Ausnahmeliste für einen regulären benutzerdefinierten Wörterbuchdetektor erstellen.
Weitere Informationen
Eine ausführliche Dokumentation, die dieses Codebeispiel enthält, finden Sie hier:
Codebeispiel
C#
Informationen zum Installieren und Verwenden der Clientbibliothek für den Schutz sensibler Daten finden Sie unter Clientbibliotheken für den Schutz sensibler Daten.
Richten Sie Standardanmeldedaten für Anwendungen ein, um sich beim Schutz sensibler Daten zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten.
using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyWithExceptionList
{
public static DeidentifyContentResponse Deidentify(string projectId, string text)
{
// Instantiate a client.
var dlp = DlpServiceClient.Create();
var contentItem = new ContentItem { Value = text };
var wordList = new CustomInfoType.Types.Dictionary.Types.WordList
{
Words = { new string[] { "jack@example.org", "jill@example.org" } }
};
var exclusionRule = new ExclusionRule
{
MatchingType = MatchingType.FullMatch,
Dictionary = new CustomInfoType.Types.Dictionary
{
WordList = wordList
}
};
var infoType = new InfoType { Name = "EMAIL_ADDRESS" };
var inspectionRuleSet = new InspectionRuleSet
{
InfoTypes = { infoType },
Rules = { new InspectionRule { ExclusionRule = exclusionRule } }
};
var inspectConfig = new InspectConfig
{
InfoTypes = { infoType },
RuleSet = { inspectionRuleSet }
};
var primitiveTransformation = new PrimitiveTransformation
{
ReplaceWithInfoTypeConfig = new ReplaceWithInfoTypeConfig { }
};
var transformation = new InfoTypeTransformations.Types.InfoTypeTransformation
{
InfoTypes = { infoType },
PrimitiveTransformation = primitiveTransformation
};
var deidentifyConfig = new DeidentifyConfig
{
InfoTypeTransformations = new InfoTypeTransformations
{
Transformations = { transformation }
}
};
var request = new DeidentifyContentRequest
{
Parent = new LocationName(projectId, "global").ToString(),
InspectConfig = inspectConfig,
DeidentifyConfig = deidentifyConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the results.
Console.WriteLine($"Deidentified content: {response.Item.Value}");
return response;
}
}
Go
Informationen zum Installieren und Verwenden der Clientbibliothek für den Schutz sensibler Daten finden Sie unter Clientbibliotheken für den Schutz sensibler Daten.
Richten Sie Standardanmeldedaten für Anwendungen ein, um sich beim Schutz sensibler Daten zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyExceptionList creates an exception list for a regular custom dictionary detector.
func deidentifyExceptionList(w io.Writer, projectID, input string) error {
// projectID := "my-project-id"
// input := "jack@example.org accessed customer record of user5@example.com"
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return fmt.Errorf("dlp.NewClient: %w", err)
}
// Closing the client safely cleans up background resousrces.
defer client.Close()
// Specify what content you want the service to DeIdentify.
item := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Value{
Value: input,
},
}
// Specify the word list custom info type and build-in info type the inspection will look for.
infoTypes := []*dlppb.InfoType{
{Name: "EMAIL_ADDRESS"},
}
dictionary := &dlppb.CustomInfoType_Dictionary{
Source: &dlppb.CustomInfoType_Dictionary_WordList_{
WordList: &dlppb.CustomInfoType_Dictionary_WordList{
Words: []string{"jack@example.org", "jill@example.org"},
},
},
}
exclusionRule := &dlppb.ExclusionRule{
MatchingType: dlppb.MatchingType_MATCHING_TYPE_FULL_MATCH,
Type: &dlppb.ExclusionRule_Dictionary{
Dictionary: dictionary,
},
}
inspectRuleSet := &dlppb.InspectionRuleSet{
InfoTypes: infoTypes,
Rules: []*dlppb.InspectionRule{
{
Type: &dlppb.InspectionRule_ExclusionRule{
ExclusionRule: exclusionRule,
},
},
},
}
// Construct the configuration for the de-id request and list all desired transformations.
