Skip to content

Instantly share code, notes, and snippets.

@kaparora
Last active April 19, 2020 10:33
Show Gist options
  • Save kaparora/07205eb40641392a61a2ec7621ef9da6 to your computer and use it in GitHub Desktop.
Save kaparora/07205eb40641392a61a2ec7621ef9da6 to your computer and use it in GitHub Desktop.
#!/bin/sh
#enable the transform secret engine for masking
vault secrets enable -path=/data-protection/masking/transform transform
#Define a role ccn with transformation ccn
vault write /data-protection/masking/transform/role/ccn transformations=ccn
#create a transformation of type masking using a template (defined in next step )
#and assign role ccn to it that we created earlier
vault write /data-protection/masking/transform/transformation/ccn \
type=masking \
template="card-mask" \
masking_character="#" \
allowed_roles=ccn
#create the template for masking
vault write /data-protection/masking/transform/template/card-mask type=regex \
pattern="(\d{4})-(\d{4})-(\d{4})-\d{4}" \
alphabet="builtin/numeric"
#test if you are able to mask a Credit Card number
vault write /data-protection/masking/transform/encode/ccn value=2345-2211-3333-4356
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment