이 샘플은 하이브리드 작업 트리거를 만들고 검사를 위해 예시 데이터를 전송합니다.
더 살펴보기
이 코드 샘플이 포함된 자세한 문서는 다음을 참조하세요.
코드 샘플
C#
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
using System;
using Google.Api.Gax.ResourceNames;
using Google.Api.Gax;
using Google.Cloud.Dlp.V2;
using Grpc.Core;
public class SendDataToTheHybridJobTrigger
{
public static DlpJob SendToHybridJobTrigger(
string projectId,
string jobTriggerId,
string text = null)
{
// Instantiate the dlp client.
var dlp = DlpServiceClient.Create();
// Construct the hybrid finding details which will be used as metadata with the content.
// Refer to this for more information: https://cloud.google.com/dlp/docs/reference/rpc/google.privacy.dlp.v2#google.privacy.dlp.v2.Container
var findingDetails = new HybridFindingDetails
{
ContainerDetails = new Container
{
FullPath = "10.0.0.2:logs1:aap1",
RelativePath = "app1",
RootPath = "10.0.0.2:logs1",
Type = "System Logs"
}
};
// Construct the hybrid content item using the finding details and text to be inspected.
var hybridContentItem = new HybridContentItem
{
Item = new ContentItem { Value = text ?? "My email is ariel@example.org and name is Ariel." },
FindingDetails = findingDetails
};
var jobTriggerName = new JobTriggerName(projectId, jobTriggerId);
// Construct the request to activate the Job Trigger.
var activate = new ActivateJobTriggerRequest
{
JobTriggerName = jobTriggerName
};
DlpJob triggerJob = null;
try
{
// Call the API to activate the trigger.
triggerJob = dlp.ActivateJobTrigger(activate);
}
catch (RpcException)
{
ListDlpJobsRequest listJobsRequest = new ListDlpJobsRequest
{
ParentAsLocationName = new LocationName(projectId, "global"),
Filter = $"trigger_name={jobTriggerName}"
};
PagedEnumerable<ListDlpJobsResponse, DlpJob> res = dlp.ListDlpJobs(listJobsRequest);
foreach (DlpJob j in res)
{
triggerJob = j;
}
}
// Construct the request using hybrid content item.
var request = new HybridInspectJobTriggerRequest
{
HybridItem = hybridContentItem,
JobTriggerName = jobTriggerName
};
// Call the API.
HybridInspectResponse _ = dlp.HybridInspectJobTrigger(request);
Console.WriteLine($"Hybrid job created successfully. Job name: {triggerJob.Name}");
return triggerJob;
}
}
Go
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
"log"
"time"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// inspectDataToHybridJobTrigger uses the Data Loss Prevention API to inspect sensitive
// information using Hybrid jobs trigger that scans payloads of data sent from
// virtually any source and stores findings in Google Cloud.
func inspectDataToHybridJobTrigger(w io.Writer, projectID, textToDeIdentify, jobTriggerName string) error {
// projectId := "your-project-id"
// jobTriggerName := "your-job-trigger-name"
// textToDeIdentify := "My email is test@example.org"
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify the content to be inspected.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Value{
Value: textToDeIdentify,
},
}
// Contains metadata to associate with the content.
// Refer to https://cloud.google.com/dlp/docs/reference/rpc/google.privacy.dlp.v2#container for specifying the paths in container object.
container := &dlppb.Container{
Type: "logging_sys",
FullPath: "10.0.0.2:logs1:app1",
RelativePath: "app1",
RootPath: "10.0.0.2:logs1",
Version: "1.2",
}
// Set the required label.
labels := map[string]string{
"env": "prod",
"appointment-bookings-comments": "",
}
hybridFindingDetails := &dlppb.HybridFindingDetails{
ContainerDetails: container,
Labels: labels,
}
hybridContentItem := &dlppb.HybridContentItem{
Item: contentItem,
FindingDetails: hybridFindingDetails,
}
// Activate the job trigger.
activateJobreq := &dlppb.ActivateJobTriggerRequest{
Name: jobTriggerName,
}
dlpJob, err := client.ActivateJobTrigger(ctx, activateJobreq)
if err != nil {
log.Printf("Error from return part %v", err)
return err
}
// Build the hybrid inspect request.
req := &dlppb.HybridInspectJobTriggerRequest{
Name: jobTriggerName,
HybridItem: hybridContentItem,
}
// Send the hybrid inspect request.
