Criar uma lista de exceções para um detector de dicionário personalizado regular.
Mais informações
Para ver a documentação detalhada que inclui este exemplo de código, consulte:
Exemplo de código
C#
Para saber como instalar e usar a biblioteca de cliente para proteção de dados sensíveis, consulte Bibliotecas de cliente de proteção de dados sensíveis.
Para usar a proteção de dados sensíveis, configure o Application Default Credentials. Para mais informações, consulte Configurar a autenticação para um ambiente de desenvolvimento local.
using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyWithExceptionList
{
public static DeidentifyContentResponse Deidentify(string projectId, string text)
{
// Instantiate a client.
var dlp = DlpServiceClient.Create();
var contentItem = new ContentItem { Value = text };
var wordList = new CustomInfoType.Types.Dictionary.Types.WordList
{
Words = { new string[] { "jack@example.org", "jill@example.org" } }
};
var exclusionRule = new ExclusionRule
{
MatchingType = MatchingType.FullMatch,
Dictionary = new CustomInfoType.Types.Dictionary
{
WordList = wordList
}
};
var infoType = new InfoType { Name = "EMAIL_ADDRESS" };
var inspectionRuleSet = new InspectionRuleSet
{
InfoTypes = { infoType },
Rules = { new InspectionRule { ExclusionRule = exclusionRule } }
};
var inspectConfig = new InspectConfig
{
InfoTypes = { infoType },
RuleSet = { inspectionRuleSet }
};
var primitiveTransformation = new PrimitiveTransformation
{
ReplaceWithInfoTypeConfig = new ReplaceWithInfoTypeConfig { }
};
var transformation = new InfoTypeTransformations.Types.InfoTypeTransformation
{
InfoTypes = { infoType },
PrimitiveTransformation = primitiveTransformation
};
var deidentifyConfig = new DeidentifyConfig
{
InfoTypeTransformations = new InfoTypeTransformations
{
Transformations = { transformation }
}
};
var request = new DeidentifyContentRequest
{
Parent = new LocationName(projectId, "global").ToString(),
InspectConfig = inspectConfig,
DeidentifyConfig = deidentifyConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the results.
Console.WriteLine($"Deidentified content: {response.Item.Value}");
return response;
}
}
Go
Para saber como instalar e usar a biblioteca de cliente para proteção de dados sensíveis, consulte Bibliotecas de cliente de proteção de dados sensíveis.
Para usar a proteção de dados sensíveis, configure o Application Default Credentials. Para mais informações, consulte Configurar a autenticação para um ambiente de desenvolvimento local.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyExceptionList creates an exception list for a regular custom dictionary detector.
func deidentifyExceptionList(w io.Writer, projectID, input string) error {
// projectID := "my-project-id"
// input := "jack@example.org accessed customer record of user5@example.com"
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return fmt.Errorf("dlp.NewClient: %w", err)
}
// Closing the client safely cleans up background resousrces.
defer client.Close()
// Specify what content you want the service to DeIdentify.
item := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Value{
Value: input,
},
}
// Specify the word list custom info type and build-in info type the inspection will look for.
infoTypes := []*dlppb.InfoType{
{Name: "EMAIL_ADDRESS"},
}
dictionary := &dlppb.CustomInfoType_Dictionary{
Source: &dlppb.CustomInfoType_Dictionary_WordList_{
WordList: &dlppb.CustomInfoType_Dictionary_WordList{
Words: []string{"jack@example.org", "jill@example.org"},
},
},
}
exclusionRule := &dlppb.ExclusionRule{
MatchingType: dlppb.MatchingType_MATCHING_TYPE_FULL_MATCH,
Type: &dlppb.ExclusionRule_Dictionary{
Dictionary: dictionary,
},
}
inspectRuleSet := &dlppb.InspectionRuleSet{
InfoTypes: infoTypes,
Rules: []*dlppb.InspectionRule{
{
Type: &dlppb.InspectionRule_ExclusionRule{
ExclusionRule: exclusionRule,
},
},
},
}
// Construct the configuration for the de-id request and list all desired transformations.
