in dlp/snippets/deid/deid_table_with_multiple_crypto_hash.go [27:200]
func deIdentifyTableWithMultipleCryptoHash(w io.Writer, projectID, transientKeyName1, transientKeyName2 string) error {
// projectId := "your-project-id"
// transientKeyName1 := "YOUR_TRANSIENT_CRYPTO_KEY_1"
// transientKeyName2 := "YOUR_TRANSIENT_CRYPTO_KEY_2"
// The table to de-identify.
row1 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "user1@example.org"}},
{Type: &dlppb.Value_StringValue{StringValue: "my email is user1@example.org and phone is 858-555-0222"}},
},
}
row2 := &dlppb.Table_Row{
Values: []*dlppb.Value{
{Type: &dlppb.Value_StringValue{StringValue: "abbyabernathy1"}},
{Type: &dlppb.Value_StringValue{StringValue: "my userid is abbyabernathy1 and my email is aabernathy@example.com"}},
},
}
tableToDeidentify := &dlppb.Table{
Headers: []*dlppb.FieldId{
{Name: "userid"},
{Name: "comments"},
},
Rows: []*dlppb.Table_Row{
{Values: row1.Values},
{Values: row2.Values},
},
}
ctx := context.Background()
// Initialize a client once and reuse it to send multiple requests. Clients
// are safe to use across goroutines. When the client is no longer needed,
// call the Close method to cleanup its resources.
client, err := dlp.NewClient(ctx)
if err != nil {
return err
}
// Closing the client safely cleans up background resources.
defer client.Close()
// Specify what content you want the service to de-identify.
contentItem := &dlppb.ContentItem{
DataItem: &dlppb.ContentItem_Table{
Table: tableToDeidentify,
},
}
// Specify the type of info the inspection will look for.
// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types
infoTypes := []*dlppb.InfoType{
{Name: "PHONE_NUMBER"},
{Name: "EMAIL_ADDRESS"},
}
inspectConfig := &dlppb.InspectConfig{
InfoTypes: infoTypes,
}
// Specify the transient key names.
transientCryptoKey1 := &dlppb.TransientCryptoKey{
Name: transientKeyName1,
}
transientCryptoKey2 := &dlppb.TransientCryptoKey{
Name: transientKeyName2,
}
cryptoKey1 := &dlppb.CryptoKey_Transient{
Transient: transientCryptoKey1,
}
cryptoKey2 := &dlppb.CryptoKey_Transient{
Transient: transientCryptoKey2,
}
// Specify the CryptoHashConfig for transientKey1.
cryptoHashConfig1 := &dlppb.CryptoHashConfig{
CryptoKey: &dlppb.CryptoKey{
Source: cryptoKey1,
},
}
// Specify the CryptoHashConfig for transientKey1.
cryptoHashConfig2 := &dlppb.CryptoHashConfig{
CryptoKey: &dlppb.CryptoKey{
Source: cryptoKey2,
},
}
// Define type of de-identification as cryptographic hash transformation.
// Specify the transformation for transientKey1
primitiveTransformation1 := &dlppb.PrimitiveTransformation{
Transformation: &dlppb.PrimitiveTransformation_CryptoHashConfig{
CryptoHashConfig: cryptoHashConfig1,
},
}
// Specify the transformation for transientKey2
primitiveTransformation2 := &dlppb.PrimitiveTransformation{
Transformation: &dlppb.PrimitiveTransformation_CryptoHashConfig{
CryptoHashConfig: cryptoHashConfig2,
},
}
infoTypeTransformation := &dlppb.InfoTypeTransformations_InfoTypeTransformation{
PrimitiveTransformation: primitiveTransformation2,
}
transformations := &dlppb.InfoTypeTransformations{
Transformations: []*dlppb.InfoTypeTransformations_InfoTypeTransformation{
infoTypeTransformation,
},
}
// Specify fields to be de-identified.
fieldIds := []*dlppb.FieldId{
{Name: "userid"},
{Name: "comments"},
}
fieldTransformations := []*dlppb.FieldTransformation{
{
Fields: []*dlppb.FieldId{
fieldIds[0],
},
Transformation: &dlppb.FieldTransformation_PrimitiveTransformation{
PrimitiveTransformation: primitiveTransformation1,
},
},
{
Fields: []*dlppb.FieldId{
fieldIds[1],
},
Transformation: &dlppb.FieldTransformation_InfoTypeTransformations{
InfoTypeTransformations: transformations,
},
},
}
recordTransformations := &dlppb.RecordTransformations{
FieldTransformations: fieldTransformations,
}
// Specify the config for the de-identify request
deidentifyConfig := &dlppb.DeidentifyConfig{
Transformation: &dlppb.DeidentifyConfig_RecordTransformations{
RecordTransformations: recordTransformations,
},
}
// Construct the de-identification request to be sent by the client.
req := &dlppb.DeidentifyContentRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
DeidentifyConfig: deidentifyConfig,
InspectConfig: inspectConfig,
Item: contentItem,
}
// Send the request.
resp, err := client.DeidentifyContent(ctx, req)
if err != nil {
return err
}
// Print the results.
fmt.Fprintf(w, "Table after de-identification : %v", resp.GetItem().GetTable())
return nil
}