google-cloud-dlp-v2 0.10.0 → 0.13.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -21,7 +21,7 @@ module Google
21
21
  module Cloud
22
22
  module Dlp
23
23
  module V2
24
- # List of exclude infoTypes.
24
+ # List of excluded infoTypes.
25
25
  # @!attribute [rw] info_types
26
26
  # @return [::Array<::Google::Cloud::Dlp::V2::InfoType>]
27
27
  # InfoType list in ExclusionRule rule drops a finding when it overlaps or
@@ -107,10 +107,16 @@ module Google
107
107
  # @return [::Google::Cloud::Dlp::V2::InspectConfig::FindingLimits]
108
108
  # Configuration to control the number of findings returned.
109
109
  # This is not used for data profiling.
110
+ #
111
+ # When redacting sensitive data from images, finding limits don't apply. They
112
+ # can cause unexpected or inconsistent results, where only some data is
113
+ # redacted. Don't include finding limits in
114
+ # {::Google::Cloud::Dlp::V2::DlpService::Client#redact_image RedactImage}
115
+ # requests. Otherwise, Cloud DLP returns an error.
110
116
  # @!attribute [rw] include_quote
111
117
  # @return [::Boolean]
112
118
  # When true, a contextual quote from the data that triggered a finding is
113
- # included in the response; see Finding.quote.
119
+ # included in the response; see {::Google::Cloud::Dlp::V2::Finding#quote Finding.quote}.
114
120
  # This is not used for data profiling.
115
121
  # @!attribute [rw] exclude_info_types
116
122
  # @return [::Boolean]
@@ -134,6 +140,12 @@ module Google
134
140
 
135
141
  # Configuration to control the number of findings returned for inspection.
136
142
  # This is not used for de-identification or data profiling.
143
+ #
144
+ # When redacting sensitive data from images, finding limits don't apply. They
145
+ # can cause unexpected or inconsistent results, where only some data is
146
+ # redacted. Don't include finding limits in
147
+ # {::Google::Cloud::Dlp::V2::DlpService::Client#redact_image RedactImage}
148
+ # requests. Otherwise, Cloud DLP returns an error.
137
149
  # @!attribute [rw] max_findings_per_item
138
150
  # @return [::Integer]
139
151
  # Max number of findings that will be returned for each item scanned.
@@ -399,7 +411,7 @@ module Google
399
411
  # * Datastore namespace: \\{namespace}
400
412
  #
401
413
  # Nested names could be absent if the embedded object has no string
402
- # identifier (for an example an image contained within a document).
414
+ # identifier (for example, an image contained within a document).
403
415
  # @!attribute [rw] record_location
404
416
  # @return [::Google::Cloud::Dlp::V2::RecordLocation]
405
417
  # Location within a row or record of a database table.
@@ -414,14 +426,14 @@ module Google
414
426
  # Location within the metadata for inspected content.
415
427
  # @!attribute [rw] container_timestamp
416
428
  # @return [::Google::Protobuf::Timestamp]
417
- # Findings container modification timestamp, if applicable.
418
- # For Google Cloud Storage contains last file modification timestamp.
419
- # For BigQuery table contains last_modified_time property.
420
- # For Datastore - not populated.
429
+ # Finding container modification timestamp, if applicable. For Cloud Storage,
430
+ # this field contains the last file modification timestamp. For a BigQuery
431
+ # table, this field contains the last_modified_time property. For Datastore,
432
+ # this field isn't populated.
421
433
  # @!attribute [rw] container_version
422
434
  # @return [::String]
423
- # Findings container version, if available
424
- # ("generation" for Google Cloud Storage).
435
+ # Finding container version, if available
436
+ # ("generation" for Cloud Storage).
425
437
  class ContentLocation
426
438
  include ::Google::Protobuf::MessageExts
427
439
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -490,7 +502,7 @@ module Google
490
502
  # Examples of a container include a file, table, or database record.
491
503
  # @!attribute [rw] type
492
504
  # @return [::String]
493
- # Container type, for example BigQuery or Google Cloud Storage.
505
+ # Container type, for example BigQuery or Cloud Storage.
494
506
  # @!attribute [rw] project_id
495
507
  # @return [::String]
496
508
  # Project where the finding was found.
@@ -500,33 +512,35 @@ module Google
500
512
  # A string representation of the full container name.
501
513
  # Examples:
502
514
  # - BigQuery: 'Project:DataSetId.TableId'
503
- # - Google Cloud Storage: 'gs://Bucket/folders/filename.txt'
515
+ # - Cloud Storage: 'gs://Bucket/folders/filename.txt'
504
516
  # @!attribute [rw] root_path
505
517
  # @return [::String]
506
518
  # The root of the container.
507
519
  # Examples:
520
+ #
508
521
  # - For BigQuery table `project_id:dataset_id.table_id`, the root is
509
522
  # `dataset_id`
510
- # - For Google Cloud Storage file `gs://bucket/folder/filename.txt`, the root
523
+ # - For Cloud Storage file `gs://bucket/folder/filename.txt`, the root
511
524
  # is `gs://bucket`
512
525
  # @!attribute [rw] relative_path
513
526
  # @return [::String]
514
527
  # The rest of the path after the root.
515
528
  # Examples:
529
+ #
516
530
  # - For BigQuery table `project_id:dataset_id.table_id`, the relative path is
517
531
  # `table_id`
518
- # - Google Cloud Storage file `gs://bucket/folder/filename.txt`, the relative
532
+ # - For Cloud Storage file `gs://bucket/folder/filename.txt`, the relative
519
533
  # path is `folder/filename.txt`
520
534
  # @!attribute [rw] update_time
521
535
  # @return [::Google::Protobuf::Timestamp]
522
- # Findings container modification timestamp, if applicable.
523
- # For Google Cloud Storage contains last file modification timestamp.
524
- # For BigQuery table contains last_modified_time property.
525
- # For Datastore - not populated.
536
+ # Findings container modification timestamp, if applicable. For Cloud
537
+ # Storage, this field contains the last file modification timestamp. For a
538
+ # BigQuery table, this field contains the last_modified_time property. For
539
+ # Datastore, this field isn't populated.
526
540
  # @!attribute [rw] version
527
541
  # @return [::String]
528
542
  # Findings container version, if available
529
- # ("generation" for Google Cloud Storage).
543
+ # ("generation" for Cloud Storage).
530
544
  class Container
531
545
  include ::Google::Protobuf::MessageExts
532
546
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -664,7 +678,7 @@ module Google
664
678
  extend ::Google::Protobuf::MessageExts::ClassMethods
665
679
  end
666
680
 
667
- # Request to de-identify a list of items.
681
+ # Request to de-identify a ContentItem.
668
682
  # @!attribute [rw] parent
669
683
  # @return [::String]
670
684
  # Parent resource name.
@@ -791,7 +805,7 @@ module Google
791
805
  extend ::Google::Protobuf::MessageExts::ClassMethods
792
806
  end
793
807
 
