google-cloud-dlp-v2 0.22.0 → 0.24.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/google/cloud/dlp/v2/dlp_service/client.rb +787 -51
- data/lib/google/cloud/dlp/v2/dlp_service/paths.rb +19 -0
- data/lib/google/cloud/dlp/v2/dlp_service/rest/client.rb +738 -51
- data/lib/google/cloud/dlp/v2/dlp_service/rest/service_stub.rb +429 -0
- data/lib/google/cloud/dlp/v2/version.rb +1 -1
- data/lib/google/privacy/dlp/v2/dlp_pb.rb +30 -1
- data/lib/google/privacy/dlp/v2/dlp_services_pb.rb +18 -3
- data/lib/google/privacy/dlp/v2/storage_pb.rb +2 -1
- data/proto_docs/google/api/client.rb +4 -0
- data/proto_docs/google/privacy/dlp/v2/dlp.rb +527 -14
- data/proto_docs/google/privacy/dlp/v2/storage.rb +24 -0
- metadata +2 -2
@@ -1053,6 +1053,10 @@ module Google
|
|
1053
1053
|
# @return [::Array<::Google::Cloud::Dlp::V2::InfoTypeStats>]
|
1054
1054
|
# Statistics of how many instances of each info type were found during
|
1055
1055
|
# inspect job.
|
1056
|
+
# @!attribute [rw] num_rows_processed
|
1057
|
+
# @return [::Integer]
|
1058
|
+
# Number of rows scanned after sampling and time filtering (applicable for
|
1059
|
+
# row based stores such as BigQuery).
|
1056
1060
|
# @!attribute [rw] hybrid_stats
|
1057
1061
|
# @return [::Google::Cloud::Dlp::V2::HybridInspectStatistics]
|
1058
1062
|
# Statistics related to the processing of hybrid inspect.
|
@@ -1211,6 +1215,9 @@ module Google
|
|
1211
1215
|
# The infoType is typically used in Australia.
|
1212
1216
|
AUSTRALIA = 3
|
1213
1217
|
|
1218
|
+
# The infoType is typically used in Azerbaijan.
|
1219
|
+
AZERBAIJAN = 48
|
1220
|
+
|
1214
1221
|
# The infoType is typically used in Belgium.
|
1215
1222
|
BELGIUM = 4
|
1216
1223
|
|
@@ -1265,6 +1272,9 @@ module Google
|
|
1265
1272
|
# The infoType is typically used in Japan.
|
1266
1273
|
JAPAN = 20
|
1267
1274
|
|
1275
|
+
# The infoType is typically used in Kazakhstan.
|
1276
|
+
KAZAKHSTAN = 47
|
1277
|
+
|
1268
1278
|
# The infoType is typically used in Korea.
|
1269
1279
|
KOREA = 21
|
1270
1280
|
|
@@ -1292,6 +1302,9 @@ module Google
|
|
1292
1302
|
# The infoType is typically used in Portugal.
|
1293
1303
|
PORTUGAL = 28
|
1294
1304
|
|
1305
|
+
# The infoType is typically used in Russia.
|
1306
|
+
RUSSIA = 44
|
1307
|
+
|
1295
1308
|
# The infoType is typically used in Singapore.
|
1296
1309
|
SINGAPORE = 29
|
1297
1310
|
|
@@ -1316,6 +1329,9 @@ module Google
|
|
1316
1329
|
# The infoType is typically used in Turkey.
|
1317
1330
|
TURKEY = 35
|
1318
1331
|
|
1332
|
+
# The infoType is typically used in Ukraine.
|
1333
|
+
UKRAINE = 45
|
1334
|
+
|
1319
1335
|
# The infoType is typically used in the United Kingdom.
|
1320
1336
|
UNITED_KINGDOM = 36
|
1321
1337
|
|
@@ -1325,6 +1341,9 @@ module Google
|
|
1325
1341
|
# The infoType is typically used in Uruguay.
|
1326
1342
|
URUGUAY = 38
|
1327
1343
|
|
1344
|
+
# The infoType is typically used in Uzbekistan.
|
1345
|
+
UZBEKISTAN = 46
|
1346
|
+
|
1328
1347
|
# The infoType is typically used in Venezuela.
|
1329
1348
|
VENEZUELA = 39
|
1330
1349
|
|
@@ -3223,7 +3242,7 @@ module Google
|
|
3223
3242
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
3224
3243
|
end
|
3225
3244
|
|
3226
|
-
# Contains a configuration to make
|
3245
|
+
# Contains a configuration to make API calls on a repeating basis.
|
3227
3246
|
# See
|
3228
3247
|
# https://cloud.google.com/sensitive-data-protection/docs/concepts-job-triggers
|
3229
3248
|
# to learn more.
|
@@ -4008,8 +4027,14 @@ module Google
|
|
4008
4027
|
# @!attribute [rw] profile_table
|
4009
4028
|