primitiveTransformation := &dlppb.PrimitiveTransformation{
Transformation: &dlppb.PrimitiveTransformation_ReplaceWithInfoTypeConfig{},
}
infoTypeTransformation := &dlppb.InfoTypeTransformations{
Transformations: []*dlppb.InfoTypeTransformations_InfoTypeTransformation{
{
PrimitiveTransformation: primitiveTransformation,
},
},
}
deIdentifyConfig := &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_InfoTypeTransformations{
InfoTypeTransformations: infoTypeTransformation,
},
}
// Create a configured request.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: deIdentifyConfig,
InspectConfig: &dlppb.InspectConfig{
InfoTypes: infoTypes,
CustomInfoTypes: []*dlppb.CustomInfoType{},
RuleSet: []*dlppb.InspectionRuleSet{inspectRuleSet},
},
// The item to analyze.
Item: item,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the result.
fmt.Fprintf(w, "output : %v", resp.GetItem().GetValue())
return nil
}
Java
Informationen zum Installieren und Verwenden der Clientbibliothek für den Schutz sensibler Daten finden Sie unter Clientbibliotheken für den Schutz sensibler Daten.
Richten Sie Standardanmeldedaten für Anwendungen ein, um sich beim Schutz sensibler Daten zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.CustomInfoType;
import com.google.privacy.dlp.v2.CustomInfoType.Dictionary;
import com.google.privacy.dlp.v2.CustomInfoType.Dictionary.WordList;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.ExclusionRule;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InfoTypeTransformations;
import com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectionRule;
import com.google.privacy.dlp.v2.InspectionRuleSet;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.MatchingType;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.ReplaceWithInfoTypeConfig;
import java.io.IOException;
public class DeIdentifyWithExceptionList {
public static void main(String[] args) throws Exception {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
String textToDeIdentify = "jack@example.org accessed customer record of user5@example.com";
deIdentifyWithExceptionList(projectId, textToDeIdentify);
}
public static void deIdentifyWithExceptionList(String projectId, String textToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to DeIdentify.
ContentItem contentItem = ContentItem.newBuilder().setValue(textToDeIdentify).build();
// Construct the custom word list to be detected.
Dictionary wordList =
Dictionary.newBuilder()
.setWordList(
WordList.newBuilder()
.addWords("jack@example.org")
.addWords("jill@example.org")
.build())
.build();
// Construct the custom dictionary detector associated with the word list.
InfoType developerEmail = InfoType.newBuilder().setName("DEVELOPER_EMAIL").build();
CustomInfoType customInfoType =
CustomInfoType.newBuilder().setInfoType(developerEmail).setDictionary(wordList).build();
ExclusionRule exclusionRule =
ExclusionRule.newBuilder()
.setDictionary(wordList)
.setMatchingType(MatchingType.MATCHING_TYPE_FULL_MATCH)
.build();
InspectionRule inspectionRule =
InspectionRule.newBuilder()
.setExclusionRule(exclusionRule)
.build();
// Specify the word list custom info type and build-in info type the inspection will look for.
InfoType emailAddress = InfoType.newBuilder().setName("EMAIL_ADDRESS").build();
InspectionRuleSet inspectionRuleSet =
InspectionRuleSet.newBuilder()
.addInfoTypes(emailAddress)
.addRules(inspectionRule)
.build();
InspectConfig inspectConfig =
InspectConfig.newBuilder()
.addInfoTypes(emailAddress)
.addCustomInfoTypes(customInfoType)
.addRuleSet(inspectionRuleSet)
.build();
// Define type of deidentification as replacement.
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder()
.setReplaceWithInfoTypeConfig(ReplaceWithInfoTypeConfig.getDefaultInstance())
.build();
// Associate de-identification type with info type.
InfoTypeTransformation transformation =
InfoTypeTransformation.newBuilder()
.addInfoTypes(emailAddress)
.setPrimitiveTransformation(primitiveTransformation)
.build();
// Construct the configuration for the de-id request and list all desired transformations.
