "55"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain"}},
{Type: &dlppb.Value_StringValue{StringValue: "75"}},
},
}
row3 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "101"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens"}},
{Type: &dlppb.Value_StringValue{StringValue: "95"}},
},
}
table := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "AGE"},
{Name: "PATIENT"},
{Name: "HAPPINESS SCORE"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
{Values: row3.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: table,
},
}
// Specify how the content should be de-identified.
fixedSizeBucketingConfig := &dlppb.FixedSizeBucketingConfig{
BucketSize: 10,
LowerBound: &dlppb.Value{
Type: &dlppb.Value_IntegerValue{
IntegerValue: 0,
},
},
UpperBound: &dlppb.Value{
Type: &dlppb.Value_IntegerValue{
IntegerValue: 100,
},
},
}
primitiveTransformation := &dlppb.PrimitiveTransformation_FixedSizeBucketingConfig{
FixedSizeBucketingConfig: fixedSizeBucketingConfig,
}
// Specify field to be encrypted.
fieldId := &dlppb.FieldId{
Name: "HAPPINESS SCORE",
}
// Associate the encryption with the specified field.
fieldTransformation := &dlppb.FieldTransformation{
Transformation: &dlppb.FieldTransformation_PrimitiveTransformation{
PrimitiveTransformation: &dlppb.PrimitiveTransformation{
Transformation: primitiveTransformation,
},
},
Fields: []*dlppb.FieldId{
fieldId,
},
}
recordTransformations := &dlppb.RecordTransformations{
FieldTransformations: []*dlppb.FieldTransformation{
fieldTransformation,
},
}
// Construct the de-identification request to be sent by the client.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
},
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}
Java
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.FixedSizeBucketingConfig;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
public class DeIdentifyTableBucketing {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
Table tableToDeIdentify =
Table.newBuilder()
.addHeaders(FieldId.newBuilder().setName("AGE").build())
.addHeaders(FieldId.newBuilder().setName("PATIENT").build())
.addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("101").build())
.addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
.addValues(Value.newBuilder().setStringValue("95").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("22").build())
.addValues(Value.newBuilder().setStringValue("Jane Austen").build())
.addValues(Value.newBuilder().setStringValue("21").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("55").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain").build())
.addValues(Value.newBuilder().setStringValue("75").build())
.build())
.build();
deIdentifyTableBucketing(projectId, tableToDeIdentify);
}
public static Table deIdentifyTableBucketing(String projectId, Table tableToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to de-identify.
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify how the content should be de-identified.
FixedSizeBucketingConfig fixedSizeBucketingConfig =
FixedSizeBucketingConfig.newBuilder()
.setBucketSize(10)
.setLowerBound(Value.newBuilder().setIntegerValue(0).build())
.setUpperBound(Value.newBuilder().setIntegerValue(100).build())
.build();
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder()
.setFixedSizeBucketingConfig(fixedSizeBucketingConfig)
.build();
// Specify field to be encrypted.
FieldId fieldId = FieldId.newBuilder().setName("HAPPINESS SCORE").build();
// Associate the encryption with the specified field.
FieldTransformation fieldTransformation =
FieldTransformation.newBuilder()
.setPrimitiveTransformation(primitiveTransformation)
.addFields(fieldId)
.build();
RecordTransformations transformations =
RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
return response.getItem().getTable();
}
}
}Node.js
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize google DLP Client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// Construct the tabular data
const tablularData = {
headers: [{name: 'AGE'}, {name: 'PATIENT'}, {name: 'HAPPINESS SCORE'}],
rows: [
{
values: [
{integerValue: 101},
{stringValue: 'Charles Dickens'},
{integerValue: 95},
],
},
{
values: [
{integerValue: 22},
{stringValue: 'Jane Austen'},
{integerValue: 21},
],
},
{
values: [
{integerValue: 55},
{stringValue: 'Mark Twain'},
{integerValue: 75},
],
},
],
};
async function deIdentifyTableBucketing() {
// Specify field to be de-identified.
const targetColumn = {name: 'HAPPINESS SCORE'};
// Specify how the content should be de-identified.
const bucketingConfig = {
bucketSize: 10,
lowerBound: {
integerValue: 0,
},
upperBound: {
integerValue: 100,
},
};
const primitiveTransformation = {
fixedSizeBucketingConfig: bucketingConfig,
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: {
table: tablularData,
},
deidentifyConfig: {
recordTransformations: {
fieldTransformations: [
{
fields: [targetColumn],
primitiveTransformation,
},
],
},
},
};
// Send the request and receive response from the service
const [response] = await dlp.deidentifyContent(request);
// Print the results.
console.log(
`Table after de-identification: ${JSON.stringify(response.item.table)}`
);
}
deIdentifyTableBucketing();PHP
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
use Google\Cloud\Dlp\V2\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\FieldTransformation;
use Google\Cloud\Dlp\V2\FixedSizeBucketingConfig;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\RecordTransformations;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\Value;
/**
* De-identify data using table bucketing
* Transform a column without inspection. To transform a column in which the content is
* already known, you can skip inspection and specify a transformation directly.
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $inputCsvFile The input file(csv) path to deidentify
* @param string $outputCsvFile The oupt file path to save deidentify content
*
*/
function deidentify_table_bucketing(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $inputCsvFile = './test/data/table2.csv',
string $outputCsvFile = './test/data/deidentify_table_bucketing_output.csv'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
// Read a CSV file
$csvLines = file($inputCsvFile, FILE_IGNORE_NEW_LINES);
$csvHeaders = explode(',', $csvLines[0]);
$csvRows = array_slice($csvLines, 1);
// Convert CSV file into protobuf objects
$tableHeaders = array_map(function ($csvHeader) {
return (new FieldId)
->setName($csvHeader);
}, $csvHeaders);
$tableRows = array_map(function ($csvRow) {
$rowValues = array_map(function ($csvValue) {
return (new Value())
->setStringValue($csvValue);
}, explode(',', $csvRow));
return (new Row())
->setValues($rowValues);
}, $csvRows);
// Construct the table object
$tableToDeIdentify = (new Table())
->setHeaders($tableHeaders)
->setRows($tableRows);
// Specify what content you want the service to de-identify.
$contentItem = (new ContentItem())
->setTable($tableToDeIdentify);
// Specify how the content should be de-identified.
$fixedSizeBucketingConfig = (new FixedSizeBucketingConfig())
->setBucketSize(10)
->setLowerBound((new Value())
->setIntegerValue(10))
->setUpperBound((new Value())
->setIntegerValue(100));
$primitiveTransformation = (new PrimitiveTransformation())
->setFixedSizeBucketingConfig($fixedSizeBucketingConfig);
// Specify the field to to apply bucketing transform on
$fieldId = (new FieldId())
->setName('HAPPINESS_SCORE');
// Associate the encryption with the specified field.
$fieldTransformation = (new FieldTransformation())
->setPrimitiveTransformation($primitiveTransformation)
->setFields([$fieldId]);
$recordTransformations = (new RecordTransformations())
->setFieldTransformations([$fieldTransformation]);
// Create the deidentification configuration object
$deidentifyConfig = (new DeidentifyConfig())
->setRecordTransformations($recordTransformations);
$parent = "projects/$callingProjectId/locations/global";
// Run request
$response = $dlp->deidentifyContent([
'parent' => $parent,
'deidentifyConfig' => $deidentifyConfig,
'item' => $contentItem
]);
// Print results
$csvRef = fopen($outputCsvFile, 'w');
fputcsv($csvRef, $csvHeaders);
foreach ($response->getItem()->getTable()->getRows() as $tableRow) {
$values = array_map(function ($tableValue) {
return $tableValue->getStringValue();
}, iterator_to_array($tableRow->getValues()));
fputcsv($csvRef, $values);
};
printf($outputCsvFile);
}Python
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
from typing import Dict, List, Union # noqa: F811, E402, I100
import google.cloud.dlp # noqa: F811, E402
from google.cloud.dlp_v2 import types # noqa: F811, E402
def deidentify_table_bucketing(
project: str,
table_data: Dict[str, Union[List[str], List[List[str]]]],
deid_content_list: List[str],
bucket_size: int,
bucketing_lower_bound: int,
bucketing_upper_bound: int,
) -> types.dlp.Table:
"""Uses the Data Loss Prevention API to de-identify sensitive data in a
table by replacing them with fixed size bucket ranges.
Args:
project: The Google Cloud project id to use as a parent resource.
table_data: Dictionary representing table data.
deid_content_list: A list of fields in table to de-identify.
bucket_size: Size of each bucket for fixed sized bucketing
(except for minimum and maximum buckets). So if ``bucketing_lower_bound`` = 10,
``bucketing_upper_bound`` = 89, and ``bucket_size`` = 10, then the
following buckets would be used: -10, 10-20, 20-30, 30-40,
40-50, 50-60, 60-70, 70-80, 80-89, 89+.
bucketing_lower_bound: Lower bound value of buckets.
bucketing_upper_bound: Upper bound value of buckets.
Returns:
De-identified table is returned;
the response from the API is also printed to the terminal.