794
- # Results of re-identifying a item.
808
+ # Results of re-identifying an item.
795
809
  # @!attribute [rw] item
796
810
  # @return [::Google::Cloud::Dlp::V2::ContentItem]
797
811
  # The re-identified item.
@@ -859,8 +873,8 @@ module Google
859
873
  # Store findings in an existing table or a new table in an existing
860
874
  # dataset. If table_id is not set a new one will be generated
861
875
  # for you with the following format:
862
- # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
863
- # generating the date details.
876
+ # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used
877
+ # for generating the date details.
864
878
  #
865
879
  # For Inspect, each column in an existing output table must have the same
866
880
  # name, type, and mode of a field in the `Finding` object.
@@ -896,7 +910,7 @@ module Google
896
910
  # `timestamp`.
897
911
  BASIC_COLUMNS = 1
898
912
 
899
- # Schema tailored to findings from scanning Google Cloud Storage.
913
+ # Schema tailored to findings from scanning Cloud Storage.
900
914
  GCS_COLUMNS = 2
901
915
 
902
916
  # Schema tailored to findings from scanning Google Datastore.
@@ -1000,11 +1014,222 @@ module Google
1000
1014
  # @return [::String]
1001
1015
  # Description of the infotype. Translated when language is provided in the
1002
1016
  # request.
1017
+ # @!attribute [rw] versions
1018
+ # @return [::Array<::Google::Cloud::Dlp::V2::VersionDescription>]
1019
+ # A list of available versions for the infotype.
1020
+ # @!attribute [rw] categories
1021
+ # @return [::Array<::Google::Cloud::Dlp::V2::InfoTypeCategory>]
1022
+ # The category of the infoType.
1003
1023
  class InfoTypeDescription
1004
1024
  include ::Google::Protobuf::MessageExts
1005
1025
  extend ::Google::Protobuf::MessageExts::ClassMethods
1006
1026
  end
1007
1027
 
1028
+ # Classification of infoTypes to organize them according to geographic
1029
+ # location, industry, and data type.
1030
+ # @!attribute [rw] location_category
1031
+ # @return [::Google::Cloud::Dlp::V2::InfoTypeCategory::LocationCategory]
1032
+ # The region or country that issued the ID or document represented by the
1033
+ # infoType.
1034
+ # @!attribute [rw] industry_category
1035
+ # @return [::Google::Cloud::Dlp::V2::InfoTypeCategory::IndustryCategory]
1036
+ # The group of relevant businesses where this infoType is commonly used
1037
+ # @!attribute [rw] type_category
1038
+ # @return [::Google::Cloud::Dlp::V2::InfoTypeCategory::TypeCategory]
1039
+ # The class of identifiers where this infoType belongs
1040
+ class InfoTypeCategory
1041
+ include ::Google::Protobuf::MessageExts
1042
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1043
+
1044
+ # Enum of the current locations.
1045
+ # We might add more locations in the future.
1046
+ module LocationCategory
1047
+ # Unused location
1048
+ LOCATION_UNSPECIFIED = 0
1049
+
1050
+ # The infoType is not issued by or tied to a specific region, but is used
1051
+ # almost everywhere.
1052
+ GLOBAL = 1
1053
+
1054
+ # The infoType is typically used in Argentina.
1055
+ ARGENTINA = 2
1056
+
1057
+ # The infoType is typically used in Australia.
1058
+ AUSTRALIA = 3
1059
+
1060
+ # The infoType is typically used in Belgium.
1061
+ BELGIUM = 4
1062
+
1063
+ # The infoType is typically used in Brazil.
1064
+ BRAZIL = 5
1065
+
1066
+ # The infoType is typically used in Canada.
1067
+ CANADA = 6
1068
+
1069
+ # The infoType is typically used in Chile.
1070
+ CHILE = 7
1071
+
1072
+ # The infoType is typically used in China.
1073
+ CHINA = 8
1074
+
1075
+ # The infoType is typically used in Colombia.
1076
+ COLOMBIA = 9
1077
+
1078
+ # The infoType is typically used in Denmark.
1079
+ DENMARK = 10
1080
+
1081
+ # The infoType is typically used in France.
1082
+ FRANCE = 11
1083
+
1084
+ # The infoType is typically used in Finland.
1085
+ FINLAND = 12
1086
+
1087
+ # The infoType is typically used in Germany.
1088
+ GERMANY = 13
1089
+
1090
+ # The infoType is typically used in Hong Kong.
1091
+ HONG_KONG = 14
1092
+
1093
+ # The infoType is typically used in India.
1094
+ INDIA = 15
1095
+
1096
+ # The infoType is typically used in Indonesia.
1097
+ INDONESIA = 16
1098
+
1099
+ # The infoType is typically used in Ireland.
1100
+ IRELAND = 17
1101
+
1102
+ # The infoType is typically used in Israel.
1103
+ ISRAEL = 18
1104
+
1105
+ # The infoType is typically used in Italy.
1106
+ ITALY = 19
1107
+
1108
+ # The infoType is typically used in Japan.
1109
+ JAPAN = 20
1110
+
1111
+ # The infoType is typically used in Korea.
1112
+ KOREA = 21
1113
+
1114
+ # The infoType is typically used in Mexico.
1115
+ MEXICO = 22
1116
+
1117
+ # The infoType is typically used in the Netherlands.
1118
+ THE_NETHERLANDS = 23
1119
+
1120
+ # The infoType is typically used in Norway.
1121
+ NORWAY = 24
1122
+
1123
+ # The infoType is typically used in Paraguay.
1124
+ PARAGUAY = 25
1125
+
1126
+ # The infoType is typically used in Peru.
1127
+ PERU = 26
1128
+
1129
+ # The infoType is typically used in Poland.
1130
+ POLAND = 27
1131
+
1132
+ # The infoType is typically used in Portugal.
1133
+ PORTUGAL = 28
1134
+
1135
+ # The infoType is typically used in Singapore.
1136
+ SINGAPORE = 29
1137
+
1138
+ # The infoType is typically used in South Africa.
1139
+ SOUTH_AFRICA = 30
1140
+
1141
+ # The infoType is typically used in Spain.
1142
+ SPAIN = 31
1143
+
1144
+ # The infoType is typically used in Sweden.
1145
+ SWEDEN = 32
1146
+
1147
+ # The infoType is typically used in Taiwan.
1148
+ TAIWAN = 33
1149
+
1150
+ # The infoType is typically used in Thailand.
1151
+ THAILAND = 34
1152
+
1153
+ # The infoType is typically used in Turkey.
1154
+ TURKEY = 35
1155
+
1156
+ # The infoType is typically used in the United Kingdom.
1157
+ UNITED_KINGDOM = 36
1158
+
1159
+ # The infoType is typically used in the United States.
1160
+ UNITED_STATES = 37
1161
+
1162
+ # The infoType is typically used in Uruguay.
1163
+ URUGUAY = 38
1164
+
1165
+ # The infoType is typically used in Venezuela.
1166
+ VENEZUELA = 39
1167
+
1168
+ # The infoType is typically used in Google internally.
1169
+ INTERNAL = 40
1170
+ end
1171
+
1172
+ # Enum of the current industries in the category.
1173
+ # We might add more industries in the future.
1174
+ module IndustryCategory
1175
+ # Unused industry
1176
+ INDUSTRY_UNSPECIFIED = 0
1177
+
1178
+ # The infoType is typically used in the finance industry.
1179
+ FINANCE = 1
1180
+
1181
+ # The infoType is typically used in the health industry.
1182
+ HEALTH = 2
1183
+
1184
+ # The infoType is typically used in the telecommunications industry.
1185
+ TELECOMMUNICATIONS = 3
1186
+ end
1187
+
1188
+ # Enum of the current types in the category.
1189
+ # We might add more types in the future.
1190
+ module TypeCategory
1191
+ # Unused type
1192
+ TYPE_UNSPECIFIED = 0
1193
+
1194
+ # Personally identifiable information, for example, a
1195
+ # name or phone number
1196
+ PII = 1
1197
+
1198
+ # Personally identifiable information that is especially sensitive, for
1199
+ # example, a passport number.
1200
+ SPII = 2
1201
+
1202
+ # Attributes that can partially identify someone, especially in
1203
+ # combination with other attributes, like age, height, and gender.
1204
+ DEMOGRAPHIC = 3
1205
+
1206
+ # Confidential or secret information, for example, a password.
1207
+ CREDENTIAL = 4
1208
+
1209
+ # An identification document issued by a government.
1210
+ GOVERNMENT_ID = 5
1211
+
1212
+ # A document, for example, a resume or source code.
1213
+ DOCUMENT = 6
1214
+
1215
+ # Information that is not sensitive on its own, but provides details about
1216
+ # the circumstances surrounding an entity or an event.
1217
+ CONTEXTUAL_INFORMATION = 7
1218
+ end
1219
+ end
1220
+
1221
+ # Details about each available version for an infotype.
1222
+ # @!attribute [rw] version
1223
+ # @return [::String]
1224
+ # Name of the version
1225
+ # @!attribute [rw] description
1226
+ # @return [::String]
1227
+ # Description of the version.
1228
+ class VersionDescription
1229
+ include ::Google::Protobuf::MessageExts
1230
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1231
+ end
1232
+
1008
1233
  # Request for the list of infoTypes.
1009
1234
  # @!attribute [rw] parent
1010
1235
  # @return [::String]
@@ -1571,10 +1796,10 @@ module Google
1571
1796
  # @!attribute [rw] estimated_probability
1572
1797
  # @return [::Float]
1573
1798
  # The estimated probability that a given individual sharing these
1574
- # quasi-identifier values is in the dataset. This value, typically called
1575
- # δ, is the ratio between the number of records in the dataset with these
1576
- # quasi-identifier values, and the total number of individuals (inside
1577
- # *and* outside the dataset) with these quasi-identifier values.
1799
+ # quasi-identifier values is in the dataset. This value, typically
1800
+ # called δ, is the ratio between the number of records in the dataset
1801
+ # with these quasi-identifier values, and the total number of individuals
1802
+ # (inside *and* outside the dataset) with these quasi-identifier values.
1578
1803
  # For example, if there are 15 individuals in the dataset who share the
1579
1804
  # same quasi-identifier values, and an estimated 100 people in the entire
1580
1805
  # population with these values, then δ is 0.15.
@@ -1720,6 +1945,9 @@ module Google
1720
1945
  # Treat the dataset as structured. Transformations can be applied to
1721
1946
  # specific locations within structured datasets, such as transforming
1722
1947
  # a column within a table.
1948
+ # @!attribute [rw] image_transformations
1949
+ # @return [::Google::Cloud::Dlp::V2::ImageTransformations]
1950
+ # Treat the dataset as an image and redact.
1723
1951
  # @!attribute [rw] transformation_error_handling
1724
1952
  # @return [::Google::Cloud::Dlp::V2::TransformationErrorHandling]
1725
1953
  # Mode for handling transformation errors. If left unspecified, the default
@@ -1729,6 +1957,58 @@ module Google
1729
1957
  extend ::Google::Protobuf::MessageExts::ClassMethods
1730
1958
  end
1731
1959
 