# @return [::Google::Cloud::Dlp::V2::BigQueryTable]
|
4010
4029
|
# Store all table and column profiles in an existing table or a new table
|
4011
|
-
# in an existing dataset. Each re-generation will result in
|
4012
|
-
# BigQuery.
|
4030
|
+
# in an existing dataset. Each re-generation will result in new rows in
|
4031
|
+
# BigQuery. Data is inserted using [streaming
|
4032
|
+
# insert](https://cloud.google.com/blog/products/bigquery/life-of-a-bigquery-streaming-insert)
|
4033
|
+
# and so data may be in the buffer for a period of time after the profile
|
4034
|
+
# has finished. The Pub/Sub notification is sent before the streaming
|
4035
|
+
# buffer is guaranteed to be written, so data may not be instantly
|
4036
|
+
# visible to queries by the time your topic receives the Pub/Sub
|
4037
|
+
# notification.
|
4013
4038
|
class Export
|
4014
4039
|
include ::Google::Protobuf::MessageExts
|
4015
4040
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -4047,7 +4072,7 @@ module Google
|
|
4047
4072
|
# The full table data profile.
|
4048
4073
|
TABLE_PROFILE = 1
|
4049
4074
|
|
4050
|
-
# The
|
4075
|
+
# The name of the profiled resource.
|
4051
4076
|
RESOURCE_NAME = 2
|
4052
4077
|
end
|
4053
4078
|
end
|
@@ -4060,13 +4085,9 @@ module Google
|
|
4060
4085
|
# New profile (not a re-profile).
|
4061
4086
|
NEW_PROFILE = 1
|
4062
4087
|
|
4063
|
-
#
|
4064
|
-
#
|
4065
|
-
#
|
4066
|
-
# * Table resource visibility
|
4067
|
-
# * Table encryption type
|
4068
|
-
# * Table predicted infoTypes
|
4069
|
-
# * Table other infoTypes
|
4088
|
+
# One of the following profile metrics changed: Data risk score,
|
4089
|
+
# Sensitivity score, Resource visibility, Encryption type, Predicted
|
4090
|
+
# infoTypes, Other infoTypes
|
4070
4091
|
CHANGED_PROFILE = 2
|
4071
4092
|
|
4072
4093
|
# Table data risk score or sensitivity score increased.
|
@@ -4273,6 +4294,15 @@ module Google
|
|
4273
4294
|
# @return [::Google::Cloud::Dlp::V2::BigQueryDiscoveryTarget]
|
4274
4295
|
# BigQuery target for Discovery. The first target to match a table will be
|
4275
4296
|
# the one applied.
|
4297
|
+
# @!attribute [rw] cloud_sql_target
|
4298
|
+
# @return [::Google::Cloud::Dlp::V2::CloudSqlDiscoveryTarget]
|
4299
|
+
# Cloud SQL target for Discovery. The first target to match a table will be
|
4300
|
+
# the one applied.
|
4301
|
+
# @!attribute [rw] secrets_target
|
4302
|
+
# @return [::Google::Cloud::Dlp::V2::SecretsDiscoveryTarget]
|
4303
|
+
# Discovery target that looks for credentials and secrets stored in cloud
|
4304
|
+
# resource metadata and reports them as vulnerabilities to Security Command
|
4305
|
+
# Center. Only one target of this type is allowed.
|
4276
4306
|
class DiscoveryTarget
|
4277
4307
|
include ::Google::Protobuf::MessageExts
|
4278
4308
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -4315,6 +4345,11 @@ module Google
|
|
4315
4345
|
# anything above it will apply first. Should only appear once in a
|
4316
4346
|
# configuration. If none is specified, a default one will be added
|
4317
4347
|
# automatically.
|
4348
|
+
# @!attribute [rw] table_reference
|
4349
|
+
# @return [::Google::Cloud::Dlp::V2::TableReference]
|
4350
|
+
# The table to scan. Discovery configurations including this can only
|
4351
|
+
# include one DiscoveryTarget (the DiscoveryTarget with this
|
4352
|
+
# TableReference).
|
4318
4353
|
class DiscoveryBigQueryFilter
|
4319
4354
|
include ::Google::Protobuf::MessageExts
|
4320
4355
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -4420,6 +4455,227 @@ module Google