Example:
>> $ python deid.py deid_table_bucketing \
'{"header": ["email", "phone number", "age"],
"rows": [["robertfrost@example.com", "4232342345", "35"],
["johndoe@example.com", "4253458383", "68"]]}' \
["age"] 10 0 100
>> '{"header": ["email", "phone number", "age"],
"rows": [["robertfrost@example.com", "4232342345", "30:40"],
["johndoe@example.com", "4253458383", "60:70"]]}'
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Construct the `table`. For more details on the table schema, please see
# https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
headers = [{"name": val} for val in table_data["header"]]
rows = []
for row in table_data["rows"]:
rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
table = {"headers": headers, "rows": rows}
# Construct the `item`.
item = {"table": table}
# Construct fixed sized bucketing configuration
fixed_size_bucketing_config = {
"bucket_size": bucket_size,
"lower_bound": {"integer_value": bucketing_lower_bound},
"upper_bound": {"integer_value": bucketing_upper_bound},
}
# Specify fields to be de-identified
deid_content_list = [{"name": _i} for _i in deid_content_list]
# Construct Deidentify Config
deidentify_config = {
"record_transformations": {
"field_transformations": [
{
"fields": deid_content_list,
"primitive_transformation": {
"fixed_size_bucketing_config": fixed_size_bucketing_config
},
}
]
}
}
# Call the API.
response = dlp.deidentify_content(
request={"parent": parent, "deidentify_config": deidentify_config, "item": item}
)
# Print the results.
print(f"Table after de-identification: {response.item.table}")
# Return the response.
return response.item.table
"deidentifyConfig":{
"recordTransformations":{
"fieldTransformations":[
{
"fields":[
{
"name":"HAPPINESS SCORE"
}
],
"primitiveTransformation":{
"fixedSizeBucketingConfig":{
"bucketSize":10,
"lowerBound":{
"integerValue":"0"
},
"upperBound":{
"integerValue":"100"
}
}
}
}
]
}
}
다른 열의 값에 따라 열 변환
다른 열의 값에 따라 열을 변환할 수 있습니다. 이 예시에서는 만 89세 이상 모든 환자에 대해 '해당 점수'를 수정합니다.
| 입력 | 변환된 테이블 | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
C#
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyTableUsingMaskingAndLogic
{
public static Table DeidentifyTable(
string projectId,
Table tableToInspect = null)
{
// Instantiate the client.
var dlp = DlpServiceClient.Create();
// Construct the table if null.
if (tableToInspect == null)
{
var row1 = new Value[]
{
new Value { StringValue = "101" },
new Value { StringValue = "Charles Dickens" },
new Value { StringValue = "95" },
new Value { StringValue = "Charles Dickens name was a curse invented by Shakespeare." }
};
var row2 = new Value[]
{
new Value { StringValue = "22" },
new Value { StringValue = "Jane Austin" },
new Value { StringValue = "21" },
new Value { StringValue = "There are 14 kisses in Jane Austen's novels." }
};
var row3 = new Value[]
{
new Value { StringValue = "55" },
new Value { StringValue = "Mark Twain" },
new Value { StringValue = "75" },
new Value { StringValue = "Mark Twain loved cats." }
};
tableToInspect = new Table
{
Headers =
{
new FieldId { Name = "AGE" },
new FieldId { Name = "PATIENT" },
new FieldId { Name = "HAPPINESS SCORE" },
new FieldId { Name = "FACTOID" }
},
Rows =
{
new Table.Types.Row { Values = { row1 } },
new Table.Types.Row { Values = { row2 } },
new Table.Types.Row { Values = { row3 } }
}
};
}
// Construct the table content item.
var contentItem = new ContentItem { Table = tableToInspect };
//Specify how the content should be de-identified.
var primitiveTransformation = new PrimitiveTransformation
{
CharacterMaskConfig = new CharacterMaskConfig
{
MaskingCharacter = "*"
}
};
// Specify the fields to be de-identified.
var fields = new FieldId[] { new FieldId { Name = "HAPPINESS SCORE" } };
// Specify when the above fields should be de-identified using condition.
var condition = new RecordCondition.Types.Conditions
{
Conditions_ =
{
new RecordCondition.Types.Condition
{
Field = new FieldId { Name = "AGE" },
Operator = RelationalOperator.GreaterThan,
Value = new Value { IntegerValue = 89 }
}
}
};
// Apply the condition to records
var recordCondition = new RecordCondition
{
Expressions = new RecordCondition.Types.Expressions
{
Conditions = condition
}
};
// Associate the de-identification and conditions with the specified fields.
var deidentifiedConfig = new DeidentifyConfig
{
RecordTransformations = new RecordTransformations
{
FieldTransformations =
{
new FieldTransformation
{
PrimitiveTransformation = primitiveTransformation,
Fields = { fields },
Condition = recordCondition
}
}
}
};
// Construct the request.
var request = new DeidentifyContentRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
DeidentifyConfig = deidentifiedConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the response.
Console.WriteLine(response.Item.Table);
return response.Item.Table;
}
}Go
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyTableMaskingCondition de-identifies the table data using masking
// and conditional logic
func deidentifyTableMaskingCondition(w io.Writer, projectID string) error {
// projectId := "your-project-id"
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "22"}},
{Type: &dlppb.Value_StringValue{StringValue: "Jane Austen"}},
{Type: &dlppb.Value_StringValue{StringValue: "21"}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "55"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain"}},
{Type: &dlppb.Value_StringValue{StringValue: "75"}},
},
}
row3 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "101"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens"}},
{Type: &dlppb.Value_StringValue{StringValue: "95"}},
},
}
table := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "AGE"},
{Name: "PATIENT"},
{Name: "HAPPINESS SCORE"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
{Values: row3.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: table,
},
}
// Specify how the content should be de-identified.
charMaskConfig := &dlppb.CharacterMaskConfig{
MaskingCharacter: "*",
}
primitiveTransformation := &dlppb.PrimitiveTransformation_CharacterMaskConfig{
CharacterMaskConfig: charMaskConfig,
}
// Specify field to be de-identified.
fieldId := &dlppb.FieldId{
Name: "HAPPINESS SCORE",
}
// Apply the condition to the records present in table.
recordCondition := &dlppb.RecordCondition_Condition{
Field: fieldId,
Operator: dlppb.RelationalOperator_GREATER_THAN,
Value: &dlppb.Value{
Type: &dlppb.Value_IntegerValue{
IntegerValue: 89,
},
},
}
expression := &dlppb.RecordCondition_Expressions{
Type: &dlppb.RecordCondition_Expressions_Conditions{
Conditions: &dlppb.RecordCondition_Conditions{
Conditions: []*dlppb.RecordCondition_Condition{
recordCondition,
},
},
},
}
// Specify when the above field should be de-identified.
condition := &dlppb.RecordCondition{
// Apply the condition to records
Expressions: expression,
}
// Associate the de-identification and conditions with the specified field.
fieldTransformation := &dlppb.FieldTransformation{
Fields: []*dlppb.FieldId{
fieldId,
},
Transformation: &dlppb.FieldTransformation_PrimitiveTransformation{
PrimitiveTransformation: &dlppb.PrimitiveTransformation{
Transformation: primitiveTransformation,
},
},
Condition: condition,
}
recordTransformations := &dlppb.RecordTransformations{
FieldTransformations: []*dlppb.FieldTransformation{
fieldTransformation,
},
}
// Combine configurations into a request for the service.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
},
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}
Java
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.CharacterMaskConfig;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
public class DeIdentifyTableConditionMasking {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
Table tableToDeIdentify =
Table.newBuilder()
.addHeaders(FieldId.newBuilder().setName("AGE").build())
.addHeaders(FieldId.newBuilder().setName("PATIENT").build())
.addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("101").build())
.addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
.addValues(Value.newBuilder().setStringValue("95").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("22").build())
.addValues(Value.newBuilder().setStringValue("Jane Austen").build())
.addValues(Value.newBuilder().setStringValue("21").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("55").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain").build())
.addValues(Value.newBuilder().setStringValue("75").build())
.build())
.build();
deIdentifyTableConditionMasking(projectId, tableToDeIdentify);
}
public static Table deIdentifyTableConditionMasking(String projectId, Table tableToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to de-identify.
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify how the content should be de-identified.
CharacterMaskConfig characterMaskConfig =
CharacterMaskConfig.newBuilder().setMaskingCharacter("*").build();
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder().setCharacterMaskConfig(characterMaskConfig).build();
// Specify field to be de-identified.
FieldId fieldId = FieldId.newBuilder().setName("HAPPINESS SCORE").build();
// Specify when the above field should be de-identified.
Condition condition =
Condition.newBuilder()
.setField(FieldId.newBuilder().setName("AGE").build())
.setOperator(RelationalOperator.GREATER_THAN)
.setValue(Value.newBuilder().setIntegerValue(89).build())
.build();
// Apply the condition to records
RecordCondition recordCondition =
RecordCondition.newBuilder()
.setExpressions(
Expressions.newBuilder()
.setConditions(Conditions.newBuilder().addConditions(condition).build())
.build())
.build();
// Associate the de-identification and conditions with the specified field.
FieldTransformation fieldTransformation =
FieldTransformation.newBuilder()
.setPrimitiveTransformation(primitiveTransformation)
.addFields(fieldId)
.setCondition(recordCondition)
.build();
RecordTransformations transformations =
RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
return response.getItem().getTable();
}
}
}Node.js
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize google DLP Client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// Construct the tabular data
const tablularData = {
headers: [{name: 'AGE'}, {name: 'PATIENT'}, {name: 'HAPPINESS SCORE'}],
rows: [
{
values: [
{integerValue: 101},
{stringValue: 'Charles Dickens'},
{integerValue: 95},
],
},
{
values: [
{integerValue: 22},
{stringValue: 'Jane Austen'},
{integerValue: 21},
],
},
{
values: [
{integerValue: 55},
{stringValue: 'Mark Twain'},
{integerValue: 75},
],
},
],
};
async function deIdentifyTableConditionalCharMasking() {
// Column that needs to be transformed
const fieldIds = [{name: 'HAPPINESS SCORE'}];
// Construct PrimitiveTransformation configuration
const primitiveTransformation = {
characterMaskConfig: {
maskingCharacter: '*',
},
};
// Construct condition
const condition = {
expressions: {
conditions: {
conditions: [
{
field: {name: 'AGE'},
operator: 'GREATER_THAN',
value: {integerValue: 89},
},
],
},
},
};
// Construct RecordTransformations configurations
const recordTransformations = {
fieldTransformations: [
{
primitiveTransformation,
fields: fieldIds,
condition,
},
],
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: {
table: tablularData,
},
deidentifyConfig: {
recordTransformations,
},
};
// Send the request and receive response from the service
const [response] = await dlp.deidentifyContent(request);
// Print the results
console.log(
`Table after de-identification: ${JSON.stringify(response.item.table)}`
);
}
deIdentifyTableConditionalCharMasking();PHP
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
use Google\Cloud\Dlp\V2\CharacterMaskConfig;
use Google\Cloud\Dlp\V2\DlpServiceClient;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\Value;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\FieldTransformation;
use Google\Cloud\Dlp\V2\RecordCondition;
use Google\Cloud\Dlp\V2\RecordCondition\Condition;
use Google\Cloud\Dlp\V2\RecordCondition\Conditions;
use Google\Cloud\Dlp\V2\RecordCondition\Expressions;
use Google\Cloud\Dlp\V2\RecordTransformations;
use Google\Cloud\Dlp\V2\RelationalOperator;
/**
* De-identify table data using masking and conditional logic.
* Transform a column based on the value of another column.
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $inputCsvFile The input file(csv) path to deidentify
* @param string $outputCsvFile The oupt file path to save deidentify content
*/
function deidentify_table_condition_masking(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $inputCsvFile = './test/data/table2.csv',
string $outputCsvFile = './test/data/deidentify_table_condition_masking_output.csv'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$parent = "projects/$callingProjectId/locations/global";
// Read a CSV file
$csvLines = file($inputCsvFile, FILE_IGNORE_NEW_LINES);
$csvHeaders = explode(',', $csvLines[0]);
$csvRows = array_slice($csvLines, 1);
// Convert CSV file into protobuf objects
$tableHeaders = array_map(function ($csvHeader) {
return (new FieldId)
->setName($csvHeader);
}, $csvHeaders);
$tableRows = array_map(function ($csvRow) {
$rowValues = array_map(function ($csvValue) {
return (new Value())
->setStringValue($csvValue);
}, explode(',', $csvRow));
return (new Row())
->setValues($rowValues);
}, $csvRows);
// Construct the table object
$tableToDeIdentify = (new Table())
->setHeaders($tableHeaders)
->setRows($tableRows);
// Specify what content you want the service to de-identify.
$content = (new ContentItem())
->setTable($tableToDeIdentify);
// Specify how the content should be de-identified.
$characterMaskConfig = (new CharacterMaskConfig())
->setMaskingCharacter('*');
$primitiveTransformation = (new PrimitiveTransformation())
->setCharacterMaskConfig($characterMaskConfig);
// Specify field to be de-identified.
$fieldId = (new FieldId())
->setName('HAPPINESS_SCORE');
// Specify when the above fields should be de-identified.
$condition = (new Condition())
->setField((new FieldId())
->setName('AGE'))
->setOperator(RelationalOperator::GREATER_THAN)
->setValue((new Value())
->setIntegerValue(89));
// Apply the condition to records
$recordCondition = (new RecordCondition())
->setExpressions((new Expressions())
->setConditions((new Conditions())
->setConditions([$condition])
)
);
// Associate the de-identification and conditions with the specified fields.
$fieldTransformation = (new FieldTransformation())
->setPrimitiveTransformation($primitiveTransformation)
->setFields([$fieldId])
->setCondition($recordCondition);
$recordtransformations = (new RecordTransformations())
->setFieldTransformations([$fieldTransformation]);
$deidentifyConfig = (new DeidentifyConfig())
->setRecordTransformations($recordtransformations);
// Run request
$response = $dlp->deidentifyContent([
'parent' => $parent,
'deidentifyConfig' => $deidentifyConfig,
'item' => $content
]);
// Print results
$csvRef = fopen($outputCsvFile, 'w');
fputcsv($csvRef, $csvHeaders);
foreach ($response->getItem()->getTable()->getRows() as $tableRow) {
$values = array_map(function ($tableValue) {
return $tableValue->getStringValue();
}, iterator_to_array($tableRow->getValues()));
fputcsv($csvRef, $values);
};
printf('After de-identify the table data (Output File Location): %s', $outputCsvFile);
}Python
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
from typing import Dict, List, Union # noqa: F811, E402, I100
import google.cloud.dlp # noqa: F811, E402
from google.cloud.dlp_v2 import types # noqa: F811, E402
def deidentify_table_condition_masking(
project: str,
table_data: Dict[str, Union[List[str], List[List[str]]]],
deid_content_list: List[str],
condition_field: str = None,
condition_operator: str = None,
condition_value: int = None,
masking_character: str = None,
) -> types.dlp.Table:
""" Uses the Data Loss Prevention API to de-identify sensitive data in a
table by masking them based on a condition.
Args:
project: The Google Cloud project id to use as a parent resource.
table_data: Json string representing table data.
deid_content_list: A list of fields in table to de-identify.
condition_field: A table Field within the record this condition is evaluated against.
condition_operator: Operator used to compare the field or infoType to the value. One of:
RELATIONAL_OPERATOR_UNSPECIFIED, EQUAL_TO, NOT_EQUAL_TO, GREATER_THAN, LESS_THAN, GREATER_THAN_OR_EQUALS,
LESS_THAN_OR_EQUALS, EXISTS.
condition_value: Value to compare against. [Mandatory, except for ``EXISTS`` tests.].
masking_character: The character to mask matching sensitive data with.
Returns:
De-identified table is returned;
the response from the API is also printed to the terminal.
Example:
>> $ python deid.py deid_table_condition_mask \
'{"header": ["email", "phone number", "age", "happiness_score"],
"rows": [["robertfrost@example.com", "4232342345", "35", "21"],
["johndoe@example.com", "4253458383", "64", "34"]]}' \
["happiness_score"] "age" "GREATER_THAN" 50
>> '{"header": ["email", "phone number", "age", "happiness_score"],
"rows": [["robertfrost@example.com", "4232342345", "35", "21"],
["johndoe@example.com", "4253458383", "64", "**"]]}'
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct the `table`. For more details on the table schema, please see
# https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
headers = [{"name": val} for val in table_data["header"]]
rows = []
for row in table_data["rows"]:
rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
table = {"headers": headers, "rows": rows}
# Construct the `item`
item = {"table": table}
# Specify fields to be de-identified
deid_content_list = [{"name": _i} for _i in deid_content_list]
# Construct condition list
condition = [
{
"field": {"name": condition_field},
"operator": condition_operator,
"value": {"integer_value": condition_value},
}
]
# Construct deidentify configuration dictionary
deidentify_config = {
"record_transformations": {
"field_transformations": [
{
"primitive_transformation": {
"character_mask_config": {
"masking_character": masking_character
}
},
"fields": deid_content_list,
"condition": {
"expressions": {"conditions": {"conditions": condition}}
},
}
]
}
}
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Call the API.
response = dlp.deidentify_content(
request={"parent": parent, "deidentify_config": deidentify_config, "item": item}
)
# Print the result
print(f"Table after de-identification: {response.item.table}")
# Return the response
return response.item.table
"deidentifyConfig":{
"recordTransformations":{
"fieldTransformations":[
{
"fields":[
{
"name":"HAPPINESS SCORE"
}
],
"primitiveTransformation":{
"characterMaskConfig":{
"maskingCharacter":"*"
}
},
"condition":{
"expressions":{
"conditions":{
"conditions":[
{
"field":{
"name":"AGE"
},
"operator":"GREATER_THAN",
"value":{
"integerValue":"89"
}
}
]
}
}
}
}
]
}
}
열에서 확인된 발견 항목 변환
셀 콘텐츠의 일부 또는 전체를 구성하는 발견 항목을 변환할 수 있습니다. 이 예시에서는 PERSON_NAME의 모든 인스턴스가 익명처리됩니다.
| 입력 | 변환된 테이블 | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
C#
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
using System;
using System.Collections.Generic;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyTableWithInfoTypes
{
public static Table DeidentifyTable(
string projectId,
Table tableToInspect = null,
IEnumerable<InfoType> infoTypes = null)
{
// Instantiate a client.
var dlp = DlpServiceClient.Create();
// Construct the table if null.
if (tableToInspect == null)
{
var row1 = new Value[]
{
new Value { StringValue = "101" },
new Value { StringValue = "Charles Dickens" },
new Value { StringValue = "95" },
new Value { StringValue = "Charles Dickens name was a curse invented by Shakespeare." }
};
var row2 = new Value[]
{
new Value { StringValue = "22" },
new Value { StringValue = "Jane Austin" },
new Value { StringValue = "21" },
new Value { StringValue = "There are 14 kisses in Jane Austen's novels." }
};
var row3 = new Value[]
{
new Value { StringValue = "55" },
new Value { StringValue = "Mark Twain" },
new Value { StringValue = "75" },
new Value { StringValue = "Mark Twain loved cats." }
};
tableToInspect = new Table
{
Headers =
{
new FieldId { Name = "AGE" },
new FieldId { Name = "PATIENT" },
new FieldId { Name = "HAPPINESS SCORE" },
new FieldId { Name = "FACTOID" }
},
Rows =
{
new Table.Types.Row { Values = { row1 } },
new Table.Types.Row { Values = { row2 } },
new Table.Types.Row { Values = { row3 } }
}
};
}
// Construct the table content item.
var contentItem = new ContentItem { Table = tableToInspect };
// Construct Replace With InfoTypes config to replace the match.
var replaceInfoTypesConfig = new ReplaceWithInfoTypeConfig();
// Construct Fields to be de-identified.
var fieldIds = new FieldId[] { new FieldId { Name = "PATIENT" }, new FieldId { Name = "FACTOID" } };
// Construct InfoType Transformation.
var infoTypeTransformations = new InfoTypeTransformations
{
Transformations =
{
new InfoTypeTransformations.Types.InfoTypeTransformation
{
PrimitiveTransformation = new PrimitiveTransformation
{
ReplaceWithInfoTypeConfig = replaceInfoTypesConfig
},
InfoTypes = { infoTypes ?? new InfoType[] { new InfoType { Name = "PERSON_NAME" } } }
}
}
};
// Construct the de-identify config using replace config.
var deidentifyConfig = new DeidentifyConfig
{
RecordTransformations = new RecordTransformations
{
FieldTransformations =
{
new FieldTransformation
{
InfoTypeTransformations = infoTypeTransformations,
Fields = { fieldIds }
}
}
}
};
// Construct the request.
var request = new DeidentifyContentRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
DeidentifyConfig = deidentifyConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the response.
