Redact
Masks or removes sensitive data.
Use the Redact policy to mask or remove sensitive data from requests, responses, or logs to protect confidential information.
For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.
Example of a Redact policy in code view.
--- #redact message
kind: redact #same for remove
apiVersion: api.ibm.com/v1
metadata:
name: "redact-request"
version: 1.0
namespace: sample
spec:
message:
messageName: "request"
queryParameters:
- token
- trace
headers:
- X-API-Key
- X-Auth-Token
body:
captures: #OneOf
jsonata: #allows either regex or jsonata, but not both
- "doc.key.password"
- "doc.key.user"
--- #redact variable/distributedVariable
kind: redact #same for remove
apiVersion: api.ibm.com/v1
metadata:
name: "redact-variable"
version: 1.0
namespace: sample
spec:
variable: #same for distributedVariable
name: "my-custom-var-1"
captures:
jsonata:
- "doc.key.password"
- "doc.key.user"
--- #redact variable/distributedVariable
kind: redact #same for remove
apiVersion: api.ibm.com/v1
metadata:
name: "redact-distributed-variable"
version: 1.0
namespace: sample
spec:
distributedVariable: #same for distributedVariable
name: "my-custom-var-1"
captures:
jsonata:
- "doc.key.password"
- "doc.key.user"
---
kind: redact
apiVersion: api.ibm.com/v1
metadata:
name: "redact-telemetry"
version: 1.0
namespace: sample
spec:
telemetry:
keys:
- "key1"
span: "rootSpan"
# # (2/3) policySpan
# span:
# policySpan: ""
# # (3/3) httpSpan
# span:
# httpSpan: ""