kaparora/vault-transform-masking.sh

## vault-transform-masking.sh
#!/bin/sh

#enable the transform secret engine for masking
vault secrets enable  -path=/data-protection/masking/transform transform

#Define a role ccn with transformation ccn
vault write /data-protection/masking/transform/role/ccn transformations=ccn

#create a transformation of type masking using a template (defined in next step )
#and assign role ccn to it that we created earlier
vault write /data-protection/masking/transform/transformation/ccn \
        type=masking \
        template="card-mask" \
        masking_character="#" \
        allowed_roles=ccn

#create the template for masking
vault write /data-protection/masking/transform/template/card-mask type=regex \
        pattern="(\d{4})-(\d{4})-(\d{4})-\d{4}" \
        alphabet="builtin/numeric"

#test if you are able to mask a Credit Card number
vault write /data-protection/masking/transform/encode/ccn value=2345-2211-3333-4356
	#!/bin/sh

	#enable the transform secret engine for masking
	vault secrets enable -path=/data-protection/masking/transform transform

	#Define a role ccn with transformation ccn
	vault write /data-protection/masking/transform/role/ccn transformations=ccn

	#create a transformation of type masking using a template (defined in next step )
	#and assign role ccn to it that we created earlier
	vault write /data-protection/masking/transform/transformation/ccn \
	type=masking \
	template="card-mask" \
	masking_character="#" \
	allowed_roles=ccn

	#create the template for masking
	vault write /data-protection/masking/transform/template/card-mask type=regex \
	pattern="(\d{4})-(\d{4})-(\d{4})-\d{4}" \
	alphabet="builtin/numeric"

	#test if you are able to mask a Credit Card number
	vault write /data-protection/masking/transform/encode/ccn value=2345-2211-3333-4356