Console.WriteLine(response.Item.Table);
return response.Item.Table;
}
}
Go
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyTableInfotypes de-identifies table data with info types
func deidentifyTableInfotypes(w io.Writer, projectID string) error {
// projectId := "your-project-id"
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "22"}},
{Type: &dlppb.Value_StringValue{StringValue: "Jane Austen"}},
{Type: &dlppb.Value_StringValue{StringValue: "21"}},
{Type: &dlppb.Value_StringValue{StringValue: "There are 14 kisses in Jane Austen's novels."}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "55"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain"}},
{Type: &dlppb.Value_StringValue{StringValue: "75"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain loved cats."}},
},
}
row3 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "101"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens"}},
{Type: &dlppb.Value_StringValue{StringValue: "95"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens name was a curse invented by Shakespeare."}},
},
}
table := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "AGE"},
{Name: "PATIENT"},
{Name: "HAPPINESS SCORE"},
{Name: "FACTOID"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
{Values: row3.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewRESTClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: table,
},
}
// Specify how the content should be de-identified.
// Select type of info to be replaced.
infoTypes := []*dlppb.InfoType{
{Name: "PERSON_NAME"},
}
// Specify that findings should be replaced with corresponding info type name.
replaceWithInfoTypeConfig := &dlppb.ReplaceWithInfoTypeConfig{}
primitiveTransformation := &dlppb.PrimitiveTransformation{
Transformation: &dlppb.PrimitiveTransformation_ReplaceWithInfoTypeConfig{
ReplaceWithInfoTypeConfig: replaceWithInfoTypeConfig,
},
}
// Associate info type with the replacement strategy
infoTypeTransformations := &dlppb.InfoTypeTransformations{
Transformations: []*dlppb.InfoTypeTransformations_InfoTypeTransformation{
{
InfoTypes: infoTypes,
PrimitiveTransformation: primitiveTransformation,
},
},
}
// Specify fields to be de-identified.
fields := []*dlppb.FieldId{
{Name: "PATIENT"},
{Name: "FACTOID"},
}
// Associate the de-identification and conditions with the specified field.
fieldTransformation := &dlppb.FieldTransformation{
Fields: fields,
Transformation: &dlppb.FieldTransformation_InfoTypeTransformations{
InfoTypeTransformations: infoTypeTransformations,
},
}
recordTransformations := &dlppb.RecordTransformations{
FieldTransformations: []*dlppb.FieldTransformation{
fieldTransformation,
},
}
// Construct the de-identification request to be sent by the client.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
},
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}
Java
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InfoTypeTransformations;
import com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.ReplaceWithInfoTypeConfig;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
public class DeIdentifyTableInfoTypes {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
Table tableToDeIdentify =
Table.newBuilder()
.addHeaders(FieldId.newBuilder().setName("AGE").build())
.addHeaders(FieldId.newBuilder().setName("PATIENT").build())
.addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
.addHeaders(FieldId.newBuilder().setName("FACTOID").build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("101").build())
.addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
.addValues(Value.newBuilder().setStringValue("95").build())
.addValues(
Value.newBuilder()
.setStringValue(
"Charles Dickens name was a curse invented by Shakespeare.")
.build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("22").build())
.addValues(Value.newBuilder().setStringValue("Jane Austen").build())
.addValues(Value.newBuilder().setStringValue("21").build())
.addValues(
Value.newBuilder()
.setStringValue("There are 14 kisses in Jane Austen's novels.")
.build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("55").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain").build())
.addValues(Value.newBuilder().setStringValue("75").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain loved cats.").build())
.build())
.build();
deIdentifyTableInfoTypes(projectId, tableToDeIdentify);
}
public static Table deIdentifyTableInfoTypes(String projectId, Table tableToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to de-identify.
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify how the content should be de-identified.
// Select type of info to be replaced.
InfoType infoType = InfoType.newBuilder().setName("PERSON_NAME").build();
// Specify that findings should be replaced with corresponding info type name.
ReplaceWithInfoTypeConfig replaceWithInfoTypeConfig =
ReplaceWithInfoTypeConfig.getDefaultInstance();
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder()
.setReplaceWithInfoTypeConfig(replaceWithInfoTypeConfig)
.build();
// Associate info type with the replacement strategy
InfoTypeTransformation infoTypeTransformation =
InfoTypeTransformation.newBuilder()
.addInfoTypes(infoType)
.setPrimitiveTransformation(primitiveTransformation)
.build();
InfoTypeTransformations infoTypeTransformations =
InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformation).build();
// Specify fields to be de-identified.
List<FieldId> fieldIds =
Stream.of("PATIENT", "FACTOID")
.map(id -> FieldId.newBuilder().setName(id).build())
.collect(Collectors.toList());
// Associate the de-identification and conditions with the specified field.
FieldTransformation fieldTransformation =
FieldTransformation.newBuilder()
.setInfoTypeTransformations(infoTypeTransformations)
.addAllFields(fieldIds)
.build();
RecordTransformations transformations =
RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
return response.getItem().getTable();
}
}
}Node.js
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize google DLP Client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// Construct the tabular data
const tablularData = {
headers: [
{name: 'AGE'},
{name: 'PATIENT'},
{name: 'HAPPINESS SCORE'},
{name: 'FACTOID'},
],
rows: [
{
values: [
{integerValue: 101},
{stringValue: 'Charles Dickens'},
{integerValue: 95},
{
stringValue:
'Charles Dickens name was a curse invented by Shakespeare.',
},
],
},
{
values: [
{integerValue: 22},
{stringValue: 'Jane Austen'},
{integerValue: 21},
{stringValue: "There are 14 kisses in Jane Austen's novels."},
],
},
{
values: [
{integerValue: 55},
{stringValue: 'Mark Twain'},
{integerValue: 75},
{stringValue: 'Mark Twain loved cats.'},
],
},
],
};
async function deIdentifyTableWithInfoType() {
// Column that needs to be transformed
const fieldIds = [{name: 'PATIENT'}, {name: 'FACTOID'}];
// Construct InfoTypeTransformations configurations
const infoTypeTransformations = {
transformations: [
{
infoTypes: [{name: 'PERSON_NAME'}],
primitiveTransformation: {
replaceWithInfoTypeConfig: {},
},
},
],
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: {
table: tablularData,
},
deidentifyConfig: {
recordTransformations: {
fieldTransformations: [
{
infoTypeTransformations,
fields: fieldIds,
},
],
},
},
};
// Send the request and receive response from the service
const [response] = await dlp.deidentifyContent(request);
// Print the results
console.log(
`Table after de-identification: ${JSON.stringify(response.item.table)}`
);
}
deIdentifyTableWithInfoType();PHP
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
use Google\Cloud\Dlp\V2\DlpServiceClient;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\InfoTypeTransformations\InfoTypeTransformation;
use Google\Cloud\Dlp\V2\InfoTypeTransformations;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\Value;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\ReplaceWithInfoTypeConfig;
use Google\Cloud\Dlp\V2\FieldTransformation;
use Google\Cloud\Dlp\V2\RecordTransformations;
/**
* De-identify table data with infoTypes
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $inputCsvFile The input file(csv) path to deidentify
* @param string $outputCsvFile The oupt file path to save deidentify content
*/
function deidentify_table_infotypes(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $inputCsvFile = './test/data/table1.csv',
string $outputCsvFile = './test/data/deidentify_table_infotypes_output.csv'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$parent = "projects/$callingProjectId/locations/global";
// Read a CSV file
$csvLines = file($inputCsvFile, FILE_IGNORE_NEW_LINES);
$csvHeaders = explode(',', $csvLines[0]);
$csvRows = array_slice($csvLines, 1);
// Convert CSV file into protobuf objects
$tableHeaders = array_map(function ($csvHeader) {
return (new FieldId)
->setName($csvHeader);
}, $csvHeaders);
$tableRows = array_map(function ($csvRow) {
$rowValues = array_map(function ($csvValue) {
return (new Value())
->setStringValue($csvValue);
}, explode(',', $csvRow));
return (new Row())
->setValues($rowValues);
}, $csvRows);
// Construct the table object
$tableToDeIdentify = (new Table())
->setHeaders($tableHeaders)
->setRows($tableRows);
// Specify the content to be inspected.
$content = (new ContentItem())
->setTable($tableToDeIdentify);
// Specify the type of info the inspection will look for.
$personNameInfoType = (new InfoType())
->setName('PERSON_NAME');
// Specify that findings should be replaced with corresponding info type name.
$primitiveTransformation = (new PrimitiveTransformation())
->setReplaceWithInfoTypeConfig(new ReplaceWithInfoTypeConfig());
// Associate info type with the replacement strategy
$infoTypeTransformation = (new InfoTypeTransformation())
->setPrimitiveTransformation($primitiveTransformation)
->setInfoTypes([$personNameInfoType]);
$infoTypeTransformations = (new InfoTypeTransformations())
->setTransformations([$infoTypeTransformation]);
// Specify fields to be de-identified.
$fieldIds = [
(new FieldId())->setName('PATIENT'),
(new FieldId())->setName('FACTOID'),
];
// Associate the de-identification and transformation with the specified fields.
$fieldTransformation = (new FieldTransformation())
->setInfoTypeTransformations($infoTypeTransformations)
->setFields($fieldIds);
$recordtransformations = (new RecordTransformations())
->setFieldTransformations([$fieldTransformation]);
$deidentifyConfig = (new DeidentifyConfig())
->setRecordTransformations($recordtransformations);
// Run request
$response = $dlp->deidentifyContent([
'parent' => $parent,
'deidentifyConfig' => $deidentifyConfig,
'item' => $content
]);
// Print the results
$csvRef = fopen($outputCsvFile, 'w');
fputcsv($csvRef, $csvHeaders);
foreach ($response->getItem()->getTable()->getRows() as $tableRow) {
$values = array_map(function ($tableValue) {
return $tableValue->getStringValue();
}, iterator_to_array($tableRow->getValues()));
fputcsv($csvRef, $values);
};
printf('After de-identify the table data (Output File Location): %s', $outputCsvFile);
}Python
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
from typing import Dict, List, Union # noqa: F811, E402, I100
import google.cloud.dlp # noqa: F811, E402
def deidentify_table_replace_with_info_types(
project: str,
table_data: Dict[str, Union[List[str], List[List[str]]]],
info_types: List[str],
deid_content_list: List[str],
) -> None:
""" Uses the Data Loss Prevention API to de-identify sensitive data in a
table by replacing them with info type.
Args:
project: The Google Cloud project id to use as a parent resource.
table_data: Json string representing table data.
info_types: A list of strings representing info types to look for.
A full list of info type categories can be fetched from the API.
deid_content_list: A list of fields in table to de-identify
Returns:
None; the response from the API is printed to the terminal.
