別の列の値に基づいて列を変換します。
もっと見る
このコードサンプルを含む詳細なドキュメントについては、以下をご覧ください。
コードサンプル
C#
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
public class DeidentifyTableUsingMaskingAndLogic
{
public static Table DeidentifyTable(
string projectId,
Table tableToInspect = null)
{
// Instantiate the client.
var dlp = DlpServiceClient.Create();
// Construct the table if null.
if (tableToInspect == null)
{
var row1 = new Value[]
{
new Value { StringValue = "101" },
new Value { StringValue = "Charles Dickens" },
new Value { StringValue = "95" },
new Value { StringValue = "Charles Dickens name was a curse invented by Shakespeare." }
};
var row2 = new Value[]
{
new Value { StringValue = "22" },
new Value { StringValue = "Jane Austin" },
new Value { StringValue = "21" },
new Value { StringValue = "There are 14 kisses in Jane Austen's novels." }
};
var row3 = new Value[]
{
new Value { StringValue = "55" },
new Value { StringValue = "Mark Twain" },
new Value { StringValue = "75" },
new Value { StringValue = "Mark Twain loved cats." }
};
tableToInspect = new Table
{
Headers =
{
new FieldId { Name = "AGE" },
new FieldId { Name = "PATIENT" },
new FieldId { Name = "HAPPINESS SCORE" },
new FieldId { Name = "FACTOID" }
},
Rows =
{
new Table.Types.Row { Values = { row1 } },
new Table.Types.Row { Values = { row2 } },
new Table.Types.Row { Values = { row3 } }
}
};
}
// Construct the table content item.
var contentItem = new ContentItem { Table = tableToInspect };
//Specify how the content should be de-identified.
var primitiveTransformation = new PrimitiveTransformation
{
CharacterMaskConfig = new CharacterMaskConfig
{
MaskingCharacter = "*"
}
};
// Specify the fields to be de-identified.
var fields = new FieldId[] { new FieldId { Name = "HAPPINESS SCORE" } };
// Specify when the above fields should be de-identified using condition.
var condition = new RecordCondition.Types.Conditions
{
Conditions_ =
{
new RecordCondition.Types.Condition
{
Field = new FieldId { Name = "AGE" },
Operator = RelationalOperator.GreaterThan,
Value = new Value { IntegerValue = 89 }
}
}
};
// Apply the condition to records
var recordCondition = new RecordCondition
{
Expressions = new RecordCondition.Types.Expressions
{
Conditions = condition
}
};
// Associate the de-identification and conditions with the specified fields.
var deidentifiedConfig = new DeidentifyConfig
{
RecordTransformations = new RecordTransformations
{
FieldTransformations =
{
new FieldTransformation
{
PrimitiveTransformation = primitiveTransformation,
Fields = { fields },
Condition = recordCondition
}
}
}
};
// Construct the request.
var request = new DeidentifyContentRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
DeidentifyConfig = deidentifiedConfig,
Item = contentItem
};
// Call the API.
var response = dlp.DeidentifyContent(request);
// Inspect the response.
Console.WriteLine(response.Item.Table);
return response.Item.Table;
}
}Go
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// deidentifyTableMaskingCondition de-identifies the table data using masking
// and conditional logic
func deidentifyTableMaskingCondition(w io.Writer, projectID string) error {
// projectId := "your-project-id"
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "22"}},
{Type: &dlppb.Value_StringValue{StringValue: "Jane Austen"}},
{Type: &dlppb.Value_StringValue{StringValue: "21"}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "55"}},
{Type: &dlppb.Value_StringValue{StringValue: "Mark Twain"}},
{Type: &dlppb.Value_StringValue{StringValue: "75"}},
},
}
row3 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "101"}},
{Type: &dlppb.Value_StringValue{StringValue: "Charles Dickens"}},
{Type: &dlppb.Value_StringValue{StringValue: "95"}},
},
}
table := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "AGE"},
{Name: "PATIENT"},
{Name: "HAPPINESS SCORE"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
{Values: row3.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: table,
},
}
// Specify how the content should be de-identified.
charMaskConfig := &dlppb.CharacterMaskConfig{
MaskingCharacter: "*",
}
primitiveTransformation := &dlppb.PrimitiveTransformation_CharacterMaskConfig{
CharacterMaskConfig: charMaskConfig,
}
// Specify field to be de-identified.
