google-cloud-dlp-v2 0.10.0 → 0.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +1 -1
- data/README.md +10 -5
- data/lib/google/cloud/dlp/v2/dlp_service/client.rb +28 -32
- data/lib/google/cloud/dlp/v2/version.rb +1 -1
- data/lib/google/privacy/dlp/v2/dlp_pb.rb +195 -12
- data/lib/google/privacy/dlp/v2/dlp_services_pb.rb +4 -4
- data/lib/google/privacy/dlp/v2/storage_pb.rb +13 -1
- data/proto_docs/google/privacy/dlp/v2/dlp.rb +692 -119
- data/proto_docs/google/privacy/dlp/v2/storage.rb +71 -15
- data/proto_docs/google/protobuf/any.rb +3 -3
- data/proto_docs/google/protobuf/empty.rb +0 -2
- metadata +12 -12
@@ -21,7 +21,7 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module Dlp
|
23
23
|
module V2
|
24
|
-
# List of
|
24
|
+
# List of excluded infoTypes.
|
25
25
|
# @!attribute [rw] info_types
|
26
26
|
# @return [::Array<::Google::Cloud::Dlp::V2::InfoType>]
|
27
27
|
# InfoType list in ExclusionRule rule drops a finding when it overlaps or
|
@@ -107,10 +107,16 @@ module Google
|
|
107
107
|
# @return [::Google::Cloud::Dlp::V2::InspectConfig::FindingLimits]
|
108
108
|
# Configuration to control the number of findings returned.
|
109
109
|
# This is not used for data profiling.
|
110
|
+
#
|
111
|
+
# When redacting sensitive data from images, finding limits don't apply. They
|
112
|
+
# can cause unexpected or inconsistent results, where only some data is
|
113
|
+
# redacted. Don't include finding limits in
|
114
|
+
# {::Google::Cloud::Dlp::V2::DlpService::Client#redact_image RedactImage}
|
115
|
+
# requests. Otherwise, Cloud DLP returns an error.
|
110
116
|
# @!attribute [rw] include_quote
|
111
117
|
# @return [::Boolean]
|
112
118
|
# When true, a contextual quote from the data that triggered a finding is
|
113
|
-
# included in the response; see Finding.quote.
|
119
|
+
# included in the response; see {::Google::Cloud::Dlp::V2::Finding#quote Finding.quote}.
|
114
120
|
# This is not used for data profiling.
|
115
121
|
# @!attribute [rw] exclude_info_types
|
116
122
|
# @return [::Boolean]
|
@@ -134,6 +140,12 @@ module Google
|
|
134
140
|
|
135
141
|
# Configuration to control the number of findings returned for inspection.
|
136
142
|
# This is not used for de-identification or data profiling.
|
143
|
+
#
|
144
|
+
# When redacting sensitive data from images, finding limits don't apply. They
|
145
|
+
# can cause unexpected or inconsistent results, where only some data is
|
146
|
+
# redacted. Don't include finding limits in
|
147
|
+
# {::Google::Cloud::Dlp::V2::DlpService::Client#redact_image RedactImage}
|
148
|
+
# requests. Otherwise, Cloud DLP returns an error.
|
137
149
|
# @!attribute [rw] max_findings_per_item
|
138
150
|
# @return [::Integer]
|
139
151
|
# Max number of findings that will be returned for each item scanned.
|
@@ -399,7 +411,7 @@ module Google
|
|
399
411
|
# * Datastore namespace: \\{namespace}
|
400
412
|
#
|
401
413
|
# Nested names could be absent if the embedded object has no string
|
402
|
-
# identifier (for
|
414
|
+
# identifier (for example, an image contained within a document).
|
403
415
|
# @!attribute [rw] record_location
|
404
416
|
# @return [::Google::Cloud::Dlp::V2::RecordLocation]
|
405
417
|
# Location within a row or record of a database table.
|
@@ -414,14 +426,14 @@ module Google
|
|
414
426
|
# Location within the metadata for inspected content.
|
415
427
|
# @!attribute [rw] container_timestamp
|
416
428
|
# @return [::Google::Protobuf::Timestamp]
|
417
|
-
#
|
418
|
-
#
|
419
|
-
#
|
420
|
-
#
|
429
|
+
# Finding container modification timestamp, if applicable. For Cloud Storage,
|
430
|
+
# this field contains the last file modification timestamp. For a BigQuery
|
431
|
+
# table, this field contains the last_modified_time property. For Datastore,
|
432
|
+
# this field isn't populated.
|
421
433
|
# @!attribute [rw] container_version
|
422
434
|
# @return [::String]
|
423
|
-
#
|
424
|
-
# ("generation" for
|
435
|
+
# Finding container version, if available
|
436
|
+
# ("generation" for Cloud Storage).
|
425
437
|
class ContentLocation
|
426
438
|
include ::Google::Protobuf::MessageExts
|
427
439
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -490,7 +502,7 @@ module Google
|
|
490
502
|
# Examples of a container include a file, table, or database record.
|
491
503
|
# @!attribute [rw] type
|
492
504
|
# @return [::String]
|
493
|
-
# Container type, for example BigQuery or
|
505
|
+
# Container type, for example BigQuery or Cloud Storage.
|
494
506
|
# @!attribute [rw] project_id
|
495
507
|
# @return [::String]
|
496
508
|
# Project where the finding was found.
|
@@ -500,33 +512,35 @@ module Google
|
|
500
512
|
# A string representation of the full container name.
|
501
513
|
# Examples:
|
502
514
|
# - BigQuery: 'Project:DataSetId.TableId'
|
503
|
-
# -
|
515
|
+
# - Cloud Storage: 'gs://Bucket/folders/filename.txt'
|
504
516
|
# @!attribute [rw] root_path
|
505
517
|
# @return [::String]
|
506
518
|
# The root of the container.
|
507
519
|
# Examples:
|
520
|
+
#
|
508
521
|
# - For BigQuery table `project_id:dataset_id.table_id`, the root is
|
509
522
|
# `dataset_id`
|
510
|
-
# - For
|
523
|
+
# - For Cloud Storage file `gs://bucket/folder/filename.txt`, the root
|
511
524
|
# is `gs://bucket`
|
512
525
|
# @!attribute [rw] relative_path
|
513
526
|
# @return [::String]
|
514
527
|
# The rest of the path after the root.
|
515
528
|
# Examples:
|
529
|
+
#
|
516
530
|
# - For BigQuery table `project_id:dataset_id.table_id`, the relative path is
|
517
531
|
# `table_id`
|
518
|
-
# -
|
532
|
+
# - For Cloud Storage file `gs://bucket/folder/filename.txt`, the relative
|
519
533
|
# path is `folder/filename.txt`
|
520
534
|
# @!attribute [rw] update_time
|
521
535
|
# @return [::Google::Protobuf::Timestamp]
|
522
|
-
# Findings container modification timestamp, if applicable.
|
523
|
-
#
|
524
|
-
#
|
525
|
-
#
|
536
|
+
# Findings container modification timestamp, if applicable. For Cloud
|
537
|
+
# Storage, this field contains the last file modification timestamp. For a
|
538
|
+
# BigQuery table, this field contains the last_modified_time property. For
|
539
|
+
# Datastore, this field isn't populated.
|
526
540
|
# @!attribute [rw] version
|
527
541
|
# @return [::String]
|
528
542
|
# Findings container version, if available
|
529
|
-
# ("generation" for
|
543
|
+
# ("generation" for Cloud Storage).
|
530
544
|
class Container
|
531
545
|
include ::Google::Protobuf::MessageExts
|
532
546
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -664,7 +678,7 @@ module Google