Example:
>> $ python deid.py table_replace_with_infotype \
'{
"header": ["name", "email", "phone number"],
"rows": [
["Robert Frost", "robertfrost@example.com", "4232342345"],
["John Doe", "johndoe@example.com", "4253458383"]
]
}' \
["PERSON_NAME"] ["name"]
>> '{
"header": ["name", "email", "phone number"],
"rows": [
["[PERSON_NAME]", "robertfrost@example.com", "4232342345"],
["[PERSON_NAME]", "johndoe@example.com", "4253458383"]
]
}'
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct the `table`. For more details on the table schema, please see
# https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
headers = [{"name": val} for val in table_data["header"]]
rows = []
for row in table_data["rows"]:
rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
table = {"headers": headers, "rows": rows}
# Construct item
item = {"table": table}
# Specify fields to be de-identified
deid_content_list = [{"name": _i} for _i in deid_content_list]
# Construct inspect configuration dictionary
inspect_config = {"info_types": [{"name": info_type} for info_type in info_types]}
# Construct deidentify configuration dictionary
deidentify_config = {
"record_transformations": {
"field_transformations": [
{
"info_type_transformations": {
"transformations": [
{
"primitive_transformation": {
"replace_with_info_type_config": {}
}
}
]
},
"fields": deid_content_list,
}
]
}
}
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Call the API.
response = dlp.deidentify_content(
request={
"parent": parent,
"deidentify_config": deidentify_config,
"item": item,
"inspect_config": inspect_config,
}
)
# Print the result
print(f"Table after de-identification: {response.item.table}")
"deidentifyConfig":{
"recordTransformations":{
"fieldTransformations":[
{
"infoTypeTransformations":{
"transformations":[
{
"infoTypes":[
{
"name":"PERSON_NAME"
}
],
"primitiveTransformation":{
"replaceWithInfoTypeConfig":{
}
}
}
]
},
"fields":[
{
"name":"PATIENT"
},
{
"name":"FACTOID"
}
]
}
]
}
}
열의 콘텐츠에 따라 행 표시 제한
열에 표시되는 콘텐츠를 기반으로 행을 완전히 삭제할 수 있습니다. 이 예시는 환자가 만 89세 이상이므로 '찰스 디킨스'의 레코드를 표시하지 않습니다.
| 입력 | 변환된 테이블 | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
C#
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyTableWithRowSuppress
{
public static Table DeidentifyTable(
string projectId,
Table tableToInspect = null)
{
// Instantiate a client.
var dlp = DlpServiceClient.Create();
// Construct the table if null.
if (tableToInspect == null)
{
var row1 = new Value[]
{
new Value { StringValue = "101" },
new Value { StringValue = "Charles Dickens" },
new Value { StringValue = "95" }
};
var row2 = new Value[]
{
new Value { StringValue = "22" },
new Value { StringValue = "Jane Austin" },
new Value { StringValue = "21" }
};
var row3 = new Value[]
{
new Value { StringValue = "55" },
new Value { StringValue = "Mark Twain" },
new Value { StringValue = "75" }
};
tableToInspect = new Table
{
Headers =
{
new FieldId { Name = "AGE" },
new FieldId { Name = "PATIENT" },
new FieldId { Name = "HAPPINESS SCORE" }
},
Rows =
{
new Table.Types.Row { Values = { row1 } },
new Table.Types.Row { Values = { row2 } },
new Table.Types.Row { Values = { row3 } }
}
};
}
// Construct the byte content item.
var contentItem = new ContentItem { Table = tableToInspect };
// Construct the conditions.
var conditions = new RecordCondition.Types.Conditions
{
Conditions_ =
{
new RecordCondition.Types.Condition
{
Field = new FieldId { Name = "AGE" },
Operator = RelationalOperator.GreaterThan,
Value = new Value { IntegerValue = 89 }
}
}
};
// Construct the deidentify config using the record suppression and conditions.
var deidentifyConfig = new DeidentifyConfig
{
RecordTransformations = new RecordTransformations
{
RecordSuppressions =
{
new RecordSuppression
{
Condition = new RecordCondition
{
Expressions = new RecordCondition.Types.Expressions
{
Conditions = conditions
}
}
}
}
}
};
// Construct the request.
var request = new DeidentifyContentRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
DeidentifyConfig = deidentifyConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the response.
Console.WriteLine(response.Item.Table);
return response.Item.Table;
}
}
Go
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyTableRowSuppress de-identifies table data and
// suppress a row based on the content of column
func deidentifyTableRowSuppress(w io.Writer, projectID string) error {
// projectId := "your-project-id"
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "22"}},
{Type: &dlppb.Value_StringValue{StringValue: "Jane Austen"}},
{Type: &dlppb.Value_StringValue{StringValue: "21"}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "55"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain"}},
{Type: &dlppb.Value_StringValue{StringValue: "75"}},
},
}
row3 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "101"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens"}},
{Type: &dlppb.Value_StringValue{StringValue: "95"}},
},
}
table := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "AGE"},
{Name: "PATIENT"},
{Name: "HAPPINESS SCORE"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
{Values: row3.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: table,
},
}
// Apply the condition to record suppression.
condition := &dlppb.RecordCondition{
Expressions: &dlppb.RecordCondition_Expressions{
Type: &dlppb.RecordCondition_Expressions_Conditions{
Conditions: &dlppb.RecordCondition_Conditions{
Conditions: []*dlppb.RecordCondition_Condition{
{
Field: &dlppb.FieldId{Name: "AGE"},
Operator: dlppb.RelationalOperator_GREATER_THAN,
Value: &dlppb.Value{
Type: &dlppb.Value_IntegerValue{IntegerValue: 89},
},
},
},
},
},
},
}
recordSupression := &dlppb.RecordSuppression{
Condition: condition,
}
// Use record suppression as the only transformation
recordTransformations := &dlppb.RecordTransformations{
RecordSuppressions: []*dlppb.RecordSuppression{
recordSupression,
},
}
// Construct the de-identification request to be sent by the client.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
},
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}
Java
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordSuppression;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
public class DeIdentifyTableRowSuppress {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
Table tableToDeIdentify =
Table.newBuilder()
.addHeaders(FieldId.newBuilder().setName("AGE").build())
.addHeaders(FieldId.newBuilder().setName("PATIENT").build())
.addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("101").build())
.addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
.addValues(Value.newBuilder().setStringValue("95").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("22").build())
.addValues(Value.newBuilder().setStringValue("Jane Austen").build())
.addValues(Value.newBuilder().setStringValue("21").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("55").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain").build())
.addValues(Value.newBuilder().setStringValue("75").build())
.build())
.build();
deIdentifyTableRowSuppress(projectId, tableToDeIdentify);
}
public static Table deIdentifyTableRowSuppress(String projectId, Table tableToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to de-identify.
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify when the content should be de-identified.
Condition condition =
Condition.newBuilder()
.setField(FieldId.newBuilder().setName("AGE").build())
.setOperator(RelationalOperator.GREATER_THAN)
.setValue(Value.newBuilder().setIntegerValue(89).build())
.build();
// Apply the condition to record suppression.
RecordSuppression recordSuppressions =
RecordSuppression.newBuilder()
.setCondition(
RecordCondition.newBuilder()
.setExpressions(
Expressions.newBuilder()
.setConditions(
Conditions.newBuilder().addConditions(condition).build())
.build())
.build())
.build();
// Use record suppression as the only transformation
RecordTransformations transformations =
RecordTransformations.newBuilder().addRecordSuppressions(recordSuppressions).build();
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
return response.getItem().getTable();
}
}
}Node.js
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize google DLP Client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// Construct the tabular data
const tablularData = {
headers: [{name: 'AGE'}, {name: 'PATIENT'}, {name: 'HAPPINESS SCORE'}],
rows: [
{
values: [
{integerValue: 101},
{stringValue: 'Charles Dickens'},
{integerValue: 95},
],
},
{
values: [
{integerValue: 22},
{stringValue: 'Jane Austen'},
{integerValue: 21},
],
},
{
values: [
{integerValue: 55},
{stringValue: 'Mark Twain'},
{integerValue: 75},
],
},
],
};
async function deIdentifyTableRowSuppress() {
// Specify when the content should be de-identified.
const condition = {
expressions: {
conditions: {
conditions: [
{
field: {name: 'AGE'},
operator: 'GREATER_THAN',
value: {integerValue: 89},
},
],
},
},
};
// Apply the condition to record suppression.
const recordTransformations = {
recordSuppressions: [
{
condition,
},
],
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: {
table: tablularData,
},
deidentifyConfig: {
recordTransformations,
},
};
// Send the request and receive response from the service.
const [response] = await dlp.deidentifyContent(request);
// Print the results.
console.log(
`Table after de-identification: ${JSON.stringify(response.item.table)}`
);
}
deIdentifyTableRowSuppress();PHP
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
use Google\Cloud\Dlp\V2\DlpServiceClient;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\Value;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\RecordTransformations;
use Google\Cloud\Dlp\V2\RelationalOperator;
use Google\Cloud\Dlp\V2\RecordCondition;
use Google\Cloud\Dlp\V2\RecordCondition\Condition;
use Google\Cloud\Dlp\V2\RecordCondition\Conditions;
use Google\Cloud\Dlp\V2\RecordCondition\Expressions;
use Google\Cloud\Dlp\V2\RecordSuppression;
/**
* De-identify table data: Suppress a row based on the content of a column
* Suppress a row based on the content of a column. You can remove a row entirely based on the content that appears in any column. This example suppresses the record for "Charles Dickens," as this patient is over 89 years old.
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $inputCsvFile The input file(csv) path to deidentify
* @param string $outputCsvFile The oupt file path to save deidentify content */
function deidentify_table_row_suppress(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $inputCsvFile = './test/data/table2.csv',
string $outputCsvFile = './test/data/deidentify_table_row_suppress_output.csv'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$parent = "projects/$callingProjectId/locations/global";
// Read a CSV file
$csvLines = file($inputCsvFile, FILE_IGNORE_NEW_LINES);
$csvHeaders = explode(',', $csvLines[0]);
$csvRows = array_slice($csvLines, 1);
// Convert CSV file into protobuf objects
$tableHeaders = array_map(function ($csvHeader) {
return (new FieldId)
->setName($csvHeader);
}, $csvHeaders);
$tableRows = array_map(function ($csvRow) {
$rowValues = array_map(function ($csvValue) {
return (new Value())
->setStringValue($csvValue);
}, explode(',', $csvRow));
return (new Row())
->setValues($rowValues);
}, $csvRows);
// Construct the table object
$tableToDeIdentify = (new Table())
->setHeaders($tableHeaders)
->setRows($tableRows);
// Specify what content you want the service to de-identify.
