Apply Masking Rules
You can apply a masking rule to a field from the Masking page.
You can select a rule from a list based on the data type of the source field. If some of the fields are different in source and target, the common fields are listed. The fields pick up the attributes, such as length, field type, and label, from the target connection.
When you select multiple source objects, the task lists fields from a single object at a time on the Masking page. Select the source objects individually if you want to apply masking rule to fields in different objects.
After you apply masking rules, you can configure masking rule properties. For each masking rule, you can configure preprocessing and postprocessing expressions.
You cannot apply masking rules to read-only objects.
Masking Rule Assignments
You can apply masking rules to the objects from the Data Masking page to mask the fields.
You can apply the masking rules to the objects based on the field data type. After you apply a masking rule to a field, you can configure the masking rule properties. You can either manually select the available data masking rules from the list for each field or assign the default masking rules to a set of fields at once. The Data Masking task package contains default masking rules. To assign the default masking rules to the source objects, click Default Assignment.
You can clear all the default masking rule assignment and assign the rules manually. To delete a masking rule assignment, click Clear Assignment.
Add Mapplets
Add mapplets in a Data Masking task to mask the target fields.
Use passive mapplets to perform a Data Masking task. Assign a mapplet rule to a source object. Map the source fields to the input fields of the mapplet, and map the output fields of the mapplet to the target fields.
You can add multiple mapplets to an object. You can also add multiple instances of a mapplet to multiple objects.
You can add multiple instances of a mapplet to a single object. Informatica Cloud appends a unique number to identify each instance of the mapplet. You must configure each instance to the object before you run the task.
You can use a mapplet that requires an extra connection to a relational database or a flat file. Before you add the mapplet, you must add the connection.
If the dictionary information for the mapplet is in a flat file, the flat file must be present in the following location:
<Secure Agent installation directory>\apps\Data_Integration_Server\data
If the lookup connection for the mapplet is a flat file connection, the connection name must be the name of the flat file.
The following image shows the mapplets that you can add to a Data Masking task:
You cannot use active mapplets.
Target Fields
You can view the common and missing mandatory fields from the Data Masking page.
Common fields list the fields that are common in both source and target. You can assign masking rules to all the common fields.
The missing mandatory fields list the target mandatory fields that are missing in the source. To mask the missing mandatory fields, you can configure an expression or specify a value in the expression builder.
For example, you need to populate the target with data for testing purposes. You create a mandatory field called AlternatePhone_c in the target Account object that is not present in the source. When you run a Data Masking task, you need to populate the missing mandatory target field with a value. The task fails because the mandatory field is missing in the source. You can enter a specific value or configure are expression for the missing mandatory field to populate the target.
Default Masking Rules Package
You can assign default masking rules to the target fields.
The Data Masking task package contains files with the default masking rules. After you install the Secure Agent, you can view the default_rules.xml, fields.properties, and salesforce_default_values.properties files in the following location:
<Secure Agent installation directory>\apps\Data_Integration_Server\$version\ICS\main\dmask
The default_rules.xml file contains the configured rule properties for each masking rule. The fields.properties file contains the default masking rules for all the fields in the objects. When you apply default masking rules to the common fields, the task picks the default rules from the default_rules.xml and fields.properties files.
The salesforce_default_values.properties file contains the default values for the target mandatory fields that are missing in the source.
You can edit these files to change default values or create rules for default assignment.
Configure Default Rules Parameters
You can edit the default rules files and configure the parameters for default assignments.
