Examples with DlpServiceClient com.google.cloud.dlp.v2.DlpServiceClient used on opensource projects

Example 11 with DlpServiceClient

use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class RiskAnalysis method calculateKMap.

// [END dlp_l_diversity]
// [START dlp_k_map]
/**
 * Calculate k-map risk estimation for an attribute relative to quasi-identifiers in a BigQuery
 * table.
 *
 * @param projectId The Google Cloud Platform project ID to run the API call under.
 * @param datasetId The BigQuery dataset to analyze.
 * @param tableId The BigQuery table to analyze.
 * @param quasiIds A set of column names that form a composite key ('quasi-identifiers').
 * @param infoTypes The infoTypes corresponding to each quasi-id column
 * @param regionCode An ISO-3166-1 region code specifying the k-map distribution region
 * @param topicId The name of the Pub/Sub topic to notify once the job completes
 * @param subscriptionId The name of the Pub/Sub subscription to use when listening for job
 *     completion status.
 */
private static void calculateKMap(String projectId, String datasetId, String tableId, List<String> quasiIds, List<InfoType> infoTypes, String regionCode, String topicId, String subscriptionId) throws Exception {
    // Instantiates a client
    try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
        Iterator<String> quasiIdsIterator = quasiIds.iterator();
        Iterator<InfoType> infoTypesIterator = infoTypes.iterator();
        if (quasiIds.size() != infoTypes.size()) {
            throw new IllegalArgumentException("The numbers of quasi-IDs and infoTypes must be equal!");
        }
        ArrayList<TaggedField> taggedFields = new ArrayList();
        while (quasiIdsIterator.hasNext() || infoTypesIterator.hasNext()) {
            taggedFields.add(TaggedField.newBuilder().setField(FieldId.newBuilder().setName(quasiIdsIterator.next()).build()).setInfoType(infoTypesIterator.next()).build());
        }
        KMapEstimationConfig kmapConfig = KMapEstimationConfig.newBuilder().addAllQuasiIds(taggedFields).setRegionCode(regionCode).build();
        BigQueryTable bigQueryTable = BigQueryTable.newBuilder().setProjectId(projectId).setDatasetId(datasetId).setTableId(tableId).build();
        PrivacyMetric privacyMetric = PrivacyMetric.newBuilder().setKMapEstimationConfig(kmapConfig).build();
        String topicName = String.format("projects/%s/topics/%s", projectId, topicId);
        PublishToPubSub publishToPubSub = PublishToPubSub.newBuilder().setTopic(topicName).build();
        // Create action to publish job status notifications over Google Cloud Pub/Sub
        Action action = Action.newBuilder().setPubSub(publishToPubSub).build();
        RiskAnalysisJobConfig riskAnalysisJobConfig = RiskAnalysisJobConfig.newBuilder().setSourceTable(bigQueryTable).setPrivacyMetric(privacyMetric).addActions(action).build();
        CreateDlpJobRequest createDlpJobRequest = CreateDlpJobRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setRiskJob(riskAnalysisJobConfig).build();
        DlpJob dlpJob = dlpServiceClient.createDlpJob(createDlpJobRequest);
        String dlpJobName = dlpJob.getName();
        final SettableApiFuture<Boolean> done = SettableApiFuture.create();
        // Set up a Pub/Sub subscriber to listen on the job completion status
        Subscriber subscriber = Subscriber.newBuilder(ProjectSubscriptionName.newBuilder().setProject(projectId).setSubscription(subscriptionId).build(), (pubsubMessage, ackReplyConsumer) -> {
            if (pubsubMessage.getAttributesCount() > 0 && pubsubMessage.getAttributesMap().get("DlpJobName").equals(dlpJobName)) {
                // notify job completion
                done.set(true);
                ackReplyConsumer.ack();
            }
        }).build();
        subscriber.startAsync();
        // For long jobs, consider using a truly asynchronous execution model such as Cloud Functions
        try {
            done.get(1, TimeUnit.MINUTES);
            // Wait for the job to become available
            Thread.sleep(500);
        } catch (TimeoutException e) {
            System.out.println("Unable to verify job completion.");
        }
        // retrieve completed job status
        DlpJob completedJob = dlpServiceClient.getDlpJob(GetDlpJobRequest.newBuilder().setName(dlpJobName).build());
        System.out.println("Job status: " + completedJob.getState());
        AnalyzeDataSourceRiskDetails riskDetails = completedJob.getRiskDetails();
        KMapEstimationResult kmapResult = riskDetails.getKMapEstimationResult();
        for (KMapEstimationHistogramBucket result : kmapResult.getKMapEstimationHistogramList()) {
            System.out.printf("\tAnonymity range: [%d, %d]\n", result.getMinAnonymity(), result.getMaxAnonymity());
            System.out.printf("\tSize: %d\n", result.getBucketSize());
            for (KMapEstimationQuasiIdValues valueBucket : result.getBucketValuesList()) {
                String quasiIdValues = valueBucket.getQuasiIdsValuesList().stream().map(v -> {
                    String s = v.toString();
                    return s.substring(s.indexOf(':') + 1).trim();
                }).collect(Collectors.joining(", "));
                System.out.printf("\tValues: {%s}\n", quasiIdValues);
                System.out.printf("\tEstimated k-map anonymity: %d\n", valueBucket.getEstimatedAnonymity());
            }
        }
    } catch (Exception e) {
        System.out.println("Error in calculateKMap: " + e.getMessage());
    }
}

Example 12 with DlpServiceClient

use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class Templates method listInspectTemplates.

