CREATE MASK RULE

Description

The CREATE MASK RULE syntax is used to create a mask rule.

Syntax

Grammar Railroad diagram

  1. CreateEncryptRule ::=
  2. 'CREATE' 'MASK' 'RULE' ifNotExists? maskRuleDefinition (',' maskRuleDefinition)*
  3. ifNotExists ::=
  4. 'IF' 'NOT' 'EXISTS'
  5. maskRuleDefinition ::=
  6. ruleName '(' 'COLUMNS' '(' columnDefinition (',' columnDefinition)* ')' ')'
  7. columnDefinition ::=
  8. '(' 'NAME' '=' columnName ',' maskAlgorithmDefinition ')'
  9. maskAlgorithmDefinition ::=
  10. 'TYPE' '(' 'NAME' '=' algorithmType (',' propertiesDefinition)? ')'
  11. propertiesDefinition ::=
  12. 'PROPERTIES' '(' key '=' value (',' key '=' value)* ')'
  13. ruleName ::=
  14. identifier
  15. columnName ::=
  16. identifier
  17. algorithmType ::=
  18. literal
  19. key ::=
  20. string
  21. value ::=
  22. literal

Note

  • algorithmType specifies the data masking algorithm type. For more details, please refer to Data Masking Algorithm;
  • Duplicate ruleName will not be created;
  • ifNotExists clause is used for avoid Duplicate mask rule error.

Example

Create a mask rule

  1. CREATE MASK RULE t_mask (
  2. COLUMNS(
  3. (NAME=phone_number,TYPE(NAME='MASK_FROM_X_TO_Y', PROPERTIES("from-x"=1, "to-y"=2, "replace-char"="*"))),
  4. (NAME=address,TYPE(NAME='MD5'))
  5. ));

Create mask rule with ifNotExists clause

  1. CREATE MASK RULE IF NOT EXISTS t_mask (
  2. COLUMNS(
  3. (NAME=phone_number,TYPE(NAME='MASK_FROM_X_TO_Y', PROPERTIES("from-x"=1, "to-y"=2, "replace-char"="*"))),
  4. (NAME=address,TYPE(NAME='MD5'))
  5. ));

Reserved words

CREATE, MASK, RULE, COLUMNS, NAME, TYPE