Cloud Data Loss Prevention (Cloud DLP) ora fa parte di Sensitive Data Protection. Il nome dell'API rimane invariato: API Cloud Data Loss Prevention (API DLP). Per informazioni sui servizi che compongono Sensitive Data Protection, consulta la panoramica di Sensitive Data Protection.
Mantieni tutto organizzato con le raccolte
Salva e classifica i contenuti in base alle tue preferenze.
Ispeziona il testo sensibile utilizzando l'API DLP
Scopri come analizzare una stringa di esempio per individuare informazioni sensibili utilizzando l'API Cloud Data Loss Prevention di Sensitive Data Protection e JSON.
Per seguire le indicazioni dettagliate per questa attivitร direttamente nella Google Cloud console, fai clic su Procedura guidata:
Sign in to your Google Cloud account. If you're new to
Google Cloud,
create an account to evaluate how our products perform in
real-world scenarios. New customers also get $300 in free credits to
run, test, and deploy workloads.
USER_IDENTIFIER: the identifier for your user
accountโfor example, myemail@example.com.
ROLE: the IAM role that you grant to your user account.
Ispeziona una stringa per individuare informazioni sensibili
Questa sezione mostra come configurare l'API DLP per analizzare
il testo di esempio utilizzando il metodo REST projects.content.inspect.
Questa sezione richiede di salvare la richiesta di esempio in un file JSON. Se utilizzi Cloud Shell, puoi utilizzare l'editor di Cloud Shell per creare il file. Per avviare l'editor, fai clic su
editApri editor
launch sulla barra degli strumenti della finestra di Cloud Shell.
Prima di utilizzare i dati della richiesta,
apporta le seguenti sostituzioni:
PROJECT_ID: il tuo ID progetto Google Cloud . Gli ID progetto sono
stringhe alfanumeriche, come my-project.
Metodo HTTP e URL:
POST https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect
Per evitare che al tuo account Google Cloud vengano addebitati costi relativi alle risorse utilizzate in questa pagina, elimina il progetto Google Cloud
con le risorse.
Elimina il progetto
Se hai creato un nuovo progetto per questa guida rapida, il modo piรน semplice per evitare addebiti aggiuntivi รจ eliminare il progetto.
Delete a Google Cloud project:
gcloud projects delete PROJECT_ID
Revocare le credenziali
Optional: Revoke credentials from the gcloud CLI.
gcloudauthrevoke
Passaggi successivi
Per iniziare a ispezionare testo e immagini per l'individuazione di dati sensibili, consulta le
guide pratiche.
Per comprendere meglio ispezione, oscuramento, infoType e probabilitร , consulta la sezione Concetti.
[[["Facile da capire","easyToUnderstand","thumb-up"],["Il problema รจ stato risolto","solvedMyProblem","thumb-up"],["Altra","otherUp","thumb-up"]],[["Difficile da capire","hardToUnderstand","thumb-down"],["Informazioni o codice di esempio errati","incorrectInformationOrSampleCode","thumb-down"],["Mancano le informazioni o gli esempi di cui ho bisogno","missingTheInformationSamplesINeed","thumb-down"],["Problema di traduzione","translationIssue","thumb-down"],["Altra","otherDown","thumb-down"]],["Ultimo aggiornamento 2025-09-03 UTC."],[],[],null,["# Inspect sensitive text by using the DLP API\n===========================================\n\nLearn how to scan a sample string for sensitive information by using the\nCloud Data Loss Prevention API of Sensitive Data Protection and JSON.\n\n*** ** * ** ***\n\nTo follow step-by-step guidance for this task directly in the\nGoogle Cloud console, click **Guide me**:\n\n[Guide me](https://console.cloud.google.com/freetrial?redirectPath=/?walkthrough_id=dlp--inspect-sensitive-text-api)\n\n*** ** * ** ***\n\nBefore you begin\n----------------\n\n- Sign in to your Google Cloud account. If you're new to Google Cloud, [create an account](https://console.cloud.google.com/freetrial) to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.\n-\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n- If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n\n-\n To [initialize](/sdk/docs/initializing) the gcloud CLI, run the following command:\n\n ```bash\n gcloud init\n ```\n- [Create or select a Google Cloud project](https://cloud.google.com/resource-manager/docs/creating-managing-projects).\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n - Create a Google Cloud project:\n\n ```\n gcloud projects create PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with a name for the Google Cloud project you are creating.\n - Select the Google Cloud project that you created:\n\n ```\n gcloud config set project PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with your Google Cloud project name.\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the DLP API:\n\n\n ```bash\n gcloud services enable dlp.googleapis.com\n ```\n-\n Grant roles to your user account. Run the following command once for each of the following\n IAM roles:\n `roles/dlp.user`\n\n ```bash\n gcloud projects add-iam-policy-binding PROJECT_ID --member=\"user:\u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e\" --role=ROLE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: your project ID.\n - \u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e: the identifier for your user account---for example, `myemail@example.com`.\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the IAM role that you grant to your user account.\n\n-\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n- If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n\n-\n To [initialize](/sdk/docs/initializing) the gcloud CLI, run the following command:\n\n ```bash\n gcloud init\n ```\n- [Create or select a Google Cloud project](https://cloud.google.com/resource-manager/docs/creating-managing-projects).