oci_data_safe_masking_policies_masking_column

This resource provides the Masking Policies Masking Column resource in Oracle Cloud Infrastructure Data Safe service.

Creates a new masking column in the specified masking policy. Use this operation to add parent columns only. It automatically adds the child columns from the associated sensitive data model or target database. If you provide the sensitiveTypeId attribute but not the maskingFormats attribute, it automatically assigns the default masking format associated with the specified sensitive type. Alternatively, if you provide the maskingFormats attribute, the specified masking formats are assigned to the column.

Using the maskingFormats attribute, you can assign one or more masking formats to a column. You need to specify a condition as part of each masking format. It enables you to do conditional masking so that you can mask the column data values differently using different masking conditions. A masking format can have one or more format entries. The combined output of all the format entries is used for masking. It provides the flexibility to define a masking format that can generate different parts of a data value separately and then combine them to get the final data value for masking.

You can use the maskingColumnGroup attribute to group the columns that you would like to mask together. It enables you to do group or compound masking that ensures that the masked data across the columns in a group continue to retain the same logical relationship.

Example Usage

resource "oci_data_safe_masking_policies_masking_column" "test_masking_policies_masking_column" {
	#Required
	column_name = var.masking_policies_masking_column_column_name
	masking_policy_id = oci_data_safe_masking_policy.test_masking_policy.id
	object = var.masking_policies_masking_column_object
	schema_name = var.masking_policies_masking_column_schema_name

	#Optional
	is_masking_enabled = var.masking_policies_masking_column_is_masking_enabled
	masking_column_group = var.masking_policies_masking_column_masking_column_group
	masking_formats {
		#Required
		format_entries {
			#Required
			type = var.masking_policies_masking_column_masking_formats_format_entries_type

			#Optional
			column_name = var.masking_policies_masking_column_masking_formats_format_entries_column_name
			description = var.masking_policies_masking_column_masking_formats_format_entries_description
			end_date = var.masking_policies_masking_column_masking_formats_format_entries_end_date
			end_length = var.masking_policies_masking_column_masking_formats_format_entries_end_length
			end_value = var.masking_policies_masking_column_masking_formats_format_entries_end_value
			fixed_number = var.masking_policies_masking_column_masking_formats_format_entries_fixed_number
			fixed_string = var.masking_policies_masking_column_masking_formats_format_entries_fixed_string
			grouping_columns = var.masking_policies_masking_column_masking_formats_format_entries_grouping_columns
			length = var.masking_policies_masking_column_masking_formats_format_entries_length
			library_masking_format_id = oci_data_safe_library_masking_format.test_library_masking_format.id
			pattern = var.masking_policies_masking_column_masking_formats_format_entries_pattern
			post_processing_function = var.masking_policies_masking_column_masking_formats_format_entries_post_processing_function
			random_list = var.masking_policies_masking_column_masking_formats_format_entries_random_list
			regular_expression = var.masking_policies_masking_column_masking_formats_format_entries_regular_expression
			replace_with = var.masking_policies_masking_column_masking_formats_format_entries_replace_with
			schema_name = var.masking_policies_masking_column_masking_formats_format_entries_schema_name
			sql_expression = var.masking_policies_masking_column_masking_formats_format_entries_sql_expression
			start_date = var.masking_policies_masking_column_masking_formats_format_entries_start_date
			start_length = var.masking_policies_masking_column_masking_formats_format_entries_start_length
			start_position = var.masking_policies_masking_column_masking_formats_format_entries_start_position
			start_value = var.masking_policies_masking_column_masking_formats_format_entries_start_value
			table_name = oci_nosql_table.test_table.name
			user_defined_function = var.masking_policies_masking_column_masking_formats_format_entries_user_defined_function
		}

		#Optional
		condition = var.masking_policies_masking_column_masking_formats_condition
		description = var.masking_policies_masking_column_masking_formats_description
	}
	object_type = var.masking_policies_masking_column_object_type
	sensitive_type_id = oci_data_safe_sensitive_type.test_sensitive_type.id
}

Argument Reference

The following arguments are supported:

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Attributes Reference

The following attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain operations: * create - (Defaults to 20 minutes), when creating the Masking Policies Masking Column * update - (Defaults to 20 minutes), when updating the Masking Policies Masking Column * delete - (Defaults to 20 minutes), when destroying the Masking Policies Masking Column

Import

MaskingPoliciesMaskingColumns can be imported using the id, e.g.

$ terraform import oci_data_safe_masking_policies_masking_column.test_masking_policies_masking_column "maskingPolicies/{maskingPolicyId}/maskingColumns/{maskingColumnKey}"