Overview<\/h2>\nExample Scenario<\/h3>\n
Imagine a small eCommerce platform that sells unique, handmade crafts. This site operates on a one-off purchase model, meaning users are not required to create accounts or log in. Shoppers simply browse the catalog, select items they wish to purchase, and proceed to checkout. During the checkout process, they provide essential information such as full name, mailing address, billing address, payment information, phone number, and email address. This Personally Identifiable Information (PII) is necessary to complete the purchase and ensure the item is shipped to the correct address.<\/p>\n
Once the order is placed, the data travels through various microservices. The order processing service validates the details and checks inventory, the payment service securely handles the billing information to process transactions, and the shipping service uses the provided mailing address to arrange delivery.<\/p>\n
The site is designed to give users a seamless and easy shopping experience. There are no accounts. No need to go through a lengthy registration process. Simply choose the item to buy, make the payment along with shipping information and it is done. However, while the customer has had a frictionless shopping experience, their personal data cannot have the same frictionless experience in your application. To maintain privacy and comply with regulations, this PII must be sanitized before being stored in the long-term purchase history database.<\/p>\n
While this scenario may seem unique, it is actually a situation that may occur in our applications all the time. Every application that collects any aspect of a user\u2019s information must ensure rigorous consent and be in compliance with the laws and regulations of every locality it operates in across the globe. This can be an enormous challenge, and one that carries with it severe ramifications if not done properly.<\/p>\n
Solution Workflow<\/h3>\n
In order to effectively handle privacy requirements for live data, we will need to leverage the real-time data capabilities of AWS and Couchbase to transform the data as soon as it is created. It is legally challenging to store private data even for a moment in a database according to GDPR regulations. As such, not only is it good data practice to add the data only after it has been sanitized, it may even be a legal requirement.<\/p>\n
The solution we are crafting will leverage AWS Simple Queue Service (SQS), Elastic Container Registry (ECR), and a Lambda function working in partnership with Couchbase Capella, the fully managed Database as a Service (DBaaS). This workflow can be implemented with any message sender to the queue service, which will initiate the data sanitizing process. In other words, it is plug and play capable.<\/p>\n
The following workflow visually demonstrates how the solution operates.<\/p>\n
First, any message sender sends data to the queue service. This triggers the Lambda function with the message. The Lambda function processes and transforms the data removing all PII from the message. Finally, the sanitized data is then sent to Couchbase to be safely added to the data store.<\/p>\n Now that we understand the workflow, let\u2019s build it!<\/p>\n It is free to sign up and try Couchbase Capella, and if you have not done so yet, you can do so by navigating to cloud.couchbase.com<\/a> and creating an account using your GitHub or Google credentials, or by making a new account with an email address and password combination.<\/p>\n The summary of your new database will be presented on the left-hand side of the dashboard. Capella is multi-cloud and can work with AWS, Google Cloud or Azure. For this example, you will deploy to AWS.<\/p>\n After you have created your database, you need to create a bucket<\/i>. A bucket<\/i> in Couchbase is the container where the data is stored. Each item of data, known as a document<\/i>, is kept in JSON making its syntax familiar to most developers. You can name your bucket whatever you want. However, for the purposes of this walkthrough, let\u2019s name this bucket anonymized_data_example<\/i>.<\/p>\n Now that you have created both your database and your bucket, you are ready to create your database access credentials and to fetch your connection URL that you will be using in your Lambda function.<\/p>\n Navigate to the Connect<\/i> section in the Capella dashboard and take note of the Connection String<\/i>.<\/p>\n Then, click on the Database Access<\/i> link under section two. In that section, you will create credentials \u2013 a username and password \u2013 that your Lambda function will use to authenticate with the database. You can scope the credentials to the specific bucket you created or give it permission for all buckets and databases in your account. You need to make sure it has both read and write access, regardless.