use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.
the class RiskAnalysis method calculateKMap.
// [END dlp_l_diversity]
// [START dlp_k_map]
/**
* Calculate k-map risk estimation for an attribute relative to quasi-identifiers in a BigQuery
* table.
*
* @param projectId The Google Cloud Platform project ID to run the API call under.
* @param datasetId The BigQuery dataset to analyze.
* @param tableId The BigQuery table to analyze.
* @param quasiIds A set of column names that form a composite key ('quasi-identifiers').
* @param infoTypes The infoTypes corresponding to each quasi-id column
* @param regionCode An ISO-3166-1 region code specifying the k-map distribution region
* @param topicId The name of the Pub/Sub topic to notify once the job completes
* @param subscriptionId The name of the Pub/Sub subscription to use when listening for job
* completion status.
*/
private static void calculateKMap(String projectId, String datasetId, String tableId, List<String> quasiIds, List<InfoType> infoTypes, String regionCode, String topicId, String subscriptionId) throws Exception {
// Instantiates a client
try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
Iterator<String> quasiIdsIterator = quasiIds.iterator();
Iterator<InfoType> infoTypesIterator = infoTypes.iterator();
if (quasiIds.size() != infoTypes.size()) {
throw new IllegalArgumentException("The numbers of quasi-IDs and infoTypes must be equal!");
}
ArrayList<TaggedField> taggedFields = new ArrayList();
while (quasiIdsIterator.hasNext() || infoTypesIterator.hasNext()) {
taggedFields.add(TaggedField.newBuilder().setField(FieldId.newBuilder().setName(quasiIdsIterator.next()).build()).setInfoType(infoTypesIterator.next()).build());
}
KMapEstimationConfig kmapConfig = KMapEstimationConfig.newBuilder().addAllQuasiIds(taggedFields).setRegionCode(regionCode).build();
BigQueryTable bigQueryTable = BigQueryTable.newBuilder().setProjectId(projectId).setDatasetId(datasetId).setTableId(tableId).build();
PrivacyMetric privacyMetric = PrivacyMetric.newBuilder().setKMapEstimationConfig(kmapConfig).build();
String topicName = String.format("projects/%s/topics/%s", projectId, topicId);
PublishToPubSub publishToPubSub = PublishToPubSub.newBuilder().setTopic(topicName).build();
// Create action to publish job status notifications over Google Cloud Pub/Sub
Action action = Action.newBuilder().setPubSub(publishToPubSub).build();
RiskAnalysisJobConfig riskAnalysisJobConfig = RiskAnalysisJobConfig.newBuilder().setSourceTable(bigQueryTable).setPrivacyMetric(privacyMetric).addActions(action).build();
CreateDlpJobRequest createDlpJobRequest = CreateDlpJobRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setRiskJob(riskAnalysisJobConfig).build();
DlpJob dlpJob = dlpServiceClient.createDlpJob(createDlpJobRequest);
String dlpJobName = dlpJob.getName();
final SettableApiFuture<Boolean> done = SettableApiFuture.create();
// Set up a Pub/Sub subscriber to listen on the job completion status
Subscriber subscriber = Subscriber.newBuilder(ProjectSubscriptionName.newBuilder().setProject(projectId).setSubscription(subscriptionId).build(), (pubsubMessage, ackReplyConsumer) -> {
if (pubsubMessage.getAttributesCount() > 0 && pubsubMessage.getAttributesMap().get("DlpJobName").equals(dlpJobName)) {
// notify job completion
done.set(true);
ackReplyConsumer.ack();
}
}).build();
subscriber.startAsync();
// For long jobs, consider using a truly asynchronous execution model such as Cloud Functions
try {
done.get(1, TimeUnit.MINUTES);
// Wait for the job to become available
Thread.sleep(500);
} catch (TimeoutException e) {
System.out.println("Unable to verify job completion.");
}
// retrieve completed job status
DlpJob completedJob = dlpServiceClient.getDlpJob(GetDlpJobRequest.newBuilder().setName(dlpJobName).build());
System.out.println("Job status: " + completedJob.getState());
AnalyzeDataSourceRiskDetails riskDetails = completedJob.getRiskDetails();
KMapEstimationResult kmapResult = riskDetails.getKMapEstimationResult();
for (KMapEstimationHistogramBucket result : kmapResult.getKMapEstimationHistogramList()) {
System.out.printf("\tAnonymity range: [%d, %d]\n", result.getMinAnonymity(), result.getMaxAnonymity());
System.out.printf("\tSize: %d\n", result.getBucketSize());
for (KMapEstimationQuasiIdValues valueBucket : result.getBucketValuesList()) {
String quasiIdValues = valueBucket.getQuasiIdsValuesList().stream().map(v -> {
String s = v.toString();
return s.substring(s.indexOf(':') + 1).trim();
}).collect(Collectors.joining(", "));
System.out.printf("\tValues: {%s}\n", quasiIdValues);
System.out.printf("\tEstimated k-map anonymity: %d\n", valueBucket.getEstimatedAnonymity());
}
}
} catch (Exception e) {
System.out.println("Error in calculateKMap: " + e.getMessage());
}
}
use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.
the class Templates method listInspectTemplates.