|
|
4420
4455
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4421
4456
|
end
|
4422
4457
|
|
4458
|
+
# Target used to match against for discovery with Cloud SQL tables.
|
4459
|
+
# @!attribute [rw] filter
|
4460
|
+
# @return [::Google::Cloud::Dlp::V2::DiscoveryCloudSqlFilter]
|
4461
|
+
# Required. The tables the discovery cadence applies to. The first target
|
4462
|
+
# with a matching filter will be the one to apply to a table.
|
4463
|
+
# @!attribute [rw] conditions
|
4464
|
+
# @return [::Google::Cloud::Dlp::V2::DiscoveryCloudSqlConditions]
|
4465
|
+
# In addition to matching the filter, these conditions must be true
|
4466
|
+
# before a profile is generated.
|
4467
|
+
# @!attribute [rw] generation_cadence
|
4468
|
+
# @return [::Google::Cloud::Dlp::V2::DiscoveryCloudSqlGenerationCadence]
|
4469
|
+
# How often and when to update profiles. New tables that match both the
|
4470
|
+
# filter and conditions are scanned as quickly as possible depending on
|
4471
|
+
# system capacity.
|
4472
|
+
# @!attribute [rw] disabled
|
4473
|
+
# @return [::Google::Cloud::Dlp::V2::Disabled]
|
4474
|
+
# Disable profiling for database resources that match this filter.
|
4475
|
+
class CloudSqlDiscoveryTarget
|
4476
|
+
include ::Google::Protobuf::MessageExts
|
4477
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4478
|
+
end
|
4479
|
+
|
4480
|
+
# Determines what tables will have profiles generated within an organization
|
4481
|
+
# or project. Includes the ability to filter by regular expression patterns
|
4482
|
+
# on project ID, location, instance, database, and database resource name.
|
4483
|
+
# @!attribute [rw] collection
|
4484
|
+
# @return [::Google::Cloud::Dlp::V2::DatabaseResourceCollection]
|
4485
|
+
# A specific set of database resources for this filter to apply to.
|
4486
|
+
# @!attribute [rw] others
|
4487
|
+
# @return [::Google::Cloud::Dlp::V2::AllOtherDatabaseResources]
|
4488
|
+
# Catch-all. This should always be the last target in the list because
|
4489
|
+
# anything above it will apply first. Should only appear once in a
|
4490
|
+
# configuration. If none is specified, a default one will be added
|
4491
|
+
# automatically.
|
4492
|
+
# @!attribute [rw] database_resource_reference
|
4493
|
+
# @return [::Google::Cloud::Dlp::V2::DatabaseResourceReference]
|
4494
|
+
# The database resource to scan. Targets including this can only include
|
4495
|
+
# one target (the target with this database resource reference).
|
4496
|
+
class DiscoveryCloudSqlFilter
|
4497
|
+
include ::Google::Protobuf::MessageExts
|
4498
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4499
|
+
end
|
4500
|
+
|
4501
|
+
# Match database resources using regex filters. Examples of database
|
4502
|
+
# resources are tables, views, and stored procedures.
|
4503
|
+
# @!attribute [rw] include_regexes
|
4504
|
+
# @return [::Google::Cloud::Dlp::V2::DatabaseResourceRegexes]
|
4505
|
+
# A collection of regular expressions to match a database resource against.
|
4506
|
+
class DatabaseResourceCollection
|
4507
|
+
include ::Google::Protobuf::MessageExts
|
4508
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4509
|
+
end
|
4510
|
+
|
4511
|
+
# A collection of regular expressions to determine what database resources to
|
4512
|
+
# match against.
|
4513
|
+
# @!attribute [rw] patterns
|
4514
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::DatabaseResourceRegex>]
