使用 Node.js 檢查文字中是否有敏感資訊
瞭解如何使用 Sensitive Data Protection 的 Cloud Data Loss Prevention API、Google Cloud CLI 和 Node.js,掃描字串範例中是否含有機密資訊。
如要直接在 Google Cloud 控制台按照逐步指南操作,請按一下「Guide me」(逐步引導):
事前準備
- Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
-
Install the Google Cloud CLI.
-
如果您使用外部識別資訊提供者 (IdP),請先 使用聯合身分登入 gcloud CLI。
-
如要初始化 gcloud CLI,請執行下列指令:
gcloud init -
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_IDwith a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_IDwith your Google Cloud project name.
-
-
Verify that billing is enabled for your Google Cloud project.
-
Enable the DLP API:
gcloud services enable dlp.googleapis.com
-
Create local authentication credentials for your user account:
gcloud auth application-default login
If an authentication error is returned, and you are using an external identity provider (IdP), confirm that you have signed in to the gcloud CLI with your federated identity.
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/dlp.usergcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
Replace the following:
PROJECT_ID: your project ID.USER_IDENTIFIER: the identifier for your user account—for example,myemail@example.com.ROLE: the IAM role that you grant to your user account.
-
Install the Google Cloud CLI.
-
如果您使用外部識別資訊提供者 (IdP),請先 使用聯合身分登入 gcloud CLI。
-
如要初始化 gcloud CLI,請執行下列指令:
gcloud init -
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_IDwith a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_IDwith your Google Cloud project name.
-
-
Verify that billing is enabled for your Google Cloud project.
-
Enable the DLP API:
gcloud services enable dlp.googleapis.com
-
Create local authentication credentials for your user account:
gcloud auth application-default login
If an authentication error is returned, and you are using an external identity provider (IdP), confirm that you have signed in to the gcloud CLI with your federated identity.
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/dlp.usergcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
Replace the following:
PROJECT_ID: your project ID.USER_IDENTIFIER: the identifier for your user account—for example,myemail@example.com.ROLE: the IAM role that you grant to your user account.
- 安裝 Node.js 和 NPM。
-
git clone https://github.com/GoogleCloudPlatform/nodejs-docs-samples 前往
dlp目錄。cd nodejs-docs-samples/dlp安裝應用程式依附元件:
npm install-
Optional: Revoke the authentication credentials that you created, and delete the local credential file.
gcloud auth application-default revoke
-
Optional: Revoke credentials from the gcloud CLI.
gcloud auth revoke
如要開始檢查文字和圖片中的機密資料,請參閱使用指南。
如要進一步瞭解檢查、遮蓋、infoType 和可能性,請參閱「概念」一文。
進一步瞭解 DLP API。
進一步瞭解 Cloud DLP Node.js 用戶端。
設定 Sensitive Data Protection CLI 應用程式
如要使用 Node.js 設定 Sensitive Data Protection CLI 應用程式,請按照下列步驟操作:
檢查字串是否含有機密資訊
如要使用 DLP API 和 inspectString Node.js 指令碼掃描範例文字,請執行下列指令:
node inspectString.js PROJECT_ID "My email address is joe@example.com."
輸出結果會與下列內容相似:
Findings:
Info type: EMAIL_ADDRESS
Likelihood: LIKELY
清除所用資源
如要避免系統向您的 Google Cloud 帳戶收取本頁面所用資源的費用,請刪除含有這些資源的 Google Cloud 專案。
刪除專案
如果您為本快速入門導覽課程建立了新專案,如要避免產生額外費用,最簡單的方法就是刪除該專案。
Delete a Google Cloud project:
gcloud projects delete PROJECT_ID