google-cloud-dlp-v2 0.24.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -312,6 +312,15 @@ module Google
312
312
 
313
313
  # tsv
314
314
  TSV = 13
315
+
316
+ # Audio file types. Only used for profiling.
317
+ AUDIO = 15
318
+
319
+ # Video file types. Only used for profiling.
320
+ VIDEO = 16
321
+
322
+ # Executable file types. Only used for profiling.
323
+ EXECUTABLE = 17
315
324
  end
316
325
  end
317
326
 
@@ -422,6 +431,7 @@ module Google
422
431
  # No more than 10 labels can be associated with a given finding.
423
432
  #
424
433
  # Examples:
434
+ #
425
435
  # * `"environment" : "production"`
426
436
  # * `"pipeline" : "etl"`
427
437
  # @!attribute [rw] job_create_time
@@ -670,10 +680,10 @@ module Google
670
680
  # processing
671
681
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
672
682
  #
673
- # + Projects scope, location specified:<br/>
674
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
675
- # + Projects scope, no location specified (defaults to global):<br/>
676
- # `projects/`<var>PROJECT_ID</var>
683
+ # + Projects scope, location specified:
684
+ # `projects/{project_id}/locations/{location_id}`
685
+ # + Projects scope, no location specified (defaults to global):
686
+ # `projects/{project_id}`
677
687
  #
678
688
  # The following example `parent` string specifies a parent project with the
679
689
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -762,10 +772,10 @@ module Google
762
772
  # processing
763
773
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
764
774
  #
765
- # + Projects scope, location specified:<br/>
766
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
767
- # + Projects scope, no location specified (defaults to global):<br/>
768
- # `projects/`<var>PROJECT_ID</var>
775
+ # + Projects scope, location specified:
776
+ # `projects/{project_id}/locations/{location_id}`
777
+ # + Projects scope, no location specified (defaults to global):
778
+ # `projects/{project_id}`
769
779
  #
770
780
  # The following example `parent` string specifies a parent project with the
771
781
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -835,10 +845,10 @@ module Google
835
845
  # processing
836
846
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
837
847
  #
838
- # + Projects scope, location specified:<br/>
839
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
840
- # + Projects scope, no location specified (defaults to global):<br/>
841
- # `projects/`<var>PROJECT_ID</var>
848
+ # + Projects scope, location specified:
849
+ # `projects/{project_id}/locations/{location_id}`
850
+ # + Projects scope, no location specified (defaults to global):
851
+ # `projects/{project_id}`
842
852
  #
843
853
  # The following example `parent` string specifies a parent project with the
844
854
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -908,10 +918,10 @@ module Google
908
918
  # processing
909
919
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
910
920
  #
911
- # + Projects scope, location specified:<br/>
912
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
913
- # + Projects scope, no location specified (defaults to global):<br/>
914
- # `projects/`<var>PROJECT_ID</var>
921
+ # + Projects scope, location specified:
922
+ # `projects/{project_id}/locations/{location_id}`
923
+ # + Projects scope, no location specified (defaults to global):
924
+ # `projects/{project_id}`
915
925
  #
916
926
  # The following example `parent` string specifies a parent project with the
917
927
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -1074,6 +1084,9 @@ module Google
1074
1084
  # @!attribute [rw] column_profile
1075
1085
  # @return [::Google::Cloud::Dlp::V2::ColumnDataProfile]
1076
1086
  # Column data profile column
1087
+ # @!attribute [rw] file_store_profile
1088
+ # @return [::Google::Cloud::Dlp::V2::FileStoreDataProfile]
1089
+ # File store data profile column.
1077
1090
  class DataProfileBigQueryRowSchema
1078
1091
  include ::Google::Protobuf::MessageExts
1079
1092
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1212,12 +1225,18 @@ module Google
1212
1225
  # The infoType is typically used in Argentina.
1213
1226
  ARGENTINA = 2
1214
1227
 
1228
+ # The infoType is typically used in Armenia.
1229
+ ARMENIA = 51
1230
+
1215
1231
  # The infoType is typically used in Australia.
1216
1232
  AUSTRALIA = 3
1217
1233
 
1218
1234
  # The infoType is typically used in Azerbaijan.
1219
1235
  AZERBAIJAN = 48
1220
1236
 
1237
+ # The infoType is typically used in Belarus.
1238
+ BELARUS = 50
1239
+
1221
1240
  # The infoType is typically used in Belgium.
1222
1241
  BELGIUM = 4
1223
1242
 
@@ -1419,7 +1438,7 @@ module Google
1419
1438
  #
1420
1439
  # The format of this value is as follows:
1421
1440
  #
1422
- # locations/<var>LOCATION_ID</var>
1441
+ # `locations/{location_id}`
1423
1442
  # @!attribute [rw] language_code
1424
1443
  # @return [::String]
1425
1444
  # BCP-47 language code for localized infoType friendly
@@ -2545,9 +2564,10 @@ module Google
2545
2564
 