_, err = client.HybridInspectJobTrigger(ctx, req)
if err != nil {
return err
}
getDlpJobReq := &dlppb.GetDlpJobRequest{
Name: dlpJob.Name,
}
var result *dlppb.DlpJob
for i := 0; i < 5; i++ {
// Get DLP job
result, err = client.GetDlpJob(ctx, getDlpJobReq)
if err != nil {
fmt.Printf("Error getting DLP job: %v\n", err)
return err
}
// Check if processed bytes is greater than 0
if result.GetInspectDetails().GetResult().GetProcessedBytes() > 0 {
break
}
// Wait for 5 seconds before checking again
time.Sleep(5 * time.Second)
i++
}
fmt.Fprintf(w, "Job Name: %v\n", result.Name)
fmt.Fprintf(w, "Job State: %v\n", result.State)
inspectionResult := result.GetInspectDetails().GetResult()
fmt.Fprint(w, "Findings: \n")
for _, v := range inspectionResult.GetInfoTypeStats() {
fmt.Fprintf(w, "Infotype: %v\n", v.InfoType.Name)
fmt.Fprintf(w, "Likelihood: %v\n", v.GetCount())
}
fmt.Fprint(w, "successfully inspected data using hybrid job trigger ")
return nil
}
Java
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import com.google.api.gax.rpc.InvalidArgumentException;
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ActivateJobTriggerRequest;
import com.google.privacy.dlp.v2.Container;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DlpJob;
import com.google.privacy.dlp.v2.GetDlpJobRequest;
import com.google.privacy.dlp.v2.HybridContentItem;
import com.google.privacy.dlp.v2.HybridFindingDetails;
import com.google.privacy.dlp.v2.HybridInspectJobTriggerRequest;
import com.google.privacy.dlp.v2.InfoTypeStats;
import com.google.privacy.dlp.v2.InspectDataSourceDetails;
import com.google.privacy.dlp.v2.JobTriggerName;
import com.google.privacy.dlp.v2.ListDlpJobsRequest;
public class InspectDataToHybridJobTrigger {
public static void main(String[] args) throws Exception {
// TODO(developer): Replace these variables before running the sample.
// The Google Cloud project id to use as a parent resource.
String projectId = "your-project-id";
// The job trigger id used to for processing a hybrid job trigger.
String jobTriggerId = "your-job-trigger-id";
// The string to de-identify.
String textToDeIdentify = "My email is test@example.org and my name is Gary.";
inspectDataToHybridJobTrigger(textToDeIdentify, projectId, jobTriggerId);
}
// Inspects data using a hybrid job trigger.
// Hybrid jobs trigger allows to scan payloads of data sent from virtually any source for
// sensitive information and then store the findings in Google Cloud.
public static void inspectDataToHybridJobTrigger(
String textToDeIdentify, String projectId, String jobTriggerId) throws Exception {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlpClient = DlpServiceClient.create()) {
// Specify the content to be inspected.
ContentItem contentItem = ContentItem.newBuilder().setValue(textToDeIdentify).build();
// Contains metadata to associate with the content.
// Refer to https://cloud.google.com/dlp/docs/reference/rest/v2/Container for specifying the
// paths in container object.
Container container =
Container.newBuilder()
.setFullPath("10.0.0.2:logs1:app1")
.setRelativePath("app1")
.setRootPath("10.0.0.2:logs1")
.setType("logging_sys")
.setVersion("1.2")
.build();
HybridFindingDetails hybridFindingDetails =
HybridFindingDetails.newBuilder().setContainerDetails(container).build();
HybridContentItem hybridContentItem =
HybridContentItem.newBuilder()
.setItem(contentItem)
.setFindingDetails(hybridFindingDetails)
.build();
// Activate the job trigger.
ActivateJobTriggerRequest activateJobTriggerRequest =
ActivateJobTriggerRequest.newBuilder()
.setName(JobTriggerName.of(projectId, jobTriggerId).toString())
.build();
DlpJob dlpJob;
try {
dlpJob = dlpClient.activateJobTrigger(activateJobTriggerRequest);
} catch (InvalidArgumentException e) {
ListDlpJobsRequest request =
ListDlpJobsRequest.newBuilder()
.setParent(JobTriggerName.of(projectId, jobTriggerId).toString())
.setFilter("trigger_name=" + JobTriggerName.of(projectId, jobTriggerId).toString())
.build();
// Retrieve the DLP jobs triggered by the job trigger
DlpServiceClient.ListDlpJobsPagedResponse response = dlpClient.listDlpJobs(request);
dlpJob = response.getPage().getResponse().getJobs(0);
}
// Build the hybrid inspect request.