fieldId := &dlppb.FieldId{
Name: "HAPPINESS SCORE",
}
// Apply the condition to the records present in table.
recordCondition := &dlppb.RecordCondition_Condition{
Field: fieldId,
Operator: dlppb.RelationalOperator_GREATER_THAN,
Value: &dlppb.Value{
Type: &dlppb.Value_IntegerValue{
IntegerValue: 89,
},
},
}
expression := &dlppb.RecordCondition_Expressions{
Type: &dlppb.RecordCondition_Expressions_Conditions{
Conditions: &dlppb.RecordCondition_Conditions{
Conditions: []*dlppb.RecordCondition_Condition{
recordCondition,
},
},
},
}
// Specify when the above field should be de-identified.
condition := &dlppb.RecordCondition{
// Apply the condition to records
Expressions: expression,
}
// Associate the de-identification and conditions with the specified field.
fieldTransformation := &dlppb.FieldTransformation{
Fields: []*dlppb.FieldId{
fieldId,
},
Transformation: &dlppb.FieldTransformation_PrimitiveTransformation{
PrimitiveTransformation: &dlppb.PrimitiveTransformation{
Transformation: primitiveTransformation,
},
},
Condition: condition,
}
recordTransformations := &dlppb.RecordTransformations{
FieldTransformations: []*dlppb.FieldTransformation{
fieldTransformation,
},
}
// Combine configurations into a request for the service.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
},
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}
Java
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.CharacterMaskConfig;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
public class DeIdentifyTableConditionMasking {
public static void main(String[] args) throws IOException {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
Table tableToDeIdentify =
Table.newBuilder()
.addHeaders(FieldId.newBuilder().setName("AGE").build())
.addHeaders(FieldId.newBuilder().setName("PATIENT").build())
.addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("101").build())
.addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
.addValues(Value.newBuilder().setStringValue("95").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("22").build())
.addValues(Value.newBuilder().setStringValue("Jane Austen").build())
.addValues(Value.newBuilder().setStringValue("21").build())
.build())
.addRows(
Row.newBuilder()
.addValues(Value.newBuilder().setStringValue("55").build())
.addValues(Value.newBuilder().setStringValue("Mark Twain").build())
.addValues(Value.newBuilder().setStringValue("75").build())
.build())
.build();
deIdentifyTableConditionMasking(projectId, tableToDeIdentify);
}
public static Table deIdentifyTableConditionMasking(String projectId, Table tableToDeIdentify)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to de-identify.
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify how the content should be de-identified.
CharacterMaskConfig characterMaskConfig =
CharacterMaskConfig.newBuilder().setMaskingCharacter("*").build();
PrimitiveTransformation primitiveTransformation =
PrimitiveTransformation.newBuilder().setCharacterMaskConfig(characterMaskConfig).build();
// Specify field to be de-identified.
FieldId fieldId = FieldId.newBuilder().setName("HAPPINESS SCORE").build();
// Specify when the above field should be de-identified.
Condition condition =
Condition.newBuilder()
.setField(FieldId.newBuilder().setName("AGE").build())
.setOperator(RelationalOperator.GREATER_THAN)
.setValue(Value.newBuilder().setIntegerValue(89).build())
.build();
// Apply the condition to records
RecordCondition recordCondition =
RecordCondition.newBuilder()
.setExpressions(
Expressions.newBuilder()
.setConditions(Conditions.newBuilder().addConditions(condition).build())
.build())
.build();
// Associate the de-identification and conditions with the specified field.
