Manage Google Analytics with Fidesctl
By default, Google Analytics disables "IP Anonymization" (see the documentation for more information). The "Minimize User Identifiable Data" fidesctl Policy resource created earlier in this tutorial is configured to reject data collection of this nature.
There are two options to remedy this situation, and to get the
nox -s fidesctl command to pass. Which option is best?
- Modify the "Minimize User Identifiable Data" policy resource to accept data collection of this nature
- Modify the Google Analytics implementation such that it becomes compliant with the "Minimize User Identifiable Data" policy
Enable IP Anonymization
flaskr/templates/base.html file in your favorite editor, and add the following line just above the closing
<script> tag in the Google Analytics script:
1 2 3 4 5 6 7 8 9 10 11
Update the Google Analytics System Resource
Now that the data collection practices in the Google Analytics script have changed, the associated fidesctl System resource should be updated accordingly. Open the
fides_resources/google_analytics_system.yml file in your favorite editor, and modify the last line (the
data_qualifier configuration) so that it reads:
By removing the final
identified key of the Fides taxonomy, the updated nature of the data collection practices used in this System resource now aligns with the actual behavior of the updated Google Analytics script.
Evaluate the Fidesctl Policies
nox -s fidesctl command one final time. You should see the following output:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
The fidesctl policy evaluation passes!