$content = (new ContentItem())
->setTable($tableToDeIdentify);
// Specify when the content should be de-identified.
$condition = (new Condition())
->setField((new FieldId())
->setName('AGE'))
->setOperator(RelationalOperator::GREATER_THAN)
->setValue((new Value())
->setIntegerValue(89));
// Apply the condition to record suppression.
$recordSuppressions = (new RecordSuppression())
->setCondition((new RecordCondition())
->setExpressions((new Expressions())
->setConditions((new Conditions())
->setConditions([$condition])
)
)
);
// Use record suppression as the only transformation
$recordtransformations = (new RecordTransformations())
->setRecordSuppressions([$recordSuppressions]);
// Create the deidentification configuration object
$deidentifyConfig = (new DeidentifyConfig())
->setRecordTransformations($recordtransformations);
// Run request
$response = $dlp->deidentifyContent([
'parent' => $parent,
'deidentifyConfig' => $deidentifyConfig,
'item' => $content
]);
// Print the results
$csvRef = fopen($outputCsvFile, 'w');
fputcsv($csvRef, $csvHeaders);
foreach ($response->getItem()->getTable()->getRows() as $tableRow) {
$values = array_map(function ($tableValue) {
return $tableValue->getStringValue();
}, iterator_to_array($tableRow->getValues()));
fputcsv($csvRef, $values);
};
printf($outputCsvFile);
}Python
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
from typing import Dict, List, Union # noqa: F811, E402, I100
import google.cloud.dlp # noqa: F811, E402
def deidentify_table_suppress_row(
project: str,
table_data: Dict[str, Union[List[str], List[List[str]]]],
condition_field: str,
condition_operator: str,
condition_value: int,
) -> None:
""" Uses the Data Loss Prevention API to de-identify sensitive data in a
table by suppressing entire row/s based on a condition.
Args:
project: The Google Cloud project id to use as a parent resource.
table_data: Dictionary representing table data.
condition_field: A table field within the record this condition is evaluated against.
condition_operator: Operator used to compare the field or infoType to the value. One of:
RELATIONAL_OPERATOR_UNSPECIFIED, EQUAL_TO, NOT_EQUAL_TO, GREATER_THAN, LESS_THAN, GREATER_THAN_OR_EQUALS,
LESS_THAN_OR_EQUALS, EXISTS.
condition_value: Value to compare against. [Mandatory, except for ``EXISTS`` tests.].
Example:
>> $ python deid.py deid_table_row_suppress \
'{"header": ["email", "phone number", "age"],
"rows": [["robertfrost@example.com", "4232342345", "35"],
["johndoe@example.com", "4253458383", "64"]]}' \
"age" "GREATER_THAN" 50
>> '{"header": ["email", "phone number", "age"],
"rows": [["robertfrost@example.com", "4232342345", "35", "21"]]}'
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct the `table`. For more details on the table schema, please see
# https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
headers = [{"name": val} for val in table_data["header"]]
rows = []
for row in table_data["rows"]:
rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
table = {"headers": headers, "rows": rows}
# Construct the `item` containing the table data.
item = {"table": table}
# Construct condition list.
condition = [
{
"field": {"name": condition_field},
"operator": condition_operator,
"value": {"integer_value": condition_value},
}
]
# Construct deidentify configuration dictionary
deidentify_config = {
"record_transformations": {
"record_suppressions": [
{
"condition": {
"expressions": {"conditions": {"conditions": condition}}
}
}
]
}
}
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Call the API.
response = dlp.deidentify_content(
request={"parent": parent, "deidentify_config": deidentify_config, "item": item}
)
# Print the result.
print("Table after de-identification: {}".format(response.item.table))
"deidentifyConfig":{
"recordTransformations":{
"recordSuppressions":[
{
"condition":{
"expressions":{
"conditions":{
"conditions":[
{
"field":{
"name":"AGE"
},
"operator":"GREATER_THAN",
"value":{
"integerValue":"89"
}
}
]
}
}
}
}
]
}
}
다른 필드에서 특정 조건이 충족될 떄만 발견 항목을 변환합니다.
이 예시에서 PERSON_NAME 발견 항목은 '연령' 열에 환자의 연령이 만 89세 이상이라고 표시되는 경우에만 수정됩니다.
| 입력 | 변환된 테이블 | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
C#
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
using System;
using System.Collections.Generic;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyTableUsingLogicInfoTypes
{
public static Table Deidentify(
string projectId,
Table tableToInspect = null,
IEnumerable<InfoType> infoTypes = null)
{
// Instantiate the dlp client.
var dlp = DlpServiceClient.Create();
// Construct the table if null.
if (tableToInspect == null)
{
var row1 = new Value[]
{
new Value { StringValue = "101" },
new Value { StringValue = "Charles Dickens" },
new Value { StringValue = "95" },
new Value { StringValue = "Charles Dickens name was a curse invented by Shakespeare." }
};
var row2 = new Value[]
{
new Value { StringValue = "22" },
new Value { StringValue = "Jane Austin" },
new Value { StringValue = "21" },
new Value { StringValue = "There are 14 kisses in Jane Austen's novels." }
};
var row3 = new Value[]
{
new Value { StringValue = "55" },
new Value { StringValue = "Mark Twain" },
new Value { StringValue = "75" },
new Value { StringValue = "Mark Twain loved cats." }
};
tableToInspect = new Table
{
Headers =
{
new FieldId { Name = "AGE" },
new FieldId { Name = "PATIENT" },
new FieldId { Name = "HAPPINESS SCORE" },
new FieldId { Name = "FACTOID" }
},
Rows =
{
new Table.Types.Row { Values = { row1 } },
new Table.Types.Row { Values = { row2 } },
new Table.Types.Row { Values = { row3 } }
}
};
}
// Construct the table content item.
var contentItem = new ContentItem { Table = tableToInspect };
// Specify that findings should be replaced with corresponding info type name.
var infoTypeTransformation = new InfoTypeTransformations
{
Transformations =
{
new InfoTypeTransformations.Types.InfoTypeTransformation
{
InfoTypes = { infoTypes ?? new InfoType[] { new InfoType { Name = "PERSON_NAME" } } },
PrimitiveTransformation = new PrimitiveTransformation
{
ReplaceWithInfoTypeConfig = new ReplaceWithInfoTypeConfig()
}
}
}
};
// Specify the fields to be de-identified.
var fields = new FieldId[] { new FieldId { Name = "PATIENT" }, new FieldId { Name = "FACTOID" } };
// Specify when the above fields should be de-identified using condition.
var condition = new RecordCondition.Types.Conditions
{
Conditions_ =
{
new RecordCondition.Types.Condition
{
Field = new FieldId { Name = "AGE" },
Operator = RelationalOperator.GreaterThan,
Value = new Value { IntegerValue = 89 }
}
}
};
// Apply the condition to records.
var recordCondition = new RecordCondition
{
Expressions = new RecordCondition.Types.Expressions
{
Conditions = condition
}
};
// Associate the de-identification and conditions with the specified fields.
var deidentifiedConfig = new DeidentifyConfig
{
RecordTransformations = new RecordTransformations
{
FieldTransformations =
{
new FieldTransformation
{
InfoTypeTransformations = infoTypeTransformation,
Fields = { fields },
Condition = recordCondition
}
}
}
};
// Construct the request.
var request = new DeidentifyContentRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
DeidentifyConfig = deidentifiedConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the response.
Console.WriteLine(response.Item.Table);
return response.Item.Table;
}
}Go
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyTableConditionInfoTypes de-identifies table data
// using conditional logic and replace with infoTypes
func deidentifyTableConditionInfoTypes(w io.Writer, projectID string, columnNames []string) error {
// projectId := "your-project-id"
// columnNames := []string{"PATIENT", "FACTOID"}
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "22"}},
{Type: &dlppb.Value_StringValue{StringValue: "Jane Austen"}},
{Type: &dlppb.Value_StringValue{StringValue: "21"}},
{Type: &dlppb.Value_StringValue{StringValue: "There are 14 kisses in Jane Austen's novels."}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "55"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain"}},
{Type: &dlppb.Value_StringValue{StringValue: "75"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain loved cats."}},
},
}
row3 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "101"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens"}},
{Type: &dlppb.Value_StringValue{StringValue: "95"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens name was a curse invented by Shakespeare."}},
},
}
table := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "AGE"},
{Name: "PATIENT"},
{Name: "HAPPINESS SCORE"},
{Name: "FACTOID"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
{Values: row3.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: table,
},
}
// Specify how the content should be de-identified.