FieldTransformation fieldTransformation =
FieldTransformation.newBuilder()
.setPrimitiveTransformation(primitiveTransformation)
.addFields(fieldId)
.setCondition(recordCondition)
.build();
RecordTransformations transformations =
RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();
DeidentifyConfig deidentifyConfig =
DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
return response.getItem().getTable();
}
}
}Node.js
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Initialize google DLP Client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// Construct the tabular data
const tablularData = {
headers: [{name: 'AGE'}, {name: 'PATIENT'}, {name: 'HAPPINESS SCORE'}],
rows: [
{
values: [
{integerValue: 101},
{stringValue: 'Charles Dickens'},
{integerValue: 95},
],
},
{
values: [
{integerValue: 22},
{stringValue: 'Jane Austen'},
{integerValue: 21},
],
},
{
values: [
{integerValue: 55},
{stringValue: 'Mark Twain'},
{integerValue: 75},
],
},
],
};
async function deIdentifyTableConditionalCharMasking() {
// Column that needs to be transformed
const fieldIds = [{name: 'HAPPINESS SCORE'}];
// Construct PrimitiveTransformation configuration
const primitiveTransformation = {
characterMaskConfig: {
maskingCharacter: '*',
},
};
// Construct condition
const condition = {
expressions: {
conditions: {
conditions: [
{
field: {name: 'AGE'},
operator: 'GREATER_THAN',
value: {integerValue: 89},
},
],
},
},
};
// Construct RecordTransformations configurations
const recordTransformations = {
fieldTransformations: [
{
primitiveTransformation,
fields: fieldIds,
condition,
},
],
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
item: {
table: tablularData,
},
deidentifyConfig: {
recordTransformations,
},
};
// Send the request and receive response from the service
const [response] = await dlp.deidentifyContent(request);
// Print the results
console.log(
`Table after de-identification: ${JSON.stringify(response.item.table)}`
);
}
deIdentifyTableConditionalCharMasking();PHP
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
use Google\Cloud\Dlp\V2\CharacterMaskConfig;
use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\DeidentifyConfig;
use Google\Cloud\Dlp\V2\DeidentifyContentRequest;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\FieldTransformation;
use Google\Cloud\Dlp\V2\PrimitiveTransformation;
use Google\Cloud\Dlp\V2\RecordCondition;
use Google\Cloud\Dlp\V2\RecordCondition\Condition;
use Google\Cloud\Dlp\V2\RecordCondition\Conditions;
use Google\Cloud\Dlp\V2\RecordCondition\Expressions;
use Google\Cloud\Dlp\V2\RecordTransformations;
use Google\Cloud\Dlp\V2\RelationalOperator;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\Value;
/**
* De-identify table data using masking and conditional logic.
* Transform a column based on the value of another column.
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $inputCsvFile The input file(csv) path to deidentify
* @param string $outputCsvFile The oupt file path to save deidentify content
*/
function deidentify_table_condition_masking(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $inputCsvFile = './test/data/table2.csv',
string $outputCsvFile = './test/data/deidentify_table_condition_masking_output.csv'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$parent = "projects/$callingProjectId/locations/global";
// Read a CSV file
$csvLines = file($inputCsvFile, FILE_IGNORE_NEW_LINES);
$csvHeaders = explode(',', $csvLines[0]);
$csvRows = array_slice($csvLines, 1);
// Convert CSV file into protobuf objects
$tableHeaders = array_map(function ($csvHeader) {
return (new FieldId)
->setName($csvHeader);
}, $csvHeaders);
$tableRows = array_map(function ($csvRow) {
$rowValues = array_map(function ($csvValue) {
return (new Value())
->setStringValue($csvValue);
}, explode(',', $csvRow));
return (new Row())
->setValues($rowValues);
}, $csvRows);
// Construct the table object
$tableToDeIdentify = (new Table())
->setHeaders($tableHeaders)
->setRows($tableRows);
// Specify what content you want the service to de-identify.
$content = (new ContentItem())
->setTable($tableToDeIdentify);
// Specify how the content should be de-identified.
$characterMaskConfig = (new CharacterMaskConfig())
->setMaskingCharacter('*');
$primitiveTransformation = (new PrimitiveTransformation())
->setCharacterMaskConfig($characterMaskConfig);
// Specify field to be de-identified.
$fieldId = (new FieldId())
->setName('HAPPINESS_SCORE');
// Specify when the above fields should be de-identified.
$condition = (new Condition())
->setField((new FieldId())
->setName('AGE'))
->setOperator(RelationalOperator::GREATER_THAN)
->setValue((new Value())
->setIntegerValue(89));
// Apply the condition to records
$recordCondition = (new RecordCondition())
->setExpressions((new Expressions())
->setConditions((new Conditions())
->setConditions([$condition])
)
);
// Associate the de-identification and conditions with the specified fields.
