Transformer une colonne en fonction de la valeur d'une autre colonne
En savoir plus
Pour obtenir une documentation détaillée incluant cet exemple de code, consultez les articles suivants :
Exemple de code
C#
Pour savoir comment installer et utiliser la bibliothèque cliente pour la protection des données sensibles, consultez Bibliothèques clientes pour la protection des données sensibles.
Pour vous authentifier auprès de la protection des données sensibles, configurez les Identifiants par défaut de l'application. Pour en savoir plus, consultez Configurer l'authentification pour un environnement de développement local.
using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyTableUsingMaskingAndLogic
{
public static Table DeidentifyTable(
string projectId,
Table tableToInspect = null)
{
// Instantiate the client.
var dlp = DlpServiceClient.Create();
// Construct the table if null.
if (tableToInspect == null)
{
var row1 = new Value[]
{
new Value { StringValue = "101" },
new Value { StringValue = "Charles Dickens" },
new Value { StringValue = "95" },
new Value { StringValue = "Charles Dickens name was a curse invented by Shakespeare." }
};
var row2 = new Value[]
{
new Value { StringValue = "22" },
new Value { StringValue = "Jane Austin" },
new Value { StringValue = "21" },
new Value { StringValue = "There are 14 kisses in Jane Austen's novels." }
};
var row3 = new Value[]
{
new Value { StringValue = "55" },
new Value { StringValue = "Mark Twain" },
new Value { StringValue = "75" },
new Value { StringValue = "Mark Twain loved cats." }
};
tableToInspect = new Table
{
Headers =
{
new FieldId { Name = "AGE" },
new FieldId { Name = "PATIENT" },
new FieldId { Name = "HAPPINESS SCORE" },
new FieldId { Name = "FACTOID" }
},
Rows =
{
new Table.Types.Row { Values = { row1 } },
new Table.Types.Row { Values = { row2 } },
new Table.Types.Row { Values = { row3 } }
}
};
}
// Construct the table content item.
var contentItem = new ContentItem { Table = tableToInspect };
//Specify how the content should be de-identified.
var primitiveTransformation = new PrimitiveTransformation
{
CharacterMaskConfig = new CharacterMaskConfig
{
MaskingCharacter = "*"
}
};
// Specify the fields to be de-identified.
var fields = new FieldId[] { new FieldId { Name = "HAPPINESS SCORE" } };
// Specify when the above fields should be de-identified using condition.
var condition = new RecordCondition.Types.Conditions
{
Conditions_ =
{
new RecordCondition.Types.Condition
{
Field = new FieldId { Name = "AGE" },
Operator = RelationalOperator.GreaterThan,
Value = new Value { IntegerValue = 89 }
}
}
};
// Apply the condition to records
var recordCondition = new RecordCondition
{
Expressions = new RecordCondition.Types.Expressions
{
Conditions = condition
}
};
// Associate the de-identification and conditions with the specified fields.
var deidentifiedConfig = new DeidentifyConfig
{
RecordTransformations = new RecordTransformations
{
FieldTransformations =
{
new FieldTransformation
{
PrimitiveTransformation = primitiveTransformation,
Fields = { fields },
Condition = recordCondition
}
}
}
};
// Construct the request.
var request = new DeidentifyContentRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
DeidentifyConfig = deidentifiedConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the response.
Console.WriteLine(response.Item.Table);
return response.Item.Table;
}
}
Go
Pour savoir comment installer et utiliser la bibliothèque cliente pour la protection des données sensibles, consultez Bibliothèques clientes pour la protection des données sensibles.
Pour vous authentifier auprès de la protection des données sensibles, configurez les Identifiants par défaut de l'application. Pour en savoir plus, consultez Configurer l'authentification pour un environnement de développement local.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyTableMaskingCondition de-identifies the table data using masking
// and conditional logic
func deidentifyTableMaskingCondition(w io.Writer, projectID string) error {
// projectId := "your-project-id"
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "22"}},
{Type: &dlppb.Value_StringValue{StringValue: "Jane Austen"}},
{Type: &dlppb.Value_StringValue{StringValue: "21"}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "55"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain"}},
{Type: &dlppb.Value_StringValue{StringValue: "75"}},
},
}
row3 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "101"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens"}},
{Type: &dlppb.Value_StringValue{StringValue: "95"}},
},
}
table := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "AGE"},
{Name: "PATIENT"},
{Name: "HAPPINESS SCORE"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
{Values: row3.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: table,
},
}
// Specify how the content should be de-identified.
