DOMAIN_NAME 検出器スキャンでメールアドレスの一部であるドメイン名の一致を除外します。
もっと見る
このコードサンプルを含む詳細なドキュメントについては、以下をご覧ください。
コードサンプル
C#
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
using System.Linq;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
using static Google.Cloud.Dlp.V2.CustomInfoType.Types;
public class InspectStringWithoutOverlap
{
public static InspectContentResponse Inspect(string projectId, string textToInspect)
{
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
var dlp = DlpServiceClient.Create();
// Specify the type and content to be inspected.
var byteContentItem = new ByteContentItem
{
Type = ByteContentItem.Types.BytesType.TextUtf8,
Data = Google.Protobuf.ByteString.CopyFromUtf8(textToInspect)
};
var contentItem = new ContentItem
{
ByteItem = byteContentItem
};
// Specify the type of info the inspection will look for.
// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types.
var infoTypes = new string[] { "DOMAIN_NAME", "EMAIL_ADDRESS" }.Select(it => new InfoType { Name = it });
// Define a custom info type to exclude email addresses
var customInfoType = new CustomInfoType
{
InfoType = new InfoType { Name = "EMAIL_ADDRESS" },
ExclusionType = ExclusionType.Exclude
};
// Exclude EMAIL_ADDRESS matches
var exclusionRule = new ExclusionRule
{
ExcludeInfoTypes = new ExcludeInfoTypes
{
InfoTypes = { new InfoType { Name = "EMAIL_ADDRESS" } }
},
MatchingType = MatchingType.PartialMatch
};
// Construct a ruleset that applies the exclusion rule to the DOMAIN_NAME infotype.
// If a DOMAIN_NAME match is part of an EMAIL_ADDRESS match, the DOMAIN_NAME match will
// be excluded.
var ruleSet = new InspectionRuleSet
{
InfoTypes = { new InfoType { Name = "DOMAIN_NAME" } },
Rules = { new InspectionRule { ExclusionRule = exclusionRule } }
};
// Construct the configuration for the Inspect request, including the ruleset.
var config = new InspectConfig
{
InfoTypes = { infoTypes },
CustomInfoTypes = { customInfoType },
IncludeQuote = true,
RuleSet = { ruleSet }
};
// Construct the Inspect request to be sent by the client.
var request = new InspectContentRequest
{
Parent = new LocationName(projectId, "global").ToString(),
Item = contentItem,
InspectConfig = config
};
// Use the client to send the API request.
var response = dlp.InspectContent(request);
return response;
}
}Go
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
)
// inspectStringWithoutOverlap inspects a string for sensitive data
// and omit overlapping matches on domain and email
func inspectStringWithoutOverlap(w io.Writer, projectID, textToInspect string) error {
// projectID := "my-project-id"
// textToInspect := "example.com is a domain, james@example.org is an email."
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify the type and content to be inspected.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_ByteItem{
ByteItem: &dlppb.ByteContentItem{
Type: dlppb.ByteContentItem_TEXT_UTF8,
Data: []byte(textToInspect),
},
},
}
// Specify the type of info the inspection will look for.
// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types.
infoTypes := []*dlppb.InfoType{
{Name: "DOMAIN_NAME"},
{Name: "EMAIL_ADDRESS"},
}
// Define a custom info type to exclude email addresses
customInfotype := &dlppb.CustomInfoType{
InfoType: &dlppb.InfoType{
Name: "EMAIL_ADDRESS",
},
ExclusionType: dlppb.CustomInfoType_EXCLUSION_TYPE_EXCLUDE,
}
// Exclude EMAIL_ADDRESS matches
exclusionRule := &dlppb.ExclusionRule{
Type: &dlppb.ExclusionRule_ExcludeInfoTypes{
ExcludeInfoTypes: &dlppb.ExcludeInfoTypes{
InfoTypes: []*dlppb.InfoType{
{Name: "EMAIL_ADDRESS"},
},
},
},
MatchingType: dlppb.MatchingType_MATCHING_TYPE_PARTIAL_MATCH,
}
// Construct a ruleSet that applies the exclusion rule to the DOMAIN_NAME infoType.