\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n - Create a Google Cloud project:\n\n ```\n gcloud projects create PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with a name for the Google Cloud project you are creating.\n - Select the Google Cloud project that you created:\n\n ```\n gcloud config set project PROJECT_ID\n ```\n\n Replace \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e with your Google Cloud project name.\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the DLP API:\n\n\n ```bash\n gcloud services enable dlp.googleapis.com\n ```\n-\n Grant roles to your user account. Run the following command once for each of the following\n IAM roles:\n `roles/dlp.user`\n\n ```bash\n gcloud projects add-iam-policy-binding PROJECT_ID --member=\"user:\u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e\" --role=ROLE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: your project ID.\n - \u003cvar translate=\"no\"\u003eUSER_IDENTIFIER\u003c/var\u003e: the identifier for your user account---for example, `myemail@example.com`.\n - \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: the IAM role that you grant to your user account.\n\n\u003cbr /\u003e\n\nInspect a string for sensitive information\n------------------------------------------\n\nThis section shows you how to configure the DLP API to scan\nsample text using the [`projects.content.inspect`](/sensitive-data-protection/docs/reference/rest/v2/projects.content/inspect)\nREST method.\n\nThis section requires you to save the sample request in a JSON file. If you're\nusing Cloud Shell, you can use the Cloud Shell Editor to create the\nfile. To launch the editor, click edit **Open Editor** launch on the toolbar of the Cloud Shell window.\n\n\nBefore using any of the request data,\nmake the following replacements:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: Your Google Cloud project ID. Project IDs are alphanumeric strings, like `my-project`.\n\n\nHTTP method and URL:\n\n```\nPOST https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect\n```\n\n\nRequest JSON body:\n\n```\n{\n \"item\": {\n \"value\": \"My phone number is (800) 555-0123.\"\n },\n \"inspectConfig\": {\n \"infoTypes\": [\n {\n \"name\": \"PHONE_NUMBER\"\n },\n {\n \"name\": \"US_TOLLFREE_PHONE_NUMBER\"\n }\n ],\n \"minLikelihood\": \"POSSIBLE\",\n \"limits\": {\n \"maxFindingsPerItem\": 0\n },\n \"includeQuote\": true\n }\n}\n```\n\nTo send your request, expand one of these options:\n\n#### curl (Linux, macOS, or Cloud Shell)\n\n| **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) , or by using [Cloud Shell](/shell/docs), which automatically logs you into the `gcloud` CLI . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nSave the request body in a file named `inspect-request.json`,\nand execute the following command:\n\n```\ncurl -X POST \\\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\n -H \"x-goog-user-project: PROJECT_ID\" \\\n -H \"Content-Type: application/json; charset=utf-8\" \\\n -d @inspect-request.json \\\n \"https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect\"\n```\n\n#### PowerShell (Windows)\n\n| **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nSave the request body in a file named `inspect-request.json`,\nand execute the following command:\n\n```\n$cred = gcloud auth print-access-token\n$headers = @{ \"Authorization\" = \"Bearer $cred\"; \"x-goog-user-project\" = \"PROJECT_ID\" }\n\nInvoke-WebRequest `\n -Method POST `\n -Headers $headers `\n -ContentType: \"application/json; charset=utf-8\" `\n -InFile inspect-request.json `\n -Uri \"https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect\" | Select-Object -Expand Content\n```\n\nYou should receive a JSON response similar to the following:\n\n```\n{\n \"result\": {\n \"findings\": [\n {\n \"quote\": \"(800) 555-0123\",\n \"infoType\": {\n \"name\": \"US_TOLLFREE_PHONE_NUMBER\"\n },\n \"likelihood\": \"LIKELY\",\n \"location\": {\n \"byteRange\": {\n \"start\": \"19\",\n \"end\": \"33\"\n },\n \"codepointRange\": {\n \"start\": \"19\",\n \"end\": \"33\"\n }\n },\n \"createTime\": \"2022-09-23T01:53:05.303Z\",\n \"findingId\": \"2022-09-23T01:53:05.306348Z5328915744504121862\"\n }\n ]\n }\n}\n```\n\nClean up\n--------\n\n\nTo avoid incurring charges to your Google Cloud account for\nthe resources used on this page, delete the Google Cloud project with the\nresources.\n\n### Delete the project\n\nIf you created a new project for this quickstart, the easiest way to prevent\nadditional charges is to delete the project.\n\n| **Caution** : Deleting a project has the following effects:\n|\n| - **Everything in the project is deleted.** If you used an existing project for the tasks in this document, when you delete it, you also delete any other work you've done in the project.\n| - **Custom project IDs are lost.** When you created this project, you might have created a custom project ID that you want to use in the future. To preserve the URLs that use the project ID, such as an `appspot.com` URL, delete selected resources inside the project instead of deleting the whole project.\n|\n|\n| If you plan to explore multiple architectures, tutorials, or quickstarts, reusing projects\n| can help you avoid exceeding project quota limits.\n1. Delete a Google Cloud project: \n\n```\ngcloud projects delete PROJECT_ID\n```\n\n\u003cbr /\u003e\n\n### Revoke your credentials\n\n-\n Optional: Revoke credentials from the gcloud CLI.\n\n ```bash\n gcloud auth revoke\n ```\n\nWhat's next\n-----------\n\n- To get started with inspecting text and images for sensitive data, see\n [How-to guides](/sensitive-data-protection/docs/how-to).\n\n- To better understand inspection, redaction, infoTypes, and likelihood, see\n [Concepts](/sensitive-data-protection/docs/concepts).\n\n- Learn more about the [DLP API](/sensitive-data-protection/docs/reference/rest/v2)."]]