2546
2565
  # Generalization function that buckets values based on ranges. The ranges and
2547
2566
  # replacement values are dynamically provided by the user for custom behavior,
2548
- # such as 1-30 -> LOW 31-65 -> MEDIUM 66-100 -> HIGH
2549
- # This can be used on
2550
- # data of type: number, long, string, timestamp.
2567
+ # such as 1-30 -> LOW, 31-65 -> MEDIUM, 66-100 -> HIGH.
2568
+ #
2569
+ # This can be used on data of type: number, long, string, timestamp.
2570
+ #
2551
2571
  # If the bound `Value` type differs from the type of data being transformed, we
2552
2572
  # will first attempt converting the type of the data to be transformed to match
2553
2573
  # the type of the bound before comparing.
@@ -2630,8 +2650,7 @@ module Google
2630
2650
  # This must be encoded as ASCII.
2631
2651
  # The order of characters does not matter.
2632
2652
  # The full list of allowed characters is:
2633
- # <code>0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
2634
- # ~`!@#$%^&*()_-+={[}]|\:;"'<,>.?/</code>
2653
+ # ``0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz~`!@#$%^&*()_-+={[}]|\:;"'<,>.?/``
2635
2654
  # @!attribute [rw] radix
2636
2655
  # @return [::Integer]
2637
2656
  # The native way to select the alphabet. Must be in the range [2, 95].
@@ -3237,9 +3256,24 @@ module Google
3237
3256
  # @return [::Array<::Google::Protobuf::Timestamp>]
3238
3257
  # The times the error occurred. List includes the oldest timestamp and the
3239
3258
  # last 9 timestamps.
3259
+ # @!attribute [rw] extra_info
3260
+ # @return [::Google::Cloud::Dlp::V2::Error::ErrorExtraInfo]
3261
+ # Additional information about the error.
3240
3262
  class Error
3241
3263
  include ::Google::Protobuf::MessageExts
3242
3264
  extend ::Google::Protobuf::MessageExts::ClassMethods
3265
+
3266
+ # Additional information about the error.
3267
+ module ErrorExtraInfo
3268
+ # Unused.
3269
+ ERROR_INFO_UNSPECIFIED = 0
3270
+
3271
+ # Image scan is not available in the region.
3272
+ IMAGE_SCAN_UNAVAILABLE_IN_REGION = 1
3273
+
3274
+ # File store cluster is not supported for profile generation.
3275
+ FILE_STORE_CLUSTER_UNSUPPORTED = 2
3276
+ end
3243
3277
  end
3244
3278
 