charMaskConfig := &dlppb.CharacterMaskConfig{
MaskingCharacter: "*",
}
primitiveTransformation := &dlppb.PrimitiveTransformation_CharacterMaskConfig{
CharacterMaskConfig: charMaskConfig,
}
// Specify field to be de-identified.
fieldId := &dlppb.FieldId{
Name: "HAPPINESS SCORE",
}
// Apply the condition to the records present in table.
recordCondition := &dlppb.RecordCondition_Condition{
Field: fieldId,
Operator: dlppb.RelationalOperator_GREATER_THAN,
Value: &dlppb.Value{
Type: &dlppb.Value_IntegerValue{
IntegerValue: 89,
},
},
}
expression := &dlppb.RecordCondition_Expressions{
Type: &dlppb.RecordCondition_Expressions_Conditions{
Conditions: &dlppb.RecordCondition_Conditions{
Conditions: []*dlppb.RecordCondition_Condition{
recordCondition,
},
},
},
}
// Specify when the above field should be de-identified.
condition := &dlppb.RecordCondition{
// Apply the condition to records
Expressions: expression,
}
// Associate the de-identification and conditions with the specified field.
fieldTransformation := &dlppb.FieldTransformation{
Fields: []*dlppb.FieldId{
fieldId,
},
Transformation: &dlppb.FieldTransformation_PrimitiveTransformation{
PrimitiveTransformation: &dlppb.PrimitiveTransformation{
Transformation: primitiveTransformation,
},
},
Condition: condition,
}
recordTransformations := &dlppb.RecordTransformations{
FieldTransformations: []*dlppb.FieldTransformation{
fieldTransformation,
},
}
// Combine configurations into a request for the service.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
},
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}
Java
Pour savoir comment installer et utiliser la bibliothèque cliente pour la protection des données sensibles, consultez Bibliothèques clientes pour la protection des données sensibles.
Pour vous authentifier auprès de la protection des données sensibles, configurez les Identifiants par défaut de l'application. Pour en savoir plus, consultez Configurer l'authentification pour un environnement de développement local.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.CharacterMaskConfig;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
public class DeIdentifyTableConditionMasking {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
Table tableToDeIdentify =
Table.newBuilder()
.addHeaders(FieldId.newBuilder().setName("AGE").build())
.addHeaders(FieldId.newBuilder().setName("PATIENT").build())
.addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("101").build())
.addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
.addValues(Value.newBuilder().setStringValue("95").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("22").build())
.addValues(Value.newBuilder().setStringValue("Jane Austen").build())
.addValues(Value.newBuilder().setStringValue("21").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("55").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain").build())
.addValues(Value.newBuilder().setStringValue("75").build())
.build())
.build();
deIdentifyTableConditionMasking(projectId, tableToDeIdentify);
}
public static Table deIdentifyTableConditionMasking(String projectId, Table tableToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to de-identify.
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify how the content should be de-identified.
CharacterMaskConfig characterMaskConfig =
CharacterMaskConfig.newBuilder().setMaskingCharacter("*").build();
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder().setCharacterMaskConfig(characterMaskConfig).build();
// Specify field to be de-identified.
FieldId fieldId = FieldId.newBuilder().setName("HAPPINESS SCORE").build();
// Specify when the above field should be de-identified.
Condition condition =
Condition.newBuilder()
.setField(FieldId.newBuilder().setName("AGE").build())
.setOperator(RelationalOperator.GREATER_THAN)
.setValue(Value.newBuilder().setIntegerValue(89).build())
.build();
// Apply the condition to records
RecordCondition recordCondition =
RecordCondition.newBuilder()
.setExpressions(
Expressions.newBuilder()
.setConditions(Conditions.newBuilder().addConditions(condition).build())
.build())
.build();
// Associate the de-identification and conditions with the specified field.
FieldTransformation fieldTransformation =
FieldTransformation.newBuilder()
.setPrimitiveTransformation(primitiveTransformation)
.addFields(fieldId)
.setCondition(recordCondition)
.build();
RecordTransformations transformations =
RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
return response.getItem().getTable();
}
}
}
Node.js
Pour savoir comment installer et utiliser la bibliothèque cliente pour la protection des données sensibles, consultez Bibliothèques clientes pour la protection des données sensibles.