// [END dlp_create_inspect_template]
// [START dlp_list_inspect_templates]
/**
* List DLP inspection templates created in a given project
*
* @param projectId Google Cloud Project ID
*/
private static void listInspectTemplates(String projectId) {
try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
ListInspectTemplatesRequest request = ListInspectTemplatesRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setPageSize(1).build();
ListInspectTemplatesPagedResponse response = dlpServiceClient.listInspectTemplates(request);
ListInspectTemplatesPage page = response.getPage();
ListInspectTemplatesResponse templatesResponse = page.getResponse();
for (InspectTemplate template : templatesResponse.getInspectTemplatesList()) {
System.out.printf("Template name: %s\n", template.getName());
if (template.getDisplayName() != null) {
System.out.printf("\tDisplay name: %s \n", template.getDisplayName());
System.out.printf("\tCreate time: %s \n", template.getCreateTime());
System.out.printf("\tUpdate time: %s \n", template.getUpdateTime());
// print inspection config
InspectConfig inspectConfig = template.getInspectConfig();
for (InfoType infoType : inspectConfig.getInfoTypesList()) {
System.out.printf("\tInfoType: %s\n", infoType.getName());
}
System.out.printf("\tMin likelihood: %s\n", inspectConfig.getMinLikelihood());
System.out.printf("\tLimits: %s\n", inspectConfig.getLimits().getMaxFindingsPerRequest());
}
}
} catch (Exception e) {
System.out.printf("Error creating template: %s", e.getMessage());
}
}
use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.
the class Templates method createInspectTemplate.
// [START dlp_create_inspect_template]
/**
* Create a new DLP inspection configuration template.
*
* @param displayName (Optional) The human-readable name to give the template
* @param projectId Google Cloud Project ID to call the API under
* @param templateId (Optional) The name of the template to be created
* @param infoTypeList The infoTypes of information to match
* @param minLikelihood The minimum likelihood required before returning a match
* @param maxFindings The maximum number of findings to report per request (0 = server maximum)
*/
private static void createInspectTemplate(String displayName, String templateId, String description, String projectId, List<InfoType> infoTypeList, Likelihood minLikelihood, int maxFindings) {
try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
FindingLimits findingLimits = FindingLimits.newBuilder().setMaxFindingsPerRequest(maxFindings).build();
// Construct the inspection configuration for the template
InspectConfig inspectConfig = InspectConfig.newBuilder().addAllInfoTypes(infoTypeList).setMinLikelihood(minLikelihood).setLimits(findingLimits).build();
InspectTemplate inspectTemplate = InspectTemplate.newBuilder().setInspectConfig(inspectConfig).setDisplayName(displayName).setDescription(description).build();
CreateInspectTemplateRequest createInspectTemplateRequest = CreateInspectTemplateRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setInspectTemplate(inspectTemplate).setTemplateId(templateId).build();
InspectTemplate response = dlpServiceClient.createInspectTemplate(createInspectTemplateRequest);
System.out.printf("Template created: %s", response.getName());
} catch (Exception e) {
System.out.printf("Error creating template: %s", e.getMessage());
}
}
use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.
the class DeIdentification method reIdentifyWithFpe.
// [END dlp_deidentify_fpe]
// [START dlp_reidentify_fpe]
/**
* Reidentify a string by encrypting sensitive information while preserving format.
*
* @param string The string to reidentify.
* @param alphabet The set of characters used when encrypting the input. For more information, see
* cloud.google.com/dlp/docs/reference/rest/v2/content/deidentify
* @param keyName The name of the Cloud KMS key to use when decrypting the wrapped key.
* @param wrappedKey The encrypted (or "wrapped") AES-256 encryption key.
* @param projectId ID of Google Cloud project to run the API under.
* @param surrogateType The name of the surrogate custom info type to used during the encryption
* process.