<\/p>\n At this point, you are now ready to create the Lambda function that will be invoked each time a message is received by the queue service.<\/p>\n Every application will have different PII that it may collect, and depending on the localities the application is operating in, it may also have different requirements of what it must remove before saving the data. In this example, we will remove the IP address and the surname of every message before sending it on to Couchbase.<\/p>\n The function to sanitize the data is itself fairly straightforward:<\/p>\n This function, The To set up the Lambda function using the AWS CLI, you need to create a new Lambda function and specify the necessary IAM role and handler. Here\u2019s how you can do it:<\/p>\n Make sure to replace The Lambda function is now ready to be packaged in a Docker image and published to the AWS ECR service.<\/p>\n To deploy the Docker image to AWS ECR, we start by building the Docker image for the linux\/amd64 platform. This ensures compatibility with the x86_64 architecture of our Lambda function. We use a Dockerfile<\/i> that installs the necessary tools and dependencies, sets the working directory, copies the required files, installs the dependencies, and copies the Lambda function code. The Dockerfile<\/i> also specifies the command to run the Lambda function.<\/p>\n Here is the Dockerfile<\/i>:<\/p>\n Once the Dockerfile is ready, we build the Docker image with the specified platform:<\/p>\n After building the image, we tag it appropriately for the AWS ECR repository:<\/p>\n To push the Docker image to ECR, we first log in to the ECR registry using the AWS CLI to obtain the login credentials:<\/p>\n With the credentials in place, we push the Docker image to the ECR repository:<\/p>\n Finally, we update the Lambda function named By following these steps, the Docker image is successfully deployed to AWS ECR and the Lambda function is updated to use the new image, allowing the application to sanitize PII before storing it in Couchbase. This setup ensures that data processing complies with privacy requirements while leveraging the power of AWS and Couchbase.<\/p>\n To facilitate the flow of data between the message sender and the Lambda function, we need to set up an Amazon SQS queue. The SQS queue will act as a buffer that receives and stores messages until they are processed by the Lambda function. Here\u2019s how you can set up an SQS queue and make it a trigger for the Lambda function using the AWS CLI.<\/p>\n First, create a new SQS queue. This queue will receive messages containing user data from the message sender, which is the application.<\/p>\n After creating the queue, you will receive a URL for the queue. This URL is necessary for sending messages to the queue and configuring it as a trigger for the Lambda function.<\/p>\n Next, we need to get the ARN of the SQS queue, which is required to set up permissions and triggers. Use the following command to retrieve the ARN:<\/p>\n Replace The output will include the QueueArn<\/i>, which looks something like this:<\/p>\n Now, we need to grant the Lambda function permission to read messages from the SQS queue. Create a policy file named lambda-sqs-policy.json<\/i> with the following content:<\/p>\n Apply this policy to the Lambda execution role:<\/p>\n Next, add the SQS queue as a trigger for the Lambda function:<\/p>\n This command sets up the Lambda function to be triggered by messages arriving in the SQS queue.<\/p>\n Now, your Lambda function is set to receive every message sent to the queue service. The workflow is complete! This setup ensures efficient handling of user data while maintaining compliance with privacy requirements.<\/p>\n To ensure that everything works as expected, you can test the workflow by sending a message through to the queue directly yourself. From the command line execute the following:<\/p>\n The message will trigger the Lambda function, which in turn, will add the data to your Couchbase bucket after sanitizing it. You can view the sample data you sent in the message by either logging into the Capella dashboard or in your VSCode<\/a> or Jetbrains<\/a> IDE directly by using their respective Couchbase extension.<\/p>\n The work to build, deploy and maintain any modern application today is an enormous task. As much as it is possible, parts of that task that are not directly related to the core business of the application should be simplified and abstracted away to reduce the cognitive load of the engineers, the SREs, and everyone else involved. Privacy regulations is one major item that must both be strictly adhered to and should also not cause any major headaches or increased workload.