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder()
.setInfoTypeTransformations(
InfoTypeTransformations.newBuilder().addTransformations(transformation))
.build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setInspectConfig(inspectConfig)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results
System.out.println(
"Text after replace with infotype config: " + response.getItem().getValue());
}
}
}
Node.js
Informationen zum Installieren und Verwenden der Clientbibliothek für den Schutz sensibler Daten finden Sie unter Clientbibliotheken für den Schutz sensibler Daten.
Richten Sie Standardanmeldedaten für Anwendungen ein, um sich beim Schutz sensibler Daten zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
const dlp = new DLP.DlpServiceClient();
// TODO(developer): Replace these variables before running the sample.
// const projectId = "your-project-id";
// The string to deidentify
// const textToInspect = 'jack@example.org accessed customer record of user5@example.com';
// Words to exclude for during inspection
// const words = ['jack@example.org', 'jill@example.org'];
// The infoTypes of information to match
// See https://cloud.google.com/dlp/docs/concepts-infotypes for more information
// about supported infoTypes.
// const infoTypes = [{ name: 'EMAIL_ADDRESS' }];
async function deIdentifyWithExceptionList() {
// Construct item to inspect
const item = {value: textToInspect};
// Construct the custom dictionary detector associated with the word list.
const wordListDict = {
wordList: {
words: words,
},
};
// Construct a rule set that will only match if the match text does not
// contains tokens from the exclusion list.
const ruleSet = [
{
infoTypes: infoTypes,
rules: [
{
exclusionRule: {
matchingType:
DLP.protos.google.privacy.dlp.v2.MatchingType
.MATCHING_TYPE_FULL_MATCH,
dictionary: wordListDict,
},
},
],
},
];
// Combine configurations to construct inspect config.
const inspectConfig = {
infoTypes: infoTypes,
ruleSet: ruleSet,
};
// Define type of de-identification as replacement & associate de-identification type with info type.
const transformation = {
infoTypes: [],
primitiveTransformation: {
replaceWithInfoTypeConfig: {},
},
};
// Construct the configuration for the de-identification request and list all desired transformations.
const deidentifyConfig = {
infoTypeTransformations: {
transformations: [transformation],
},
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: item,
inspectConfig: inspectConfig,
deidentifyConfig: deidentifyConfig,
};
// Send the request and receive response from the service.
const [response] = await dlp.deidentifyContent(request);
// Print the results
console.log(
`Text after replace with infotype config: ${response.item.value}`
);
}
deIdentifyWithExceptionList();
PHP
Informationen zum Installieren und Verwenden der Clientbibliothek für den Schutz sensibler Daten finden Sie unter Clientbibliotheken für den Schutz sensibler Daten.
Richten Sie Standardanmeldedaten für Anwendungen ein, um sich beim Schutz sensibler Daten zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten.
use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\CustomInfoType\Dictionary;
use Google\Cloud\Dlp\V2\CustomInfoType\Dictionary\WordList;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\DeidentifyContentRequest;
use Google\Cloud\Dlp\V2\ExclusionRule;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InfoTypeTransformations;
use Google\Cloud\Dlp\V2\InfoTypeTransformations\InfoTypeTransformation;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectionRule;
use Google\Cloud\Dlp\V2\InspectionRuleSet;
use Google\Cloud\Dlp\V2\MatchingType;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\ReplaceWithInfoTypeConfig;
/**
* Create an exception list for de-identification
* Create an exception list for a regular custom dictionary detector.
*
* @param string $callingProjectId The project ID to run the API call under
* @param string $textToDeIdentify The String you want the service to DeIdentify
*/
function deidentify_exception_list(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $textToDeIdentify = 'jack@example.org accessed customer record of user5@example.com'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
// Specify what content you want the service to DeIdentify.
$contentItem = (new ContentItem())
->setValue($textToDeIdentify);
// Construct the custom word list to be detected.
$wordList = (new Dictionary())
->setWordList((new WordList())
->setWords(['jack@example.org', 'jill@example.org']));
// Specify the exclusion rule and build-in info type the inspection will look for.
