描述 #
The CREATE MASK RULE 语法用于创建数据脱敏规则.
语法定义 #
CreateEncryptRule ::=
'CREATE' 'MASK' 'RULE' ifNotExists? maskRuleDefinition (',' maskRuleDefinition)*
ifNotExists ::=
'IF' 'NOT' 'EXISTS'
maskRuleDefinition ::=
ruleName '(' 'COLUMNS' '(' columnDefinition (',' columnDefinition)* ')' ')'
columnDefinition ::=
'(' 'NAME' '=' columnName ',' maskAlgorithmDefinition ')'
maskAlgorithmDefinition ::=
'TYPE' '(' 'NAME' '=' maskAlgorithmType (',' propertiesDefinition)? ')'
propertiesDefinition ::=
'PROPERTIES' '(' key '=' value (',' key '=' value)* ')'
ruleName ::=
identifier
columnName ::=
identifier
maskAlgorithmType ::=
literal
key ::=
string
value ::=
literal
补充说明 #
maskAlgorithmType指定数据脱敏算法类型,请参考 数据脱敏算法;- 重复的
ruleName将无法被创建; ifNotExists子句用于避免出现Duplicate mask rule错误。
示例 #
创建数据脱敏规则 #
CREATE MASK RULE t_mask (
COLUMNS(
(NAME=phone_number,TYPE(NAME='MASK_FROM_X_TO_Y', PROPERTIES("from-x"=1, "to-y"=2, "replace-char"="*"))),
(NAME=address,TYPE(NAME='MD5'))
));
使用 ifNotExists 子句创建数据脱敏规则
#
CREATE MASK RULE IF NOT EXISTS t_mask (
COLUMNS(
(NAME=phone_number,TYPE(NAME='MASK_FROM_X_TO_Y', PROPERTIES("from-x"=1, "to-y"=2, "replace-char"="*"))),
(NAME=address,TYPE(NAME='MD5'))
));
保留字 #
CREATE、MASK、RULE、COLUMNS、NAME、TYPE