Pour vous authentifier auprès de la protection des données sensibles, configurez les Identifiants par défaut de l'application. Pour en savoir plus, consultez Configurer l'authentification pour un environnement de développement local.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize google DLP Client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// Construct the tabular data
const tablularData = {
headers: [{name: 'AGE'}, {name: 'PATIENT'}, {name: 'HAPPINESS SCORE'}],
rows: [
{
values: [
{integerValue: 101},
{stringValue: 'Charles Dickens'},
{integerValue: 95},
],
},
{
values: [
{integerValue: 22},
{stringValue: 'Jane Austen'},
{integerValue: 21},
],
},
{
values: [
{integerValue: 55},
{stringValue: 'Mark Twain'},
{integerValue: 75},
],
},
],
};
async function deIdentifyTableConditionalCharMasking() {
// Column that needs to be transformed
const fieldIds = [{name: 'HAPPINESS SCORE'}];
// Construct PrimitiveTransformation configuration
const primitiveTransformation = {
characterMaskConfig: {
maskingCharacter: '*',
},
};
// Construct condition
const condition = {
expressions: {
conditions: {
conditions: [
{
field: {name: 'AGE'},
operator: 'GREATER_THAN',
value: {integerValue: 89},
},
],
},
},
};
// Construct RecordTransformations configurations
const recordTransformations = {
fieldTransformations: [
{
primitiveTransformation,
fields: fieldIds,
condition,
},
],
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: {
table: tablularData,
},
deidentifyConfig: {
recordTransformations,
},
};
// Send the request and receive response from the service
const [response] = await dlp.deidentifyContent(request);
// Print the results
console.log(
`Table after de-identification: ${JSON.stringify(response.item.table)}`
);
}
deIdentifyTableConditionalCharMasking();
PHP
Pour savoir comment installer et utiliser la bibliothèque cliente pour la protection des données sensibles, consultez Bibliothèques clientes pour la protection des données sensibles.
Pour vous authentifier auprès de la protection des données sensibles, configurez les Identifiants par défaut de l'application. Pour en savoir plus, consultez Configurer l'authentification pour un environnement de développement local.
use Google\Cloud\Dlp\V2\CharacterMaskConfig;
use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\DeidentifyContentRequest;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\FieldTransformation;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\RecordCondition;
use Google\Cloud\Dlp\V2\RecordCondition\Condition;
use Google\Cloud\Dlp\V2\RecordCondition\Conditions;
use Google\Cloud\Dlp\V2\RecordCondition\Expressions;
use Google\Cloud\Dlp\V2\RecordTransformations;
use Google\Cloud\Dlp\V2\RelationalOperator;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\Value;
/**
* De-identify table data using masking and conditional logic.
* Transform a column based on the value of another column.
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $inputCsvFile The input file(csv) path to deidentify
* @param string $outputCsvFile The oupt file path to save deidentify content
*/
function deidentify_table_condition_masking(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $inputCsvFile = './test/data/table2.csv',
string $outputCsvFile = './test/data/deidentify_table_condition_masking_output.csv'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$parent = "projects/$callingProjectId/locations/global";
// Read a CSV file
$csvLines = file($inputCsvFile, FILE_IGNORE_NEW_LINES);
$csvHeaders = explode(',', $csvLines[0]);
$csvRows = array_slice($csvLines, 1);
// Convert CSV file into protobuf objects
$tableHeaders = array_map(function ($csvHeader) {
return (new FieldId)
->setName($csvHeader);
}, $csvHeaders);
$tableRows = array_map(function ($csvRow) {
$rowValues = array_map(function ($csvValue) {
return (new Value())
->setStringValue($csvValue);
}, explode(',', $csvRow));
return (new Row())
->setValues($rowValues);
}, $csvRows);
// Construct the table object
$tableToDeIdentify = (new Table())
->setHeaders($tableHeaders)
->setRows($tableRows);
// Specify what content you want the service to de-identify.
$content = (new ContentItem())
->setTable($tableToDeIdentify);
// Specify how the content should be de-identified.
$characterMaskConfig = (new CharacterMaskConfig())
->setMaskingCharacter('*');
$primitiveTransformation = (new PrimitiveTransformation())
->setCharacterMaskConfig($characterMaskConfig);
// Specify field to be de-identified.
$fieldId = (new FieldId())
->setName('HAPPINESS_SCORE');
// Specify when the above fields should be de-identified.
$condition = (new Condition())
->setField((new FieldId())
->setName('AGE'))
->setOperator(RelationalOperator::GREATER_THAN)
->setValue((new Value())
->setIntegerValue(89));
// Apply the condition to records
$recordCondition = (new RecordCondition())
->setExpressions((new Expressions())
->setConditions((new Conditions())
->setConditions([$condition])
)
);
// Associate the de-identification and conditions with the specified fields.