|
4515
|
+
# A group of regular expression patterns to match against one or more
|
4516
|
+
# database resources.
|
4517
|
+
# Maximum of 100 entries. The sum of all regular expression's length can't
|
4518
|
+
# exceed 10 KiB.
|
4519
|
+
class DatabaseResourceRegexes
|
4520
|
+
include ::Google::Protobuf::MessageExts
|
4521
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4522
|
+
end
|
4523
|
+
|
4524
|
+
# A pattern to match against one or more database resources. At least one
|
4525
|
+
# pattern must be specified. Regular expressions use RE2
|
4526
|
+
# [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
|
4527
|
+
# under the google/re2 repository on GitHub.
|
4528
|
+
# @!attribute [rw] project_id_regex
|
4529
|
+
# @return [::String]
|
4530
|
+
# For organizations, if unset, will match all projects. Has no effect
|
4531
|
+
# for configurations created within a project.
|
4532
|
+
# @!attribute [rw] instance_regex
|
4533
|
+
# @return [::String]
|
4534
|
+
# Regex to test the instance name against. If empty, all instances match.
|
4535
|
+
# @!attribute [rw] database_regex
|
4536
|
+
# @return [::String]
|
4537
|
+
# Regex to test the database name against. If empty, all databases match.
|
4538
|
+
# @!attribute [rw] database_resource_name_regex
|
4539
|
+
# @return [::String]
|
4540
|
+
# Regex to test the database resource's name against. An example of a
|
4541
|
+
# database resource name is a table's name. Other database resource names
|
4542
|
+
# like view names could be included in the future. If empty, all database
|
4543
|
+
# resources match.
|
4544
|
+
class DatabaseResourceRegex
|
4545
|
+
include ::Google::Protobuf::MessageExts
|
4546
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4547
|
+
end
|
4548
|
+
|
4549
|
+
# Match database resources not covered by any other filter.
|
4550
|
+
class AllOtherDatabaseResources
|
4551
|
+
include ::Google::Protobuf::MessageExts
|
4552
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4553
|
+
end
|
4554
|
+
|
4555
|
+
# Identifies a single database resource, like a table within a database.
|
4556
|
+
# @!attribute [rw] project_id
|
4557
|
+
# @return [::String]
|
4558
|
+
# Required. If within a project-level config, then this must match the
|
4559
|
+
# config's project ID.
|
4560
|
+
# @!attribute [rw] instance
|
4561
|
+
# @return [::String]
|
4562
|
+
# Required. The instance where this resource is located. For example: Cloud
|
4563
|
+
# SQL instance ID.
|
4564
|
+
# @!attribute [rw] database
|
4565
|
+
# @return [::String]
|
4566
|
+
# Required. Name of a database within the instance.
|
4567
|
+
# @!attribute [rw] database_resource
|
4568
|
+
# @return [::String]
|
4569
|
+
# Required. Name of a database resource, for example, a table within the
|
4570
|
+
# database.
|
4571
|
+
class DatabaseResourceReference
|
4572
|
+
include ::Google::Protobuf::MessageExts
|
4573
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4574
|
+
end
|
4575
|
+
|
4576
|
+
# Requirements that must be true before a table is profiled for the
|
4577
|
+
# first time.
|
4578
|
+
# @!attribute [rw] database_engines
|
4579
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::DiscoveryCloudSqlConditions::DatabaseEngine>]
|
4580
|
+
# Optional. Database engines that should be profiled.
|
4581
|
+
# Optional. Defaults to ALL_SUPPORTED_DATABASE_ENGINES if unspecified.
|
4582
|
+
# @!attribute [rw] types
|
4583
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::DiscoveryCloudSqlConditions::DatabaseResourceType>]