1960
+ # A type of transformation that is applied over images.
1961
+ # @!attribute [rw] transforms
1962
+ # @return [::Array<::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation>]
1963
+ class ImageTransformations
1964
+ include ::Google::Protobuf::MessageExts
1965
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1966
+
1967
+ # Configuration for determining how redaction of images should occur.
1968
+ # @!attribute [rw] selected_info_types
1969
+ # @return [::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation::SelectedInfoTypes]
1970
+ # Apply transformation to the selected info_types.
1971
+ # @!attribute [rw] all_info_types
1972
+ # @return [::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation::AllInfoTypes]
1973
+ # Apply transformation to all findings not specified in other
1974
+ # ImageTransformation's selected_info_types. Only one instance is allowed
1975
+ # within the ImageTransformations message.
1976
+ # @!attribute [rw] all_text
1977
+ # @return [::Google::Cloud::Dlp::V2::ImageTransformations::ImageTransformation::AllText]
1978
+ # Apply transformation to all text that doesn't match an infoType. Only
1979
+ # one instance is allowed within the ImageTransformations message.
1980
+ # @!attribute [rw] redaction_color
1981
+ # @return [::Google::Cloud::Dlp::V2::Color]
1982
+ # The color to use when redacting content from an image. If not
1983
+ # specified, the default is black.
1984
+ class ImageTransformation
1985
+ include ::Google::Protobuf::MessageExts
1986
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1987
+
1988
+ # Apply transformation to the selected info_types.
1989
+ # @!attribute [rw] info_types
1990
+ # @return [::Array<::Google::Cloud::Dlp::V2::InfoType>]
1991
+ # Required. InfoTypes to apply the transformation to. Required. Provided InfoType
1992
+ # must be unique within the ImageTransformations message.
1993
+ class SelectedInfoTypes
1994
+ include ::Google::Protobuf::MessageExts
1995
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1996
+ end
1997
+
1998
+ # Apply transformation to all findings.
1999
+ class AllInfoTypes
2000
+ include ::Google::Protobuf::MessageExts
2001
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2002
+ end
2003
+
2004
+ # Apply to all text.
2005
+ class AllText
2006
+ include ::Google::Protobuf::MessageExts
2007
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2008
+ end
2009
+ end
2010
+ end
2011
+
1732
2012
  # How to handle transformation errors during de-identification. A
1733
2013
  # transformation error occurs when the requested transformation is incompatible
1734
2014
  # with the data. For example, trying to de-identify an IP address using a
@@ -1915,7 +2195,7 @@ module Google
1915
2195
  # plaintext would be used as is for encryption.
1916
2196
  #
1917
2197
  # Note that case (1) is expected when an `InfoTypeTransformation` is
1918
- # applied to both structured and non-structured `ContentItem`s.
2198
+ # applied to both structured and unstructured `ContentItem`s.
1919
2199
  class CryptoDeterministicConfig
1920
2200
  include ::Google::Protobuf::MessageExts
1921
2201
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1968,7 +2248,7 @@ module Google
1968
2248
  include ::Google::Protobuf::MessageExts
1969
2249
  extend ::Google::Protobuf::MessageExts::ClassMethods
1970
2250
 