|
|
664
678
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
665
679
|
end
|
666
680
|
|
667
|
-
# Request to de-identify a
|
681
|
+
# Request to de-identify a ContentItem.
|
668
682
|
# @!attribute [rw] parent
|
669
683
|
# @return [::String]
|
670
684
|
# Parent resource name.
|
@@ -791,7 +805,7 @@ module Google
|
|
791
805
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
792
806
|
end
|
793
807
|
|
794
|
-
# Results of re-identifying
|
808
|
+
# Results of re-identifying an item.
|
795
809
|
# @!attribute [rw] item
|
796
810
|
# @return [::Google::Cloud::Dlp::V2::ContentItem]
|
797
811
|
# The re-identified item.
|
@@ -859,8 +873,8 @@ module Google
|
|
859
873
|
# Store findings in an existing table or a new table in an existing
|
860
874
|
# dataset. If table_id is not set a new one will be generated
|
861
875
|
# for you with the following format:
|
862
|
-
# dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific
|
863
|
-
# generating the date details.
|
876
|
+
# dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used
|
877
|
+
# for generating the date details.
|
864
878
|
#
|
865
879
|
# For Inspect, each column in an existing output table must have the same
|
866
880
|
# name, type, and mode of a field in the `Finding` object.
|
@@ -896,7 +910,7 @@ module Google
|
|
896
910
|
# `timestamp`.
|
897
911
|
BASIC_COLUMNS = 1
|
898
912
|
|
899
|
-
# Schema tailored to findings from scanning
|
913
|
+
# Schema tailored to findings from scanning Cloud Storage.
|
900
914
|
GCS_COLUMNS = 2
|
901
915
|
|
902
916
|
# Schema tailored to findings from scanning Google Datastore.
|
@@ -1000,11 +1014,222 @@ module Google
|
|
1000
1014
|
# @return [::String]
|
1001
1015
|
# Description of the infotype. Translated when language is provided in the
|
1002
1016
|
# request.
|
1017
|
+
# @!attribute [rw] versions
|
1018
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::VersionDescription>]
|
1019
|
+
# A list of available versions for the infotype.
|
1020
|
+
# @!attribute [rw] categories
|
1021
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::InfoTypeCategory>]