|
4584
|
+
# Data profiles will only be generated for the database resource types
|
4585
|
+
# specified in this field.
|
4586
|
+
# If not specified, defaults to [DATABASE_RESOURCE_TYPE_ALL_SUPPORTED_TYPES].
|
4587
|
+
class DiscoveryCloudSqlConditions
|
4588
|
+
include ::Google::Protobuf::MessageExts
|
4589
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4590
|
+
|
4591
|
+
# The database engines that should be profiled.
|
4592
|
+
module DatabaseEngine
|
4593
|
+
# Unused.
|
4594
|
+
DATABASE_ENGINE_UNSPECIFIED = 0
|
4595
|
+
|
4596
|
+
# Include all supported database engines.
|
4597
|
+
ALL_SUPPORTED_DATABASE_ENGINES = 1
|
4598
|
+
|
4599
|
+
# MySQL database.
|
4600
|
+
MYSQL = 2
|
4601
|
+
|
4602
|
+
# PostgreSQL database.
|
4603
|
+
POSTGRES = 3
|
4604
|
+
end
|
4605
|
+
|
4606
|
+
# Cloud SQL database resource types. New values can be added at a later time.
|
4607
|
+
module DatabaseResourceType
|
4608
|
+
# Unused.
|
4609
|
+
DATABASE_RESOURCE_TYPE_UNSPECIFIED = 0
|
4610
|
+
|
4611
|
+
# Includes database resource types that become supported at a later time.
|
4612
|
+
DATABASE_RESOURCE_TYPE_ALL_SUPPORTED_TYPES = 1
|
4613
|
+
|
4614
|
+
# Tables.
|
4615
|
+
DATABASE_RESOURCE_TYPE_TABLE = 2
|
4616
|
+
end
|
4617
|
+
end
|
4618
|
+
|
4619
|
+
# How often existing tables should have their profiles refreshed.
|
4620
|
+
# New tables are scanned as quickly as possible depending on system
|
4621
|
+
# capacity.
|
4622
|
+
# @!attribute [rw] schema_modified_cadence
|
4623
|
+
# @return [::Google::Cloud::Dlp::V2::DiscoveryCloudSqlGenerationCadence::SchemaModifiedCadence]
|
4624
|
+
# When to reprofile if the schema has changed.
|
4625
|
+
# @!attribute [rw] refresh_frequency
|
4626
|
+
# @return [::Google::Cloud::Dlp::V2::DataProfileUpdateFrequency]
|
4627
|
+
# Data changes (non-schema changes) in Cloud SQL tables can't trigger
|
4628
|
+
# reprofiling. If you set this field, profiles are refreshed at this
|
4629
|
+
# frequency regardless of whether the underlying tables have changed.
|
4630
|
+
# Defaults to never.
|
4631
|
+
class DiscoveryCloudSqlGenerationCadence
|
4632
|
+
include ::Google::Protobuf::MessageExts
|
4633
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4634
|
+
|
4635
|
+
# How frequently to modify the profile when the table's schema is modified.
|
4636
|
+
# @!attribute [rw] types
|
4637
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::DiscoveryCloudSqlGenerationCadence::SchemaModifiedCadence::CloudSqlSchemaModification>]