// [END dlp_create_inspect_template]
// [START dlp_list_inspect_templates]
/**
 * List DLP inspection templates created in a given project
 *
 * @param projectId Google Cloud Project ID
 */
private static void listInspectTemplates(String projectId) {
    try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
        ListInspectTemplatesRequest request = ListInspectTemplatesRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setPageSize(1).build();
        ListInspectTemplatesPagedResponse response = dlpServiceClient.listInspectTemplates(request);
        ListInspectTemplatesPage page = response.getPage();
        ListInspectTemplatesResponse templatesResponse = page.getResponse();
        for (InspectTemplate template : templatesResponse.getInspectTemplatesList()) {
            System.out.printf("Template name: %s\n", template.getName());
            if (template.getDisplayName() != null) {
                System.out.printf("\tDisplay name: %s \n", template.getDisplayName());
                System.out.printf("\tCreate time: %s \n", template.getCreateTime());
                System.out.printf("\tUpdate time: %s \n", template.getUpdateTime());
                // print inspection config
                InspectConfig inspectConfig = template.getInspectConfig();
                for (InfoType infoType : inspectConfig.getInfoTypesList()) {
                    System.out.printf("\tInfoType: %s\n", infoType.getName());
                }
                System.out.printf("\tMin likelihood: %s\n", inspectConfig.getMinLikelihood());
                System.out.printf("\tLimits: %s\n", inspectConfig.getLimits().getMaxFindingsPerRequest());
            }
        }
    } catch (Exception e) {
        System.out.printf("Error creating template: %s", e.getMessage());
    }
}

Example 13 with DlpServiceClient

use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class Templates method createInspectTemplate.

// [START dlp_create_inspect_template]
/**
 * Create a new DLP inspection configuration template.
 *
 * @param displayName (Optional) The human-readable name to give the template
 * @param projectId Google Cloud Project ID to call the API under
 * @param templateId (Optional) The name of the template to be created
 * @param infoTypeList The infoTypes of information to match
 * @param minLikelihood The minimum likelihood required before returning a match
 * @param maxFindings The maximum number of findings to report per request (0 = server maximum)
 */
private static void createInspectTemplate(String displayName, String templateId, String description, String projectId, List<InfoType> infoTypeList, Likelihood minLikelihood, int maxFindings) {
    try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
        FindingLimits findingLimits = FindingLimits.newBuilder().setMaxFindingsPerRequest(maxFindings).build();
        // Construct the inspection configuration for the template
        InspectConfig inspectConfig = InspectConfig.newBuilder().addAllInfoTypes(infoTypeList).setMinLikelihood(minLikelihood).setLimits(findingLimits).build();
        InspectTemplate inspectTemplate = InspectTemplate.newBuilder().setInspectConfig(inspectConfig).setDisplayName(displayName).setDescription(description).build();
        CreateInspectTemplateRequest createInspectTemplateRequest = CreateInspectTemplateRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setInspectTemplate(inspectTemplate).setTemplateId(templateId).build();
        InspectTemplate response = dlpServiceClient.createInspectTemplate(createInspectTemplateRequest);
        System.out.printf("Template created: %s", response.getName());
    } catch (Exception e) {
        System.out.printf("Error creating template: %s", e.getMessage());
    }
}

Example 14 with DlpServiceClient

use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class DeIdentification method reIdentifyWithFpe.