// If a DOMAIN_NAME match is part of an EMAIL_ADDRESS match, the DOMAIN_NAME match will
// be excluded.
ruleSet := &dlppb.InspectionRuleSet{
InfoTypes: []*dlppb.InfoType{
{Name: "DOMAIN_NAME"},
},
Rules: []*dlppb.InspectionRule{
{
Type: &dlppb.InspectionRule_ExclusionRule{
ExclusionRule: exclusionRule,
},
},
},
}
// Construct the Inspect request to be sent by the client.
req := &dlppb.InspectContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
Item: contentItem,
// Construct the Inspect request to be sent by the client.
InspectConfig: &dlppb.InspectConfig{
InfoTypes: infoTypes,
CustomInfoTypes: []*dlppb.CustomInfoType{
customInfotype,
},
IncludeQuote: true,
RuleSet: []*dlppb.InspectionRuleSet{
ruleSet,
},
},
}
// Send the request.
resp, err := client.InspectContent(ctx, req)
if err != nil {
return err
}
// Process the results.
fmt.Fprintf(w, "Findings: %v\n", len(resp.Result.Findings))
for _, v := range resp.GetResult().Findings {
fmt.Fprintf(w, "Quote: %v\n", v.GetQuote())
fmt.Fprintf(w, "Infotype Name: %v\n", v.GetInfoType().GetName())
fmt.Fprintf(w, "Likelihood: %v\n", v.GetLikelihood())
}
return nil
}
Java
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ByteContentItem;
import com.google.privacy.dlp.v2.ByteContentItem.BytesType;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.CustomInfoType;
import com.google.privacy.dlp.v2.CustomInfoType.ExclusionType;
import com.google.privacy.dlp.v2.ExcludeInfoTypes;
import com.google.privacy.dlp.v2.ExclusionRule;
import com.google.privacy.dlp.v2.Finding;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectContentRequest;
import com.google.privacy.dlp.v2.InspectContentResponse;
import com.google.privacy.dlp.v2.InspectionRule;
import com.google.privacy.dlp.v2.InspectionRuleSet;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.MatchingType;
import com.google.protobuf.ByteString;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
public class InspectStringWithoutOverlap {
public static void main(String[] args) throws Exception {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
String textToInspect = "example.com is a domain, james@example.org is an email.";
inspectStringWithoutOverlap(projectId, textToInspect);
}
// Inspects the provided text, avoiding matches specified in the exclusion list.
public static void inspectStringWithoutOverlap(String projectId, String textToInspect)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify the type and content to be inspected.
ByteContentItem byteItem =
ByteContentItem.newBuilder()
.setType(BytesType.TEXT_UTF8)
.setData(ByteString.copyFromUtf8(textToInspect))
.build();
ContentItem item = ContentItem.newBuilder().setByteItem(byteItem).build();
// Specify the type of info the inspection will look for.
// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types.
List<InfoType> infoTypes = new ArrayList<>();
for (String typeName : new String[] {"DOMAIN_NAME", "EMAIL_ADDRESS"}) {
infoTypes.add(InfoType.newBuilder().setName(typeName).build());
}
// Define a custom info type to exclude email addresses
CustomInfoType customInfoType =
CustomInfoType.newBuilder()
.setInfoType(InfoType.newBuilder().setName("EMAIL_ADDRESS"))
.setExclusionType(ExclusionType.EXCLUSION_TYPE_EXCLUDE)
.build();
// Exclude EMAIL_ADDRESS matches
ExclusionRule exclusionRule =
ExclusionRule.newBuilder()
.setExcludeInfoTypes(
ExcludeInfoTypes.newBuilder()
.addInfoTypes(InfoType.newBuilder().setName("EMAIL_ADDRESS")))
.setMatchingType(MatchingType.MATCHING_TYPE_PARTIAL_MATCH)
.build();
// Construct a ruleset that applies the exclusion rule to the DOMAIN_NAME infotype.
// If a DOMAIN_NAME match is part of an EMAIL_ADDRESS match, the DOMAIN_NAME match will
// be excluded.
InspectionRuleSet ruleSet =
InspectionRuleSet.newBuilder()
.addInfoTypes(InfoType.newBuilder().setName("DOMAIN_NAME"))
.addRules(InspectionRule.newBuilder().setExclusionRule(exclusionRule))
.build();
// Construct the configuration for the Inspect request, including the ruleset.
InspectConfig config =
InspectConfig.newBuilder()
.addAllInfoTypes(infoTypes)
.addCustomInfoTypes(customInfoType)
.setIncludeQuote(true)
.addRuleSet(ruleSet)
.build();
// Construct the Inspect request to be sent by the client.
