使用 Node.js 检查敏感文本
了解如何使用 Sensitive Data Protection 的 Cloud Data Loss Prevention API、Google Cloud CLI 和 Node.js 扫描示例字符串,检查是否存在敏感信息。
如需在 Google Cloud 控制台中直接遵循有关此任务的分步指导,请点击操作演示:
准备工作
- Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
- Install the Google Cloud CLI.
-
To initialize the gcloud CLI, run the following command:
gcloud init
-
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_ID
with a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_ID
with your Google Cloud project name.
-
-
Make sure that billing is enabled for your Google Cloud project.
-
Enable the DLP API:
gcloud services enable dlp.googleapis.com
-
Create local authentication credentials for your user account:
gcloud auth application-default login
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/dlp.user
gcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
- Replace
PROJECT_ID
with your project ID. -
Replace
USER_IDENTIFIER
with the identifier for your user account. For example,user:myemail@example.com
. - Replace
ROLE
with each individual role.
- Replace
- Install the Google Cloud CLI.
-
To initialize the gcloud CLI, run the following command:
gcloud init
-
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_ID
with a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_ID
with your Google Cloud project name.
-
-
Make sure that billing is enabled for your Google Cloud project.
-
Enable the DLP API:
gcloud services enable dlp.googleapis.com
-
Create local authentication credentials for your user account:
gcloud auth application-default login
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/dlp.user
gcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
- Replace
PROJECT_ID
with your project ID. -
Replace
USER_IDENTIFIER
with the identifier for your user account. For example,user:myemail@example.com
. - Replace
ROLE
with each individual role.
- Replace
- 安装 Node.js 和 NPM。
设置 Sensitive Data Protection CLI 应用
如需使用 Node.js 设置 Sensitive Data Protection CLI 应用,请执行以下操作:
克隆 Node.js DLP 客户端库:
git clone https://github.com/GoogleCloudPlatform/nodejs-docs-samples
导航到
dlp
目录。cd nodejs-docs-samples/dlp
安装应用依赖项:
npm install
检查字符串是否存在敏感信息
如需使用 DLP API 和 inspectString
Node.js 脚本扫描示例文本,请运行以下命令:
node inspectString.js PROJECT_ID "My email address is joe@example.com."
输出类似于以下内容:
Findings:
Info type: EMAIL_ADDRESS
Likelihood: LIKELY
清理
为避免因本页面中使用的资源导致您的 Google Cloud 账号产生费用,请删除包含这些资源的 Google Cloud 项目。
删除项目
如果您为本快速入门创建了新项目,则最简单的防止产生额外费用的方法是删除该项目。
Delete a Google Cloud project:
gcloud projects delete PROJECT_ID
撤消您的凭据
-
Optional: Revoke the authentication credentials that you created, and delete the local credential file.
gcloud auth application-default revoke
-
Optional: Revoke credentials from the gcloud CLI.
gcloud auth revoke
后续步骤
如需开始检查文本和图片是否包含敏感数据,请参阅操作指南。
如需更好地了解检查、隐去、infoType 和可能性,请参阅概念。
详细了解 DLP API。
详细了解 Cloud DLP Node.js 客户端。