使用 Data Loss Prevention API 将您指定的输入值替换为您指定的值,以便对字符串中的敏感数据进行去标识化。
包含此代码示例的文档页面
如需查看上下文中使用的代码示例,请参阅以下文档:
代码示例
Java
如需了解如何安装和使用 Cloud DLP 客户端库,请参阅 Cloud DLP 客户端库。
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InfoTypeTransformations;
import com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.ReplaceValueConfig;
import com.google.privacy.dlp.v2.Value;
public class DeIdentifyWithReplacement {
public static void main(String[] args) throws Exception {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
String textToInspect =
"My name is Alicia Abernathy, and my email address is aabernathy@example.com.";
deIdentifyWithReplacement(projectId, textToInspect);
}
// Inspects the provided text.
public static void deIdentifyWithReplacement(String projectId, String textToRedact) {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify the content to be inspected.
ContentItem item = ContentItem.newBuilder().setValue(textToRedact).build();
// Specify the type of info the inspection will look for.
// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types
InfoType infoType = InfoType.newBuilder().setName("EMAIL_ADDRESS").build();
InspectConfig inspectConfig = InspectConfig.newBuilder().addInfoTypes(infoType).build();
// Specify replacement string to be used for the finding.
ReplaceValueConfig replaceValueConfig =
ReplaceValueConfig.newBuilder()
.setNewValue(Value.newBuilder().setStringValue("[email-address]").build())
.build();
// Define type of deidentification as replacement.
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder().setReplaceConfig(replaceValueConfig).build();
// Associate deidentification type with info type.
InfoTypeTransformation transformation =
InfoTypeTransformation.newBuilder()
.addInfoTypes(infoType)
.setPrimitiveTransformation(primitiveTransformation)
.build();
// Construct the configuration for the Redact request and list all desired transformations.
DeidentifyConfig redactConfig =
DeidentifyConfig.newBuilder()
.setInfoTypeTransformations(
InfoTypeTransformations.newBuilder().addTransformations(transformation))
.build();
// Construct the Redact request to be sent by the client.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(item)
.setDeidentifyConfig(redactConfig)
.setInspectConfig(inspectConfig)
.build();
// Use the client to send the API request.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Parse the response and process results
System.out.println("Text after redaction: " + response.getItem().getValue());
} catch (Exception e) {
System.out.println("Error during inspectString: \n" + e.toString());
}
}
}Node.js
如需了解如何安装和使用 Cloud DLP 客户端库,请参阅 Cloud DLP 客户端库。
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Instantiates a client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// The string to deidentify
// const string = 'My SSN is 372819127';
// The string to replace sensitive information with
// const replacement = "[REDACTED]"
async function deidentifyWithReplacement() {
// Construct deidentification request
const item = {value: string};
const request = {
parent: `projects/${projectId}/locations/global`,
deidentifyConfig: {
infoTypeTransformations: {
transformations: [
{
primitiveTransformation: {
replaceConfig: {
newValue: {
stringValue: replacement,
},
},
},
},
],
},
},
item: item,
};
// Run deidentification request
const [response] = await dlp.deidentifyContent(request);
const deidentifiedItem = response.item;
console.log(deidentifiedItem.value);
}
deidentifyWithReplacement();Python
如需了解如何安装和使用 Cloud DLP 客户端库,请参阅 Cloud DLP 客户端库。
def deidentify_with_replace(
project, input_str, info_types, replacement_str="REPLACEMENT_STR",
):
"""Uses the Data Loss Prevention API to deidentify sensitive data in a
string by replacing matched input values with a value you specify.
Args:
project: The Google Cloud project id to use as a parent resource.
input_str: The string to deidentify (will be treated as text).
info_types: A list of strings representing info types to look for.
replacement_str: The string to replace all values that match given
info types.
Returns:
None; the response from the API is printed to the terminal.
"""
import google.cloud.dlp
# Instantiate a client
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Construct inspect configuration dictionary
inspect_config = {"info_types": [{"name": info_type} for info_type in info_types]}
# Construct deidentify configuration dictionary
deidentify_config = {
"info_type_transformations": {
"transformations": [
{
"primitive_transformation": {
"replace_config": {
"new_value": {"string_value": replacement_str}
}
}
}
]
}
}
# Construct item
item = {"value": input_str}
# Call the API
response = dlp.deidentify_content(
request={
"parent": parent,
"deidentify_config": deidentify_config,
"inspect_config": inspect_config,
"item": item,
}
)
# Print out the results.
print(response.item.value)
后续步骤
如需搜索和过滤其他 Google Cloud 产品的代码示例,请参阅 Google Cloud 示例浏览器。