|
1022
|
+
# The category of the infoType.
|
1003
1023
|
class InfoTypeDescription
|
1004
1024
|
include ::Google::Protobuf::MessageExts
|
1005
1025
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1006
1026
|
end
|
1007
1027
|
|
1028
|
+
# Classification of infoTypes to organize them according to geographic
|
1029
|
+
# location, industry, and data type.
|
1030
|
+
# @!attribute [rw] location_category
|
1031
|
+
# @return [::Google::Cloud::Dlp::V2::InfoTypeCategory::LocationCategory]
|
1032
|
+
# The region or country that issued the ID or document represented by the
|
1033
|
+
# infoType.
|
1034
|
+
# @!attribute [rw] industry_category
|
1035
|
+
# @return [::Google::Cloud::Dlp::V2::InfoTypeCategory::IndustryCategory]
|
1036
|
+
# The group of relevant businesses where this infoType is commonly used
|
1037
|
+
# @!attribute [rw] type_category
|
1038
|
+
# @return [::Google::Cloud::Dlp::V2::InfoTypeCategory::TypeCategory]
|
1039
|
+
# The class of identifiers where this infoType belongs
|
1040
|
+
class InfoTypeCategory
|
1041
|
+
include ::Google::Protobuf::MessageExts
|
1042
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1043
|
+
|
1044
|
+
# Enum of the current locations.
|
1045
|
+
# We might add more locations in the future.
|
1046
|
+
module LocationCategory
|
1047
|
+
# Unused location
|
1048
|
+
LOCATION_UNSPECIFIED = 0
|
1049
|
+
|
1050
|
+
# The infoType is not issued by or tied to a specific region, but is used
|
1051
|
+
# almost everywhere.
|
1052
|
+
GLOBAL = 1
|
1053
|
+
|
1054
|
+
# The infoType is typically used in Argentina.
|
1055
|
+
ARGENTINA = 2
|
1056
|
+
|
1057
|
+
# The infoType is typically used in Australia.
|
1058
|
+
AUSTRALIA = 3
|
1059
|
+
|
1060
|
+
# The infoType is typically used in Belgium.
|
1061
|
+
BELGIUM = 4
|
1062
|
+
|
1063
|
+
# The infoType is typically used in Brazil.
|
1064
|
+
BRAZIL = 5
|
1065
|
+
|
1066
|
+
# The infoType is typically used in Canada.
|
1067
|
+
CANADA = 6
|
1068
|
+
|
1069
|
+
# The infoType is typically used in Chile.
|
1070
|
+
CHILE = 7
|
1071
|
+
|
1072
|
+
# The infoType is typically used in China.
|
1073
|
+
CHINA = 8
|
1074
|
+
|
1075
|
+
# The infoType is typically used in Colombia.
|
1076
|
+
COLOMBIA = 9
|
1077
|
+
|
1078
|
+
# The infoType is typically used in Denmark.
|
1079
|
+
DENMARK = 10
|
1080
|
+
|
1081
|
+
# The infoType is typically used in France.
|
1082
|
+
FRANCE = 11
|
1083
|
+
|
1084
|
+
# The infoType is typically used in Finland.
|
1085
|
+
FINLAND = 12
|
1086
|
+
|
1087
|
+
# The infoType is typically used in Germany.
|
1088
|
+
GERMANY = 13
|
1089
|
+
|
1090
|
+
# The infoType is typically used in Hong Kong.
|
1091
|
+
HONG_KONG = 14
|
1092
|
+
|
1093
|
+
# The infoType is typically used in India.
|
1094
|
+
INDIA = 15
|
1095
|
+
|
1096
|
+
# The infoType is typically used in Indonesia.
|
1097
|
+
INDONESIA = 16
|
1098
|
+
|
1099
|
+
# The infoType is typically used in Ireland.
|
1100
|
+
IRELAND = 17
|
1101
|
+
|
1102
|
+
# The infoType is typically used in Israel.
|
1103
|
+
ISRAEL = 18
|
1104
|
+
|
1105
|
+
# The infoType is typically used in Italy.
|
1106
|
+
ITALY = 19
|
1107
|
+
|
1108
|
+
# The infoType is typically used in Japan.
|
1109
|
+
JAPAN = 20
|
1110
|
+
|
1111
|
+
# The infoType is typically used in Korea.
|
1112
|
+
KOREA = 21
|
1113
|
+
|
1114
|
+
# The infoType is typically used in Mexico.
|
1115
|
+
MEXICO = 22
|
1116
|
+
|
1117
|
+
# The infoType is typically used in the Netherlands.
|
1118
|
+
THE_NETHERLANDS = 23
|
1119
|
+
|
1120
|
+
# The infoType is typically used in Norway.
|
1121
|
+
NORWAY = 24
|
1122
|
+
|
1123
|
+
# The infoType is typically used in Paraguay.
|
1124
|
+
PARAGUAY = 25
|
1125
|
+
|
1126
|
+
# The infoType is typically used in Peru.
|
1127
|
+
PERU = 26
|
1128
|
+
|
1129
|
+
# The infoType is typically used in Poland.
|
1130
|
+
POLAND = 27
|
1131
|
+
|
1132
|
+
# The infoType is typically used in Portugal.
|
1133
|
+
PORTUGAL = 28
|
1134
|
+
|
1135
|
+
# The infoType is typically used in Singapore.
|
1136
|
+
SINGAPORE = 29
|
1137
|
+
|
1138
|
+
# The infoType is typically used in South Africa.
|
1139
|
+
SOUTH_AFRICA = 30
|
1140
|
+
|
1141
|
+
# The infoType is typically used in Spain.
|
1142
|
+
SPAIN = 31
|
1143
|
+
|
1144
|
+
# The infoType is typically used in Sweden.
|
1145
|
+
SWEDEN = 32
|
1146
|
+
|
1147
|
+
# The infoType is typically used in Taiwan.
|
1148
|
+
TAIWAN = 33
|
1149
|
+
|
1150
|
+
# The infoType is typically used in Thailand.
|
1151
|
+
THAILAND = 34
|
1152
|
+
|
1153
|
+
# The infoType is typically used in Turkey.
|
1154
|
+
TURKEY = 35
|
1155
|
+
|
1156
|
+
# The infoType is typically used in the United Kingdom.
|
1157
|
+
UNITED_KINGDOM = 36
|
1158
|
+
|
1159
|
+
# The infoType is typically used in the United States.
|
1160
|
+
UNITED_STATES = 37
|
1161
|
+
|
1162
|
+
# The infoType is typically used in Uruguay.
|
1163
|
+
URUGUAY = 38
|
1164
|
+
|
1165
|
+
# The infoType is typically used in Venezuela.
|
1166
|
+
VENEZUELA = 39
|
1167
|
+
|
1168
|
+
# The infoType is typically used in Google internally.
|
1169
|
+
INTERNAL = 40
|
1170
|
+
end
|
1171
|
+
|
1172
|
+
# Enum of the current industries in the category.
|
1173
|
+
# We might add more industries in the future.
|
1174
|
+
module IndustryCategory
|
1175
|
+
# Unused industry
|
1176
|
+
INDUSTRY_UNSPECIFIED = 0
|
1177
|
+
|
1178
|
+
# The infoType is typically used in the finance industry.
|
1179
|
+
FINANCE = 1
|
1180
|
+
|
1181
|
+
# The infoType is typically used in the health industry.
|
1182
|
+
HEALTH = 2
|
1183
|
+
|
1184
|
+
# The infoType is typically used in the telecommunications industry.
|
1185
|
+
TELECOMMUNICATIONS = 3
|
1186
|
+
end
|
1187
|
+
|
1188
|
+
# Enum of the current types in the category.
|
1189
|
+
# We might add more types in the future.
|
1190
|
+
module TypeCategory
|
1191
|
+
# Unused type
|
1192
|
+
TYPE_UNSPECIFIED = 0
|
1193
|
+
|
1194
|
+
# Personally identifiable information, for example, a
|
1195
|
+
# name or phone number
|
1196
|
+
PII = 1
|
1197
|
+
|
1198
|
+
# Personally identifiable information that is especially sensitive, for
|
1199
|
+
# example, a passport number.
|
1200
|
+
SPII = 2
|
1201
|
+
|
1202
|
+
# Attributes that can partially identify someone, especially in
|
1203
|
+
# combination with other attributes, like age, height, and gender.
|
1204
|
+
DEMOGRAPHIC = 3
|
1205
|