1971
- # Convenience enum for indication common characters to not transform.
2251
+ # Convenience enum for indicating common characters to not transform.
1972
2252
  module CommonCharsToIgnore
1973
2253
  # Unused.
1974
2254
  COMMON_CHARS_TO_IGNORE_UNSPECIFIED = 0
@@ -2006,6 +2286,21 @@ module Google
2006
2286
  # @return [::Integer]
2007
2287
  # Number of characters to mask. If not set, all matching chars will be
2008
2288
  # masked. Skipped characters do not count towards this tally.
2289
+ #
2290
+ # If `number_to_mask` is negative, this denotes inverse masking. Cloud DLP
2291
+ # masks all but a number of characters.
2292
+ # For example, suppose you have the following values:
2293
+ #
2294
+ # - `masking_character` is `*`
2295
+ # - `number_to_mask` is `-4`
2296
+ # - `reverse_order` is `false`
2297
+ # - `CharsToIgnore` includes `-`
2298
+ # - Input string is `1234-5678-9012-3456`
2299
+ #
2300
+ # The resulting de-identified string is
2301
+ # `****-****-****-3456`. Cloud DLP masks all but the last four characters.
2302
+ # If `reverse_order` is `true`, all but the first four characters are masked
2303
+ # as `1234-****-****-****`.
2009
2304
  # @!attribute [rw] reverse_order
2010
2305
  # @return [::Boolean]
2011
2306
  # Mask characters in reverse order. For example, if `masking_character` is
@@ -2124,7 +2419,7 @@ module Google
2124
2419
  # a default tweak will be used.
2125
2420
  #
2126
2421
  # Note that case (1) is expected when an `InfoTypeTransformation` is
2127
- # applied to both structured and non-structured `ContentItem`s.
2422
+ # applied to both structured and unstructured `ContentItem`s.
2128
2423
  # Currently, the referenced field may be of value type integer or string.
2129
2424
  #
2130
2425
  # The tweak is constructed as a sequence of bytes in big endian byte order
@@ -2183,7 +2478,7 @@ module Google
2183
2478
 
2184
2479
  # These are commonly used subsets of the alphabet that the FFX mode
2185
2480
  # natively supports. In the algorithm, the alphabet is selected using
2186
- # the "radix". Therefore each corresponds to particular radix.
2481
+ # the "radix". Therefore each corresponds to a particular radix.
2187
2482
  module FfxCommonNativeAlphabet
2188
2483
  # Unused.
2189
2484
  FFX_COMMON_NATIVE_ALPHABET_UNSPECIFIED = 0
@@ -2431,7 +2726,7 @@ module Google
2431
2726
  extend ::Google::Protobuf::MessageExts::ClassMethods
2432
2727
  end
2433
2728
 
2434
- # An expression, consisting or an operator and conditions.
2729
+ # An expression, consisting of an operator and conditions.
2435
2730
  # @!attribute [rw] logical_operator
2436
2731
  # @return [::Google::Cloud::Dlp::V2::RecordCondition::Expressions::LogicalOperator]
2437
2732
  # The operator to apply to the result of conditions. Default and currently
@@ -2526,10 +2821,137 @@ module Google
2526
2821
  end
2527
2822
  end
2528
2823
 
2824
+ # A flattened description of a `PrimitiveTransformation` or
2825
+ # `RecordSuppression`.
2826
+ # @!attribute [rw] type
2827
+ # @return [::Google::Cloud::Dlp::V2::TransformationType]
2828
+ # The transformation type.
2829
+ # @!attribute [rw] description
2830
+ # @return [::String]
2831
+ # A description of the transformation. This is empty for a
2832
+ # RECORD_SUPPRESSION, or is the output of calling toString() on the
2833
+ # `PrimitiveTransformation` protocol buffer message for any other type of
2834
+ # transformation.
2835
+ # @!attribute [rw] condition
2836
+ # @return [::String]
2837
+ # A human-readable string representation of the `RecordCondition`
2838
+ # corresponding to this transformation. Set if a `RecordCondition` was used
2839
+ # to determine whether or not to apply this transformation.
2840
+ #
2841
+ # Examples:
2842
+ # * (age_field > 85)
2843
+ # * (age_field <= 18)
2844
+ # * (zip_field exists)
2845
+ # * (zip_field == 01234) && (city_field != "Springville")
2846
+ # * (zip_field == 01234) && (age_field <= 18) && (city_field exists)
2847
+ # @!attribute [rw] info_type
2848
+ # @return [::Google::Cloud::Dlp::V2::InfoType]
2849
+ # Set if the transformation was limited to a specific `InfoType`.
2850
+ class TransformationDescription
2851
+ include ::Google::Protobuf::MessageExts
2852
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2853
+ end
2854
+
2855
+ # Details about a single transformation. This object contains a description of
2856
+ # the transformation, information about whether the transformation was
2857
+ # successfully applied, and the precise location where the transformation
2858
+ # occurred. These details are stored in a user-specified BigQuery table.
2859
+ # @!attribute [rw] resource_name
2860
+ # @return [::String]
2861
+ # The name of the job that completed the transformation.
2862
+ # @!attribute [rw] container_name
2863
+ # @return [::String]
2864
+ # The top level name of the container where the transformation is located
2865
+ # (this will be the source file name or table name).
2866
+ # @!attribute [rw] transformation
2867
+ # @return [::Array<::Google::Cloud::Dlp::V2::TransformationDescription>]
2868
+ # Description of transformation. This would only contain more than one
2869
+ # element if there were multiple matching transformations and which one to
2870
+ # apply was ambiguous. Not set for states that contain no transformation,
2871
+ # currently only state that contains no transformation is
2872
+ # TransformationResultStateType.METADATA_UNRETRIEVABLE.
2873
+ # @!attribute [rw] status_details
2874
+ # @return [::Google::Cloud::Dlp::V2::TransformationResultStatus]
2875
+ # Status of the transformation, if transformation was not successful, this
2876
+ # will specify what caused it to fail, otherwise it will show that the
2877
+ # transformation was successful.
2878
+ # @!attribute [rw] transformed_bytes
2879
+ # @return [::Integer]
2880
+ # The number of bytes that were transformed. If transformation was
2881
+ # unsuccessful or did not take place because there was no content to
2882
+ # transform, this will be zero.
2883
+ # @!attribute [rw] transformation_location
2884
+ # @return [::Google::Cloud::Dlp::V2::TransformationLocation]
2885
+ # The precise location of the transformed content in the original container.
2886
+ class TransformationDetails
2887
+ include ::Google::Protobuf::MessageExts
2888
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2889
+ end
2890
+
2891
+ # Specifies the location of a transformation.
2892
+ # @!attribute [rw] finding_id
2893
+ # @return [::String]
2894
+ # For infotype transformations, link to the corresponding findings ID so
2895
+ # that location information does not need to be duplicated. Each findings
2896
+ # ID correlates to an entry in the findings output table, this table only
2897
+ # gets created when users specify to save findings (add the save findings
2898
+ # action to the request).
2899
+ # @!attribute [rw] record_transformation
2900
+ # @return [::Google::Cloud::Dlp::V2::RecordTransformation]
2901
+ # For record transformations, provide a field and container information.
2902
+ # @!attribute [rw] container_type
2903
+ # @return [::Google::Cloud::Dlp::V2::TransformationContainerType]
2904
+ # Information about the functionality of the container where this finding
2905
+ # occurred, if available.
2906
+ class TransformationLocation
2907
+ include ::Google::Protobuf::MessageExts
2908
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2909
+ end
2910
+
2911
+ # @!attribute [rw] field_id
2912
+ # @return [::Google::Cloud::Dlp::V2::FieldId]
2913
+ # For record transformations, provide a field.
2914
+ # @!attribute [rw] container_timestamp
2915
+ # @return [::Google::Protobuf::Timestamp]
2916
+ # Findings container modification timestamp, if applicable.
2917
+ # @!attribute [rw] container_version
2918
+ # @return [::String]
2919
+ # Container version, if available ("generation" for Cloud Storage).
2920
+ class RecordTransformation
2921
+ include ::Google::Protobuf::MessageExts
2922
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2923
+ end
2924
+
2925
+ # @!attribute [rw] result_status_type
2926
+ # @return [::Google::Cloud::Dlp::V2::TransformationResultStatusType]
2927
+ # Transformation result status type, this will be either SUCCESS, or it will
2928
+ # be the reason for why the transformation was not completely successful.
2929
+ # @!attribute [rw] details
2930
+ # @return [::Google::Rpc::Status]
2931
+ # Detailed error codes and messages
2932
+ class TransformationResultStatus
2933
+ include ::Google::Protobuf::MessageExts
2934
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2935
+ end
2936
+
2937
+ # Config for storing transformation details.
2938
+ # @!attribute [rw] table
2939
+ # @return [::Google::Cloud::Dlp::V2::BigQueryTable]
2940
+ # The BigQuery table in which to store the output. This may be an existing
2941
+ # table or in a new table in an existing dataset.
2942
+ # If table_id is not set a new one will be generated for you with the
2943
+ # following format:
2944
+ # dlp_googleapis_transformation_details_yyyy_mm_dd_[dlp_job_id]. Pacific
2945
+ # time zone will be used for generating the date details.
2946
+ class TransformationDetailsStorageConfig
2947
+ include ::Google::Protobuf::MessageExts
2948
+ extend ::Google::Protobuf::MessageExts::ClassMethods
2949
+ end
2950
+
2529
2951
  # Schedule for inspect job triggers.
2530
2952
  # @!attribute [rw] recurrence_period_duration
2531
2953
  # @return [::Google::Protobuf::Duration]
2532
- # With this option a job is started a regular periodic basis. For
2954
+ # With this option a job is started on a regular periodic basis. For
2533
2955
  # example: every day (86400 seconds).
2534
2956
  #
2535
2957
  # A scheduled start time will be skipped if the previous
@@ -2703,13 +3125,16 @@ module Google
2703
3125
  # Save resulting findings in a provided location.
2704
3126
  # @!attribute [rw] pub_sub
2705
3127
  # @return [::Google::Cloud::Dlp::V2::Action::PublishToPubSub]
2706
- # Publish a notification to a pubsub topic.
3128
+ # Publish a notification to a Pub/Sub topic.
2707
3129
  # @!attribute [rw] publish_summary_to_cscc
2708
3130
  # @return [::Google::Cloud::Dlp::V2::Action::PublishSummaryToCscc]
2709
3131
  # Publish summary to Cloud Security Command Center (Alpha).
2710
3132
  # @!attribute [rw] publish_findings_to_cloud_data_catalog
2711
3133
  # @return [::Google::Cloud::Dlp::V2::Action::PublishFindingsToCloudDataCatalog]
2712
3134
  # Publish findings to Cloud Datahub.
3135
+ # @!attribute [rw] deidentify
3136
+ # @return [::Google::Cloud::Dlp::V2::Action::Deidentify]
3137
+ # Create a de-identified copy of the input data.
2713
3138
  # @!attribute [rw] job_notification_emails
2714
3139
  # @return [::Google::Cloud::Dlp::V2::Action::JobNotificationEmails]
2715
3140
  # Enable email notification for project owners and editors on job's
@@ -2733,7 +3158,7 @@ module Google
2733
3158
  extend ::Google::Protobuf::MessageExts::ClassMethods
2734
3159
  end
2735
3160
 
