in dlp/snippets/src/main/java/dlp/snippets/DeIdentifyTableWithMultipleCryptoHash.java [96:206]
public static void deIdentifyWithCryptHashTransformation(
String projectId, Table tableToDeIdentify, String transientKeyName1, String transientKeyName2)
throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlp = DlpServiceClient.create()) {
// Specify what content you want the service to DeIdentify
ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();
// Specify the type of info the inspection will look for.
// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types
List<InfoType> infoTypes =
Stream.of("PHONE_NUMBER", "EMAIL_ADDRESS")
.map(it -> InfoType.newBuilder().setName(it).build())
.collect(Collectors.toList());
InspectConfig inspectConfig = InspectConfig.newBuilder()
.addAllInfoTypes(infoTypes)
.build();
// Specify the transient key which will encrypt the data.
TransientCryptoKey transientCryptoKey = TransientCryptoKey.newBuilder()
.setName(transientKeyName1)
.build();
TransientCryptoKey transientCryptoKey2 = TransientCryptoKey.newBuilder()
.setName(transientKeyName2)
.build();
CryptoKey cryptoKey = CryptoKey.newBuilder()
.setTransient(transientCryptoKey)
.build();
CryptoKey cryptoKey2 = CryptoKey.newBuilder()
.setTransient(transientCryptoKey2)
.build();
CryptoHashConfig cryptoHashConfig = CryptoHashConfig.newBuilder()
.setCryptoKey(cryptoKey)
.build();
CryptoHashConfig cryptoHashConfig2 = CryptoHashConfig.newBuilder()
.setCryptoKey(cryptoKey2)
.build();
// Define type of de-identification as cryptographic hash transformation.
PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder()
.setCryptoHashConfig(cryptoHashConfig)
.build();
PrimitiveTransformation primitiveTransformation2 = PrimitiveTransformation.newBuilder()
.setCryptoHashConfig(cryptoHashConfig2)
.build();
InfoTypeTransformations.InfoTypeTransformation infoTypeTransformation =
InfoTypeTransformations.InfoTypeTransformation.newBuilder()
.setPrimitiveTransformation(primitiveTransformation2)
.addAllInfoTypes(infoTypes)
.build();
InfoTypeTransformations transformations =
InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformation).build();
// Specify fields to be de-identified.
List<FieldId> fieldIds =
Stream.of("userid")
.map(id -> FieldId.newBuilder().setName(id).build())
.collect(Collectors.toList());
List<FieldId> fieldIds1 =
Stream.of("comments")
.map(id -> FieldId.newBuilder().setName(id).build())
.collect(Collectors.toList());
List<FieldTransformation> fieldTransformations = new ArrayList<>();
fieldTransformations.add(
FieldTransformation.newBuilder()
.addAllFields(fieldIds)
.setPrimitiveTransformation(primitiveTransformation)
.build());
fieldTransformations.add(
FieldTransformation.newBuilder()
.addAllFields(fieldIds1)
.setInfoTypeTransformations(transformations)
.build());
RecordTransformations recordTransformations = RecordTransformations.newBuilder()
.addAllFieldTransformations(fieldTransformations)
.build();
// Specify the config for the de-identify request
DeidentifyConfig deidentifyConfig = DeidentifyConfig.newBuilder()
.setRecordTransformations(recordTransformations)
.build();
// Combine configurations into a request for the service.
DeidentifyContentRequest request =
DeidentifyContentRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setItem(contentItem)
.setInspectConfig(inspectConfig)
.setDeidentifyConfig(deidentifyConfig)
.build();
// Send the request and receive response from the service.
DeidentifyContentResponse response = dlp.deidentifyContent(request);
// Print the results.
System.out.println("Table after de-identification: " + response.getItem().getTable());
}
}