+
|
1206
|
+
# Confidential or secret information, for example, a password.
|
1207
|
+
CREDENTIAL = 4
|
1208
|
+
|
1209
|
+
# An identification document issued by a government.
|
1210
|
+
GOVERNMENT_ID = 5
|
1211
|
+
|
1212
|
+
# A document, for example, a resume or source code.
|
1213
|
+
DOCUMENT = 6
|
1214
|
+
|
1215
|
+
# Information that is not sensitive on its own, but provides details about
|
1216
|
+
# the circumstances surrounding an entity or an event.
|
1217
|
+
CONTEXTUAL_INFORMATION = 7
|
1218
|
+
end
|
1219
|
+
end
|
1220
|
+
|
1221
|
+
# Details about each available version for an infotype.
|
1222
|
+
# @!attribute [rw] version
|
1223
|
+
# @return [::String]
|
1224
|
+
# Name of the version
|
1225
|
+
# @!attribute [rw] description
|
1226
|
+
# @return [::String]
|
1227
|
+
# Description of the version.
|
1228
|
+
class VersionDescription
|
1229
|
+
include ::Google::Protobuf::MessageExts
|
1230
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1231
|
+
end
|
1232
|
+
|
1008
1233
|
# Request for the list of infoTypes.
|
1009
1234
|
# @!attribute [rw] parent
|
1010
1235
|
# @return [::String]
|
@@ -1571,10 +1796,10 @@ module Google
|
|
1571
1796
|
# @!attribute [rw] estimated_probability
|
1572
1797
|
# @return [::Float]
|
1573
1798
|
# The estimated probability that a given individual sharing these
|
1574
|
-
# quasi-identifier values is in the dataset. This value, typically
|
1575
|
-
# δ, is the ratio between the number of records in the dataset
|
1576
|
-
# quasi-identifier values, and the total number of individuals
|
1577
|
-
# *and* outside the dataset) with these quasi-identifier values.
|
1799
|
+
# quasi-identifier values is in the dataset. This value, typically
|
1800
|
+
# called δ, is the ratio between the number of records in the dataset
|
1801
|
+
# with these quasi-identifier values, and the total number of individuals
|
1802
|
+
# (inside *and* outside the dataset) with these quasi-identifier values.
|
1578
1803
|
# For example, if there are 15 individuals in the dataset who share the
|
1579
1804
|
# same quasi-identifier values, and an estimated 100 people in the entire
|
1580
1805
|
# population with these values, then δ is 0.15.
|
@@ -1720,6 +1945,9 @@ module Google
|
|
1720
1945
|
# Treat the dataset as structured. Transformations can be applied to
|
1721
1946
|
# specific locations within structured datasets, such as transforming
|
1722
1947
|
# a column within a table.
|
1948
|
+
# @!attribute [rw] image_transformations
|
1949
|
+
# @return [::Google::Cloud::Dlp::V2::ImageTransformations]
|
1950
|
+
# Treat the dataset as an image and redact.
|
1723
1951
|
# @!attribute [rw] transformation_error_handling
|
1724
1952
|
# @return [::Google::Cloud::Dlp::V2::TransformationErrorHandling]
|
1725
1953
|
# Mode for handling transformation errors. If left unspecified, the default
|
@@ -1729,6 +1957,58 @@ module Google
|
|
1729
1957
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1730
1958
|
end
|
1731
1959
|
|
1960
|
+
# A type of transformation that is applied over images.
|
1961
|
+
# @!attribute [rw] transforms
|
1962
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation>]
|
1963
|
+
class ImageTransformations
|
1964
|
+
include ::Google::Protobuf::MessageExts
|
1965
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1966
|
+
|
1967
|
+
# Configuration for determining how redaction of images should occur.
|
1968
|
+
# @!attribute [rw] selected_info_types
|
1969
|
+
# @return [::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation::SelectedInfoTypes]
|
1970
|
+
# Apply transformation to the selected info_types.
|
1971
|
+
# @!attribute [rw] all_info_types
|
1972
|
+
# @return [::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation::AllInfoTypes]
|
1973
|
+
# Apply transformation to all findings not specified in other
|
1974
|
+
# ImageTransformation's selected_info_types. Only one instance is allowed
|
1975
|
+
# within the ImageTransformations message.
|
1976
|
+
# @!attribute [rw] all_text
|
1977
|
+
# @return [::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation::AllText]
|
1978
|
+
# Apply transformation to all text that doesn't match an infoType. Only
|
1979
|
+
# one instance is allowed within the ImageTransformations message.
|
1980
|
+
# @!attribute [rw] redaction_color
|
1981
|
+
# @return [::Google::Cloud::Dlp::V2::Color]
|
1982
|
+
# The color to use when redacting content from an image. If not
|
1983
|
+
# specified, the default is black.
|
1984
|
+
class ImageTransformation
|
1985
|
+
include ::Google::Protobuf::MessageExts
|
1986
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1987
|
+
|
1988
|
+
# Apply transformation to the selected info_types.
|
1989
|
+
# @!attribute [rw] info_types
|
1990
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::InfoType>]
|
1991
|
+
# Required. InfoTypes to apply the transformation to. Required. Provided InfoType
|
1992
|
+
# must be unique within the ImageTransformations message.
|
1993
|
+
class SelectedInfoTypes
|
1994
|
+
include ::Google::Protobuf::MessageExts
|
1995
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1996
|
+
end
|
1997
|
+
|
1998
|
+
# Apply transformation to all findings.
|
1999
|
+
class AllInfoTypes
|
2000
|
+
include ::Google::Protobuf::MessageExts
|
2001
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2002
|
+
end
|
2003
|
+
|
2004
|
+
# Apply to all text.
|
2005
|
+
class AllText
|
2006
|
+
include ::Google::Protobuf::MessageExts
|
2007
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2008
|
+
end
|
2009
|
+
end
|
2010
|
+
end
|
2011
|
+
|
1732
2012
|
# How to handle transformation errors during de-identification. A
|
1733
2013
|
# transformation error occurs when the requested transformation is incompatible
|
1734
2014
|
# with the data. For example, trying to de-identify an IP address using a
|
@@ -1915,7 +2195,7 @@ module Google
|
|
1915
2195
|
# plaintext would be used as is for encryption.
|
1916
2196
|
#
|
1917
2197
|
# Note that case (1) is expected when an `InfoTypeTransformation` is
|
1918
|
-
# applied to both structured and
|
2198
|
+
# applied to both structured and unstructured `ContentItem`s.
|
1919
2199
|
class CryptoDeterministicConfig
|
1920
2200
|
include ::Google::Protobuf::MessageExts
|
1921
2201
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1968,7 +2248,7 @@ module Google