// Select type of info to be replaced.
infoTypes := []*dlppb.InfoType{
{Name: "PERSON_NAME"},
}
// Specify that findings should be replaced with corresponding info type name.
primitiveTransformation := &dlppb.PrimitiveTransformation{
Transformation: &dlppb.PrimitiveTransformation_ReplaceWithInfoTypeConfig{},
}
// Associate info type with the replacement strategy
infoTypeTransformation := &dlppb.InfoTypeTransformations_InfoTypeTransformation{
InfoTypes: infoTypes,
PrimitiveTransformation: primitiveTransformation,
}
infoTypeTransformations := &dlppb.InfoTypeTransformations{
Transformations: []*dlppb.InfoTypeTransformations_InfoTypeTransformation{
infoTypeTransformation,
},
}
// Specify fields to be de-identified.
var f []*dlppb.FieldId
for _, c := range columnNames {
f = append(f, &dlppb.FieldId{Name: c})
}
// Specify when the above fields should be de-identified.
condition := &dlppb.RecordCondition{
Expressions: &dlppb.RecordCondition_Expressions{
Type: &dlppb.RecordCondition_Expressions_Conditions{
Conditions: &dlppb.RecordCondition_Conditions{
Conditions: []*dlppb.RecordCondition_Condition{
{
Field: &dlppb.FieldId{
Name: "AGE",
},
Operator: dlppb.RelationalOperator_GREATER_THAN,
Value: &dlppb.Value{
Type: &dlppb.Value_IntegerValue{
IntegerValue: 89,
},
},
},
},
},
},
},
}
// Associate the de-identification and conditions with the specified fields.
fieldTransformation := &dlppb.FieldTransformation{
Fields: f,
Condition: condition,
Transformation: &dlppb.FieldTransformation_InfoTypeTransformations{
InfoTypeTransformations: infoTypeTransformations,
},
}
recordTransformations := &dlppb.RecordTransformations{
FieldTransformations: []*dlppb.FieldTransformation{
fieldTransformation,
},
}
// Construct the de-identification request to be sent by the client.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
},
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}
Java
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InfoTypeTransformations;
import com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.ReplaceWithInfoTypeConfig;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
public class DeIdentifyTableConditionInfoTypes {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
Table tableToDeIdentify =
Table.newBuilder()
.addHeaders(FieldId.newBuilder().setName("AGE").build())
.addHeaders(FieldId.newBuilder().setName("PATIENT").build())
.addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
.addHeaders(FieldId.newBuilder().setName("FACTOID").build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("101").build())
.addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
.addValues(Value.newBuilder().setStringValue("95").build())
.addValues(
Value.newBuilder()
.setStringValue(
"Charles Dickens name was a curse invented by Shakespeare.")
.build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("22").build())
.addValues(Value.newBuilder().setStringValue("Jane Austen").build())
.addValues(Value.newBuilder().setStringValue("21").build())
.addValues(
Value.newBuilder()
.setStringValue("There are 14 kisses in Jane Austen's novels.")
.build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("55").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain").build())
.addValues(Value.newBuilder().setStringValue("75").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain loved cats.").build())
.build())
.build();
deIdentifyTableConditionInfoTypes(projectId, tableToDeIdentify);
}
public static Table deIdentifyTableConditionInfoTypes(String projectId, Table tableToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to de-identify.
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify how the content should be de-identified.
// Select type of info to be replaced.
InfoType infoType = InfoType.newBuilder().setName("PERSON_NAME").build();
// Specify that findings should be replaced with corresponding info type name.
ReplaceWithInfoTypeConfig replaceWithInfoTypeConfig =
ReplaceWithInfoTypeConfig.getDefaultInstance();
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder()
.setReplaceWithInfoTypeConfig(replaceWithInfoTypeConfig)
.build();
// Associate info type with the replacement strategy
InfoTypeTransformation infoTypeTransformation =
InfoTypeTransformation.newBuilder()
.addInfoTypes(infoType)
.setPrimitiveTransformation(primitiveTransformation)
.build();
InfoTypeTransformations infoTypeTransformations =
InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformation).build();
// Specify fields to be de-identified.
List<FieldId> fieldIds =
Stream.of("PATIENT", "FACTOID")
.map(id -> FieldId.newBuilder().setName(id).build())
.collect(Collectors.toList());
// Specify when the above fields should be de-identified.
Condition condition =
Condition.newBuilder()
.setField(FieldId.newBuilder().setName("AGE").build())
.setOperator(RelationalOperator.GREATER_THAN)
.setValue(Value.newBuilder().setIntegerValue(89).build())
.build();
// Apply the condition to records
RecordCondition recordCondition =
RecordCondition.newBuilder()
.setExpressions(
Expressions.newBuilder()
.setConditions(Conditions.newBuilder().addConditions(condition).build())
.build())
.build();
// Associate the de-identification and conditions with the specified fields.
FieldTransformation fieldTransformation =
FieldTransformation.newBuilder()
.setInfoTypeTransformations(infoTypeTransformations)
.addAllFields(fieldIds)
.setCondition(recordCondition)
.build();
RecordTransformations transformations =
RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
return response.getItem().getTable();
}
}
}Node.js
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize google DLP Client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// Construct the tabular data
const tablularData = {
headers: [
{name: 'AGE'},
{name: 'PATIENT'},
{name: 'HAPPINESS SCORE'},
{name: 'FACTOID'},
],
rows: [
{
values: [
{integerValue: 101},
{stringValue: 'Charles Dickens'},
{integerValue: 95},
{
stringValue:
'Charles Dickens name was a curse invented by Shakespeare.',
},
],
},
{
values: [
{integerValue: 22},
{stringValue: 'Jane Austen'},
{integerValue: 21},
{stringValue: "There are 14 kisses in Jane Austen's novels."},
],
},
{
values: [
{integerValue: 55},
{stringValue: 'Mark Twain'},
{integerValue: 75},
{stringValue: 'Mark Twain loved cats.'},
],
},
],
};
async function deIdentifyTableConditionalInfoType() {
// Specify fields to be de-identified.
const fieldIds = [{name: 'PATIENT'}, {name: 'FACTOID'}];
// Associate info type with the replacement strategy
const infoTypeTransformations = {
transformations: [
{
infoTypes: [{name: 'PERSON_NAME'}],
primitiveTransformation: {
replaceWithInfoTypeConfig: {},
},
},
],
};
// Specify when the above fields should be de-identified.
const condition = {
expressions: {
conditions: {
conditions: [
{
field: {name: 'AGE'},
operator: 'GREATER_THAN',
value: {integerValue: 89},
},
],
},
},
};
// Apply the condition to records.
const recordTransformations = {
fieldTransformations: [
{
infoTypeTransformations,
fields: fieldIds,
condition: condition,
},
],
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: {
table: tablularData,
},
deidentifyConfig: {
recordTransformations,
},
};
// Send the request and receive response from the service.
const [response] = await dlp.deidentifyContent(request);
// Print the results.
console.log(
`Table after de-identification: ${JSON.stringify(response.item.table)}`
);
}
deIdentifyTableConditionalInfoType();PHP
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
use Google\Cloud\Dlp\V2\DlpServiceClient;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\InfoTypeTransformations\InfoTypeTransformation;
use Google\Cloud\Dlp\V2\InfoTypeTransformations;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\Value;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\ReplaceWithInfoTypeConfig;
use Google\Cloud\Dlp\V2\FieldTransformation;
use Google\Cloud\Dlp\V2\RecordCondition;
use Google\Cloud\Dlp\V2\RecordCondition\Condition;
use Google\Cloud\Dlp\V2\RecordCondition\Conditions;
use Google\Cloud\Dlp\V2\RecordCondition\Expressions;
use Google\Cloud\Dlp\V2\RecordTransformations;
use Google\Cloud\Dlp\V2\RelationalOperator;
/**
* De-identify table data using conditional logic and replace with infoTypes.
* Transform findings only when specific conditions are met on another field.
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $inputCsvFile The input file(csv) path to deidentify
* @param string $outputCsvFile The oupt file path to save deidentify content
*/
function deidentify_table_condition_infotypes(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $inputCsvFile = './test/data/table1.csv',
string $outputCsvFile = './test/data/deidentify_table_condition_infotypes_output.csv'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$parent = "projects/$callingProjectId/locations/global";
// Read a CSV file
$csvLines = file($inputCsvFile, FILE_IGNORE_NEW_LINES);
$csvHeaders = explode(',', $csvLines[0]);
$csvRows = array_slice($csvLines, 1);
// Convert CSV file into protobuf objects
$tableHeaders = array_map(function ($csvHeader) {
return (new FieldId)
->setName($csvHeader);
}, $csvHeaders);
$tableRows = array_map(function ($csvRow) {
$rowValues = array_map(function ($csvValue) {
return (new Value())
->setStringValue($csvValue);
}, explode(',', $csvRow));
return (new Row())
->setValues($rowValues);
}, $csvRows);
// Construct the table object
$tableToDeIdentify = (new Table())
->setHeaders($tableHeaders)
->setRows($tableRows);
// Specify what content you want the service to de-identify.
$content = (new ContentItem())
->setTable($tableToDeIdentify);
// Specify the type of info the inspection will look for.
$personNameInfoType = (new InfoType())
->setName('PERSON_NAME');
// Specify that findings should be replaced with corresponding info type name.
$primitiveTransformation = (new PrimitiveTransformation())
->setReplaceWithInfoTypeConfig(new ReplaceWithInfoTypeConfig());
// Associate info type with the replacement strategy
$infoTypeTransformation = (new InfoTypeTransformation())
->setPrimitiveTransformation($primitiveTransformation)
->setInfoTypes([$personNameInfoType]);
$infoTypeTransformations = (new InfoTypeTransformations())
->setTransformations([$infoTypeTransformation]);
// Specify fields to be de-identified.
$fieldIds = [
(new FieldId())->setName('PATIENT'),
(new FieldId())->setName('FACTOID'),
];
// Specify when the above fields should be de-identified.
$condition = (new Condition())
->setField((new FieldId())
->setName('AGE'))
->setOperator(RelationalOperator::GREATER_THAN)
->setValue((new Value())
->setIntegerValue(89));
// Apply the condition to records
$recordCondition = (new RecordCondition())
->setExpressions((new Expressions())
->setConditions((new Conditions())
->setConditions([$condition])
)
);
// Associate the de-identification and conditions with the specified fields.
$fieldTransformation = (new FieldTransformation())
->setInfoTypeTransformations($infoTypeTransformations)
->setFields($fieldIds)
->setCondition($recordCondition);
$recordtransformations = (new RecordTransformations())
->setFieldTransformations([$fieldTransformation]);
$deidentifyConfig = (new DeidentifyConfig())
->setRecordTransformations($recordtransformations);
// Run request
$response = $dlp->deidentifyContent([
'parent' => $parent,
'deidentifyConfig' => $deidentifyConfig,
'item' => $content
]);
// Print results
$csvRef = fopen($outputCsvFile, 'w');
fputcsv($csvRef, $csvHeaders);
foreach ($response->getItem()->getTable()->getRows() as $tableRow) {
$values = array_map(function ($tableValue) {
return $tableValue->getStringValue();
}, iterator_to_array($tableRow->getValues()));
fputcsv($csvRef, $values);
};
printf($outputCsvFile);
}Python
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
민감한 정보 보호에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
from typing import Dict, List, Union # noqa: F811, E402, I100
import google.cloud.dlp # noqa: F811, E402
from google.cloud.dlp_v2 import types # noqa: F811, E402
def deidentify_table_condition_replace_with_info_types(
project: str,
table_data: Dict[str, Union[List[str], List[List[str]]]],
deid_content_list: List[str],
info_types: List[str],
condition_field: str = None,
condition_operator: str = None,
condition_value: int = None,
) -> types.dlp.Table:
"""Uses the Data Loss Prevention API to de-identify sensitive data in a
table by replacing them with info-types based on a condition.
