Sign in to your Google Cloud account. If you're new to
Google Cloud,
create an account to evaluate how our products perform in
real-world scenarios. New customers also get $300 in free credits to
run, test, and deploy workloads.
[[["わかりやすい","easyToUnderstand","thumb-up"],["問題の解決に役立った","solvedMyProblem","thumb-up"],["その他","otherUp","thumb-up"]],[["わかりにくい","hardToUnderstand","thumb-down"],["情報またはサンプルコードが不正確","incorrectInformationOrSampleCode","thumb-down"],["必要な情報 / サンプルがない","missingTheInformationSamplesINeed","thumb-down"],["翻訳に関する問題","translationIssue","thumb-down"],["その他","otherDown","thumb-down"]],["最終更新日 2025-09-04 UTC。"],[],[],null,["# Inspect sensitive text by using Node.js\n=======================================\n\nLearn how to scan a sample string for sensitive information by using the\nCloud Data Loss Prevention API of Sensitive Data Protection, the Google Cloud CLI, and Node.js.\n\n*** ** * ** ***\n\nTo follow step-by-step guidance for this task directly in the\nGoogle Cloud console, click **Guide me**:\n\n[Guide me](https://console.cloud.google.com/freetrial?redirectPath=/?walkthrough_id=dlp--inspect-sensitive-text)\n\n*** ** * ** ***\n\nBefore you begin\n----------------\n\n- Sign in to your Google Cloud account. If you're new to Google Cloud, [create an account](https://console.cloud.google.com/freetrial) to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.\n-\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n- If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n\n-\n To [initialize](/sdk/docs/initializing) the gcloud CLI, run the following command:\n\n ```bash\n gcloud init\n ```\n- [Create or select a Google Cloud project](https://cloud.google.com/resource-manager/docs/creating-managing-projects).\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n - Create a Google Cloud project:\n\n ```\n gcloud projects create PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with a name for the Google Cloud project you are creating.\n - Select the Google Cloud project that you created:\n\n ```\n gcloud config set project PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with your Google Cloud project name.\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the DLP API:\n\n\n ```bash\n gcloud services enable dlp.googleapis.com\n ```\n-\n\n Create local authentication credentials for your user account:\n\n ```bash\n gcloud auth application-default login\n ```\n\n\n If an authentication error is returned, and you are using an external identity provider\n (IdP), confirm that you have\n [signed in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n-\n Grant roles to your user account. Run the following command once for each of the following\n IAM roles:\n `roles/dlp.user`\n\n ```bash\n gcloud projects add-iam-policy-binding PROJECT_ID --member=\"user:\u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e\" --role=ROLE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: your project ID.\n - \u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e: the identifier for your user account---for example, `myemail@example.com`.\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the IAM role that you grant to your user account.\n\n-\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n- If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n\n-\n To [initialize](/sdk/docs/initializing) the gcloud CLI, run the following command:\n\n ```bash\n gcloud init\n ```\n- [Create or select a Google Cloud project](https://cloud.google.com/resource-manager/docs/creating-managing-projects).\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n - Create a Google Cloud project:\n\n ```\n gcloud projects create PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with a name for the Google Cloud project you are creating.\n - Select the Google Cloud project that you created:\n\n ```\n gcloud config set project PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with your Google Cloud project name.\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the DLP API:\n\n\n ```bash\n gcloud services enable dlp.googleapis.com\n ```\n-\n\n Create local authentication credentials for your user account:\n\n ```bash\n gcloud auth application-default login\n ```\n\n\n If an authentication error is returned, and you are using an external identity provider\n (IdP), confirm that you have\n [signed in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n-\n Grant roles to your user account. Run the following command once for each of the following\n IAM roles:\n `roles/dlp.user`\n\n ```bash\n gcloud projects add-iam-policy-binding PROJECT_ID --member=\"user:\u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e\" --role=ROLE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: your project ID.\n - \u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e: the identifier for your user account---for example, `myemail@example.com`.\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the IAM role that you grant to your user account.\n\n1. [Install Node.js and NPM](/nodejs/docs/setup).\n\nSet up a Sensitive Data Protection CLI app\n------------------------------------------\n\nTo set up a Sensitive Data Protection CLI app using Node.js, do the following:\n\n1. Clone the [Node.js DLP client library](https://github.com/GoogleCloudPlatform/nodejs-docs-samples):\n\n git clone https://github.com/GoogleCloudPlatform/nodejs-docs-samples\n\n2. Navigate to the `dlp` directory.\n\n cd nodejs-docs-samples/dlp\n\n3. Install the app dependencies:\n\n npm install\n\nInspect a string for sensitive information\n------------------------------------------\n\nTo scan sample text by using the DLP API and the `inspectString`\nNode.js script, run the following command: \n\n node inspectString.js \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e \"My email address is joe@example.com.\"\n\nThe output is similar to the following: \n\n Findings:\n Info type: EMAIL_ADDRESS\n Likelihood: LIKELY\n\nClean up\n--------\n\n\nTo avoid incurring charges to your Google Cloud account for\nthe resources used on this page, delete the Google Cloud project with the\nresources.\n\n### Delete the project\n\nIf you created a new project for this quickstart, the easiest way to prevent\nadditional charges is to delete the project.\n\n| **Caution** : Deleting a project has the following effects:\n|\n| - **Everything in the project is deleted.** If you used an existing project for the tasks in this document, when you delete it, you also delete any other work you've done in the project.\n| - **Custom project IDs are lost.** When you created this project, you might have created a custom project ID that you want to use in the future. To preserve the URLs that use the project ID, such as an `appspot.com` URL, delete selected resources inside the project instead of deleting the whole project.\n|\n|\n| If you plan to explore multiple architectures, tutorials, or quickstarts, reusing projects\n| can help you avoid exceeding project quota limits.\n1. Delete a Google Cloud project: \n\n```\ngcloud projects delete PROJECT_ID\n```\n\n\u003cbr /\u003e\n\n### Revoke your credentials\n\n1.\n Optional: Revoke the authentication credentials that you created, and delete the local\n credential file.\n\n ```bash\n gcloud auth application-default revoke\n ```\n2.\n Optional: Revoke credentials from the gcloud CLI.\n\n ```bash\n gcloud auth revoke\n ```\n\nWhat's next\n-----------\n\n- To get started with inspecting text and images for sensitive data, see\n [How-to guides](/sensitive-data-protection/docs/how-to).\n\n- To better understand inspection, redaction, infoTypes, and likelihood, see\n [Concepts](/sensitive-data-protection/docs/concepts).\n\n- Learn more about the [DLP API](/sensitive-data-protection/docs/reference/rest/v2).\n\n- Learn more about the [Cloud DLP Node.js Client](/nodejs/docs/reference/dlp/latest)."]]