|
|
1968
2248
|
include ::Google::Protobuf::MessageExts
|
1969
2249
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1970
2250
|
|
1971
|
-
# Convenience enum for
|
2251
|
+
# Convenience enum for indicating common characters to not transform.
|
1972
2252
|
module CommonCharsToIgnore
|
1973
2253
|
# Unused.
|
1974
2254
|
COMMON_CHARS_TO_IGNORE_UNSPECIFIED = 0
|
@@ -2006,6 +2286,21 @@ module Google
|
|
2006
2286
|
# @return [::Integer]
|
2007
2287
|
# Number of characters to mask. If not set, all matching chars will be
|
2008
2288
|
# masked. Skipped characters do not count towards this tally.
|
2289
|
+
#
|
2290
|
+
# If `number_to_mask` is negative, this denotes inverse masking. Cloud DLP
|
2291
|
+
# masks all but a number of characters.
|
2292
|
+
# For example, suppose you have the following values:
|
2293
|
+
#
|
2294
|
+
# - `masking_character` is `*`
|
2295
|
+
# - `number_to_mask` is `-4`
|
2296
|
+
# - `reverse_order` is `false`
|
2297
|
+
# - `CharsToIgnore` includes `-`
|
2298
|
+
# - Input string is `1234-5678-9012-3456`
|
2299
|
+
#
|
2300
|
+
# The resulting de-identified string is
|
2301
|
+
# `****-****-****-3456`. Cloud DLP masks all but the last four characters.
|
2302
|
+
# If `reverse_order` is `true`, all but the first four characters are masked
|
2303
|
+
# as `1234-****-****-****`.
|
2009
2304
|
# @!attribute [rw] reverse_order
|
2010
2305
|
# @return [::Boolean]
|
2011
2306
|
# Mask characters in reverse order. For example, if `masking_character` is
|
@@ -2124,7 +2419,7 @@ module Google
|
|
2124
2419
|
# a default tweak will be used.
|
2125
2420
|
#
|
2126
2421
|
# Note that case (1) is expected when an `InfoTypeTransformation` is
|
2127
|
-
# applied to both structured and
|
2422
|
+
# applied to both structured and unstructured `ContentItem`s.
|
2128
2423
|
# Currently, the referenced field may be of value type integer or string.
|
2129
2424
|
#
|
2130
2425
|
# The tweak is constructed as a sequence of bytes in big endian byte order
|
@@ -2183,7 +2478,7 @@ module Google
|
|
2183
2478
|
|
2184
2479
|
# These are commonly used subsets of the alphabet that the FFX mode
|
2185
2480
|
# natively supports. In the algorithm, the alphabet is selected using
|
2186
|
-
# the "radix". Therefore each corresponds to particular radix.
|
2481
|
+
# the "radix". Therefore each corresponds to a particular radix.
|
2187
2482
|
module FfxCommonNativeAlphabet
|
2188
2483
|
# Unused.
|
2189
2484
|
FFX_COMMON_NATIVE_ALPHABET_UNSPECIFIED = 0
|
@@ -2431,7 +2726,7 @@ module Google
|
|
2431
2726
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2432
2727
|
end
|
2433
2728
|
|
2434
|
-
# An expression, consisting
|
2729
|
+
# An expression, consisting of an operator and conditions.
|
2435
2730
|
# @!attribute [rw] logical_operator
|
2436
2731
|
# @return [::Google::Cloud::Dlp::V2::RecordCondition::Expressions::LogicalOperator]
|
2437
2732
|
# The operator to apply to the result of conditions. Default and currently
|
@@ -2526,10 +2821,137 @@ module Google
|
|
2526
2821
|
end
|
2527
2822
|
end
|
2528
2823
|
|
2824
|
+
# A flattened description of a `PrimitiveTransformation` or
|
2825
|
+
# `RecordSuppression`.
|
2826
|
+
# @!attribute [rw] type
|
2827
|
+
# @return [::Google::Cloud::Dlp::V2::TransformationType]
|
2828
|
+
# The transformation type.
|
2829
|
+
# @!attribute [rw] description
|
2830
|
+
# @return [::String]
|
2831
|
+
# A description of the transformation. This is empty for a
|
2832
|
+
# RECORD_SUPPRESSION, or is the output of calling toString() on the
|
2833
|
+
# `PrimitiveTransformation` protocol buffer message for any other type of
|
2834
|
+
# transformation.
|
2835
|
+
# @!attribute [rw] condition
|
2836
|
+
# @return [::String]
|
2837
|
+
# A human-readable string representation of the `RecordCondition`
|
2838
|
+
# corresponding to this transformation. Set if a `RecordCondition` was used
|
2839
|
+
# to determine whether or not to apply this transformation.
|
2840
|
+
#
|
2841
|
+
# Examples:
|
2842
|
+
# * (age_field > 85)
|
2843
|
+
# * (age_field <= 18)
|
2844
|
+
# * (zip_field exists)
|
2845
|
+
# * (zip_field == 01234) && (city_field != "Springville")
|
2846
|
+
# * (zip_field == 01234) && (age_field <= 18) && (city_field exists)
|
2847
|
+
# @!attribute [rw] info_type
|
2848
|
+
# @return [::Google::Cloud::Dlp::V2::InfoType]
|
2849
|
+
# Set if the transformation was limited to a specific `InfoType`.
|
2850
|
+
class TransformationDescription
|
2851
|
+
include ::Google::Protobuf::MessageExts
|
2852
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2853
|
+
end
|
2854
|
+
|
2855
|
+
# Details about a single transformation. This object contains a description of
|
2856
|
+
# the transformation, information about whether the transformation was
|
2857
|
+
# successfully applied, and the precise location where the transformation
|
2858
|
+
# occurred. These details are stored in a user-specified BigQuery table.
|
2859
|
+
# @!attribute [rw] resource_name
|
2860
|
+
# @return [::String]
|
2861
|
+
# The name of the job that completed the transformation.
|
2862
|
+
# @!attribute [rw] container_name
|
2863
|
+
# @return [::String]
|
2864
|
+
# The top level name of the container where the transformation is located
|
2865
|
+
# (this will be the source file name or table name).
|
2866
|
+
# @!attribute [rw] transformation
|
2867
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::TransformationDescription>]