Args:
project: The Google Cloud project id to use as a parent resource.
table_data: Json string representing table data.
deid_content_list: A list of fields in table to de-identify.
info_types: A list of strings representing info types to look for.
A full list of info categories and types is available from the API.
Examples include "FIRST_NAME", "LAST_NAME", "EMAIL_ADDRESS". '
condition_field: A table field within the record this condition is evaluated against.
condition_operator: Operator used to compare the field or infoType to the value. One of:
RELATIONAL_OPERATOR_UNSPECIFIED, EQUAL_TO, NOT_EQUAL_TO, GREATER_THAN, LESS_THAN, GREATER_THAN_OR_EQUALS,
LESS_THAN_OR_EQUALS, EXISTS.
condition_value: Value to compare against. [Mandatory, except for ``EXISTS`` tests.].
Returns:
De-identified table is returned;
the response from the API is also printed to the terminal.
Example:
>> $ python deid.py deid_table_condition_replace \
'{"header": ["email", "phone number", "age"],
"rows": [["robertfrost@example.com", "4232342345", "45"],
["johndoe@example.com", "4253458383", "63"]]}' ["email"] \
["EMAIL_ADDRESS"] "age" "GREATER_THAN" 50
>> '{"header": ["email", "phone number", "age"],
"rows": [["robertfrost@example.com", "4232342345", "45"],
["[EMAIL_ADDRESS]", "4253458383", "63"]]}'
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct the `table`. For more details on the table schema, please see
# https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
headers = [{"name": val} for val in table_data["header"]]
rows = []
for row in table_data["rows"]:
rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
table = {"headers": headers, "rows": rows}
# Construct the item
item = {"table": table}
# Specify fields to be de-identified
deid_field_list = [{"name": _i} for _i in deid_content_list]
# Construct inspect configuration dictionary
inspect_config = {"info_types": [{"name": info_type} for info_type in info_types]}
# Construct condition list
condition = [
{
"field": {"name": condition_field},
"operator": condition_operator,
"value": {"integer_value": condition_value},
}
]
# Construct deidentify configuration dictionary
deidentify_config = {
"record_transformations": {
"field_transformations": [
{
"info_type_transformations": {
"transformations": [
{
"primitive_transformation": {
"replace_with_info_type_config": {}
}
}
]
},
"fields": deid_field_list,
"condition": {
"expressions": {"conditions": {"conditions": condition}}
},
}
]
}
}
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Call the API.
response = dlp.deidentify_content(
request={
"parent": parent,
"deidentify_config": deidentify_config,
"item": item,
"inspect_config": inspect_config,
}
)
print(f"Table after de-identification: {response.item.table}")
return response.item.table
"deidentifyConfig":{
"recordTransformations":{
"fieldTransformations":[
{
"infoTypeTransformations":{
"transformations":[
{
"infoTypes":[
{
"name":"PERSON_NAME"
}
],
"primitiveTransformation":{
"replaceWithInfoTypeConfig":{
}
}
}
]
},
"fields":[
{
"name":"PATIENT"
},
{
"name":"FACTOID"
}
],
"condition":{
"expressions":{
"conditions":{
"conditions":[
{
"field":{
"name":"AGE"
},
"operator":"GREATER_THAN",
"value":{
"integerValue":"89"
}
}
]
}
}
}
}
]
}
}
암호화 해시 변환을 사용하여 발견 항목 변환
다음 JSON 예시에서는 infoType 변환을 사용하여 DLP API가 전체 테이블 구조에서 특정 infoType을 검사한 다음 일시적인 CryptoKey를 사용하여 일치하는 값을 암호화하도록 지시합니다.
다음 예시에서는 암호화 해시 변환을 사용하여 두 개의 infoType을 익명화하는 방법을 보여줍니다.
입력:
| 사용자 ID | 댓글 |
|---|---|
| user1@example.org | 내 이메일은 user1@example.org이고 전화번호는 858-555-0222입니다. |
| user2@example.org | 내 이메일은 user2@example.org이고 전화번호는 858-555-0223입니다. |
| user3@example.org | 내 이메일은 user3@example.org이고 전화 번호는 858-555-0224입니다. |
변환된 테이블:
| 사용자 ID | 댓글 |
|---|---|
| 1kSfj3Op64MH1BiznupEpX0BdQrHMm62X6abgsPH5zM= | 내 이메일는 1kSfj3Op64MH1BiznupEpX0BdQrHMm62X6abgsPH5zM=이고 전화번호는 hYXPcsJNBCe1rr51sHiVw2KhtoyMe4HEFKNHWFcDVm0=입니다. |
| 4ESy7+rEN8NVaUJ6J7kwvcgW8wcm0cm5gbBAcu6SfdM= | 내 이메일은 4ESy7+rEN8NVaUJ6J7kwvcgW8wcm0cm5gbBAcu6SfdM=이고 전화번호는 KKqW1tQwgvGiC6iWJHhLiz2enNSEFRzhmLOf9fSTxRw=입니다. |
| bu1blyd/mbjLmpF2Rdi6zpgsLatSwpJLVki2fMeudM0= | 내 이메일은 bu1blyd/mbjLmpF2Rdi6zpgsLatSwpJLVki2fMeudM0=이고 전화번호는 eNt7qtZVLmxRb8z8NBR/+z00In07CI3hEMStbwofWoc=입니다. |
{
"inspectConfig":{
"infoTypes":[
{
"name":"EMAIL_ADDRESS"
},
{
"name":"PHONE_NUMBER"
}
]
},
"deidentifyConfig":{
"infoTypeTransformations":{
"transformations":[
{
"infoTypes":[
{
"name":"EMAIL_ADDRESS"
},
{
"name":"PHONE_NUMBER"
}
],
"primitiveTransformation":{
"cryptoHashConfig":{
"cryptoKey":{
"transient":{
"name":"[TRANSIENT-CRYPTO-KEY]"
}
}
}
}
}
]
}
},
"item":{
"table":{
"headers":[
{
"name":"userid"
},
{
"name":"comments"
}
],
"rows":[
{
"values":[
{
"stringValue":"abby_abernathy@example.org"
},
{
"stringValue":"my email is abby_abernathy@example.org and phone is 858-555-0222"
}
]
},
{
"values":[
{
"stringValue":"bert_beauregard@example.org"
},
{
"stringValue":"my email is bert_beauregard@example.org and phone is 858-555-0223"
}
]
},
{
"values":[
{
"stringValue":"cathy_crenshaw@example.org"
},
{
"stringValue":"my email is cathy_crenshaw@example.org and phone is 858-555-0224"
}
]
}
]
}
}
}
서로 다른 두 개의 암호화 해시 변환을 사용하여 발견 항목 변환
이 예시에서는 단일 익명화 구성 내에서 다양한 변환에 서로 다른 암호화 키를 사용하는 방법을 보여줍니다. 먼저 '사용자 ID' 필드의 필드 변환이 선언됩니다. 이 변환에는 infoType 변환이 포함되지 않으므로 데이터 유형에 관계없이 각 행의 '사용자 ID' 필드가 변환됩니다. 그런 다음 다른 필드 변환이 선언됩니다.이 변환은 '댓글' 필드에 있습니다.
입력:
| 사용자 ID | 댓글 |
|---|---|
| user1@example.org | 내 이메일은 user1@example.org이고 전화번호는 858-555-0222입니다. |
| abbyabernathy1 | 내 사용자 ID는 abbyabernathy1이고 이메일은 aabernathy@example.com입니다. |
변환된 테이블:
| 사용자 ID | 댓글 |
|---|---|
| 5WvS4+aJtCCwWWG79cmRNamDgyvJ+CkuwNpA2gaR1VQ= | 내 이메일은 vjqGLaA6+NUUnZAWXpI72lU1GfwQdOKu7XqWaJPcvQQ=이고 전화번호는 phone is BY+mSXXTu6mOoX5pr0Xbse60uelsSHmwRCq6HcscKtk=입니다. |
| t0dOmHvkT0VsM++SVmESVKHenLkmhBmFezH3hSDldDg= | 내 사용자 ID는 abbyabernathy1이고 이메일은 TQ3ancdUn9zgwO5qe6ahkmVrBuNhvlMknxjPjIt0N2w=입니다. |
{
"inspectConfig":{
"infoTypes":[
{
"name":"EMAIL_ADDRESS"
},
{
"name":"PHONE_NUMBER"
}
]
},
"deidentifyConfig":{
"recordTransformations":{
"fieldTransformations":[
{
"fields":[
{
"name":"userid"
}
],
"primitiveTransformation":{
"cryptoHashConfig":{
"cryptoKey":{
"transient":{
"name":"[TRANSIENT-CRYPTO-KEY-1]"
}
}
}
}
},
{
"fields":[
{
"name":"comments"
}
],
"infoTypeTransformations":{
"transformations":[
{
"infoTypes":[
{
"name":"PHONE_NUMBER"
},
{
"name":"EMAIL_ADDRESS"
}
],
"primitiveTransformation":{
"cryptoHashConfig":{
"cryptoKey":{
"transient":{
"name":"[TRANSIENT-CRYPTO-KEY-2]"
}
}
}
}
}
]
}
}
]
}
},
"item":{
"table":{
"headers":[
{
"name":"userid"
},
{
"name":"comments"
}
],
"rows":[
{
"values":[
{
"stringValue":"user1@example.org"
},
{
"stringValue":"my email is user1@example.org and phone is 858-333-2222"
}
]
},
{
"values":[
{
"stringValue":"abbyabernathy1"
},
{
"stringValue":"my userid is abbyabernathy1 and my email is aabernathy@example.com"
}
]
}
]
}
}
}