HybridInspectJobTriggerRequest request =
HybridInspectJobTriggerRequest.newBuilder()
.setName(JobTriggerName.of(projectId, jobTriggerId).toString())
.setHybridItem(hybridContentItem)
.build();
// Send the hybrid inspect request.
dlpClient.hybridInspectJobTrigger(request);
// Build a request to get the completed job
GetDlpJobRequest getDlpJobRequest =
GetDlpJobRequest.newBuilder().setName(dlpJob.getName()).build();
DlpJob result = null;
do {
result = dlpClient.getDlpJob(getDlpJobRequest);
Thread.sleep(5000);
} while (result.getInspectDetails().getResult().getProcessedBytes() <= 0);
System.out.println("Job status: " + result.getState());
System.out.println("Job name: " + result.getName());
// Parse the response and process results.
InspectDataSourceDetails.Result inspectionResult = result.getInspectDetails().getResult();
System.out.println("Findings: ");
for (InfoTypeStats infoTypeStat : inspectionResult.getInfoTypeStatsList()) {
System.out.println("\tInfoType: " + infoTypeStat.getInfoType().getName());
System.out.println("\tCount: " + infoTypeStat.getCount() + "\n");
}
}
}
}Node.js
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Instantiates a client
const dlpClient = new DLP.DlpServiceClient();
// The project ID to run the API call under.
// const projectId = "your-project-id";
// The string to de-identify
// const string = 'My email is test@example.org';
// Job Trigger ID
// const jobTriggerId = 'your-job-trigger-id';
async function inspectDataToHybridJobTrigger() {
// Contains metadata to associate with the content.
const container = {
full_path: '10.0.0.2:logs1:app1',
relative_path: 'app1',
root_path: '10.0.0.2:logs1',
type: 'logging_sys',
version: '1.2',
};
const labels = {env: 'prod', 'appointment-bookings-comments': ''};
// Build the hybrid content item.
const hybridContentItem = {
item: {value: string},
findingDetails: {
containerDetails: container,
labels,
},
};
let jobName;
const fullTriggerName = `projects/${projectId}/jobTriggers/${jobTriggerId}`;
// Activate the job trigger.
try {
const response = await dlpClient.activateJobTrigger({
name: fullTriggerName,
});
jobName = response[0].name;
} catch (err) {
console.log(err);
if (err.code === 3) {
const response = await dlpClient.listDlpJobs({
parent: fullTriggerName,
filter: `trigger_name=${fullTriggerName}`,
});
jobName = response[0][0].name;
}
// Ignore error related to job trigger already active
if (err.code !== 3) {
console.log(err.message);
return;
}
}
// Build the hybrid inspect request.
const request = {
name: `projects/${projectId}/jobTriggers/${jobTriggerId}`,
hybridItem: hybridContentItem,
};
// Send the hybrid inspect request.
await dlpClient.hybridInspectJobTrigger(request);
// Waiting for a maximum of 15 minutes for the job to get complete.
let job;
let numOfAttempts = 30;
while (numOfAttempts > 0) {
// Fetch DLP Job status
[job] = await dlpClient.getDlpJob({name: jobName});
if (job.state === 'FAILED') {
console.log('Job Failed, Please check the configuration.');
return;
}
// Check if the job has completed.
if (job.inspectDetails.result.processedBytes > 0) {
break;
}
// Sleep for a short duration before checking the job status again.
await new Promise(resolve => {
setTimeout(() => resolve(), 30000);
});
numOfAttempts -= 1;
}
// Finish the job once the inspection is complete.
await dlpClient.finishDlpJob({name: jobName});
// Print out the results.
const infoTypeStats = job.inspectDetails.result.infoTypeStats;
if (infoTypeStats.length > 0) {
infoTypeStats.forEach(infoTypeStat => {
console.log(
` Found ${infoTypeStat.count} instance(s) of infoType ${infoTypeStat.infoType.name}.`
);
});
} else {
console.log('No findings.');
}
}
await inspectDataToHybridJobTrigger();PHP
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
use Google\ApiCore\ApiException;
use Google\Cloud\Dlp\V2\Container;
use Google\Cloud\Dlp\V2\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\DlpJob\JobState;
use Google\Cloud\Dlp\V2\HybridContentItem;
use Google\Cloud\Dlp\V2\HybridFindingDetails;
/**
* Inspect data hybrid job trigger.
* Send data to the hybrid job or hybrid job trigger.
*
* @param string $callingProjectId The Google Cloud project id to use as a parent resource.
* @param string $string The string to inspect (will be treated as text).