<\/p>\n Building an automated plug and play workflow that can easily sit between any application that interacts with Personally Identifiable Information and the database that data is stored in will significantly ease the cognitive load, reduce the burden and streamline the development process. With leveraging AWS and Couchbase together, you can make that possible for your real-time data sanitization needs thereby ensuring both user integrity and engineering productivity.<\/p>\n","protected":false},"excerpt":{"rendered":" Any modern web application that interacts with users in different localities must contend with varying privacy requirements and user data consent guidelines. These can be overwhelming for any engineering team to handle, regardless whether the team is just you or […]<\/p>\n","protected":false},"author":85356,"featured_media":16046,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[1815,2225,1816,1813],"tags":[9445,2135,9997],"ppma_author":[9985],"class_list":["post-16042","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-best-practices-and-tutorials","category-cloud","category-couchbase-server","category-security","tag-data-privacy","tag-gdpr","tag-pii"],"acf":[],"yoast_head":"\n![\"\"](\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2024\/07\/image1-3-1024x383.png\")
<\/a><\/p>\nImplementation<\/h2>\n
Configuring Couchbase Capella<\/h3>\n
![\"\"](\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2024\/07\/image4-1-406x1024.png\")
<\/a>Once you have done so, from within your Capella dashboard, you will create your first database. For the purposes of this walkthrough, let\u2019s name it anonymize_data_example<\/i>.<\/p>\n![\"\"](\"https:\/\/www.couchbase.com\/blog\/wp-content\/uploads\/2024\/07\/image2-2-1024x583.png\")
<\/a><\/p>\nCreating the Lambda Function<\/h3>\n
function anonymizeData(data) {\r\n\u00a0\u00a0\u00a0\u00a0data.user.last_name = '';\r\n\u00a0\u00a0\u00a0\u00a0delete data.user.ip_address;\r\n\u00a0\u00a0\u00a0\u00a0return data;\r\n}<\/pre>\nanonymizeData<\/code>, will be invoked in the handler<\/code> function of the code. If you are not familiar with a handler<\/code> function, it is used by AWS Lambda to process incoming messages from the SQS queue, transform the data, and store it in Couchbase. Your main executable code must begin with a exports.handler<\/code>.<\/p>\nhandler<\/code> function fetches the Couchbase credentials and connection string from the environment variables set inside the configuration of the Lambda function. Detailed instructions on setting environment variables for a Lambda function can be found in the AWS documentation<\/a>. Then, the function parses the message it received from SQS and calls the anonymizeData<\/code> function on it. Lastly, it upserts<\/i> the data into the Couchbase bucket.<\/p>\nexports.handler = async (event) => {\r\n\u00a0\u00a0\u00a0\u00a0console.log('Starting Lambda function');\u00a0\r\n\r\n\u00a0\u00a0\u00a0\u00a0if (!event.Records || !Array.isArray(event.Records)) {\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0throw new TypeError('event.Records is not iterable');\r\n\u00a0\u00a0\u00a0\u00a0}\r\n\r\n\u00a0\u00a0\u00a0\u00a0const connectionString = process.env.COUCHBASE_CONNECTION_STRING;\r\n\u00a0\u00a0\u00a0\u00a0const username = process.env.COUCHBASE_USERNAME;\r\n\u00a0\u00a0\u00a0\u00a0const password = process.env.COUCHBASE_PASSWORD;\r\n\u00a0\u00a0\u00a0\u00a0const bucketName = process.env.COUCHBASE_BUCKET_NAME;\r\n\r\n\u00a0\u00a0\u00a0\u00a0try {\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0const cluster = await couchbase.connect(connectionString, {\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0username: username,\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0password: password\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0});\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0console.log('Connected to Couchbase cluster');\r\n\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0const bucket = cluster.bucket(bucketName);\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0const collection = bucket.defaultCollection();\r\n\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0for (const record of event.Records) {\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0console.log('Processing record:', record);\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0const payload = JSON.parse(record.body);\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0const transformedData = anonymizeData(payload);\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0console.log('Transformed data:', transformedData);\r\n\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0await collection.upsert(transformedData.record_id, transformedData);\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0console.log('Data upserted:', transformedData.record_id);\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0}\r\n\u00a0\u00a0\u00a0\u00a0} catch (error) {\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0console.error('Error during processing:', error);\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0throw error;\r\n\u00a0\u00a0\u00a0\u00a0}\r\n};<\/pre>\naws lambda create-function --function-name AnonymizeDataExampleFunction \\\r\n --package-type Image \\\r\n --code ImageUri=<your-account-id>.dkr.ecr.<your-region>.amazonaws.com\/anonymize_data_example_image:latest \\\r\n --role arn:aws:iam::<your-account-id>:role\/<your-lambda-execution-role>\r\n\r\n<\/pre>\n