|
2868
|
+
# Description of transformation. This would only contain more than one
|
2869
|
+
# element if there were multiple matching transformations and which one to
|
2870
|
+
# apply was ambiguous. Not set for states that contain no transformation,
|
2871
|
+
# currently only state that contains no transformation is
|
2872
|
+
# TransformationResultStateType.METADATA_UNRETRIEVABLE.
|
2873
|
+
# @!attribute [rw] status_details
|
2874
|
+
# @return [::Google::Cloud::Dlp::V2::TransformationResultStatus]
|
2875
|
+
# Status of the transformation, if transformation was not successful, this
|
2876
|
+
# will specify what caused it to fail, otherwise it will show that the
|
2877
|
+
# transformation was successful.
|
2878
|
+
# @!attribute [rw] transformed_bytes
|
2879
|
+
# @return [::Integer]
|
2880
|
+
# The number of bytes that were transformed. If transformation was
|
2881
|
+
# unsuccessful or did not take place because there was no content to
|
2882
|
+
# transform, this will be zero.
|
2883
|
+
# @!attribute [rw] transformation_location
|
2884
|
+
# @return [::Google::Cloud::Dlp::V2::TransformationLocation]
|
2885
|
+
# The precise location of the transformed content in the original container.
|
2886
|
+
class TransformationDetails
|
2887
|
+
include ::Google::Protobuf::MessageExts
|
2888
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2889
|
+
end
|
2890
|
+
|
2891
|
+
# Specifies the location of a transformation.
|
2892
|
+
# @!attribute [rw] finding_id
|
2893
|
+
# @return [::String]
|
2894
|
+
# For infotype transformations, link to the corresponding findings ID so
|
2895
|
+
# that location information does not need to be duplicated. Each findings
|
2896
|
+
# ID correlates to an entry in the findings output table, this table only
|
2897
|
+
# gets created when users specify to save findings (add the save findings
|
2898
|
+
# action to the request).
|
2899
|
+
# @!attribute [rw] record_transformation
|
2900
|
+
# @return [::Google::Cloud::Dlp::V2::RecordTransformation]
|
2901
|
+
# For record transformations, provide a field and container information.
|
2902
|
+
# @!attribute [rw] container_type
|
2903
|
+
# @return [::Google::Cloud::Dlp::V2::TransformationContainerType]
|
2904
|
+
# Information about the functionality of the container where this finding
|
2905
|
+
# occurred, if available.
|
2906
|
+
class TransformationLocation
|
2907
|
+
include ::Google::Protobuf::MessageExts
|
2908
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2909
|
+
end
|
2910
|
+
|
2911
|
+
# @!attribute [rw] field_id
|
2912
|
+
# @return [::Google::Cloud::Dlp::V2::FieldId]
|
2913
|
+
# For record transformations, provide a field.
|
2914
|
+
# @!attribute [rw] container_timestamp
|
2915
|
+
# @return [::Google::Protobuf::Timestamp]
|
2916
|
+
# Findings container modification timestamp, if applicable.
|
2917
|
+
# @!attribute [rw] container_version
|
2918
|
+
# @return [::String]
|
2919
|
+
# Container version, if available ("generation" for Cloud Storage).
|
2920
|
+
class RecordTransformation
|
2921
|
+
include ::Google::Protobuf::MessageExts
|
2922
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2923
|
+
end
|
2924
|
+
|
2925
|
+
# @!attribute [rw] result_status_type
|
2926
|
+
# @return [::Google::Cloud::Dlp::V2::TransformationResultStatusType]
|
2927
|
+
# Transformation result status type, this will be either SUCCESS, or it will
|
2928
|
+
# be the reason for why the transformation was not completely successful.
|
2929
|
+
# @!attribute [rw] details
|
2930
|
+
# @return [::Google::Rpc::Status]
|
2931
|
+
# Detailed error codes and messages
|
2932
|
+
class TransformationResultStatus
|
2933
|
+
include ::Google::Protobuf::MessageExts
|
2934
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2935
|
+
end
|
2936
|
+
|
2937
|
+
# Config for storing transformation details.
|
2938
|
+
# @!attribute [rw] table
|
2939
|
+
# @return [::Google::Cloud::Dlp::V2::BigQueryTable]
|
2940
|
+
# The BigQuery table in which to store the output. This may be an existing
|
2941
|
+
# table or in a new table in an existing dataset.
|
2942
|
+
# If table_id is not set a new one will be generated for you with the
|
2943
|
+
# following format:
|
2944
|
+
# dlp_googleapis_transformation_details_yyyy_mm_dd_[dlp_job_id]. Pacific
|
2945
|
+
# time zone will be used for generating the date details.
|
2946
|
+
class TransformationDetailsStorageConfig
|
2947
|
+
include ::Google::Protobuf::MessageExts
|
2948
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2949
|
+
end
|
2950
|
+
|
2529
2951
|
# Schedule for inspect job triggers.
|
2530
2952
|
# @!attribute [rw] recurrence_period_duration
|
2531
2953
|
# @return [::Google::Protobuf::Duration]
|
2532
|
-
# With this option a job is started a regular periodic basis. For
|
2954
|
+
# With this option a job is started on a regular periodic basis. For
|
2533
2955
|
# example: every day (86400 seconds).
|
2534
2956
|
#
|
2535
2957
|
# A scheduled start time will be skipped if the previous
|
@@ -2703,13 +3125,16 @@ module Google
|
|
2703
3125
|
# Save resulting findings in a provided location.
|
2704
3126
|
# @!attribute [rw] pub_sub
|
2705
3127
|
# @return [::Google::Cloud::Dlp::V2::Action::PublishToPubSub]
|
2706
|
-
# Publish a notification to a
|
3128
|
+
# Publish a notification to a Pub/Sub topic.
|
2707
3129
|
# @!attribute [rw] publish_summary_to_cscc
|
2708
3130
|
# @return [::Google::Cloud::Dlp::V2::Action::PublishSummaryToCscc]
|
2709
3131
|
# Publish summary to Cloud Security Command Center (Alpha).
|
2710
3132
|
# @!attribute [rw] publish_findings_to_cloud_data_catalog
|
2711
3133
|
# @return [::Google::Cloud::Dlp::V2::Action::PublishFindingsToCloudDataCatalog]
|
2712
3134
|
# Publish findings to Cloud Datahub.
|
3135
|
+
# @!attribute [rw] deidentify
|
3136
|
+
# @return [::Google::Cloud::Dlp::V2::Action::Deidentify]
|
3137
|
+
# Create a de-identified copy of the input data.
|
2713
3138
|
# @!attribute [rw] job_notification_emails
|
2714
3139
|
# @return [::Google::Cloud::Dlp::V2::Action::JobNotificationEmails]
|
2715
3140
|
# Enable email notification for project owners and editors on job's
|
@@ -2733,7 +3158,7 @@ module Google
|
|
2733
3158
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2734
3159
|
end
|
2735
3160
|
|
2736
|
-
# Publish a message into given Pub/Sub topic when DlpJob has completed. The
|
3161
|
+
# Publish a message into a given Pub/Sub topic when DlpJob has completed. The
|
2737
3162
|
# message contains a single field, `DlpJobName`, which is equal to the
|
2738
3163
|
# finished job's
|
2739
3164
|
# [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
|
@@ -2754,33 +3179,91 @@ module Google
|
|
2754
3179
|
# This action is only available for projects which are parts of
|
2755
3180
|
# an organization and whitelisted for the alpha Cloud Security Command
|
2756
3181
|
# Center.
|
2757
|
-
# The action will publish count of finding instances and their info
|
2758
|
-
# The summary of findings will be persisted in CSCC and are governed
|
2759
|
-
# service-specific policy, see
|
2760
|
-
# Only a single instance of this
|
2761
|
-
# Compatible with: Inspect
|
3182
|
+
# The action will publish the count of finding instances and their info
|
3183
|
+
# types. The summary of findings will be persisted in CSCC and are governed
|
3184
|
+
# by CSCC service-specific policy, see
|
3185
|
+
# https://cloud.google.com/terms/service-terms Only a single instance of this
|
3186
|
+
# action can be specified. Compatible with: Inspect
|
2762
3187
|
class PublishSummaryToCscc
|
2763
3188
|
include ::Google::Protobuf::MessageExts
|
2764
3189
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2765
3190
|
end
|
2766
3191
|
|
2767
|
-
# Publish findings of a DlpJob to Data Catalog.
|
2768
|
-
#
|
2769
|
-
#
|
2770
|
-
#
|
2771
|
-
#
|
2772
|
-
#
|
2773
|
-
#
|
2774
|
-
#
|
2775
|
-
#
|
3192
|
+
# Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
|
3193
|
+
# templates are applied to the resource that Cloud DLP scanned. Data
|
3194
|
+
# Catalog tag templates are stored in the same project and region where the
|
3195
|
+
# BigQuery table exists. For Cloud DLP to create and apply the tag template,
|
3196
|
+
# the Cloud DLP service agent must have the
|
3197
|
+
# `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
|
3198
|
+
# template contains fields summarizing the results of the DlpJob. Any field
|
3199
|
+
# values previously written by another DlpJob are deleted. [InfoType naming
|
3200
|
+
# patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
|
3201
|
+
# this feature.
|
3202
|
+
#
|
3203
|
+
# Findings are persisted in Data Catalog storage and are governed by
|
3204
|
+
# service-specific policies for Data Catalog. For more information, see
|
3205
|
+
# [Service Specific Terms](https://cloud.google.com/terms/service-terms).
|
3206
|
+
#
|
3207
|
+
# Only a single instance of this action can be specified. This action is
|
3208
|
+
# allowed only if all resources being scanned are BigQuery tables.
|
2776
3209
|
# Compatible with: Inspect
|
2777
3210
|
class PublishFindingsToCloudDataCatalog
|
2778
3211
|
include ::Google::Protobuf::MessageExts
|
2779
3212
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
2780
3213
|
end
|
2781
3214
|
|
2782
|
-
#
|
2783
|
-
#
|
3215
|
+
# Create a de-identified copy of the requested table or files.
|
3216
|
+
#
|
3217
|
+
# A TransformationDetail will be created for each transformation.
|
3218
|
+
#
|
3219
|
+
# If any rows in BigQuery are skipped during de-identification
|
3220
|
+
# (transformation errors or row size exceeds BigQuery insert API limits) they
|
3221
|
+
# are placed in the failure output table. If the original row exceeds
|
3222
|
+
# the BigQuery insert API limit it will be truncated when written to the
|
3223
|
+
# failure output table. The failure output table can be set in the
|
3224
|
+
# action.deidentify.output.big_query_output.deidentified_failure_output_table
|
3225
|
+
# field, if no table is set, a table will be automatically created in the
|
3226
|
+
# same project and dataset as the original table.
|
3227
|
+
#
|
3228
|
+
# Compatible with: Inspect
|
3229
|
+
# @!attribute [rw] transformation_config
|
3230
|
+
# @return [::Google::Cloud::Dlp::V2::TransformationConfig]
|
3231
|
+
# User specified deidentify templates and configs for structured,
|
3232
|
+
# unstructured, and image files.
|
3233
|
+
# @!attribute [rw] transformation_details_storage_config
|
3234
|
+
# @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
|
3235
|
+
# Config for storing transformation details. This is separate from the
|
3236
|
+
# de-identified content, and contains metadata about the successful
|
3237
|
+
# transformations and/or failures that occurred while de-identifying. This
|
3238
|
+
# needs to be set in order for users to access information about the status
|
3239
|
+
# of each transformation (see
|
3240
|
+
# {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
|
3241
|
+
# message for more information about what is noted).
|
3242
|
+
# @!attribute [rw] cloud_storage_output
|
3243
|
+
# @return [::String]
|
3244
|
+
# Required. User settable Cloud Storage bucket and folders to store de-identified
|
3245
|
+
# files. This field must be set for cloud storage deidentification. The
|
3246
|
+
# output Cloud Storage bucket must be different from the input bucket.
|
3247
|
+
# De-identified files will overwrite files in the output path.
|
3248
|
+
#
|
3249
|
+
# Form of: gs://bucket/folder/ or gs://bucket
|
3250
|
+
# @!attribute [rw] file_types_to_transform
|
3251
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
|
3252
|
+
# List of user-specified file type groups to transform. If specified, only
|
3253
|
+
# the files with these filetypes will be transformed. If empty, all
|
3254
|
+
# supported files will be transformed. Supported types may be automatically
|
3255
|
+
# added over time. If a file type is set in this field that isn't supported
|
3256
|
+
# by the Deidentify action then the job will fail and will not be
|
3257
|
+
# successfully created/started. Currently the only filetypes supported are:
|
3258
|
+
# IMAGES, TEXT_FILES, CSV, TSV.
|
3259
|
+
class Deidentify
|
3260
|
+
include ::Google::Protobuf::MessageExts
|
3261
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
3262
|
+
end
|
3263
|
+
|
3264
|
+
# Sends an email when the job completes. The email goes to IAM project owners
|
3265
|
+
# and technical [Essential
|
3266
|
+
# Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
|
2784
3267
|
class JobNotificationEmails
|
2785
3268
|
include ::Google::Protobuf::MessageExts
|
2786
3269
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -2796,6 +3279,37 @@ module Google