|
4638
|
+
# The types of schema modifications to consider.
|
4639
|
+
# Defaults to NEW_COLUMNS.
|
4640
|
+
# @!attribute [rw] frequency
|
4641
|
+
# @return [::Google::Cloud::Dlp::V2::DataProfileUpdateFrequency]
|
4642
|
+
# Frequency to regenerate data profiles when the schema is modified.
|
4643
|
+
# Defaults to monthly.
|
4644
|
+
class SchemaModifiedCadence
|
4645
|
+
include ::Google::Protobuf::MessageExts
|
4646
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4647
|
+
|
4648
|
+
# The type of modification that causes a profile update.
|
4649
|
+
module CloudSqlSchemaModification
|
4650
|
+
# Unused.
|
4651
|
+
SQL_SCHEMA_MODIFICATION_UNSPECIFIED = 0
|
4652
|
+
|
4653
|
+
# New columns have appeared.
|
4654
|
+
NEW_COLUMNS = 1
|
4655
|
+
|
4656
|
+
# Columns have been removed from the table.
|
4657
|
+
REMOVED_COLUMNS = 2
|
4658
|
+
end
|
4659
|
+
end
|
4660
|
+
end
|
4661
|
+
|
4662
|
+
# Discovery target for credentials and secrets in cloud resource metadata.
|
4663
|
+
#
|
4664
|
+
# This target does not include any filtering or frequency controls. Cloud
|
4665
|
+
# DLP will scan cloud resource metadata for secrets daily.
|
4666
|
+
#
|
4667
|
+
# No inspect template should be included in the discovery config for a
|
4668
|
+
# security benchmarks scan. Instead, the built-in list of secrets and
|
4669
|
+
# credentials infoTypes will be used (see
|
4670
|
+
# https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference#credentials_and_secrets).
|
4671
|
+
#
|
4672
|
+
# Credentials and secrets discovered will be reported as vulnerabilities to
|
4673
|
+
# Security Command Center.
|
4674
|
+
class SecretsDiscoveryTarget
|
4675
|
+
include ::Google::Protobuf::MessageExts
|
4676
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
4677
|
+
end
|
4678
|
+
|
4423
4679
|
# The location to begin a discovery scan. Denotes an organization ID or folder
|
4424
4680
|
# ID within an organization.
|
4425
4681
|
# @!attribute [rw] organization_id
|
@@ -5167,7 +5423,7 @@ module Google
|
|
5167
5423
|
#
|
5168
5424
|
# Supported fields are:
|
5169
5425
|
#
|
5170
|
-
# - `project_id`:
|
5426
|
+
# - `project_id`: Google Cloud project ID
|
5171
5427
|
# - `sensitivity_level`: How sensitive the data in a project is, at most.
|
5172
5428
|
# - `data_risk_level`: How much risk is associated with this data.
|
5173
5429
|
# - `profile_last_generated`: When the profile was last updated in epoch
|
@@ -5239,7 +5495,7 @@ module Google
|
|
5239
5495
|
#
|
5240
5496
|
# Supported fields are:
|
5241
5497
|
#
|
5242
|
-
# - `project_id`: The
|
5498
|
+
# - `project_id`: The Google Cloud project ID.
|
5243
5499
|
# - `dataset_id`: The ID of a BigQuery dataset.
|
5244
5500
|
# - `table_id`: The ID of a BigQuery table.
|
5245
5501
|
# - `sensitivity_level`: How sensitive the data in a table is, at most.
|
@@ -5260,7 +5516,7 @@ module Google
|
|
5260
5516
|
# sequence of restrictions implicitly uses `AND`.
|
5261
5517
|
# * A restriction has the form of `{field} {operator} {value}`.
|
5262
5518
|
# * Supported fields/values:
|
5263
|
-
# - `project_id` - The
|
5519
|
+
# - `project_id` - The Google Cloud project ID.
|
5264
5520
|
# - `dataset_id` - The BigQuery dataset ID.
|
5265
5521
|
# - `table_id` - The ID of the BigQuery table.
|
5266
5522
|
# - `sensitivity_level` - HIGH|MODERATE|LOW
|
@@ -5751,6 +6007,18 @@ module Google
|
|
5751
6007
|
|
5752
6008
|
# Json type.
|
5753
6009
|
TYPE_JSON = 14
|
6010
|
+
|
6011
|
+
# Interval type.
|
6012
|
+
TYPE_INTERVAL = 15
|
6013
|
+
|
6014
|
+
# `Range<Date>` type.
|
6015
|
+
TYPE_RANGE_DATE = 16
|
6016
|
+
|
6017
|
+
# `Range<Datetime>` type.
|
6018
|
+
TYPE_RANGE_DATETIME = 17
|
6019
|
+
|
6020
|
+
# `Range<Timestamp>` type.
|
6021
|
+
TYPE_RANGE_TIMESTAMP = 18
|
5754
6022
|
end
|
5755
6023
|
|
5756
6024
|
# The possible policy states for a column.
|
@@ -5866,6 +6134,223 @@ module Google
|
|
5866
6134
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
5867
6135
|
end
|
5868
6136
|
|
6137
|
+
# Request message for CreateConnection.
|
6138
|
+
# @!attribute [rw] parent
|
6139
|
+
# @return [::String]
|
6140
|
+
# Required. Parent resource name in the format:
|
6141
|
+
# `projects/{project}/locations/{location}`.
|
6142
|
+
# @!attribute [rw] connection
|
6143
|
+
# @return [::Google::Cloud::Dlp::V2::Connection]
|
6144
|
+
# Required. The connection resource.
|
6145
|
+
class CreateConnectionRequest
|
6146
|
+
include ::Google::Protobuf::MessageExts
|
6147
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6148
|
+
end
|
6149
|
+
|
6150
|
+
# Request message for GetConnection.
|
6151
|
+
# @!attribute [rw] name
|
6152
|
+
# @return [::String]
|
6153
|
+
# Required. Resource name in the format:
|
6154
|
+
# `projects/{project}/locations/{location}/connections/{connection}`.
|
6155
|
+
class GetConnectionRequest
|
6156
|
+
include ::Google::Protobuf::MessageExts
|
6157
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6158
|
+
end
|
6159
|
+
|
6160
|
+
# Request message for ListConnections.
|
6161
|
+
# @!attribute [rw] parent
|
6162
|
+
# @return [::String]
|
6163
|
+
# Required. Parent name, for example:
|
6164
|
+
# `projects/project-id/locations/global`.
|
6165
|
+
# @!attribute [rw] page_size
|
6166
|
+
# @return [::Integer]
|
6167
|
+
# Optional. Number of results per page, max 1000.
|
6168
|
+
# @!attribute [rw] page_token
|
6169
|
+
# @return [::String]
|
6170
|
+
# Optional. Page token from a previous page to return the next set of
|
6171
|
+
# results. If set, all other request fields must match the original request.
|
6172
|
+
# @!attribute [rw] filter
|
6173
|
+
# @return [::String]
|
6174
|
+
# Optional. Supported field/value: `state` - MISSING|AVAILABLE|ERROR
|
6175
|
+
class ListConnectionsRequest
|
6176
|
+
include ::Google::Protobuf::MessageExts
|
6177
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6178
|
+
end
|
6179
|
+
|
6180
|
+
# Request message for SearchConnections.
|
6181
|
+
# @!attribute [rw] parent
|
6182
|
+
# @return [::String]
|
6183
|
+
# Required. Parent name, typically an organization, without location.
|
6184
|
+
# For example: `organizations/12345678`.
|
6185
|
+
# @!attribute [rw] page_size
|
6186
|
+
# @return [::Integer]
|
6187
|
+
# Optional. Number of results per page, max 1000.
|
6188
|
+
# @!attribute [rw] page_token
|
6189
|
+
# @return [::String]
|
6190
|
+
# Optional. Page token from a previous page to return the next set of
|
6191
|
+
# results. If set, all other request fields must match the original request.
|
6192
|
+
# @!attribute [rw] filter
|
6193
|
+
# @return [::String]
|
6194
|
+
# Optional. Supported field/value: - `state` - MISSING|AVAILABLE|ERROR
|
6195
|
+
class SearchConnectionsRequest
|
6196
|
+
include ::Google::Protobuf::MessageExts
|
6197
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6198
|
+
end
|
6199
|
+
|
6200
|
+
# Response message for ListConnections.
|
6201
|
+
# @!attribute [rw] connections
|
6202
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::Connection>]
|
6203
|
+
# List of connections.
|
6204
|
+
# @!attribute [rw] next_page_token
|
6205
|
+
# @return [::String]
|
6206
|
+
# Token to retrieve the next page of results. An empty value means there are
|
6207
|
+
# no more results.
|
6208
|
+
class ListConnectionsResponse
|
6209
|
+
include ::Google::Protobuf::MessageExts
|
6210
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6211
|
+
end
|
6212
|
+
|
6213
|
+
# Response message for SearchConnections.
|
6214
|
+
# @!attribute [rw] connections
|
6215
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::Connection>]
