Logo
CREATE MASK RULE

描述 #

The CREATE MASK RULE 语法用于创建数据脱敏规则.

语法定义 #

CreateEncryptRule ::=
  'CREATE' 'MASK' 'RULE' ifNotExists? maskRuleDefinition (',' maskRuleDefinition)*

ifNotExists ::=
  'IF' 'NOT' 'EXISTS'

maskRuleDefinition ::=
  ruleName '(' 'COLUMNS' '(' columnDefinition (',' columnDefinition)* ')' ')'

columnDefinition ::=
  '(' 'NAME' '=' columnName ',' maskAlgorithmDefinition ')'

maskAlgorithmDefinition ::=
  'TYPE' '(' 'NAME' '=' maskAlgorithmType (',' propertiesDefinition)? ')'

propertiesDefinition ::=
  'PROPERTIES' '(' key '=' value (',' key '=' value)* ')'

ruleName ::=
  identifier

columnName ::=
  identifier

maskAlgorithmType ::=
  literal

key ::=
  string

value ::=
  literal

补充说明 #

  • maskAlgorithmType 指定数据脱敏算法类型,请参考 数据脱敏算法
  • 重复的 ruleName 将无法被创建;
  • ifNotExists 子句用于避免出现 Duplicate mask rule 错误。

示例 #

创建数据脱敏规则 #

CREATE MASK RULE t_mask (
COLUMNS(
(NAME=phone_number,TYPE(NAME='MASK_FROM_X_TO_Y', PROPERTIES("from-x"=1, "to-y"=2, "replace-char"="*"))),
(NAME=address,TYPE(NAME='MD5'))
));

使用 ifNotExists 子句创建数据脱敏规则 #

CREATE MASK RULE IF NOT EXISTS t_mask (
COLUMNS(
(NAME=phone_number,TYPE(NAME='MASK_FROM_X_TO_Y', PROPERTIES("from-x"=1, "to-y"=2, "replace-char"="*"))),
(NAME=address,TYPE(NAME='MD5'))
));

保留字 #

CREATEMASKRULECOLUMNSNAMETYPE