|
|
2796
3279
|
end
|
2797
3280
|
end
|
2798
3281
|
|
3282
|
+
# User specified templates and configs for how to deidentify structured,
|
3283
|
+
# unstructures, and image files. User must provide either a unstructured
|
3284
|
+
# deidentify template or at least one redact image config.
|
3285
|
+
# @!attribute [rw] deidentify_template
|
3286
|
+
# @return [::String]
|
3287
|
+
# De-identify template.
|
3288
|
+
# If this template is specified, it will serve as the default de-identify
|
3289
|
+
# template. This template cannot contain `record_transformations` since it
|
3290
|
+
# can be used for unstructured content such as free-form text files. If this
|
3291
|
+
# template is not set, a default `ReplaceWithInfoTypeConfig` will be used to
|
3292
|
+
# de-identify unstructured content.
|
3293
|
+
# @!attribute [rw] structured_deidentify_template
|
3294
|
+
# @return [::String]
|
3295
|
+
# Structured de-identify template.
|
3296
|
+
# If this template is specified, it will serve as the de-identify template
|
3297
|
+
# for structured content such as delimited files and tables. If this template
|
3298
|
+
# is not set but the `deidentify_template` is set, then `deidentify_template`
|
3299
|
+
# will also apply to the structured content. If neither template is set, a
|
3300
|
+
# default `ReplaceWithInfoTypeConfig` will be used to de-identify structured
|
3301
|
+
# content.
|
3302
|
+
# @!attribute [rw] image_redact_template
|
3303
|
+
# @return [::String]
|
3304
|
+
# Image redact template.
|
3305
|
+
# If this template is specified, it will serve as the de-identify template
|
3306
|
+
# for images. If this template is not set, all findings in the image will be
|
3307
|
+
# redacted with a black box.
|
3308
|
+
class TransformationConfig
|
3309
|
+
include ::Google::Protobuf::MessageExts
|
3310
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
3311
|
+
end
|
3312
|
+
|
2799
3313
|
# Request message for CreateInspectTemplate.
|
2800
3314
|
# @!attribute [rw] parent
|
2801
3315
|
# @return [::String]
|
@@ -2893,7 +3407,7 @@ module Google
|
|
2893
3407
|
# to `ListInspectTemplates`.
|
2894
3408
|
# @!attribute [rw] page_size
|
2895
3409
|
# @return [::Integer]
|
2896
|
-
# Size of the page, can be limited by server. If zero server returns
|
3410
|
+
# Size of the page, can be limited by the server. If zero server returns
|
2897
3411
|
# a page of max size 100.
|
2898
3412
|
# @!attribute [rw] order_by
|
2899
3413
|
# @return [::String]
|
@@ -2906,10 +3420,10 @@ module Google
|
|
2906
3420
|
#
|
2907
3421
|
# Supported fields are:
|
2908
3422
|
#
|
2909
|
-
# - `create_time`: corresponds to time the template was created.
|
2910
|
-
# - `update_time`: corresponds to time the template was last updated.
|
2911
|
-
# - `name`: corresponds to template's name.
|
2912
|
-
# - `display_name`: corresponds to template's display name.
|
3423
|
+
# - `create_time`: corresponds to the time the template was created.
|
3424
|
+
# - `update_time`: corresponds to the time the template was last updated.
|
3425
|
+
# - `name`: corresponds to the template's name.
|
3426
|
+
# - `display_name`: corresponds to the template's display name.
|
2913
3427
|
# @!attribute [rw] location_id
|
2914
3428
|
# @return [::String]
|
2915
3429
|
# Deprecated. This field has no effect.
|
@@ -3094,11 +3608,11 @@ module Google
|
|
3094
3608
|
#
|
3095
3609
|
# Supported fields are:
|
3096
3610
|
#
|
3097
|
-
# - `create_time`: corresponds to time the JobTrigger was created.
|
3098
|
-
# - `update_time`: corresponds to time the JobTrigger was last updated.
|
3611
|
+
# - `create_time`: corresponds to the time the JobTrigger was created.
|
3612
|
+
# - `update_time`: corresponds to the time the JobTrigger was last updated.
|
3099
3613
|
# - `last_run_time`: corresponds to the last time the JobTrigger ran.
|
3100
|
-
# - `name`: corresponds to JobTrigger's name.
|
3101
|
-
# - `display_name`: corresponds to JobTrigger's display name.
|
3614
|
+
# - `name`: corresponds to the JobTrigger's name.
|
3615
|
+
# - `display_name`: corresponds to the JobTrigger's display name.
|
3102
3616
|
# - `status`: corresponds to JobTrigger's status.
|
3103
3617
|
# @!attribute [rw] filter
|
3104
3618
|
# @return [::String]
|
@@ -3369,7 +3883,7 @@ module Google
|
|
3369
3883
|
# The job is no longer running.
|
3370
3884
|
DONE = 3
|
3371
3885
|
|
3372
|
-
# The job was canceled before it could
|
3886
|
+
# The job was canceled before it could be completed.
|
3373
3887
|
CANCELED = 4
|
3374
3888
|
|
3375
3889
|
# The job had an error and did not complete.
|
@@ -3377,7 +3891,7 @@ module Google
|
|
3377
3891
|
|
3378
3892
|
# The job is currently accepting findings via hybridInspect.
|
3379
3893
|
# A hybrid job in ACTIVE state may continue to have findings added to it
|
3380
|
-
# through calling of hybridInspect. After the job has finished no more
|
3894
|
+
# through the calling of hybridInspect. After the job has finished no more
|
3381
3895
|
# calls to hybridInspect may be made. ACTIVE jobs can transition to DONE.
|
3382
3896
|
ACTIVE = 6
|
3383
3897
|
end
|
@@ -3424,13 +3938,13 @@ module Google
|
|
3424
3938
|
# * Supported fields/values for inspect jobs:
|
3425
3939
|
# - `state` - PENDING|RUNNING|CANCELED|FINISHED|FAILED
|
3426
3940
|
# - `inspected_storage` - DATASTORE|CLOUD_STORAGE|BIGQUERY
|
3427
|
-
# - `trigger_name` - The
|
3428
|
-
# - 'end_time` - Corresponds to time the job finished.
|
3429
|
-
# - 'start_time` - Corresponds to time the job finished.
|
3941
|
+
# - `trigger_name` - The name of the trigger that created the job.
|
3942
|
+
# - 'end_time` - Corresponds to the time the job finished.
|
3943
|
+
# - 'start_time` - Corresponds to the time the job finished.
|
3430
3944
|
# * Supported fields for risk analysis jobs:
|
3431
3945
|
# - `state` - RUNNING|CANCELED|FINISHED|FAILED
|
3432
|
-
# - 'end_time` - Corresponds to time the job finished.
|
3433
|
-
# - 'start_time` - Corresponds to time the job finished.
|
3946
|
+
# - 'end_time` - Corresponds to the time the job finished.
|
3947
|
+
# - 'start_time` - Corresponds to the time the job finished.
|
3434
3948
|
# * The operator must be `=` or `!=`.
|
3435
3949
|
#
|
3436
3950
|
# Examples:
|
@@ -3461,9 +3975,9 @@ module Google
|
|
3461
3975
|
#
|
3462
3976
|
# Supported fields are:
|
3463
3977
|
#
|
3464
|
-
# - `create_time`: corresponds to time the job was created.
|
3465
|
-
# - `end_time`: corresponds to time the job ended.
|
3466
|
-
# - `name`: corresponds to job's name.
|
3978
|
+
# - `create_time`: corresponds to the time the job was created.
|
3979
|
+
# - `end_time`: corresponds to the time the job ended.
|
3980
|
+
# - `name`: corresponds to the job's name.
|
3467
3981
|
# - `state`: corresponds to `state`
|
3468
3982
|
# @!attribute [rw] location_id
|
3469
3983
|
# @return [::String]
|
@@ -3609,7 +4123,7 @@ module Google
|
|
3609
4123
|
# to `ListDeidentifyTemplates`.
|
3610
4124
|
# @!attribute [rw] page_size
|
3611
4125
|
# @return [::Integer]
|
3612
|
-
# Size of the page, can be limited by server. If zero server returns
|
4126
|
+
# Size of the page, can be limited by the server. If zero server returns
|
3613
4127
|
# a page of max size 100.
|
3614
4128
|
# @!attribute [rw] order_by
|
3615
4129
|
# @return [::String]
|
@@ -3622,10 +4136,10 @@ module Google
|
|
3622
4136
|
#
|
3623
4137
|
# Supported fields are:
|
3624
4138
|
#
|
3625
|
-
# - `create_time`: corresponds to time the template was created.
|
3626
|
-
# - `update_time`: corresponds to time the template was last updated.
|
3627
|
-
# - `name`: corresponds to template's name.
|
3628
|
-
# - `display_name`: corresponds to template's display name.
|
4139
|
+
# - `create_time`: corresponds to the time the template was created.
|
4140
|
+
# - `update_time`: corresponds to the time the template was last updated.
|
4141
|
+
# - `name`: corresponds to the template's name.
|
4142
|
+
# - `display_name`: corresponds to the template's display name.
|
3629
4143
|
# @!attribute [rw] location_id
|
3630
4144
|
# @return [::String]
|
3631
4145
|
# Deprecated. This field has no effect.
|
@@ -3662,12 +4176,12 @@ module Google
|
|
3662
4176
|
# Configuration for a custom dictionary created from a data source of any size
|
3663
4177
|
# up to the maximum size defined in the
|
3664
4178
|
# [limits](https://cloud.google.com/dlp/limits) page. The artifacts of
|
3665
|
-
# dictionary creation are stored in the specified
|
4179
|
+
# dictionary creation are stored in the specified Cloud Storage
|
3666
4180
|
# location. Consider using `CustomInfoType.Dictionary` for smaller dictionaries
|
3667
4181
|
# that satisfy the size requirements.
|
3668
4182
|
# @!attribute [rw] output_path
|
3669
4183
|
# @return [::Google::Cloud::Dlp::V2::CloudStoragePath]
|
3670
|
-
# Location to store dictionary artifacts in
|
4184
|
+
# Location to store dictionary artifacts in Cloud Storage. These files
|
3671
4185
|
# will only be accessible by project owners and the DLP API. If any of these
|
3672
4186
|
# artifacts are modified, the dictionary is considered invalid and can no
|
3673
4187
|
# longer be used.
|
@@ -3744,7 +4258,7 @@ module Google
|
|
3744
4258
|
# appearing first.
|
