Inspect sensitive text by using Node.js
Learn how to scan a sample string for sensitive information by using the Cloud Data Loss Prevention API of Sensitive Data Protection, the Google Cloud CLI, and Node.js.
To follow step-by-step guidance for this task directly in the Google Cloud console, click Guide me:
Before you begin
- Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
- Install the Google Cloud CLI.
-
To initialize the gcloud CLI, run the following command:
gcloud init
-
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_ID
with a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_ID
with your Google Cloud project name.
-
-
Make sure that billing is enabled for your Google Cloud project.
-
Enable the DLP API:
gcloud services enable dlp.googleapis.com
-
Create local authentication credentials for your user account:
gcloud auth application-default login
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/dlp.user
gcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
- Replace
PROJECT_ID
with your project ID. -
Replace
USER_IDENTIFIER
with the identifier for your user account. For example,user:myemail@example.com
. - Replace
ROLE
with each individual role.
- Replace
- Install the Google Cloud CLI.
-
To initialize the gcloud CLI, run the following command:
gcloud init
-
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_ID
with a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_ID
with your Google Cloud project name.
-
-
Make sure that billing is enabled for your Google Cloud project.
-
Enable the DLP API:
gcloud services enable dlp.googleapis.com
-
Create local authentication credentials for your user account:
gcloud auth application-default login
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/dlp.user
gcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
- Replace
PROJECT_ID
with your project ID. -
Replace
USER_IDENTIFIER
with the identifier for your user account. For example,user:myemail@example.com
. - Replace
ROLE
with each individual role.
- Replace
- Install Node.js and NPM.
Set up a Sensitive Data Protection CLI app
To set up a Sensitive Data Protection CLI app using Node.js, do the following:
Clone the Node.js DLP client library:
git clone https://github.com/GoogleCloudPlatform/nodejs-docs-samples
Navigate to the
dlp
directory.cd nodejs-docs-samples/dlp
Install the app dependencies:
npm install
Inspect a string for sensitive information
To scan sample text by using the DLP API and the inspectString
Node.js script, run the following command:
node inspectString.js PROJECT_ID "My email address is joe@example.com."
The output is similar to the following:
Findings:
Info type: EMAIL_ADDRESS
Likelihood: LIKELY
Clean up
To avoid incurring charges to your Google Cloud account for the resources used on this page, delete the Google Cloud project with the resources.
Delete the project
If you created a new project for this quickstart, the easiest way to prevent additional charges is to delete the project.
Delete a Google Cloud project:
gcloud projects delete PROJECT_ID
Revoke your credentials
-
Optional: Revoke the authentication credentials that you created, and delete the local credential file.
gcloud auth application-default revoke
-
Optional: Revoke credentials from the gcloud CLI.
gcloud auth revoke
What's next
To get started with inspecting text and images for sensitive data, see How-to guides.
To better understand inspection, redaction, infoTypes, and likelihood, see Concepts.
Learn more about the DLP API.
Learn more about the Cloud DLP Node.js Client.