Skip to main content

Create a collection

Learn how to create a collection.

Personal and sensitive data is stored in the Vault using collections. There are two types of collections you can create:

  1. PERSONS – collections of data that describe people. For example, customers, employees, users, teachers, students, patients, etc.
  2. DATA – collections that describe sensitive private resources owned by a person in a one-to-one or one-to-many relationship. For example, workplace data and information about education, bank information, credit cards, health-related information, etc.

Create a PERSONS collection

Overview

To create a collection you:

  1. Define the collection schema as a PVSchema or JSON file.
  2. Use the CLI add collection command or REST API add collection operation, passing the PVSchema or JSON file.

Step-by-step

Step 1 – Design the collection schema

Before creating a collection, you should decide what properties to store in it.

Say you want to build a system to store the private information for an e-commerce app. You have seller and buyer data you want to store. Also, you have buyers’ payment information, which a buyer owns. To support the system, you create sellers and buyers PERSONS collections.

For the buyers collection, you identify the private information to store for each buyer. For example, each buyer has a name, email, address, and optional phone number. You also want to verify that emails are unique for each buyer.

After identifying the information, you define it in a PVSchema, like this:

buyers PERSONS (
address ADDRESS,
email EMAIL UNIQUE,
name NAME,
phone_number PHONE_NUMBER NULL
);

or JSON format, like this:

{
"name": "buyers",
"type": "PERSONS",
"properties": [
{
"name": "name",
"pii_type_name": "NAME"
},
{
"name": "email",
"pii_type_name": "EMAIL",
"is_unique": true
},
{
"name": "address",
"pii_type_name": "ADDRESS"
},
{
"name": "phone_number",
"pii_type_name": "PHONE_NUMBER",
"is_nullable": true
}
]
}
note

When possible, use the semantic data types provided by Vault. In this example, you could define each property of the buyer as a STRING. Defining the properties with the semantic data types NAME, EMAIL, and PHONE_NUMBER means you can apply transformations and use other Vault features that handle scenarios for various data types.

Step 2 - Create the collection

Once you have defined the collection schema, you create the collection using the REST API or CLI.

To create the buyers collection with the CLI you use this command:

pvault collection add --collection-pvschema "
buyers PERSONS (
address ADDRESS,
email EMAIL UNIQUE,
name NAME,
phone_number PHONE_NUMBER NULL
);"

You get a response similar to this:

buyers PERSONS (
address ADDRESS,
email EMAIL UNIQUE,
name NAME,
phone_number PHONE_NUMBER NULL
);

Similarly, you can create the collection with the REST API like this:

curl --request POST \
--silent \
--url "http://localhost:8123/api/pvlt/1.0/ctl/collections?reason=AppFunctionality" \
--header 'Authorization: Bearer pvaultauth' \
--header 'Content-Type: application/json' \
--data '{
"name": "buyers",
"type": "PERSONS",
"properties": [
{
"name": "name",
"pii_type_name": "NAME"
},
{
"name": "email",
"pii_type_name": "EMAIL",
"is_unique": true
},
{
"name": "address",
"pii_type_name": "ADDRESS"
},
{
"name": "phone_number",
"pii_type_name": "PHONE_NUMBER",
"is_nullable": true
}
]
}'

Create a DATA collection

Overview

Similar to a PERSONS collection, the steps you take to create a DATA collection are:

  1. Define the collection schema as a PVSchema or JSON file.
  2. Use the CLI add collection command or REST API add collection operation, passing the PVSchema or JSON file.

Step-by-step

Step 1 – Design the collection schema

Before creating the collection, you should decide on what properties to store in it.

In your e-commerce app, there is buyers’ payment method information that a buyer owns. You create the credit_cards DATA collection to store the information

The payment method information defines credit card details including card number, holder name, expiration date, and a CVV.

After identifying the information, you define it in a PVSchema, like this:

credit_cards DATA (
cvv CC_CVV,
expiration CC_EXPIRATION_STRING,
holder_name CC_HOLDER_NAME,
number CC_NUMBER
);

or in JSON format, like this:

{
"name": "credit_cards",
"type": "DATA",
"properties": [
{
"name": "holder_name",
"pii_type_name": "CC_HOLDER_NAME"
}, {
"name": "number",
"pii_type_name": "CC_NUMBER"
}, {
"name": "expiration",
"pii_type_name": "CC_EXPIRATION_STRING"
}, {
"name": "cvv",
"pii_type_name": "CC_CVV"
}
]
}
Step 2 – Create the collection

When you have defined the collection schema, you create the collection using the REST API or CLI.

To create the credit_cards collection with the CLI you use this command:

pvault collection add --collection-pvschema "
credit_cards DATA (
cvv CC_CVV,
expiration CC_EXPIRATION_STRING,
holder_name CC_HOLDER_NAME,
number CC_NUMBER
);"

You get a response similar to this:

credit_cards DATA (
cvv CC_CVV,
expiration CC_EXPIRATION_STRING,
holder_name CC_HOLDER_NAME,
number CC_NUMBER
);

Similarly, you can create the collection with the REST API, like this:

curl --request POST \
--silent \
--url "http://localhost:8123/api/pvlt/1.0/ctl/collections?reason=AppFunctionality" \
--header 'Authorization: Bearer pvaultauth' \
--header 'Content-Type: application/json' \
--data '{
"name": "credit_cards",
"type": "DATA",
"properties": [
{
"name": "holder_name",
"pii_type_name": "CC_HOLDER_NAME"
}, {
"name": "number",
"pii_type_name": "CC_NUMBER"
}, {
"name": "expiration",
"pii_type_name": "CC_EXPIRATION_STRING"
}, {
"name": "cvv",
"pii_type_name": "CC_CVV"
}
]
}'