3745
4259
|
#
|
3746
4260
|
# For example, some of the data for stored custom dictionaries is put in
|
3747
|
-
# the user's
|
4261
|
+
# the user's Cloud Storage bucket, and if this data is modified or
|
3748
4262
|
# deleted by the user or another system, the dictionary becomes invalid.
|
3749
4263
|
#
|
3750
4264
|
# If any errors occur, fix the problem indicated by the error message and
|
@@ -3859,10 +4373,6 @@ module Google
|
|
3859
4373
|
# `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
|
3860
4374
|
# + Projects scope, no location specified (defaults to global):<br/>
|
3861
4375
|
# `projects/`<var>PROJECT_ID</var>
|
3862
|
-
# + Organizations scope, location specified:<br/>
|
3863
|
-
# `organizations/`<var>ORG_ID</var>`/locations/`<var>LOCATION_ID</var>
|
3864
|
-
# + Organizations scope, no location specified (defaults to global):<br/>
|
3865
|
-
# `organizations/`<var>ORG_ID</var>
|
3866
4376
|
#
|
3867
4377
|
# The following example `parent` string specifies a parent project with the
|
3868
4378
|
# identifier `example-project`, and specifies the `europe-west3` location
|
@@ -3875,7 +4385,7 @@ module Google
|
|
3875
4385
|
# to `ListStoredInfoTypes`.
|
3876
4386
|
# @!attribute [rw] page_size
|
3877
4387
|
# @return [::Integer]
|
3878
|
-
# Size of the page, can be limited by server. If zero server returns
|
4388
|
+
# Size of the page, can be limited by the server. If zero server returns
|
3879
4389
|
# a page of max size 100.
|
3880
4390
|
# @!attribute [rw] order_by
|
3881
4391
|
# @return [::String]
|
@@ -3888,7 +4398,7 @@ module Google
|
|
3888
4398
|
#
|
3889
4399
|
# Supported fields are:
|
3890
4400
|
#
|
3891
|
-
# - `create_time`: corresponds to time the most recent version of the
|
4401
|
+
# - `create_time`: corresponds to the time the most recent version of the
|
3892
4402
|
# resource was created.
|
3893
4403
|
# - `state`: corresponds to the state of the resource.
|
3894
4404
|
# - `name`: corresponds to resource name.
|
@@ -4025,36 +4535,7 @@ module Google
|
|
4025
4535
|
end
|
4026
4536
|
|
4027
4537
|
# Score is a summary of all elements in the data profile.
|
4028
|
-
# A higher number means more
|
4029
|
-
# @!attribute [rw] score
|
4030
|
-
# @return [::Google::Cloud::Dlp::V2::SensitivityScore::SensitivityScoreLevel]
|
4031
|
-
# The score applied to the resource.
|
4032
|
-
class SensitivityScore
|
4033
|
-
include ::Google::Protobuf::MessageExts
|
4034
|
-
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4035
|
-
|
4036
|
-
# Various score levels for resources.
|
4037
|
-
module SensitivityScoreLevel
|
4038
|
-
# Unused.
|
4039
|
-
SENSITIVITY_SCORE_UNSPECIFIED = 0
|
4040
|
-
|
4041
|
-
# No sensitive information detected. Limited access.
|
4042
|
-
SENSITIVITY_LOW = 10
|
4043
|
-
|
4044
|
-
# Medium risk - PII, potentially sensitive data, or fields with free-text
|
4045
|
-
# data that are at higher risk of having intermittent sensitive data.
|
4046
|
-
# Consider limiting access.
|
4047
|
-
SENSITIVITY_MODERATE = 20
|
4048
|
-
|
4049
|
-
# High risk – SPII may be present. Exfiltration of data may lead to user
|
4050
|
-
# data loss. Re-identification of users may be possible. Consider limiting
|
4051
|
-
# usage and or removing SPII.
|
4052
|
-
SENSITIVITY_HIGH = 30
|
4053
|
-
end
|
4054
|
-
end
|
4055
|
-
|
4056
|
-
# Score is a summary of all elements in the data profile.
|
4057
|
-
# A higher number means more risky.
|
4538
|
+
# A higher number means more risk.
|
4058
4539
|
# @!attribute [rw] score
|
4059
4540
|
# @return [::Google::Cloud::Dlp::V2::DataRiskLevel::DataRiskLevelScore]
|
4060
4541
|
# The score applied to the resource.
|
@@ -4073,8 +4554,8 @@ module Google
|
|
4073
4554
|
RISK_LOW = 10
|
4074
4555
|
|
4075
4556
|
# Medium risk - Sensitive data may be present but additional access or fine
|
4076
|
-
# grain access restrictions
|
4077
|
-
# access even further or
|
4557
|
+
# grain access restrictions appear to be present. Consider limiting
|
4558
|
+
# access even further or transform data to mask.
|
4078
4559
|
RISK_MODERATE = 20
|
4079
4560
|
|
4080
4561
|
# High risk – SPII may be present. Access controls may include public
|
@@ -4221,6 +4702,10 @@ module Google
|
|
4221
4702
|
# @!attribute [rw] info_type
|
4222
4703
|
# @return [::Google::Cloud::Dlp::V2::InfoType]
|
4223
4704
|
# The infoType.
|
4705
|
+
# @!attribute [rw] estimated_prevalence
|
4706
|
+
# @return [::Integer]
|
4707
|
+
# Approximate percentage of non-null rows that contained data detected by
|
4708
|
+
# this infotype.
|
4224
4709
|
class InfoTypeSummary
|
4225
4710
|
include ::Google::Protobuf::MessageExts
|
4226
4711
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -4230,12 +4715,16 @@ module Google
|
|
4230
4715
|
# @!attribute [rw] info_type
|
4231
4716
|
# @return [::Google::Cloud::Dlp::V2::InfoType]
|
4232
4717
|
# The other infoType.
|
4718
|
+
# @!attribute [rw] estimated_prevalence
|
4719
|
+
# @return [::Integer]
|
4720
|
+
# Approximate percentage of non-null rows that contained data detected by
|
4721
|
+
# this infotype.
|
4233
4722
|
class OtherInfoTypeSummary
|
4234
4723
|
include ::Google::Protobuf::MessageExts
|
4235
4724
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4236
4725
|
end
|
4237
4726
|
|
4238
|
-
# A condition for determining whether a
|
4727
|
+
# A condition for determining whether a Pub/Sub should be triggered.
|
4239
4728
|
# @!attribute [rw] expressions
|
4240
4729
|
# @return [::Google::Cloud::Dlp::V2::DataProfilePubSubCondition::PubSubExpressions]
|
4241
4730
|
# An expression.
|
@@ -4292,10 +4781,9 @@ module Google
|
|
4292
4781
|
end
|
4293
4782
|
end
|
4294
4783
|
|
4295
|
-
#
|
4784
|
+
# Pub/Sub topic message for a DataProfileAction.PubSubNotification event.
|
4296
4785
|
# To receive a message of protocol buffer schema type, convert the message data
|
4297
4786
|
# to an object of this proto class.
|
4298
|
-
# https://cloud.google.com/pubsub/docs/samples/pubsub-subscribe-proto-messages
|
4299
4787
|
# @!attribute [rw] profile
|
4300
4788
|
# @return [::Google::Cloud::Dlp::V2::TableDataProfile]
|
4301
4789
|
# If `DetailLevel` is `TABLE_PROFILE` this will be fully populated.
|
@@ -4309,6 +4797,91 @@ module Google
|
|
4309
4797
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4310
4798
|
end
|
4311
4799
|
|
4800
|
+
# Enum of possible outcomes of transformations. SUCCESS if transformation and
|
4801
|
+
# storing of transformation was successful, otherwise, reason for not
|
4802
|
+
# transforming.
|
4803
|
+
module TransformationResultStatusType
|
4804
|
+
STATE_TYPE_UNSPECIFIED = 0
|
4805
|
+
|
4806
|
+
# This will be set when a finding could not be transformed (i.e. outside user
|
4807
|
+
# set bucket range).
|
4808
|
+
INVALID_TRANSFORM = 1
|
4809
|
+
|
4810
|
+
# This will be set when a BigQuery transformation was successful but could
|
4811
|
+
# not be stored back in BigQuery because the transformed row exceeds
|
4812
|
+
# BigQuery's max row size.
|
4813
|
+
BIGQUERY_MAX_ROW_SIZE_EXCEEDED = 2
|
4814
|
+
|
4815
|
+
# This will be set when there is a finding in the custom metadata of a file,
|
4816
|
+
# but at the write time of the transformed file, this key / value pair is
|
4817
|
+
# unretrievable.
|
4818
|
+
METADATA_UNRETRIEVABLE = 3
|
4819
|
+
|
4820
|
+
# This will be set when the transformation and storing of it is successful.
|
4821
|
+
SUCCESS = 4
|
4822
|
+
end
|
4823
|
+
|
4824
|
+
# Describes functionality of a given container in its original format.
|
4825
|
+
module TransformationContainerType
|
4826
|
+
TRANSFORM_UNKNOWN_CONTAINER = 0
|
4827
|
+
|
4828
|
+
TRANSFORM_BODY = 1
|
4829
|
+
|
4830
|
+
TRANSFORM_METADATA = 2
|
4831
|
+
|
4832
|
+
TRANSFORM_TABLE = 3
|
4833
|
+
end
|
4834
|
+
|
4835
|
+
# An enum of rules that can be used to transform a value. Can be a
|
4836
|
+
# record suppression, or one of the transformation rules specified under
|
4837
|
+
# `PrimitiveTransformation`.
|
4838
|
+
module TransformationType
|
4839
|
+
# Unused
|
4840
|
+
TRANSFORMATION_TYPE_UNSPECIFIED = 0
|
4841
|
+
|
4842
|
+
# Record suppression
|
4843
|
+
RECORD_SUPPRESSION = 1
|
4844
|
+
|
4845
|
+
# Replace value
|
4846
|
+
REPLACE_VALUE = 2
|
4847
|
+
|
4848
|
+
# Replace value using a dictionary.
|
4849
|
+
REPLACE_DICTIONARY = 15
|
4850
|
+
|
4851
|
+
# Redact
|
4852
|
+
REDACT = 3
|
4853
|
+
|
4854
|
+
# Character mask
|
4855
|
+
CHARACTER_MASK = 4
|
4856
|
+
|
4857
|
+
# FFX-FPE
|
4858
|
+
CRYPTO_REPLACE_FFX_FPE = 5
|
4859
|
+
|
4860
|
+
# Fixed size bucketing
|
4861
|
+
FIXED_SIZE_BUCKETING = 6
|
4862
|
+
|
4863
|
+
# Bucketing
|
4864
|
+
BUCKETING = 7
|
4865
|
+
|
4866
|
+
# Replace with info type
|
4867
|
+
REPLACE_WITH_INFO_TYPE = 8
|
4868
|
+
|
4869
|
+
# Time part
|
4870
|
+
TIME_PART = 9
|
4871
|
+
|
4872
|
+
# Crypto hash
|
4873
|
+
CRYPTO_HASH = 10
|
4874
|
+
|
4875
|
+
# Date shift
|
4876
|
+
DATE_SHIFT = 12
|
4877
|
+
|
4878
|
+
# Deterministic crypto
|
4879
|
+
CRYPTO_DETERMINISTIC_CONFIG = 13
|
4880
|
+
|
4881
|
+
# Redact image
|
4882
|
+
REDACT_IMAGE = 14
|
4883
|
+
end
|
4884
|
+
|
4312
4885
|
# Operators available for comparing the value of fields.
|
4313
4886
|
module RelationalOperator
|
4314
4887
|
# Unused
|