2736
- # Publish a message into given Pub/Sub topic when DlpJob has completed. The
3161
+ # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
2737
3162
  # message contains a single field, `DlpJobName`, which is equal to the
2738
3163
  # finished job's
2739
3164
  # [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
@@ -2754,33 +3179,91 @@ module Google
2754
3179
  # This action is only available for projects which are parts of
2755
3180
  # an organization and whitelisted for the alpha Cloud Security Command
2756
3181
  # Center.
2757
- # The action will publish count of finding instances and their info types.
2758
- # The summary of findings will be persisted in CSCC and are governed by CSCC
2759
- # service-specific policy, see https://cloud.google.com/terms/service-terms
2760
- # Only a single instance of this action can be specified.
2761
- # Compatible with: Inspect
3182
+ # The action will publish the count of finding instances and their info
3183
+ # types. The summary of findings will be persisted in CSCC and are governed
3184
+ # by CSCC service-specific policy, see
3185
+ # https://cloud.google.com/terms/service-terms Only a single instance of this
3186
+ # action can be specified. Compatible with: Inspect
2762
3187
  class PublishSummaryToCscc
2763
3188
  include ::Google::Protobuf::MessageExts
2764
3189
  extend ::Google::Protobuf::MessageExts::ClassMethods
2765
3190
  end
2766
3191
 
2767
- # Publish findings of a DlpJob to Data Catalog. Labels summarizing the
2768
- # results of the DlpJob will be applied to the entry for the resource scanned
2769
- # in Data Catalog. Any labels previously written by another DlpJob will
2770
- # be deleted. InfoType naming patterns are strictly enforced when using this
2771
- # feature. Note that the findings will be persisted in Data Catalog
2772
- # storage and are governed by Data Catalog service-specific policy, see
2773
- # https://cloud.google.com/terms/service-terms
2774
- # Only a single instance of this action can be specified and only allowed if
2775
- # all resources being scanned are BigQuery tables.
3192
+ # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
3193
+ # templates are applied to the resource that Cloud DLP scanned. Data
3194
+ # Catalog tag templates are stored in the same project and region where the
3195
+ # BigQuery table exists. For Cloud DLP to create and apply the tag template,
3196
+ # the Cloud DLP service agent must have the
3197
+ # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
3198
+ # template contains fields summarizing the results of the DlpJob. Any field
3199
+ # values previously written by another DlpJob are deleted. [InfoType naming
3200
+ # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
3201
+ # this feature.
3202
+ #
3203
+ # Findings are persisted in Data Catalog storage and are governed by
3204
+ # service-specific policies for Data Catalog. For more information, see
3205
+ # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
3206
+ #
3207
+ # Only a single instance of this action can be specified. This action is
3208
+ # allowed only if all resources being scanned are BigQuery tables.
2776
3209
  # Compatible with: Inspect
2777
3210
  class PublishFindingsToCloudDataCatalog
2778
3211
  include ::Google::Protobuf::MessageExts
2779
3212
  extend ::Google::Protobuf::MessageExts::ClassMethods
2780
3213
  end
2781
3214
 