$exclusionRule = (new ExclusionRule())
->setMatchingType(MatchingType::MATCHING_TYPE_FULL_MATCH)
->setDictionary($wordList);
$emailAddress = (new InfoType())
->setName('EMAIL_ADDRESS');
$inspectionRuleSet = (new InspectionRuleSet())
->setInfoTypes([$emailAddress])
->setRules([
(new InspectionRule())
->setExclusionRule($exclusionRule)
]);
$inspectConfig = (new InspectConfig())
->setInfoTypes([$emailAddress])
->setRuleSet([$inspectionRuleSet]);
// Define type of deidentification as replacement.
$primitiveTransformation = (new PrimitiveTransformation())
->setReplaceWithInfoTypeConfig(new ReplaceWithInfoTypeConfig());
// Associate de-identification type with info type.
$transformation = (new InfoTypeTransformation())
->setInfoTypes([$emailAddress])
->setPrimitiveTransformation($primitiveTransformation);
// Construct the configuration for the de-id request and list all desired transformations.
$deidentifyConfig = (new DeidentifyConfig())
->setInfoTypeTransformations(
(new InfoTypeTransformations())
->setTransformations([$transformation])
);
// Send the request and receive response from the service
$parent = "projects/$callingProjectId/locations/global";
$deidentifyContentRequest = (new DeidentifyContentRequest())
->setParent($parent)
->setDeidentifyConfig($deidentifyConfig)
->setInspectConfig($inspectConfig)
->setItem($contentItem);
$response = $dlp->deidentifyContent($deidentifyContentRequest);
// Print the results
printf('Text after replace with infotype config: %s', $response->getItem()->getValue());
}
Python
Informationen zum Installieren und Verwenden der Clientbibliothek für den Schutz sensibler Daten finden Sie unter Clientbibliotheken für den Schutz sensibler Daten.
Richten Sie Standardanmeldedaten für Anwendungen ein, um sich beim Schutz sensibler Daten zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten.
from typing import List
import google.cloud.dlp
def deidentify_with_exception_list(
project: str, content_string: str, info_types: List[str], exception_list: List[str]
) -> None:
"""Uses the Data Loss Prevention API to de-identify sensitive data in a
string but ignore matches against custom list.
Args:
project: The Google Cloud project id to use as a parent resource.
content_string: The string to deidentify (will be treated as text).
info_types: A list of strings representing info types to look for.
A full list of info type categories can be fetched from the API.
exception_list: The list of strings to ignore matches on.
Returns:
None; the response from the API is printed to the terminal.
"""
# Instantiate a client
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct a list of infoTypes for DLP to locate in `content_string`. See
# https://cloud.google.com/dlp/docs/concepts-infotypes for more information
# about supported infoTypes.
info_types = [{"name": info_type} for info_type in info_types]
# Construct a rule set that will only match on info_type
# if the matched text is not in the exception list.
rule_set = [
{
"info_types": info_types,
"rules": [
{
"exclusion_rule": {
"dictionary": {"word_list": {"words": exception_list}},
"matching_type": google.cloud.dlp_v2.MatchingType.MATCHING_TYPE_FULL_MATCH,
}
}
],
}
]
# Construct the configuration dictionary
inspect_config = {
"info_types": info_types,
"rule_set": rule_set,
}
# Construct deidentify configuration dictionary
deidentify_config = {
"info_type_transformations": {
"transformations": [
{"primitive_transformation": {"replace_with_info_type_config": {}}}
]
}
}
# Construct the `item`.
item = {"value": content_string}
# Convert the project id into a full resource id.
parent = f"projects/{project}/locations/global"
# Call the API
response = dlp.deidentify_content(
request={
"parent": parent,
"deidentify_config": deidentify_config,
"inspect_config": inspect_config,
"item": item,
}
)
# Print out the results.
print(response.item.value)
Nächste Schritte
Informationen zum Suchen und Filtern von Codebeispielen für andere Google Cloud-Produkte finden Sie im Google Cloud-Beispielbrowser.