Airlock User's Guide Help

Airlock Quick Start on Microsoft Azure

Airlock on Microsoft Azure is a virtual machine-based product. A free trial period is available during which there is no charge for the Airlock software but there may be charges for the underlying Azure infrastructure.

Launch Airlock on Microsoft Azure

  1. Go to Airlock in the Azure Marketplace.

  2. Click the Get It Now button.

  3. Review the information that is shown on the popup and click Continue when ready.

  4. You will now be asked to log in to your Microsoft Azure account if you were not already logged in.

  5. Click the Create button to begin making a Airlock virtual machine.

  6. Enter the required details of the virtual machine and click the Review + create button.

  7. Review the virtual machine details and click Create when ready!

Your Airlock virtual machine will now be launching.

Congratulations! You have deployed Airlock in Azure. You are now ready to filter text!

Try it out!

With Airlock now running we can take it for a spin. We will send some text to Airlock and inspect at the response we get back. The Airlock virtual machine running in your cloud account should have a public IP address (unless you customized the deployment). We will use that public IP address to interact with Airlock.

Airlock, by default, will be configured with an HTTPS listener on port 8080 using a self-signed certificate. It is recommended that prior to use in a production environment the self-signed certificate is replaced by a valid certificate owned by your organization.

In the command below, replace <PUBLIC_IP> with the virtual machine’s public IP address or public host name.

curl -k -X POST https://<PUBLIC_IP>:8080/api/filter --data "George Washington was a patient and his SSN is 123-45-6789." -H "Content-type: text/plain"

With this command we are sending the text in the command to Airlock for filtering. Airlock will identify the patient name (George Washington) and the SSN (123-45-6789) and redact those values in the response. You can always use curl to send text to Airlock as in these examples but there are also SDKs you can use, too, to integrate Airlock with your applications.

Redacting Sensitive Information from Text

The types of sensitive information that Airlock identifies and removes is controlled by policies. By default, Airlock includes a filter profile that includes many of the types of sensitive information, such as names and social security numbers. We can send text to filter to Airlock for filtering using this default filter profile with the following command:

curl -k -X POST https://localhost:8080/api/filter -d @file.txt -H "Content-Type: text/plain"

This command sends the contents of the file file.txt to Airlock. Airlock will apply the enabled filters and return a plain-text response consisting of the filtered text. (Replace localhost with the IP address or host name of Airlock if you are not running the command where Airlock is running.) You can also send text directly in the request instead of sending it as a file:

curl -k -X POST https://localhost:8080/api/filter --data "Your text goes here..." -H "Content-type: text/plain"

Next Steps

Now that you have Airlock running and know how to send text to it you are ready to integrate Airlock into your existing workflow and systems. Airlock’s API details how to send files to Airlock. Clients for some languages for Airlock’s API are available on GitHub.

Example Uses

Here's a few examples showing how to use Airlock with some common big-data and streaming applications.

Description

Technologies

Remove sensitive information from text in an Apache NiFi dataflow

Apache NiFi

Remove sensitive information from text using AWS Lambda in an Amazon Kinesis Firehose pipeline

Amazon Kinesis, AWS Lambda

Removing PII/PHI from OpenAI ChatGPT API Requests

ChatGPT

Redacting PHI and PII in Apache Kafka Data streams

Apache Kafka

Last modified: 17 November 2023
Airlock Quick Start on Google Cloud Policies