|
6216
|
+
# List of connections that match the search query. Note that only a subset
|
6217
|
+
# of the fields will be populated, and only "name" is guaranteed to be set.
|
6218
|
+
# For full details of a Connection, call GetConnection with the name.
|
6219
|
+
# @!attribute [rw] next_page_token
|
6220
|
+
# @return [::String]
|
6221
|
+
# Token to retrieve the next page of results. An empty value means there are
|
6222
|
+
# no more results.
|
6223
|
+
class SearchConnectionsResponse
|
6224
|
+
include ::Google::Protobuf::MessageExts
|
6225
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6226
|
+
end
|
6227
|
+
|
6228
|
+
# Request message for UpdateConnection.
|
6229
|
+
# @!attribute [rw] name
|
6230
|
+
# @return [::String]
|
6231
|
+
# Required. Resource name in the format:
|
6232
|
+
# `projects/{project}/locations/{location}/connections/{connection}`.
|
6233
|
+
# @!attribute [rw] connection
|
6234
|
+
# @return [::Google::Cloud::Dlp::V2::Connection]
|
6235
|
+
# Required. The connection with new values for the relevant fields.
|
6236
|
+
# @!attribute [rw] update_mask
|
6237
|
+
# @return [::Google::Protobuf::FieldMask]
|
6238
|
+
# Optional. Mask to control which fields get updated.
|
6239
|
+
class UpdateConnectionRequest
|
6240
|
+
include ::Google::Protobuf::MessageExts
|
6241
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6242
|
+
end
|
6243
|
+
|
6244
|
+
# Request message for DeleteConnection.
|
6245
|
+
# @!attribute [rw] name
|
6246
|
+
# @return [::String]
|
6247
|
+
# Required. Resource name of the Connection to be deleted, in the format:
|
6248
|
+
# `projects/{project}/locations/{location}/connections/{connection}`.
|
6249
|
+
class DeleteConnectionRequest
|
6250
|
+
include ::Google::Protobuf::MessageExts
|
6251
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6252
|
+
end
|
6253
|
+
|
6254
|
+
# A data connection to allow DLP to profile data in locations that require
|
6255
|
+
# additional configuration.
|
6256
|
+
# @!attribute [r] name
|
6257
|
+
# @return [::String]
|
6258
|
+
# Output only. Name of the connection:
|
6259
|
+
# `projects/{project}/locations/{location}/connections/{name}`.
|
6260
|
+
# @!attribute [rw] state
|
6261
|
+
# @return [::Google::Cloud::Dlp::V2::ConnectionState]
|
6262
|
+
# Required. The connection's state in its lifecycle.
|
6263
|
+
# @!attribute [r] errors
|
6264
|
+
# @return [::Array<::Google::Cloud::Dlp::V2::Error>]
|
6265
|
+
# Output only. Set if status == ERROR, to provide additional details. Will
|
6266
|
+
# store the last 10 errors sorted with the most recent first.
|
6267
|
+
# @!attribute [rw] cloud_sql
|
6268
|
+
# @return [::Google::Cloud::Dlp::V2::CloudSqlProperties]
|
6269
|
+
# Connect to a Cloud SQL instance.
|
6270
|
+
class Connection
|
6271
|
+
include ::Google::Protobuf::MessageExts
|
6272
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6273
|
+
end
|
6274
|
+
|
6275
|
+
# A credential consisting of a username and password, where the password is
|
6276
|
+
# stored in a Secret Manager resource.
|
6277
|
+
# Note: Secret Manager [charges
|
6278
|
+
# apply](https://cloud.google.com/secret-manager/pricing).
|
6279
|
+
# @!attribute [rw] username
|
6280
|
+
# @return [::String]
|
6281
|
+
# Required. The username.
|
6282
|
+
# @!attribute [rw] password_secret_version_name
|
6283
|
+
# @return [::String]
|
6284
|
+
# Required. The name of the Secret Manager resource that stores the password,
|
6285
|
+
# in the form `projects/project-id/secrets/secret-name/versions/version`.
|
6286
|
+
class SecretManagerCredential
|
6287
|
+
include ::Google::Protobuf::MessageExts
|
6288
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6289
|
+
end
|
6290
|
+
|
6291
|
+
# Use IAM authentication to connect. This requires the Cloud SQL IAM feature
|
6292
|
+
# to be enabled on the instance, which is not the default for Cloud SQL.
|
6293
|
+
# See https://cloud.google.com/sql/docs/postgres/authentication and
|
6294
|
+
# https://cloud.google.com/sql/docs/mysql/authentication.
|
6295
|
+
class CloudSqlIamCredential
|
6296
|
+
include ::Google::Protobuf::MessageExts
|
6297
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6298
|
+
end
|
6299
|
+
|
6300
|
+
# Cloud SQL connection properties.
|
6301
|
+
# @!attribute [rw] connection_name
|
6302
|
+
# @return [::String]
|
6303
|
+