2782
- # Enable email notification to project owners and editors on jobs's
2783
- # completion/failure.
3215
+ # Create a de-identified copy of the requested table or files.
3216
+ #
3217
+ # A TransformationDetail will be created for each transformation.
3218
+ #
3219
+ # If any rows in BigQuery are skipped during de-identification
3220
+ # (transformation errors or row size exceeds BigQuery insert API limits) they
3221
+ # are placed in the failure output table. If the original row exceeds
3222
+ # the BigQuery insert API limit it will be truncated when written to the
3223
+ # failure output table. The failure output table can be set in the
3224
+ # action.deidentify.output.big_query_output.deidentified_failure_output_table
3225
+ # field, if no table is set, a table will be automatically created in the
3226
+ # same project and dataset as the original table.
3227
+ #
3228
+ # Compatible with: Inspect
3229
+ # @!attribute [rw] transformation_config
3230
+ # @return [::Google::Cloud::Dlp::V2::TransformationConfig]
3231
+ # User specified deidentify templates and configs for structured,
3232
+ # unstructured, and image files.
3233
+ # @!attribute [rw] transformation_details_storage_config
3234
+ # @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
3235
+ # Config for storing transformation details. This is separate from the
3236
+ # de-identified content, and contains metadata about the successful
3237
+ # transformations and/or failures that occurred while de-identifying. This
3238
+ # needs to be set in order for users to access information about the status
3239
+ # of each transformation (see
3240
+ # {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
3241
+ # message for more information about what is noted).
3242
+ # @!attribute [rw] cloud_storage_output
3243
+ # @return [::String]
3244
+ # Required. User settable Cloud Storage bucket and folders to store de-identified
3245
+ # files. This field must be set for cloud storage deidentification. The
3246
+ # output Cloud Storage bucket must be different from the input bucket.
3247
+ # De-identified files will overwrite files in the output path.
3248
+ #
3249
+ # Form of: gs://bucket/folder/ or gs://bucket
3250
+ # @!attribute [rw] file_types_to_transform
3251
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
3252
+ # List of user-specified file type groups to transform. If specified, only
3253
+ # the files with these filetypes will be transformed. If empty, all
3254
+ # supported files will be transformed. Supported types may be automatically
3255
+ # added over time. If a file type is set in this field that isn't supported
3256
+ # by the Deidentify action then the job will fail and will not be
3257
+ # successfully created/started. Currently the only filetypes supported are:
3258
+ # IMAGES, TEXT_FILES, CSV, TSV.
3259
+ class Deidentify
3260
+ include ::Google::Protobuf::MessageExts
3261
+ extend ::Google::Protobuf::MessageExts::ClassMethods
3262
+ end
3263
+
3264
+ # Sends an email when the job completes. The email goes to IAM project owners
3265
+ # and technical [Essential
3266
+ # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
2784
3267
  class JobNotificationEmails
2785
3268
  include ::Google::Protobuf::MessageExts
2786
3269
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -2796,6 +3279,37 @@ module Google
2796
3279
  end
2797
3280
  end
2798
3281
 
3282
+ # User specified templates and configs for how to deidentify structured,
3283
+ # unstructures, and image files. User must provide either a unstructured
3284
+ # deidentify template or at least one redact image config.
3285
+ # @!attribute [rw] deidentify_template
3286
+ # @return [::String]
3287
+ # De-identify template.
3288
+ # If this template is specified, it will serve as the default de-identify
3289
+ # template. This template cannot contain `record_transformations` since it
3290
+ # can be used for unstructured content such as free-form text files. If this
3291
+ # template is not set, a default `ReplaceWithInfoTypeConfig` will be used to
3292
+ # de-identify unstructured content.
3293
+ # @!attribute [rw] structured_deidentify_template
3294
+ # @return [::String]
3295
+ # Structured de-identify template.
3296
+ # If this template is specified, it will serve as the de-identify template
3297
+ # for structured content such as delimited files and tables. If this template
3298
+ # is not set but the `deidentify_template` is set, then `deidentify_template`
3299
+ # will also apply to the structured content. If neither template is set, a
3300
+ # default `ReplaceWithInfoTypeConfig` will be used to de-identify structured
3301
+ # content.
3302
+ # @!attribute [rw] image_redact_template
3303
+ # @return [::String]
3304
+ # Image redact template.
3305
+ # If this template is specified, it will serve as the de-identify template
3306
+ # for images. If this template is not set, all findings in the image will be
3307
+ # redacted with a black box.
3308
+ class TransformationConfig
3309
+ include ::Google::Protobuf::MessageExts
3310
+ extend ::Google::Protobuf::MessageExts::ClassMethods
3311
+ end
3312
+
2799
3313
  # Request message for CreateInspectTemplate.
2800
3314
  # @!attribute [rw] parent
2801
3315
  # @return [::String]
@@ -2893,7 +3407,7 @@ module Google
2893
3407
  # to `ListInspectTemplates`.
2894
3408
  # @!attribute [rw] page_size
2895
3409
  # @return [::Integer]
2896
- # Size of the page, can be limited by server. If zero server returns
3410
+ # Size of the page, can be limited by the server. If zero server returns
2897
3411
  # a page of max size 100.
2898
3412
  # @!attribute [rw] order_by
2899
3413
  # @return [::String]
@@ -2906,10 +3420,10 @@ module Google
2906
3420
  #
2907
3421
  # Supported fields are:
2908
3422
  #
2909
- # - `create_time`: corresponds to time the template was created.
2910
- # - `update_time`: corresponds to time the template was last updated.
2911
- # - `name`: corresponds to template's name.
2912
- # - `display_name`: corresponds to template's display name.
3423
+ # - `create_time`: corresponds to the time the template was created.
3424
+ # - `update_time`: corresponds to the time the template was last updated.
3425
+ # - `name`: corresponds to the template's name.
3426
+ # - `display_name`: corresponds to the template's display name.
2913
3427
  # @!attribute [rw] location_id
2914
3428
  # @return [::String]
2915
3429
  # Deprecated. This field has no effect.
@@ -3094,11 +3608,11 @@ module Google
3094
3608
  #
3095
3609
  # Supported fields are:
3096
3610
  #
3097
- # - `create_time`: corresponds to time the JobTrigger was created.
3098
- # - `update_time`: corresponds to time the JobTrigger was last updated.
3611
+ # - `create_time`: corresponds to the time the JobTrigger was created.
3612
+ # - `update_time`: corresponds to the time the JobTrigger was last updated.
3099
3613
  # - `last_run_time`: corresponds to the last time the JobTrigger ran.
3100
- # - `name`: corresponds to JobTrigger's name.
3101
- # - `display_name`: corresponds to JobTrigger's display name.
3614
+ # - `name`: corresponds to the JobTrigger's name.
3615
+ # - `display_name`: corresponds to the JobTrigger's display name.
3102
3616
  # - `status`: corresponds to JobTrigger's status.
3103
3617
  # @!attribute [rw] filter
3104
3618
  # @return [::String]
@@ -3369,7 +3883,7 @@ module Google
3369
3883
  # The job is no longer running.
3370
3884
  DONE = 3
3371
3885
 
3372
- # The job was canceled before it could complete.
3886
+ # The job was canceled before it could be completed.
3373
3887
  CANCELED = 4
3374
3888
 
3375
3889
  # The job had an error and did not complete.
@@ -3377,7 +3891,7 @@ module Google
3377
3891
 