*/
private static void reIdentifyWithFpe(String string, FfxCommonNativeAlphabet alphabet, String keyName, String wrappedKey, String projectId, String surrogateType) {
// instantiate a client
try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
ContentItem contentItem = ContentItem.newBuilder().setValue(string).build();
InfoType surrogateTypeObject = InfoType.newBuilder().setName(surrogateType).build();
// Create the format-preserving encryption (FPE) configuration
KmsWrappedCryptoKey kmsWrappedCryptoKey = KmsWrappedCryptoKey.newBuilder().setWrappedKey(ByteString.copyFrom(BaseEncoding.base64().decode(wrappedKey))).setCryptoKeyName(keyName).build();
CryptoKey cryptoKey = CryptoKey.newBuilder().setKmsWrapped(kmsWrappedCryptoKey).build();
CryptoReplaceFfxFpeConfig cryptoReplaceFfxFpeConfig = CryptoReplaceFfxFpeConfig.newBuilder().setCryptoKey(cryptoKey).setCommonAlphabet(alphabet).setSurrogateInfoType(surrogateTypeObject).build();
// Create the deidentification transformation configuration
PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder().setCryptoReplaceFfxFpeConfig(cryptoReplaceFfxFpeConfig).build();
InfoTypeTransformation infoTypeTransformationObject = InfoTypeTransformation.newBuilder().setPrimitiveTransformation(primitiveTransformation).addInfoTypes(surrogateTypeObject).build();
InfoTypeTransformations infoTypeTransformationArray = InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformationObject).build();
// Create the inspection config
CustomInfoType customInfoType = CustomInfoType.newBuilder().setInfoType(surrogateTypeObject).setSurrogateType(SurrogateType.newBuilder().build()).build();
InspectConfig inspectConfig = InspectConfig.newBuilder().addCustomInfoTypes(customInfoType).build();
// Create the reidentification request object
DeidentifyConfig reidentifyConfig = DeidentifyConfig.newBuilder().setInfoTypeTransformations(infoTypeTransformationArray).build();
ReidentifyContentRequest request = ReidentifyContentRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setReidentifyConfig(reidentifyConfig).setInspectConfig(inspectConfig).setItem(contentItem).build();
// Execute the deidentification request
ReidentifyContentResponse response = dlpServiceClient.reidentifyContent(request);
// Print the reidentified input value
// e.g. "My SSN is 7261298621" --> "My SSN is 123456789"
String result = response.getItem().getValue();
System.out.println(result);
} catch (Exception e) {
System.out.println("Error in reidentifyWithFpe: " + e.getMessage());
}
}
use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.
the class DeIdentification method deIdentifyWithFpe.
// [END dlp_deidentify_mask]
// [START dlp_deidentify_fpe]
/**
* Deidentify a string by encrypting sensitive information while preserving format.
*
* @param string The string to deidentify.
* @param alphabet The set of characters to use when encrypting the input. For more information,
* see cloud.google.com/dlp/docs/reference/rest/v2/content/deidentify
* @param keyName The name of the Cloud KMS key to use when decrypting the wrapped key.
* @param wrappedKey The encrypted (or "wrapped") AES-256 encryption key.
* @param projectId ID of Google Cloud project to run the API under.
*/
private static void deIdentifyWithFpe(String string, FfxCommonNativeAlphabet alphabet, String keyName, String wrappedKey, String projectId, String surrogateType) {
// instantiate a client
try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
ContentItem contentItem = ContentItem.newBuilder().setValue(string).build();
// Create the format-preserving encryption (FPE) configuration
KmsWrappedCryptoKey kmsWrappedCryptoKey = KmsWrappedCryptoKey.newBuilder().setWrappedKey(ByteString.copyFrom(BaseEncoding.base64().decode(wrappedKey))).setCryptoKeyName(keyName).build();
CryptoKey cryptoKey = CryptoKey.newBuilder().setKmsWrapped(kmsWrappedCryptoKey).build();
CryptoReplaceFfxFpeConfig cryptoReplaceFfxFpeConfig = CryptoReplaceFfxFpeConfig.newBuilder().setCryptoKey(cryptoKey).setCommonAlphabet(alphabet).setSurrogateInfoType(InfoType.newBuilder().setName(surrogateType).build()).build();
// Create the deidentification transformation configuration
PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder().setCryptoReplaceFfxFpeConfig(cryptoReplaceFfxFpeConfig).build();
InfoTypeTransformation infoTypeTransformationObject = InfoTypeTransformation.newBuilder().setPrimitiveTransformation(primitiveTransformation).build();
InfoTypeTransformations infoTypeTransformationArray = InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformationObject).build();
// Create the deidentification request object
DeidentifyConfig deidentifyConfig = DeidentifyConfig.newBuilder().setInfoTypeTransformations(infoTypeTransformationArray).build();
DeidentifyContentRequest request = DeidentifyContentRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setDeidentifyConfig(deidentifyConfig).setItem(contentItem).build();
// Execute the deidentification request
DeidentifyContentResponse response = dlpServiceClient.deidentifyContent(request);
// Print the deidentified input value
// e.g. "My SSN is 123456789" --> "My SSN is 7261298621"
String result = response.getItem().getValue();
System.out.println(result);
} catch (Exception e) {
System.out.println("Error in deidentifyWithFpe: " + e.getMessage());
}
}
Aggregations