// [END dlp_deidentify_fpe]
// [START dlp_reidentify_fpe]
/**
 * Reidentify a string by encrypting sensitive information while preserving format.
 *
 * @param string The string to reidentify.
 * @param alphabet The set of characters used when encrypting the input. For more information, see
 *     cloud.google.com/dlp/docs/reference/rest/v2/content/deidentify
 * @param keyName The name of the Cloud KMS key to use when decrypting the wrapped key.
 * @param wrappedKey The encrypted (or "wrapped") AES-256 encryption key.
 * @param projectId ID of Google Cloud project to run the API under.
 * @param surrogateType The name of the surrogate custom info type to used during the encryption
 *     process.
 */
private static void reIdentifyWithFpe(String string, FfxCommonNativeAlphabet alphabet, String keyName, String wrappedKey, String projectId, String surrogateType) {
    // instantiate a client
    try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
        ContentItem contentItem = ContentItem.newBuilder().setValue(string).build();
        InfoType surrogateTypeObject = InfoType.newBuilder().setName(surrogateType).build();
        // Create the format-preserving encryption (FPE) configuration
        KmsWrappedCryptoKey kmsWrappedCryptoKey = KmsWrappedCryptoKey.newBuilder().setWrappedKey(ByteString.copyFrom(BaseEncoding.base64().decode(wrappedKey))).setCryptoKeyName(keyName).build();
        CryptoKey cryptoKey = CryptoKey.newBuilder().setKmsWrapped(kmsWrappedCryptoKey).build();
        CryptoReplaceFfxFpeConfig cryptoReplaceFfxFpeConfig = CryptoReplaceFfxFpeConfig.newBuilder().setCryptoKey(cryptoKey).setCommonAlphabet(alphabet).setSurrogateInfoType(surrogateTypeObject).build();
        // Create the deidentification transformation configuration
        PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder().setCryptoReplaceFfxFpeConfig(cryptoReplaceFfxFpeConfig).build();
        InfoTypeTransformation infoTypeTransformationObject = InfoTypeTransformation.newBuilder().setPrimitiveTransformation(primitiveTransformation).addInfoTypes(surrogateTypeObject).build();
        InfoTypeTransformations infoTypeTransformationArray = InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformationObject).build();
        // Create the inspection config
        CustomInfoType customInfoType = CustomInfoType.newBuilder().setInfoType(surrogateTypeObject).setSurrogateType(SurrogateType.newBuilder().build()).build();
        InspectConfig inspectConfig = InspectConfig.newBuilder().addCustomInfoTypes(customInfoType).build();
        // Create the reidentification request object
        DeidentifyConfig reidentifyConfig = DeidentifyConfig.newBuilder().setInfoTypeTransformations(infoTypeTransformationArray).build();
        ReidentifyContentRequest request = ReidentifyContentRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setReidentifyConfig(reidentifyConfig).setInspectConfig(inspectConfig).setItem(contentItem).build();
        // Execute the deidentification request
        ReidentifyContentResponse response = dlpServiceClient.reidentifyContent(request);
        // Print the reidentified input value
        // e.g. "My SSN is 7261298621" --> "My SSN is 123456789"
        String result = response.getItem().getValue();
        System.out.println(result);
    } catch (Exception e) {
        System.out.println("Error in reidentifyWithFpe: " + e.getMessage());
    }
}

Example 15 with DlpServiceClient

use of com.google.cloud.dlp.v2.DlpServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class DeIdentification method deIdentifyWithFpe.

// [END dlp_deidentify_mask]
// [START dlp_deidentify_fpe]
/**
 * Deidentify a string by encrypting sensitive information while preserving format.
 *
 * @param string The string to deidentify.
 * @param alphabet The set of characters to use when encrypting the input. For more information,
 *     see cloud.google.com/dlp/docs/reference/rest/v2/content/deidentify
 * @param keyName The name of the Cloud KMS key to use when decrypting the wrapped key.
 * @param wrappedKey The encrypted (or "wrapped") AES-256 encryption key.
 * @param projectId ID of Google Cloud project to run the API under.
 */
private static void deIdentifyWithFpe(String string, FfxCommonNativeAlphabet alphabet, String keyName, String wrappedKey, String projectId, String surrogateType) {
    // instantiate a client
    try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
        ContentItem contentItem = ContentItem.newBuilder().setValue(string).build();
        // Create the format-preserving encryption (FPE) configuration
        KmsWrappedCryptoKey kmsWrappedCryptoKey = KmsWrappedCryptoKey.newBuilder().setWrappedKey(ByteString.copyFrom(BaseEncoding.base64().decode(wrappedKey))).setCryptoKeyName(keyName).build();
        CryptoKey cryptoKey = CryptoKey.newBuilder().setKmsWrapped(kmsWrappedCryptoKey).build();
        CryptoReplaceFfxFpeConfig cryptoReplaceFfxFpeConfig = CryptoReplaceFfxFpeConfig.newBuilder().setCryptoKey(cryptoKey).setCommonAlphabet(alphabet).setSurrogateInfoType(InfoType.newBuilder().setName(surrogateType).build()).build();
        // Create the deidentification transformation configuration
        PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder().setCryptoReplaceFfxFpeConfig(cryptoReplaceFfxFpeConfig).build();
        InfoTypeTransformation infoTypeTransformationObject = InfoTypeTransformation.newBuilder().setPrimitiveTransformation(primitiveTransformation).build();
        InfoTypeTransformations infoTypeTransformationArray = InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformationObject).build();
        // Create the deidentification request object
        DeidentifyConfig deidentifyConfig = DeidentifyConfig.newBuilder().setInfoTypeTransformations(infoTypeTransformationArray).build();
        DeidentifyContentRequest request = DeidentifyContentRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setDeidentifyConfig(deidentifyConfig).setItem(contentItem).build();
        // Execute the deidentification request
        DeidentifyContentResponse response = dlpServiceClient.deidentifyContent(request);
        // Print the deidentified input value
        // e.g. "My SSN is 123456789" --> "My SSN is 7261298621"
        String result = response.getItem().getValue();
        System.out.println(result);
    } catch (Exception e) {
        System.out.println("Error in deidentifyWithFpe: " + e.getMessage());
    }
}