primitiveTransformation := &dlppb.PrimitiveTransformation{
Transformation: &dlppb.PrimitiveTransformation_ReplaceWithInfoTypeConfig{},
}
infoTypeTransformation := &dlppb.InfoTypeTransformations{
Transformations: []*dlppb.InfoTypeTransformations_InfoTypeTransformation{
{
PrimitiveTransformation: primitiveTransformation,
},
},
}
deIdentifyConfig := &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_InfoTypeTransformations{
InfoTypeTransformations: infoTypeTransformation,
},
}
// Create a configured request.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: deIdentifyConfig,
InspectConfig: &dlppb.InspectConfig{
InfoTypes: infoTypes,
CustomInfoTypes: []*dlppb.CustomInfoType{},
RuleSet: []*dlppb.InspectionRuleSet{inspectRuleSet},
},
// The item to analyze.
Item: item,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the result.
fmt.Fprintf(w, "output : %v", resp.GetItem().GetValue())
return nil
}
Java
Para saber como instalar e usar a biblioteca de cliente para proteção de dados sensíveis, consulte Bibliotecas de cliente de proteção de dados sensíveis.
Para usar a proteção de dados sensíveis, configure o Application Default Credentials. Para mais informações, consulte Configurar a autenticação para um ambiente de desenvolvimento local.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.CustomInfoType;
import com.google.privacy.dlp.v2.CustomInfoType.Dictionary;
import com.google.privacy.dlp.v2.CustomInfoType.Dictionary.WordList;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.ExclusionRule;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InfoTypeTransformations;
import com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectionRule;
import com.google.privacy.dlp.v2.InspectionRuleSet;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.MatchingType;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.ReplaceWithInfoTypeConfig;
import java.io.IOException;
public class DeIdentifyWithExceptionList {
public static void main(String[] args) throws Exception {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
String textToDeIdentify = "jack@example.org accessed customer record of user5@example.com";
deIdentifyWithExceptionList(projectId, textToDeIdentify);
}
public static void deIdentifyWithExceptionList(String projectId, String textToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to DeIdentify.
ContentItem contentItem = ContentItem.newBuilder().setValue(textToDeIdentify).build();
// Construct the custom word list to be detected.
Dictionary wordList =
Dictionary.newBuilder()
.setWordList(
WordList.newBuilder()
.addWords("jack@example.org")
.addWords("jill@example.org")
.build())
.build();
// Construct the custom dictionary detector associated with the word list.
InfoType developerEmail = InfoType.newBuilder().setName("DEVELOPER_EMAIL").build();
CustomInfoType customInfoType =
CustomInfoType.newBuilder().setInfoType(developerEmail).setDictionary(wordList).build();
ExclusionRule exclusionRule =
ExclusionRule.newBuilder()
.setDictionary(wordList)
.setMatchingType(MatchingType.MATCHING_TYPE_FULL_MATCH)
.build();
InspectionRule inspectionRule =
InspectionRule.newBuilder()
.setExclusionRule(exclusionRule)
.build();
// Specify the word list custom info type and build-in info type the inspection will look for.
InfoType emailAddress = InfoType.newBuilder().setName("EMAIL_ADDRESS").build();
InspectionRuleSet inspectionRuleSet =
InspectionRuleSet.newBuilder()
.addInfoTypes(emailAddress)
.addRules(inspectionRule)
.build();
InspectConfig inspectConfig =
InspectConfig.newBuilder()
.addInfoTypes(emailAddress)
.addCustomInfoTypes(customInfoType)
.addRuleSet(inspectionRuleSet)
.build();
// Define type of deidentification as replacement.
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder()
.setReplaceWithInfoTypeConfig(ReplaceWithInfoTypeConfig.getDefaultInstance())
.build();
// Associate de-identification type with info type.
InfoTypeTransformation transformation =
InfoTypeTransformation.newBuilder()
.addInfoTypes(emailAddress)
.setPrimitiveTransformation(primitiveTransformation)
.build();
// Construct the configuration for the de-id request and list all desired transformations.