$fieldTransformation = (new FieldTransformation())
->setPrimitiveTransformation($primitiveTransformation)
->setFields([$fieldId])
->setCondition($recordCondition);
$recordtransformations = (new RecordTransformations())
->setFieldTransformations([$fieldTransformation]);
$deidentifyConfig = (new DeidentifyConfig())
->setRecordTransformations($recordtransformations);
// Run request
$deidentifyContentRequest = (new DeidentifyContentRequest())
->setParent($parent)
->setDeidentifyConfig($deidentifyConfig)
->setItem($content);
$response = $dlp->deidentifyContent($deidentifyContentRequest);
// Print results
$csvRef = fopen($outputCsvFile, 'w');
fputcsv($csvRef, $csvHeaders);
foreach ($response->getItem()->getTable()->getRows() as $tableRow) {
$values = array_map(function ($tableValue) {
return $tableValue->getStringValue();
}, iterator_to_array($tableRow->getValues()));
fputcsv($csvRef, $values);
};
printf('After de-identify the table data (Output File Location): %s', $outputCsvFile);
}
Python
Pour savoir comment installer et utiliser la bibliothèque cliente pour la protection des données sensibles, consultez Bibliothèques clientes pour la protection des données sensibles.
Pour vous authentifier auprès de la protection des données sensibles, configurez les Identifiants par défaut de l'application. Pour en savoir plus, consultez Configurer l'authentification pour un environnement de développement local.
from typing import Dict, List, Union
import google.cloud.dlp
from google.cloud.dlp_v2 import types
def deidentify_table_condition_masking(
project: str,
table_data: Dict[str, Union[List[str], List[List[str]]]],
deid_content_list: List[str],
condition_field: str = None,
condition_operator: str = None,
condition_value: int = None,
masking_character: str = None,
) -> types.dlp.Table:
""" Uses the Data Loss Prevention API to de-identify sensitive data in a
table by masking them based on a condition.
Args:
project: The Google Cloud project id to use as a parent resource.
table_data: Json string representing table data.
deid_content_list: A list of fields in table to de-identify.
condition_field: A table Field within the record this condition is evaluated against.
condition_operator: Operator used to compare the field or infoType to the value. One of:
RELATIONAL_OPERATOR_UNSPECIFIED, EQUAL_TO, NOT_EQUAL_TO, GREATER_THAN, LESS_THAN, GREATER_THAN_OR_EQUALS,
LESS_THAN_OR_EQUALS, EXISTS.
condition_value: Value to compare against. [Mandatory, except for ``EXISTS`` tests.].
masking_character: The character to mask matching sensitive data with.
Returns:
De-identified table is returned;
the response from the API is also printed to the terminal.
Example:
>> $ python deidentify_table_condition_masking.py \
'{"header": ["email", "phone number", "age", "happiness_score"],
"rows": [["robertfrost@example.com", "4232342345", "35", "21"],
["johndoe@example.com", "4253458383", "64", "34"]]}' \
["happiness_score"] "age" "GREATER_THAN" 50
>> '{"header": ["email", "phone number", "age", "happiness_score"],
"rows": [["robertfrost@example.com", "4232342345", "35", "21"],
["johndoe@example.com", "4253458383", "64", "**"]]}'
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct the `table`. For more details on the table schema, please see
# https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
headers = [{"name": val} for val in table_data["header"]]
rows = []
for row in table_data["rows"]:
rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
table = {"headers": headers, "rows": rows}
# Construct the `item`
item = {"table": table}
# Specify fields to be de-identified
deid_content_list = [{"name": _i} for _i in deid_content_list]
# Construct condition list
condition = [
{
"field": {"name": condition_field},
"operator": condition_operator,
"value": {"integer_value": condition_value},
}
]
# Construct deidentify configuration dictionary
deidentify_config = {
"record_transformations": {
"field_transformations": [
{
"primitive_transformation": {
"character_mask_config": {
"masking_character": masking_character
}
},
"fields": deid_content_list,
"condition": {
"expressions": {"conditions": {"conditions": condition}}
},
}
]
}
}
# Convert the project id into a full resource id.
parent = f"projects/{project}/locations/global"
# Call the API.
response = dlp.deidentify_content(
request={"parent": parent, "deidentify_config": deidentify_config, "item": item}
)
# Print the result
print(f"Table after de-identification: {response.item.table}")
# Return the response
return response.item.table
Étapes suivantes
Pour rechercher et filtrer des exemples de code pour d'autres produits Google Cloud, consultez l'exemple de navigateur Google Cloud.