3378
3892
  # The job is currently accepting findings via hybridInspect.
3379
3893
  # A hybrid job in ACTIVE state may continue to have findings added to it
3380
- # through calling of hybridInspect. After the job has finished no more
3894
+ # through the calling of hybridInspect. After the job has finished no more
3381
3895
  # calls to hybridInspect may be made. ACTIVE jobs can transition to DONE.
3382
3896
  ACTIVE = 6
3383
3897
  end
@@ -3424,13 +3938,13 @@ module Google
3424
3938
  # * Supported fields/values for inspect jobs:
3425
3939
  # - `state` - PENDING|RUNNING|CANCELED|FINISHED|FAILED
3426
3940
  # - `inspected_storage` - DATASTORE|CLOUD_STORAGE|BIGQUERY
3427
- # - `trigger_name` - The resource name of the trigger that created job.
3428
- # - 'end_time` - Corresponds to time the job finished.
3429
- # - 'start_time` - Corresponds to time the job finished.
3941
+ # - `trigger_name` - The name of the trigger that created the job.
3942
+ # - 'end_time` - Corresponds to the time the job finished.
3943
+ # - 'start_time` - Corresponds to the time the job finished.
3430
3944
  # * Supported fields for risk analysis jobs:
3431
3945
  # - `state` - RUNNING|CANCELED|FINISHED|FAILED
3432
- # - 'end_time` - Corresponds to time the job finished.
3433
- # - 'start_time` - Corresponds to time the job finished.
3946
+ # - 'end_time` - Corresponds to the time the job finished.
3947
+ # - 'start_time` - Corresponds to the time the job finished.
3434
3948
  # * The operator must be `=` or `!=`.
3435
3949
  #
3436
3950
  # Examples:
@@ -3461,9 +3975,9 @@ module Google
3461
3975
  #
3462
3976
  # Supported fields are:
3463
3977
  #
3464
- # - `create_time`: corresponds to time the job was created.
3465
- # - `end_time`: corresponds to time the job ended.
3466
- # - `name`: corresponds to job's name.
3978
+ # - `create_time`: corresponds to the time the job was created.
3979
+ # - `end_time`: corresponds to the time the job ended.
3980
+ # - `name`: corresponds to the job's name.
3467
3981
  # - `state`: corresponds to `state`
3468
3982
  # @!attribute [rw] location_id
3469
3983
  # @return [::String]
@@ -3609,7 +4123,7 @@ module Google
3609
4123
  # to `ListDeidentifyTemplates`.
3610
4124
  # @!attribute [rw] page_size
3611
4125
  # @return [::Integer]
3612
- # Size of the page, can be limited by server. If zero server returns
4126
+ # Size of the page, can be limited by the server. If zero server returns
3613
4127
  # a page of max size 100.
3614
4128
  # @!attribute [rw] order_by
3615
4129
  # @return [::String]
@@ -3622,10 +4136,10 @@ module Google
3622
4136
  #
3623
4137
  # Supported fields are:
3624
4138
  #
3625
- # - `create_time`: corresponds to time the template was created.
3626
- # - `update_time`: corresponds to time the template was last updated.
3627
- # - `name`: corresponds to template's name.
3628
- # - `display_name`: corresponds to template's display name.
4139
+ # - `create_time`: corresponds to the time the template was created.
4140
+ # - `update_time`: corresponds to the time the template was last updated.
4141
+ # - `name`: corresponds to the template's name.
4142
+ # - `display_name`: corresponds to the template's display name.
3629
4143
  # @!attribute [rw] location_id
3630
4144
  # @return [::String]
3631
4145
  # Deprecated. This field has no effect.
@@ -3662,12 +4176,12 @@ module Google
3662
4176
  # Configuration for a custom dictionary created from a data source of any size
3663
4177
  # up to the maximum size defined in the
3664
4178
  # [limits](https://cloud.google.com/dlp/limits) page. The artifacts of
3665
- # dictionary creation are stored in the specified Google Cloud Storage
4179
+ # dictionary creation are stored in the specified Cloud Storage
3666
4180
  # location. Consider using `CustomInfoType.Dictionary` for smaller dictionaries
3667
4181
  # that satisfy the size requirements.
3668
4182
  # @!attribute [rw] output_path
3669
4183
  # @return [::Google::Cloud::Dlp::V2::CloudStoragePath]
3670
- # Location to store dictionary artifacts in Google Cloud Storage. These files
4184
+ # Location to store dictionary artifacts in Cloud Storage. These files
3671
4185
  # will only be accessible by project owners and the DLP API. If any of these
3672
4186
  # artifacts are modified, the dictionary is considered invalid and can no
3673
4187
  # longer be used.
@@ -3744,7 +4258,7 @@ module Google
3744
4258
  # appearing first.
3745
4259
  #
3746
4260
  # For example, some of the data for stored custom dictionaries is put in
3747
- # the user's Google Cloud Storage bucket, and if this data is modified or
4261
+ # the user's Cloud Storage bucket, and if this data is modified or
3748
4262
  # deleted by the user or another system, the dictionary becomes invalid.
3749
4263
  #
3750
4264
  # If any errors occur, fix the problem indicated by the error message and
@@ -3859,10 +4373,6 @@ module Google
3859
4373
  # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3860
4374
  # + Projects scope, no location specified (defaults to global):<br/>
3861
4375
  # `projects/`<var>PROJECT_ID</var>
3862
- # + Organizations scope, location specified:<br/>
3863
- # `organizations/`<var>ORG_ID</var>`/locations/`<var>LOCATION_ID</var>
3864
- # + Organizations scope, no location specified (defaults to global):<br/>
3865
- # `organizations/`<var>ORG_ID</var>
3866
4376
  #
3867
4377
  # The following example `parent` string specifies a parent project with the
3868
4378
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3875,7 +4385,7 @@ module Google
3875
4385
  # to `ListStoredInfoTypes`.
3876
4386
  # @!attribute [rw] page_size
3877
4387
  # @return [::Integer]
3878
- # Size of the page, can be limited by server. If zero server returns
4388
+ # Size of the page, can be limited by the server. If zero server returns
3879
4389
  # a page of max size 100.
3880
4390
  # @!attribute [rw] order_by
3881
4391
  # @return [::String]
@@ -3888,7 +4398,7 @@ module Google
3888
4398
  #
3889
4399
  # Supported fields are:
3890
4400
  #
3891
- # - `create_time`: corresponds to time the most recent version of the
4401
+ # - `create_time`: corresponds to the time the most recent version of the
3892
4402
  # resource was created.
3893
4403
  # - `state`: corresponds to the state of the resource.
3894
4404
  # - `name`: corresponds to resource name.
@@ -4025,36 +4535,7 @@ module Google
4025
4535
  end
4026
4536
 