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder()
.setInfoTypeTransformations(
InfoTypeTransformations.newBuilder().addTransformations(transformation))
.build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setInspectConfig(inspectConfig)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results
System.out.println(
"Text after replace with infotype config: " + response.getItem().getValue());
}
}
}Node.js
Para saber como instalar e usar a biblioteca de cliente para proteção de dados sensíveis, consulte Bibliotecas de cliente de proteção de dados sensíveis.
Para usar a proteção de dados sensíveis, configure o Application Default Credentials. Para mais informações, consulte Configurar a autenticação para um ambiente de desenvolvimento local.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
const dlp = new DLP.DlpServiceClient();
// TODO(developer): Replace these variables before running the sample.
// const projectId = "your-project-id";
// The string to deidentify
// const textToInspect = 'jack@example.org accessed customer record of user5@example.com';
// Words to exclude for during inspection
// const words = ['jack@example.org', 'jill@example.org'];
// The infoTypes of information to match
// See https://cloud.google.com/dlp/docs/concepts-infotypes for more information
// about supported infoTypes.
// const infoTypes = [{ name: 'EMAIL_ADDRESS' }];
async function deIdentifyWithExceptionList() {
// Construct item to inspect
const item = {value: textToInspect};
// Construct the custom dictionary detector associated with the word list.
const wordListDict = {
wordList: {
words: words,
},
};
// Construct a rule set that will only match if the match text does not
// contains tokens from the exclusion list.
const ruleSet = [
{
infoTypes: infoTypes,
rules: [
{
exclusionRule: {
matchingType:
DLP.protos.google.privacy.dlp.v2.MatchingType
.MATCHING_TYPE_FULL_MATCH,
dictionary: wordListDict,
},
},
],
},
];
// Combine configurations to construct inspect config.
const inspectConfig = {
infoTypes: infoTypes,
ruleSet: ruleSet,
};
// Define type of de-identification as replacement & associate de-identification type with info type.
const transformation = {
infoTypes: [],
primitiveTransformation: {
replaceWithInfoTypeConfig: {},
},
};
// Construct the configuration for the de-identification request and list all desired transformations.
const deidentifyConfig = {
infoTypeTransformations: {
transformations: [transformation],
},
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: item,
inspectConfig: inspectConfig,
deidentifyConfig: deidentifyConfig,
};
// Send the request and receive response from the service.
const [response] = await dlp.deidentifyContent(request);
// Print the results
console.log(
`Text after replace with infotype config: ${response.item.value}`
);
}
deIdentifyWithExceptionList();PHP
Para saber como instalar e usar a biblioteca de cliente para proteção de dados sensíveis, consulte Bibliotecas de cliente de proteção de dados sensíveis.
Para usar a proteção de dados sensíveis, configure o Application Default Credentials. Para mais informações, consulte Configurar a autenticação para um ambiente de desenvolvimento local.
use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\CustomInfoType\Dictionary;
use Google\Cloud\Dlp\V2\CustomInfoType\Dictionary\WordList;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\DeidentifyContentRequest;
use Google\Cloud\Dlp\V2\ExclusionRule;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InfoTypeTransformations;
use Google\Cloud\Dlp\V2\InfoTypeTransformations\InfoTypeTransformation;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectionRule;
use Google\Cloud\Dlp\V2\InspectionRuleSet;
use Google\Cloud\Dlp\V2\MatchingType;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\ReplaceWithInfoTypeConfig;
/**
* Create an exception list for de-identification
* Create an exception list for a regular custom dictionary detector.
*
* @param string $callingProjectId The project ID to run the API call under
* @param string $textToDeIdentify The String you want the service to DeIdentify
*/
function deidentify_exception_list(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $textToDeIdentify = 'jack@example.org accessed customer record of user5@example.com'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
// Specify what content you want the service to DeIdentify.
$contentItem = (new ContentItem())
->setValue($textToDeIdentify);
// Construct the custom word list to be detected.
$wordList = (new Dictionary())
->setWordList((new WordList())
->setWords(['jack@example.org', 'jill@example.org']));
// Specify the exclusion rule and build-in info type the inspection will look for.