<your-account-id><\/code><\/em>, <your-region><\/code>, and <your-lambda-execution-role><\/code> with your actual AWS account ID, region, and the ARN of the IAM role you created for the Lambda function. This command sets up the Lambda function to use the Docker image you will publish to AWS ECR.<\/p>\nDeploying the Docker Image to ECR<\/h3>\n
FROM public.ecr.aws\/lambda\/nodejs:18\r\n\r\n# Install necessary tools and dependencies\r\nRUN yum -y install gcc-c++ tar gzip findutils\r\n\r\n# Set the working directory\r\nWORKDIR \/var\/task\r\n\r\n# Copy package.json and package-lock.json\r\nCOPY package*.json .\/\r\n\r\n# Install dependencies\r\nRUN npm install\r\n\r\n# Copy the function code\r\nCOPY index.js .\/\r\n\r\n# Command to run the Lambda function\r\nCMD [ \"index.handler\" ]\r\n<\/pre>\n
docker build --platform linux\/amd64 -t anonymize_data_example_image .\r\n<\/pre>\n
docker tag anonymize_data_example_image:latest <your-account-id>.dkr.ecr.<your-region>.amazonaws.com\/anonymize_data_example_image:latest<\/pre>\n
aws ecr get-login-password --region <your-region> | docker login --username AWS --password-stdin <your-account-id>.dkr.ecr.<your-region>.amazonaws.com<\/pre>\n
docker push <your-account-id>.dkr.ecr.<your-region>.amazonaws.com\/anonymize_data_example_image:latest<\/pre>\n
AnonymizeDataExampleFunction<\/code> to use the new Docker image from ECR. This involves specifying the image URI and ensuring that the Lambda function is configured to run the code from the newly pushed Docker image:<\/p>\naws lambda update-function-code --function-name AnonymizeDataExampleFunction --image-uri <your-account-id>.dkr.ecr.<your-region>.amazonaws.com\/anonymize_data_example_image:latest<\/pre>\n
Setting up the SQS Service<\/h3>\n
aws sqs create-queue --queue-name AnonymizeDataExampleQueue<\/pre>\n
aws sqs get-queue-attributes --queue-url https:\/\/sqs.<your-region>.amazonaws.com\/<your-account-id>\/AnonymizeDataExampleQueue --attribute-names QueueArn<\/pre>\n
<your-region><\/code> and <your-account-id><\/code> with your actual AWS region and account ID.<\/p>\n{\r\n\u00a0\u00a0\u00a0\u00a0\"Attributes\": {\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"QueueArn\": \"arn:aws:sqs:<your-region>:<your-account-id>:AnonymizeDataExampleQueue\"\r\n\u00a0\u00a0\u00a0\u00a0}\r\n}<\/pre>\n{\r\n\u00a0\u00a0\"Version\": \"2012-10-17\",\r\n\u00a0\u00a0\"Statement\": [\r\n\u00a0\u00a0\u00a0\u00a0{\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Effect\": \"Allow\",\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Action\": \"sqs:ReceiveMessage\",\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Resource\": \"arn:aws:sqs:<your-region>:<your-account-id>:AnonymizeDataExampleQueue\"\r\n\u00a0\u00a0\u00a0\u00a0},\r\n\u00a0\u00a0\u00a0\u00a0{\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Effect\": \"Allow\",\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Action\": \"sqs:DeleteMessage\",\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Resource\": \"arn:aws:sqs:<your-region>:<your-account-id>:AnonymizeDataExampleQueue\"\r\n\u00a0\u00a0\u00a0\u00a0},\r\n\u00a0\u00a0\u00a0\u00a0{\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Effect\": \"Allow\",\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Action\": \"sqs:GetQueueAttributes\",\r\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\"Resource\": \"arn:aws:sqs:<your-region>:<your-account-id>:AnonymizeDataExampleQueue\"\r\n\u00a0\u00a0\u00a0\u00a0}\r\n\u00a0\u00a0]\r\n}<\/pre>\naws iam put-role-policy --role-name <your-lambda-execution-role> --policy-name LambdaSQSPolicy --policy-document file:\/\/lambda-sqs-policy.json<\/pre>\n
aws lambda create-event-source-mapping --function-name AnonymizeDataExampleFunction --batch-size 10 --event-source-arn arn:aws:sqs:<your-region>:<your-account-id>:AnonymizeDataExampleQueue<\/pre>\n
Test the Implementation Locally<\/h3>\n
aws sqs send-message --queue-url https:\/\/sqs.<your-region>.amazonaws.com\/<your-account-id>\/AnonymizeDataExampleQueue --message-body \"{\\\"record_id\\\": \\\"purchase_002\\\", \\\"item\\\": \\\"item_1\\\", \\\"user\\\": {\\\"first_name\\\": \\\"John\\\", \\\"last_name\\\": \\\"Doe\\\", \\\"ip_address\\\": \\\"192.168.1.1\\\"}, \\\"timestamp\\\": \\\"2024-07-01T12:34:56Z\\\"}\"<\/pre>\nWrapping Up<\/h2>\n