4027
4537
  # Score is a summary of all elements in the data profile.
4028
- # A higher number means more sensitive.
4029
- # @!attribute [rw] score
4030
- # @return [::Google::Cloud::Dlp::V2::SensitivityScore::SensitivityScoreLevel]
4031
- # The score applied to the resource.
4032
- class SensitivityScore
4033
- include ::Google::Protobuf::MessageExts
4034
- extend ::Google::Protobuf::MessageExts::ClassMethods
4035
-
4036
- # Various score levels for resources.
4037
- module SensitivityScoreLevel
4038
- # Unused.
4039
- SENSITIVITY_SCORE_UNSPECIFIED = 0
4040
-
4041
- # No sensitive information detected. Limited access.
4042
- SENSITIVITY_LOW = 10
4043
-
4044
- # Medium risk - PII, potentially sensitive data, or fields with free-text
4045
- # data that are at higher risk of having intermittent sensitive data.
4046
- # Consider limiting access.
4047
- SENSITIVITY_MODERATE = 20
4048
-
4049
- # High risk – SPII may be present. Exfiltration of data may lead to user
4050
- # data loss. Re-identification of users may be possible. Consider limiting
4051
- # usage and or removing SPII.
4052
- SENSITIVITY_HIGH = 30
4053
- end
4054
- end
4055
-
4056
- # Score is a summary of all elements in the data profile.
4057
- # A higher number means more risky.
4538
+ # A higher number means more risk.
4058
4539
  # @!attribute [rw] score
4059
4540
  # @return [::Google::Cloud::Dlp::V2::DataRiskLevel::DataRiskLevelScore]
4060
4541
  # The score applied to the resource.
@@ -4073,8 +4554,8 @@ module Google
4073
4554
  RISK_LOW = 10
4074
4555
 
4075
4556
  # Medium risk - Sensitive data may be present but additional access or fine
4076
- # grain access restrictions appears to be present. Consider limiting
4077
- # access even further or transforming data to mask.
4557
+ # grain access restrictions appear to be present. Consider limiting
4558
+ # access even further or transform data to mask.
4078
4559
  RISK_MODERATE = 20
4079
4560
 
4080
4561
  # High risk – SPII may be present. Access controls may include public
@@ -4221,6 +4702,10 @@ module Google
4221
4702
  # @!attribute [rw] info_type
4222
4703
  # @return [::Google::Cloud::Dlp::V2::InfoType]
4223
4704
  # The infoType.
4705
+ # @!attribute [rw] estimated_prevalence
4706
+ # @return [::Integer]
4707
+ # Approximate percentage of non-null rows that contained data detected by
4708
+ # this infotype.
4224
4709
  class InfoTypeSummary
4225
4710
  include ::Google::Protobuf::MessageExts
4226
4711
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -4230,12 +4715,16 @@ module Google
4230
4715
  # @!attribute [rw] info_type
4231
4716
  # @return [::Google::Cloud::Dlp::V2::InfoType]
4232
4717
  # The other infoType.
4718
+ # @!attribute [rw] estimated_prevalence
4719
+ # @return [::Integer]
4720
+ # Approximate percentage of non-null rows that contained data detected by
4721
+ # this infotype.
4233
4722
  class OtherInfoTypeSummary
4234
4723
  include ::Google::Protobuf::MessageExts
4235
4724
  extend ::Google::Protobuf::MessageExts::ClassMethods
4236
4725
  end
4237
4726
 
4238
- # A condition for determining whether a PubSub should be triggered.
4727
+ # A condition for determining whether a Pub/Sub should be triggered.
4239
4728
  # @!attribute [rw] expressions
4240
4729
  # @return [::Google::Cloud::Dlp::V2::DataProfilePubSubCondition::PubSubExpressions]
4241
4730
  # An expression.
@@ -4292,10 +4781,9 @@ module Google
4292
4781
  end
4293
4782
  end
4294
4783
 
4295
- # The message that will be published to a Pub/Sub topic.
4784
+ # Pub/Sub topic message for a DataProfileAction.PubSubNotification event.
4296
4785
  # To receive a message of protocol buffer schema type, convert the message data
4297
4786
  # to an object of this proto class.
4298
- # https://cloud.google.com/pubsub/docs/samples/pubsub-subscribe-proto-messages
4299
4787
  # @!attribute [rw] profile
4300
4788
  # @return [::Google::Cloud::Dlp::V2::TableDataProfile]
4301
4789
  # If `DetailLevel` is `TABLE_PROFILE` this will be fully populated.
@@ -4309,6 +4797,91 @@ module Google
4309
4797
  extend ::Google::Protobuf::MessageExts::ClassMethods
4310
4798
  end
4311
4799
 
4800
+ # Enum of possible outcomes of transformations. SUCCESS if transformation and
4801
+ # storing of transformation was successful, otherwise, reason for not
4802
+ # transforming.
4803
+ module TransformationResultStatusType
4804
+ STATE_TYPE_UNSPECIFIED = 0
4805
+
4806
+ # This will be set when a finding could not be transformed (i.e. outside user
4807
+ # set bucket range).
4808
+ INVALID_TRANSFORM = 1
4809
+
4810
+ # This will be set when a BigQuery transformation was successful but could
4811
+ # not be stored back in BigQuery because the transformed row exceeds
4812
+ # BigQuery's max row size.
4813
+ BIGQUERY_MAX_ROW_SIZE_EXCEEDED = 2
4814
+
4815
+ # This will be set when there is a finding in the custom metadata of a file,
4816
+ # but at the write time of the transformed file, this key / value pair is
4817
+ # unretrievable.
4818
+ METADATA_UNRETRIEVABLE = 3
4819
+
4820
+ # This will be set when the transformation and storing of it is successful.
4821
+ SUCCESS = 4
4822
+ end
4823
+
4824
+ # Describes functionality of a given container in its original format.
4825
+ module TransformationContainerType
4826
+ TRANSFORM_UNKNOWN_CONTAINER = 0
4827
+
4828
+ TRANSFORM_BODY = 1
4829
+
4830
+ TRANSFORM_METADATA = 2
4831
+
4832
+ TRANSFORM_TABLE = 3
4833
+ end
4834
+
4835
+ # An enum of rules that can be used to transform a value. Can be a
4836
+ # record suppression, or one of the transformation rules specified under
4837
+ # `PrimitiveTransformation`.
4838
+ module TransformationType
4839
+ # Unused
4840
+ TRANSFORMATION_TYPE_UNSPECIFIED = 0
4841
+
4842
+ # Record suppression
4843
+ RECORD_SUPPRESSION = 1
4844
+
4845
+ # Replace value
4846
+ REPLACE_VALUE = 2
4847
+
4848
+ # Replace value using a dictionary.
4849
+ REPLACE_DICTIONARY = 15
4850
+
4851
+ # Redact
4852
+ REDACT = 3
4853
+
4854
+ # Character mask
4855
+ CHARACTER_MASK = 4
4856
+
4857
+ # FFX-FPE
4858
+ CRYPTO_REPLACE_FFX_FPE = 5
4859
+
4860
+ # Fixed size bucketing
4861
+ FIXED_SIZE_BUCKETING = 6
4862
+
4863
+ # Bucketing
4864
+ BUCKETING = 7
4865
+
4866
+ # Replace with info type
4867
+ REPLACE_WITH_INFO_TYPE = 8
4868
+
4869
+ # Time part
4870
+ TIME_PART = 9
4871
+
4872
+ # Crypto hash
4873
+ CRYPTO_HASH = 10
4874
+
4875
+ # Date shift
4876
+ DATE_SHIFT = 12
4877
+
4878
+ # Deterministic crypto
4879
+ CRYPTO_DETERMINISTIC_CONFIG = 13
4880
+
4881
+ # Redact image
4882
+ REDACT_IMAGE = 14
4883
+ end
4884
+
4312
4885
  # Operators available for comparing the value of fields.
4313
4886
  module RelationalOperator
4314
4887
  # Unused