$exclusionRule = (new ExclusionRule())
->setMatchingType(MatchingType::MATCHING_TYPE_FULL_MATCH)
->setDictionary($wordList);
$emailAddress = (new InfoType())
->setName('EMAIL_ADDRESS');
$inspectionRuleSet = (new InspectionRuleSet())
->setInfoTypes([$emailAddress])
->setRules([
(new InspectionRule())
->setExclusionRule($exclusionRule)
]);
$inspectConfig = (new InspectConfig())
->setInfoTypes([$emailAddress])
->setRuleSet([$inspectionRuleSet]);
// Define type of deidentification as replacement.
$primitiveTransformation = (new PrimitiveTransformation())
->setReplaceWithInfoTypeConfig(new ReplaceWithInfoTypeConfig());
// Associate de-identification type with info type.
$transformation = (new InfoTypeTransformation())
->setInfoTypes([$emailAddress])
->setPrimitiveTransformation($primitiveTransformation);
// Construct the configuration for the de-id request and list all desired transformations.
$deidentifyConfig = (new DeidentifyConfig())
->setInfoTypeTransformations(
(new InfoTypeTransformations())
->setTransformations([$transformation])
);
// Send the request and receive response from the service
$parent = "projects/$callingProjectId/locations/global";
$deidentifyContentRequest = (new DeidentifyContentRequest())
->setParent($parent)
->setDeidentifyConfig($deidentifyConfig)
->setInspectConfig($inspectConfig)
->setItem($contentItem);
$response = $dlp->deidentifyContent($deidentifyContentRequest);
// Print the results
printf('Text after replace with infotype config: %s', $response->getItem()->getValue());
}Python
Para saber como instalar e usar a biblioteca de cliente para proteção de dados sensíveis, consulte Bibliotecas de cliente de proteção de dados sensíveis.
Para usar a proteção de dados sensíveis, configure o Application Default Credentials. Para mais informações, consulte Configurar a autenticação para um ambiente de desenvolvimento local.
from typing import List
import google.cloud.dlp
def deidentify_with_exception_list(
project: str, content_string: str, info_types: List[str], exception_list: List[str]
) -> None:
"""Uses the Data Loss Prevention API to de-identify sensitive data in a
string but ignore matches against custom list.
Args:
project: The Google Cloud project id to use as a parent resource.
content_string: The string to deidentify (will be treated as text).
info_types: A list of strings representing info types to look for.
A full list of info type categories can be fetched from the API.
exception_list: The list of strings to ignore matches on.
Returns:
None; the response from the API is printed to the terminal.
"""
# Instantiate a client
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct a list of infoTypes for DLP to locate in `content_string`. See
# https://cloud.google.com/dlp/docs/concepts-infotypes for more information
# about supported infoTypes.
info_types = [{"name": info_type} for info_type in info_types]
# Construct a rule set that will only match on info_type
# if the matched text is not in the exception list.
rule_set = [
{
"info_types": info_types,
"rules": [
{
"exclusion_rule": {
"dictionary": {"word_list": {"words": exception_list}},
"matching_type": google.cloud.dlp_v2.MatchingType.MATCHING_TYPE_FULL_MATCH,
}
}
],
}
]
# Construct the configuration dictionary
inspect_config = {
"info_types": info_types,
"rule_set": rule_set,
}
# Construct deidentify configuration dictionary
deidentify_config = {
"info_type_transformations": {
"transformations": [
{"primitive_transformation": {"replace_with_info_type_config": {}}}
]
}
}
# Construct the `item`.
item = {"value": content_string}
# Convert the project id into a full resource id.
parent = f"projects/{project}/locations/global"
# Call the API
response = dlp.deidentify_content(
request={
"parent": parent,
"deidentify_config": deidentify_config,
"inspect_config": inspect_config,
"item": item,
}
)
# Print out the results.
print(response.item.value)
A seguir
Para pesquisar e filtrar exemplos de código de outros produtos do Google Cloud, consulte o navegador de amostra do Google Cloud.