InspectContentRequest request =
InspectContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(item)
.setInspectConfig(config)
.build();
// Use the client to send the API request.
InspectContentResponse response = dlp.inspectContent(request);
// Parse the response and process results
System.out.println("Findings: " + response.getResult().getFindingsCount());
for (Finding f : response.getResult().getFindingsList()) {
System.out.println("\tQuote: " + f.getQuote());
System.out.println("\tInfo type: " + f.getInfoType().getName());
System.out.println("\tLikelihood: " + f.getLikelihood());
}
}
}
}Node.js
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Instantiates a client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// The string to inspect
// const string = 'example.com is a domain, james@example.org is an email.';
async function inspectStringWithoutOverlap() {
// Construct item to inspect
const item = {value: string};
// The infoTypes of information to match
const infoTypes = [{name: 'DOMAIN_NAME'}, {name: 'EMAIL_ADDRESS'}];
// Define a custom info type to exclude email addresses
const customInfoTypes = [
{
infoType: {name: 'EMAIL_ADDRESS'},
exclusionType:
DLP.protos.google.privacy.dlp.v2.CustomInfoType.ExclusionType
.EXCLUSION_TYPE_EXCLUDE,
},
];
// Construct a exclusion rule
const exclusionRule = {
excludeInfoTypes: {
infoTypes: [{name: 'EMAIL_ADDRESS'}],
},
matchingType:
DLP.protos.google.privacy.dlp.v2.MatchingType
.MATCHING_TYPE_PARTIAL_MATCH,
};
// Construct a rule set with exclusions
const ruleSet = [
{
infoTypes: [{name: 'DOMAIN_NAME'}],
rules: [
{
exclusionRule: exclusionRule,
},
],
},
];
// Construct the inspect configuration
const inspectConfig = {
infoTypes: infoTypes,
customInfoTypes: customInfoTypes,
ruleSet: ruleSet,
includeQuote: true,
};
// Combine configurations into a request for the service.
const request = {
parent: `projects/${projectId}/locations/global`,
inspectConfig: inspectConfig,
item: item,
};
// Run request
const [response] = await dlp.inspectContent(request);
// Print Findings
const findings = response.result.findings;
if (findings.length > 0) {
console.log(`Findings: ${findings.length}\n`);
findings.forEach(finding => {
console.log(`InfoType: ${finding.infoType.name}`);
console.log(`\tQuote: ${finding.quote}`);
console.log(`\tLikelihood: ${finding.likelihood} \n`);
});
} else {
console.log('No findings.');
}
}
inspectStringWithoutOverlap();PHP
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\CustomInfoType;
use Google\Cloud\Dlp\V2\CustomInfoType\ExclusionType;
use Google\Cloud\Dlp\V2\ExcludeInfoTypes;
use Google\Cloud\Dlp\V2\ExclusionRule;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectContentRequest;
use Google\Cloud\Dlp\V2\InspectionRule;
use Google\Cloud\Dlp\V2\InspectionRuleSet;
use Google\Cloud\Dlp\V2\Likelihood;
use Google\Cloud\Dlp\V2\MatchingType;
/**
* Inspect a string for sensitive data, omitting overlapping matches on domain and email
* Omit matches on domain names that are part of email addresses in a DOMAIN_NAME detector scan.
*
* @param string $projectId The Google Cloud project id to use as a parent resource.
* @param string $textToInspect The string to inspect.
*/
function inspect_string_without_overlap(
// TODO(developer): Replace sample parameters before running the code.
string $projectId,
string $textToInspect = 'example.com is a domain, james@example.org is an email.'
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
$parent = "projects/$projectId/locations/global";
// Specify what content you want the service to Inspect.
$item = (new ContentItem())
->setValue($textToInspect);
// Specify the type of info the inspection will look for.
$domainName = (new InfoType())
->setName('DOMAIN_NAME');
$emailAddress = (new InfoType())
->setName('EMAIL_ADDRESS');
$infoTypes = [$domainName, $emailAddress];
// Define a custom info type to exclude email addresses
$customInfoType = (new CustomInfoType())
->setInfoType($emailAddress)
->setExclusionType(ExclusionType::EXCLUSION_TYPE_EXCLUDE);
// Exclude EMAIL_ADDRESS matches
$matchingType = MatchingType::MATCHING_TYPE_PARTIAL_MATCH;
$exclusionRule = (new ExclusionRule())
->setMatchingType($matchingType)
->setExcludeInfoTypes((new ExcludeInfoTypes())
->setInfoTypes([$customInfoType->getInfoType()])
);
// Construct a ruleset that applies the exclusion rule to the DOMAIN_NAME infotype.