The following table describes the parameters that you can configure in the default_rules.xml file:
Parameter | Description |
|---|
isSeeded | To configure repeatable output. Enter True or False. If you enter True, specify a seed value. |
seedValue | A starting number to create repeatable output. Enter a number from 1 through 999. |
keepCardIssuer | Masks a credit card number with the same credit card type. Enter True or False. If you enter False, specify the targetIssuer parameter. |
targetIssuer | Masks the credit card numbers with the selected credit card type. You can enter the following credit card types: ANY, JCB, VISA, AMEX, DISCOVER, and MASTERCARD. |
firstNameColumn | Name of the column to use as the first part of the email name. The email name contains the masked value of the column you choose. |
firstNameLength | The maximum number of characters of the first name to include in the masked email addresses. |
delimiter | Delimiter to separate the first name and the last name in masked email addresses. You can enter the following characters: . / - / _ If you do not want to separate the first name and last name in the email address, leave the delimiter blank. |
lastNameColumn | Name of the column to use as the last part of the email name. The email name contains the masked value of the column you choose. |
lastNameLength | The maximum number of the characters of the last name to include in the masked email address. |
domainConstantValue | A domain string name to include in the masked email addresses. |
useMaskFormat | Specifies if you want to use a mask format. Enter True or False. |
maskFormat | Defines the type of character to substitute for each character in the source data. You can limit each character to an alphabetic numeric or alphanumeric character type. Use the following characters to define a mask format: A for alphabets, D for digits from 0 to 9, N for alphanumeric characters, X for any character, + for no masking, and R for the remaining characters in the string of any character type. R must appear at the end of the mask format. |
useSrcFilter | Specifies if you want to skip masking some of the source characters. Enter True or False. If you enter True, you must specify the srcFilterOption and srcFilterStr parameters. |
srcFilterOption | Defines a filter that determines which characters to mask in the source. Enter one of the following options: - - Mask Only. Mask only the characters that you configure as source filter characters.
- - Mask All Except. Mask all characters except the characters you configure as source filter characters.
|
srcFilterStr | The source characters that you want to mask or the source characters that you want to skip masking. Each character is case-sensitive. Enter the source filter characters with no delimiters. For example, AaBbC. |
usetargetFilter | Specifies if you want to limit the characters that can appear in the target. Enter True or False. If you enter True, you must specify the targetFilterOption and targetFilterStr parameters. |
targetFilterOption | Defines a filter that determines which characters to use in target mask. Enter one of the following options: - - Use Only. Limit the target to the characters that you configure as target filter characters.
- - Use All Except. Limits the target to all characters except the characters you configure as target filter characters.
|
targetFilterStr | The characters that you want to use in a mask or the characters that do not want to use in a mask, based on the values of target filter type. Each character is case-sensitive. Enter the target filter characters with no delimiters. For example, AaBbC. |
useRange | Specifies whether you want to set a range for the masked data. Returns a value between the minimum and maximum values of the range depending on field precision. To define the range, configure the minimum and maximum ranges or configure a blurring range based on a variance from the original source value. You can configure ranges for string, date, and numeric data types. |
minWidth | The minimum value of the range. You can specify the minimum width for date, string, and numeric data types. |
maxWidth | The maximum value of the range. You can specify the minimum width for date, string, and numeric data types. |
startDigit | Defines the first digit of the masked SIN. |
startDigitValue | The value for the first digit of the masked SIN. |
DicConn | The connection to the directory where the dictionary files are present. You must create a flat file connection with the directory that points to the dictionary files. |
DicName | The dictionary that you want to select. The dictionary file must be present in the rdtmDir directory of the Secure Agent. |
outputPort | The output port column from the dictionary. |
useBlurring | Masks data with a variance of the source data if specify that you want to blur the target data. |
blurringUnit | Unit of the date to apply the variance to. You can enter the following values: Year, Month, Day, Hour, Minute, or Second. |
blurringOption | The unit of numeric blurring. Enter Fixed or Percent. |
blurLow | The low boundary of the variance from the source. Enter the value for numeric and date data types. |
blurHigh | The high boundary of the variance from the source. Enter the value for numeric and date data types. |
expText | An expression that you can configure to mask the target data. |
Preprocessing expression | An expression to define changes to make to the data before masking. |
Preprocessing expression | An expression to define changes to make to the masked data before saving the data to the target. |