*/
function inspect_send_data_to_hybrid_job_trigger(
// TODO(developer): Replace sample parameters before running the code.
string $callingProjectId,
string $jobTriggerId,
string $string
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$content = (new ContentItem())
->setValue($string);
$container = (new Container())
->setFullPath('10.0.0.2:logs1:app1')
->setRelativePath('app1')
->setRootPath('10.0.0.2:logs1')
->setType('logging_sys')
->setVersion('1.2');
$findingDetails = (new HybridFindingDetails())
->setContainerDetails($container)
->setLabels([
'env' => 'prod',
'appointment-bookings-comments' => ''
]);
$hybridItem = (new HybridContentItem())
->setItem($content)
->setFindingDetails($findingDetails);
$parent = "projects/$callingProjectId/locations/global";
$name = "projects/$callingProjectId/locations/global/jobTriggers/" . $jobTriggerId;
$triggerJob = null;
try {
$triggerJob = $dlp->activateJobTrigger($name);
} catch (ApiException $e) {
$result = $dlp->listDlpJobs($parent, ['filter' => 'trigger_name=' . $name]);
foreach ($result as $job) {
$triggerJob = $job;
}
}
$dlp->hybridInspectJobTrigger($name, [
'hybridItem' => $hybridItem,
]);
$numOfAttempts = 10;
do {
printf('Waiting for job to complete' . PHP_EOL);
sleep(10);
$job = $dlp->getDlpJob($triggerJob->getName());
if ($job->getState() != JobState::RUNNING) {
break;
}
$numOfAttempts--;
} while ($numOfAttempts > 0);
// Print finding counts.
printf('Job %s status: %s' . PHP_EOL, $job->getName(), JobState::name($job->getState()));
switch ($job->getState()) {
case JobState::DONE:
$infoTypeStats = $job->getInspectDetails()->getResult()->getInfoTypeStats();
if (count($infoTypeStats) === 0) {
printf('No findings.' . PHP_EOL);
} else {
foreach ($infoTypeStats as $infoTypeStat) {
printf(
' Found %s instance(s) of infoType %s' . PHP_EOL,
$infoTypeStat->getCount(),
$infoTypeStat->getInfoType()->getName()
);
}
}
break;
case JobState::FAILED:
printf('Job %s had errors:' . PHP_EOL, $job->getName());
$errors = $job->getErrors();
foreach ($errors as $error) {
var_dump($error->getDetails());
}
break;
case JobState::PENDING:
printf('Job has not completed. Consider a longer timeout or an asynchronous execution model' . PHP_EOL);
break;
default:
printf('Unexpected job state. Most likely, the job is either running or has not yet started.');
}
}Python
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import time
import google.cloud.dlp
def inspect_data_to_hybrid_job_trigger(
project: str,
trigger_id: str,
content_string: str,
) -> None:
"""
Uses the Data Loss Prevention API to inspect sensitive information
using Hybrid jobs trigger that scans payloads of data sent from
virtually any source and stores findings in Google Cloud.
Args:
project: The Google Cloud project id to use as a parent resource.
trigger_id: The job trigger identifier for hybrid job trigger.
content_string: The string to inspect.
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct the `item` to inspect.
item = {"value": content_string}
# Construct the container details that contains metadata to be
# associated with the content. For more details, please refer to
# https://cloud.google.com/dlp/docs/reference/rest/v2/Container
container_details = {
"full_path": "10.0.0.2:logs1:app1",
"relative_path": "app1",
"root_path": "10.0.0.2:logs1",
"type_": "logging_sys",
"version": "1.2",
}
# Construct hybrid inspection configuration.
hybrid_config = {
"item": item,
"finding_details": {
"container_details": container_details,
"labels": {
"env": "prod",
"appointment-bookings-comments": "",
},
},
}
# Convert the trigger id into a full resource id.
trigger_id = f"projects/{project}/jobTriggers/{trigger_id}"
# Activate the job trigger.
dlp_job = dlp.activate_job_trigger(request={"name": trigger_id})
# Call the API.
dlp.hybrid_inspect_job_trigger(
request={
"name": trigger_id,
"hybrid_item": hybrid_config,
}
)
# Get inspection job details.
job = dlp.get_dlp_job(request={"name": dlp_job.name})
# Wait for dlp job to get finished.
while job.inspect_details.result.processed_bytes <= 0:
time.sleep(5)
job = dlp.get_dlp_job(request={"name": dlp_job.name})
# Print the results.
print(f"Job name: {dlp_job.name}")
if job.inspect_details.result.info_type_stats:
for finding in job.inspect_details.result.info_type_stats:
print(f"Info type: {finding.info_type.name}; Count: {finding.count}")
else:
print("No findings.")
다음 단계
다른 Google Cloud 제품의 코드 샘플을 검색하고 필터링하려면 Google Cloud 샘플 브라우저를 참조하세요.