// If a DOMAIN_NAME match is part of an EMAIL_ADDRESS match, the DOMAIN_NAME match will
// be excluded.
$inspectionRuleSet = (new InspectionRuleSet())
->setInfoTypes([$domainName])
->setRules([
(new InspectionRule())
->setExclusionRule($exclusionRule),
]);
// Construct the configuration for the Inspect request, including the ruleset.
$inspectConfig = (new InspectConfig())
->setInfoTypes($infoTypes)
->setCustomInfoTypes([$customInfoType])
->setIncludeQuote(true)
->setRuleSet([$inspectionRuleSet]);
// Run request
$inspectContentRequest = (new InspectContentRequest())
->setParent($parent)
->setInspectConfig($inspectConfig)
->setItem($item);
$response = $dlp->inspectContent($inspectContentRequest);
// Print the results
$findings = $response->getResult()->getFindings();
if (count($findings) == 0) {
printf('No findings.' . PHP_EOL);
} else {
printf('Findings:' . PHP_EOL);
foreach ($findings as $finding) {
printf(' Quote: %s' . PHP_EOL, $finding->getQuote());
printf(' Info type: %s' . PHP_EOL, $finding->getInfoType()->getName());
printf(
' Likelihood: %s' . PHP_EOL,
Likelihood::name($finding->getLikelihood()));
}
}
}Python
機密データの保護用のクライアント ライブラリをインストールして使用する方法については、機密データの保護のクライアント ライブラリをご覧ください。
機密データの保護のために認証するには、アプリケーションのデフォルト認証情報を設定します。 詳細については、ローカル開発環境の認証の設定をご覧ください。
import google.cloud.dlp
def inspect_string_without_overlap(project: str, content_string: str) -> None:
"""Matches EMAIL_ADDRESS and DOMAIN_NAME, but DOMAIN_NAME is omitted
if it overlaps with EMAIL_ADDRESS
Uses the Data Loss Prevention API to omit matches of one infotype
that overlap with another.
Args:
project: The Google Cloud project id to use as a parent resource.
content_string: The string to inspect.
Returns:
None; the response from the API is printed to the terminal.
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Construct a list of infoTypes for DLP to locate in `content_string`. See
# https://cloud.google.com/dlp/docs/concepts-infotypes for more information
# about supported infoTypes.
info_types_to_locate = [{"name": "DOMAIN_NAME"}, {"name": "EMAIL_ADDRESS"}]
# Define a custom info type to exclude email addresses
custom_info_types = [
{
"info_type": {"name": "EMAIL_ADDRESS"},
"exclusion_type": google.cloud.dlp_v2.CustomInfoType.ExclusionType.EXCLUSION_TYPE_EXCLUDE,
}
]
# Construct a rule set that will exclude DOMAIN_NAME matches
# that overlap with EMAIL_ADDRESS matches
rule_set = [
{
"info_types": [{"name": "DOMAIN_NAME"}],
"rules": [
{
"exclusion_rule": {
"exclude_info_types": {
"info_types": [{"name": "EMAIL_ADDRESS"}]
},
"matching_type": google.cloud.dlp_v2.MatchingType.MATCHING_TYPE_PARTIAL_MATCH,
}
}
],
}
]
# Construct the configuration dictionary
inspect_config = {
"info_types": info_types_to_locate,
"custom_info_types": custom_info_types,
"rule_set": rule_set,
"include_quote": True,
}
# Construct the `item`.
item = {"value": content_string}
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Call the API.
response = dlp.inspect_content(
request={"parent": parent, "inspect_config": inspect_config, "item": item}
)
# Print out the results.
if response.result.findings:
for finding in response.result.findings:
print(f"Quote: {finding.quote}")
print(f"Info type: {finding.info_type.name}")
print(f"Likelihood: {finding.likelihood}")
else:
print("No findings.")
次のステップ
他の Google Cloud プロダクトに関連するコードサンプルの検索およびフィルタ検索を行うには、Google Cloud のサンプルをご覧ください。