# Optional. Immutable. The Cloud SQL instance for which the connection is
|
6304
|
+
# defined. Only one connection per instance is allowed. This can only be set
|
6305
|
+
# at creation time, and cannot be updated.
|
6306
|
+
#
|
6307
|
+
# It is an error to use a connection_name from different project or region
|
6308
|
+
# than the one that holds the connection.
|
6309
|
+
# For example, a Connection resource for Cloud SQL connection_name
|
6310
|
+
# `project-id:us-central1:sql-instance`
|
6311
|
+
# must be created under the parent
|
6312
|
+
# `projects/project-id/locations/us-central1`
|
6313
|
+
# @!attribute [rw] username_password
|
6314
|
+
# @return [::Google::Cloud::Dlp::V2::SecretManagerCredential]
|
6315
|
+
# A username and password stored in Secret Manager.
|
6316
|
+
# @!attribute [rw] cloud_sql_iam
|
6317
|
+
# @return [::Google::Cloud::Dlp::V2::CloudSqlIamCredential]
|
6318
|
+
# Built-in IAM authentication (must be configured in Cloud SQL).
|
6319
|
+
# @!attribute [rw] max_connections
|
6320
|
+
# @return [::Integer]
|
6321
|
+
# Required. DLP will limit its connections to max_connections.
|
6322
|
+
# Must be 2 or greater.
|
6323
|
+
# @!attribute [rw] database_engine
|
6324
|
+
# @return [::Google::Cloud::Dlp::V2::CloudSqlProperties::DatabaseEngine]
|
6325
|
+
# Required. The database engine used by the Cloud SQL instance that this
|
6326
|
+
# connection configures.
|
6327
|
+
class CloudSqlProperties
|
6328
|
+
include ::Google::Protobuf::MessageExts
|
6329
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6330
|
+
|
6331
|
+
# Database engine of a Cloud SQL instance.
|
6332
|
+
# New values may be added over time.
|
6333
|
+
module DatabaseEngine
|
6334
|
+
# An engine that is not currently supported by Sensitive Data Protection.
|
6335
|
+
DATABASE_ENGINE_UNKNOWN = 0
|
6336
|
+
|
6337
|
+
# Cloud SQL for MySQL instance.
|
6338
|
+
DATABASE_ENGINE_MYSQL = 1
|
6339
|
+
|
6340
|
+
# Cloud SQL for PostgreSQL instance.
|
6341
|
+
DATABASE_ENGINE_POSTGRES = 2
|
6342
|
+
end
|
6343
|
+
end
|
6344
|
+
|
6345
|
+
# Request message for DeleteTableProfile.
|
6346
|
+
# @!attribute [rw] name
|
6347
|
+
# @return [::String]
|
6348
|
+
# Required. Resource name of the table data profile.
|
6349
|
+
class DeleteTableDataProfileRequest
|
6350
|
+
include ::Google::Protobuf::MessageExts
|
6351
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
6352
|
+
end
|
6353
|
+
|
5869
6354
|
# Message used to identify the type of resource being profiled.
|
5870
6355
|
# @!attribute [r] data_source
|
5871
6356
|
# @return [::String]
|
@@ -6170,6 +6655,11 @@ module Google
|
|
6170
6655
|
# Visible to any user.
|
6171
6656
|
RESOURCE_VISIBILITY_PUBLIC = 10
|
6172
6657
|
|
6658
|
+
# May contain public items.
|
6659
|
+
# For example, if a Cloud Storage bucket has uniform bucket level access
|
6660
|
+
# disabled, some objects inside it may be public.
|
6661
|
+
RESOURCE_VISIBILITY_INCONCLUSIVE = 15
|
6662
|
+
|
6173
6663
|
# Visible only to specific users.
|
6174
6664
|
RESOURCE_VISIBILITY_RESTRICTED = 20
|
6175
6665
|
end
|
@@ -6223,6 +6713,29 @@ module Google
|
|
6223
6713
|
# High uniqueness, possibly a column of free text or unique identifiers.
|
6224
6714
|
UNIQUENESS_SCORE_HIGH = 3
|
6225
6715
|
end
|
6716
|
+
|
6717
|
+
# State of the connection.
|
6718
|
+
# New values may be added over time.
|
6719
|
+
module ConnectionState
|
6720
|
+
# Unused
|
6721
|
+
CONNECTION_STATE_UNSPECIFIED = 0
|
6722
|
+
|
6723
|
+
# DLP automatically created this connection during an initial scan, and it is
|
6724
|
+
# awaiting full configuration by a user.
|
6725
|
+
MISSING_CREDENTIALS = 1
|
6726
|
+
|
6727
|
+
# A configured connection that has not encountered any errors.
|
6728
|
+
AVAILABLE = 2
|
6729
|
+
|
6730
|
+
# A configured connection that encountered errors during its last use. It
|
6731
|
+
# will not be used again until it is set to AVAILABLE.
|
6732
|
+
#
|
6733
|
+
# If the resolution requires external action, then the client must send a
|
6734
|
+
# request to set the status to AVAILABLE when the connection is ready for
|
6735
|
+
# use. If the resolution doesn't require external action, then any changes to
|
6736
|
+
# the connection properties will automatically mark it as AVAILABLE.
|
6737
|
+
ERROR = 3
|
6738
|
+
end
|
6226
6739
|
end
|
6227
6740
|
end
|
6228
6741
|
end
|