Background #
The YAML configuration approach to data masking is highly readable, with the YAML format enabling a quick understanding of dependencies between mask rules. Based on the YAML configuration, ShardingSphere automatically completes the creation of objects, reducing unnecessary coding efforts for users.
Parameters #
rules:
- !MASK
tables:
<table_name> (+): # Mask table name
columns:
<column_name> (+): # Mask logic column name
maskAlgorithm: # Mask algorithm name
# Mask algorithm configuration
maskAlgorithms:
<mask_algorithm_name> (+): # Mask algorithm name
type: # Mask algorithm type
props: # Mask algorithm properties
# ...
Please refer to Built-in Mask Algorithm List for more details about type of algorithm.
Procedure #
- Configure data masking rules in the YAML file, including data sources, mask rules, global attributes, and other configuration items.
- Using the
createDataSourceof calling the object to create based on the configuration information in the YAML file.
Sample #
The data masking YAML configurations are as follows:
dataSources:
unique_ds:
dataSourceClassName: com.zaxxer.hikari.HikariDataSource
driverClassName: com.mysql.jdbc.Driver
jdbcUrl: jdbc:mysql://localhost:3306/demo_ds?serverTimezone=UTC&useSSL=false&useUnicode=true&characterEncoding=UTF-8
username: root
password:
rules:
- !MASK
tables:
t_user:
columns:
password:
maskAlgorithm: md5_mask
email:
maskAlgorithm: mask_before_special_chars_mask
telephone:
maskAlgorithm: keep_first_n_last_m_mask
maskAlgorithms:
md5_mask:
type: MD5
mask_before_special_chars_mask:
type: MASK_BEFORE_SPECIAL_CHARS
props:
special-chars: '@'
replace-char: '*'
keep_first_n_last_m_mask:
type: KEEP_FIRST_N_LAST_M
props:
first-n: 3
last-m: 4
replace-char: '*'