$fieldTransformation = (new FieldTransformation())
->setPrimitiveTransformation($primitiveTransformation)
->setFields([$fieldId])
->setCondition($recordCondition);
$recordtransformations = (new RecordTransformations())
->setFieldTransformations([$fieldTransformation]);
$deidentifyConfig = (new DeidentifyConfig())
->setRecordTransformations($recordtransformations);
// Run request
$deidentifyContentRequest = (new DeidentifyContentRequest())
->setParent($parent)
->setDeidentifyConfig($deidentifyConfig)
->setItem($content);
$response = $dlp->deidentifyContent($deidentifyContentRequest);
// Print results
$csvRef = fopen($outputCsvFile, 'w');
fputcsv($csvRef, $csvHeaders);
foreach ($response->getItem()->getTable()->getRows() as $tableRow) {
$values = array_map(function ($tableValue) {
return $tableValue->getStringValue();
}, iterator_to_array($tableRow->getValues()));
fputcsv($csvRef, $values);
};
printf('After de-identify the table data (Output File Location): %s', $outputCsvFile);
}Python
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
from typing import Dict, List, Union
import google.cloud.dlp
from google.cloud.dlp_v2 import types
def deidentify_table_condition_masking(
project: str,
table_data: Dict[str, Union[List[str], List[List[str]]]],
deid_content_list: List[str],
condition_field: str = None,
condition_operator: str = None,
condition_value: int = None,
masking_character: str = None,
) -> types.dlp.Table:
""" Uses the Data Loss Prevention API to de-identify sensitive data in a
table by masking them based on a condition.
Args:
project: The Google Cloud project id to use as a parent resource.
table_data: Json string representing table data.
deid_content_list: A list of fields in table to de-identify.
condition_field: A table Field within the record this condition is evaluated against.
condition_operator: Operator used to compare the field or infoType to the value. One of:
RELATIONAL_OPERATOR_UNSPECIFIED, EQUAL_TO, NOT_EQUAL_TO, GREATER_THAN, LESS_THAN, GREATER_THAN_OR_EQUALS,
LESS_THAN_OR_EQUALS, EXISTS.
condition_value: Value to compare against. [Mandatory, except for ``EXISTS`` tests.].
masking_character: The character to mask matching sensitive data with.
Returns:
De-identified table is returned;
the response from the API is also printed to the terminal.
Example:
>> $ python deidentify_table_condition_masking.py \
'{"header": ["email", "phone number", "age", "happiness_score"],
"rows": [["robertfrost@example.com", "4232342345", "35", "21"],
["johndoe@example.com", "4253458383", "64", "34"]]}' \
["happiness_score"] "age" "GREATER_THAN" 50
>> '{"header": ["email", "phone number", "age", "happiness_score"],
"rows": [["robertfrost@example.com", "4232342345", "35", "21"],
["johndoe@example.com", "4253458383", "64", "**"]]}'
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct the `table`. For more details on the table schema, please see
# https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
headers = [{"name": val} for val in table_data["header"]]
rows = []
for row in table_data["rows"]:
rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
table = {"headers": headers, "rows": rows}
# Construct the `item`
item = {"table": table}
# Specify fields to be de-identified
deid_content_list = [{"name": _i} for _i in deid_content_list]
# Construct condition list
condition = [
{
"field": {"name": condition_field},
"operator": condition_operator,
"value": {"integer_value": condition_value},
}
]
# Construct deidentify configuration dictionary
deidentify_config = {
"record_transformations": {
"field_transformations": [
{
"primitive_transformation": {
"character_mask_config": {
"masking_character": masking_character
}
},
"fields": deid_content_list,
"condition": {
"expressions": {"conditions": {"conditions": condition}}
},
}
]
}
}
# Convert the project id into a full resource id.
parent = f"projects/{project}/locations/global"
# Call the API.
response = dlp.deidentify_content(
request={"parent": parent, "deidentify_config": deidentify_config, "item": item}
)
# Print the result
print(f"Table after de-identification: {response.item.table}")
# Return the response
return response.item.table
次のステップ
他の Google Cloud プロダクトに関連するコードサンプルの検索およびフィルタ検索を行うには、Google Cloud のサンプルをご覧ください。