3245
3279
  # Contains a configuration to make API calls on a repeating basis.
@@ -3442,7 +3476,7 @@ module Google
3442
3476
  # @!attribute [rw] cloud_storage_output
3443
3477
  # @return [::String]
3444
3478
  # Required. User settable Cloud Storage bucket and folders to store
3445
- # de-identified files. This field must be set for cloud storage
3479
+ # de-identified files. This field must be set for Cloud Storage
3446
3480
  # deidentification. The output Cloud Storage bucket must be different
3447
3481
  # from the input bucket. De-identified files will overwrite files in the
3448
3482
  # output path.
@@ -3451,12 +3485,12 @@ module Google
3451
3485
  # @!attribute [rw] file_types_to_transform
3452
3486
  # @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
3453
3487
  # List of user-specified file type groups to transform. If specified, only
3454
- # the files with these filetypes will be transformed. If empty, all
3488
+ # the files with these file types will be transformed. If empty, all
3455
3489
  # supported files will be transformed. Supported types may be automatically
3456
3490
  # added over time. If a file type is set in this field that isn't supported
3457
3491
  # by the Deidentify action then the job will fail and will not be
3458
- # successfully created/started. Currently the only filetypes supported are:
3459
- # IMAGES, TEXT_FILES, CSV, TSV.
3492
+ # successfully created/started. Currently the only file types supported
3493
+ # are: IMAGES, TEXT_FILES, CSV, TSV.
3460
3494
  class Deidentify
3461
3495
  include ::Google::Protobuf::MessageExts
3462
3496
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -3520,14 +3554,14 @@ module Google
3520
3554
  # (project or organization) and whether you have [specified a processing
3521
3555
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
3522
3556
  #
3523
- # + Projects scope, location specified:<br/>
3524
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3525
- # + Projects scope, no location specified (defaults to global):<br/>
3526
- # `projects/`<var>PROJECT_ID</var>
3527
- # + Organizations scope, location specified:<br/>
3528
- # `organizations/`<var>ORG_ID</var>`/locations/`<var>LOCATION_ID</var>
3529
- # + Organizations scope, no location specified (defaults to global):<br/>
3530
- # `organizations/`<var>ORG_ID</var>
3557
+ # + Projects scope, location specified:
3558
+ # `projects/{project_id}/locations/{location_id}`
3559
+ # + Projects scope, no location specified (defaults to global):
3560
+ # `projects/{project_id}`
3561
+ # + Organizations scope, location specified:
3562
+ # `organizations/{org_id}/locations/{location_id}`
3563
+ # + Organizations scope, no location specified (defaults to global):
3564
+ # `organizations/{org_id}`
3531
3565
  #
3532
3566
  # The following example `parent` string specifies a parent project with the
3533
3567
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3588,14 +3622,14 @@ module Google
3588
3622
  # (project or organization) and whether you have [specified a processing
3589
3623
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
3590
3624
  #
3591
- # + Projects scope, location specified:<br/>
3592
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3593
- # + Projects scope, no location specified (defaults to global):<br/>
3594
- # `projects/`<var>PROJECT_ID</var>
3595
- # + Organizations scope, location specified:<br/>
3596
- # `organizations/`<var>ORG_ID</var>`/locations/`<var>LOCATION_ID</var>
3597
- # + Organizations scope, no location specified (defaults to global):<br/>
3598
- # `organizations/`<var>ORG_ID</var>
3625
+ # + Projects scope, location specified:
3626
+ # `projects/{project_id}/locations/{location_id}`
3627
+ # + Projects scope, no location specified (defaults to global):
3628
+ # `projects/{project_id}`
3629
+ # + Organizations scope, location specified:
3630
+ # `organizations/{org_id}/locations/{location_id}`
3631
+ # + Organizations scope, no location specified (defaults to global):
3632
+ # `organizations/{org_id}`
3599
3633
  #
3600
3634
  # The following example `parent` string specifies a parent project with the
3601
3635
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3612,7 +3646,7 @@ module Google
3612
3646
  # returns a page of max size 100.
3613
3647
  # @!attribute [rw] order_by
3614
3648
  # @return [::String]
3615
- # Comma separated list of fields to order by,
3649
+ # Comma-separated list of fields to order by,
3616
3650
  # followed by `asc` or `desc` postfix. This list is case insensitive. The
3617
3651
  # default sorting order is ascending. Redundant space characters are
3618
3652
  # insignificant.
@@ -3666,10 +3700,10 @@ module Google
3666
3700
  # processing
3667
3701
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
3668
3702
  #
3669
- # + Projects scope, location specified:<br/>
3670
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3671
- # + Projects scope, no location specified (defaults to global):<br/>
3672
- # `projects/`<var>PROJECT_ID</var>
3703
+ # + Projects scope, location specified:
3704
+ # `projects/{project_id}/locations/{location_id}`
3705
+ # + Projects scope, no location specified (defaults to global):
3706
+ # `projects/{project_id}`
3673
3707
  #
3674
3708
  # The following example `parent` string specifies a parent project with the
3675
3709
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3734,8 +3768,13 @@ module Google
3734
3768
  # @return [::String]
3735
3769
  # Required. Parent resource name.
3736
3770
  #
3737
- # The format of this value is as follows:
3738
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3771
+ # The format of this value varies depending on the scope of the request
3772
+ # (project or organization):
3773
+ #
3774
+ # + Projects scope:
3775
+ # `projects/{project_id}/locations/{location_id}`
3776
+ # + Organizations scope:
3777
+ # `organizations/{org_id}/locations/{location_id}`
3739
3778
  #
3740
3779
  # The following example `parent` string specifies a parent project with the
3741
3780
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3788,7 +3827,7 @@ module Google
3788
3827
  # Required. Parent resource name.
3789
3828
  #
3790
3829
  # The format of this value is as follows:
3791
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3830
+ # `projects/{project_id}/locations/{location_id}`
3792
3831
  #
3793
3832
  # The following example `parent` string specifies a parent project with the
3794
3833
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3805,7 +3844,7 @@ module Google
3805
3844
  # Size of the page. This value can be limited by a server.
3806
3845
  # @!attribute [rw] order_by
3807
3846
  # @return [::String]
3808
- # Comma separated list of config fields to order by,
3847
+ # Comma-separated list of config fields to order by,
3809
3848
  # followed by `asc` or `desc` postfix. This list is case insensitive. The
3810
3849
  # default sorting order is ascending. Redundant space characters are
3811
3850
  # insignificant.
@@ -3856,10 +3895,10 @@ module Google
3856
3895
  # processing
3857
3896
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
3858
3897
  #
3859
- # + Projects scope, location specified:<br/>
3860
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3861
- # + Projects scope, no location specified (defaults to global):<br/>
3862
- # `projects/`<var>PROJECT_ID</var>
3898
+ # + Projects scope, location specified:
3899
+ # `projects/{project_id}/locations/{location_id}`
3900
+ # + Projects scope, no location specified (defaults to global):
3901
+ # `projects/{project_id}`
3863
3902
  #
3864
3903
  # The following example `parent` string specifies a parent project with the
3865
3904
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3896,10 +3935,10 @@ module Google
3896
3935
  # processing
3897
3936
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
3898
3937
  #
3899
- # + Projects scope, location specified:<br/>
3900
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
3901
- # + Projects scope, no location specified (defaults to global):<br/>
3902
- # `projects/`<var>PROJECT_ID</var>
3938
+ # + Projects scope, location specified:
3939
+ # `projects/{project_id}/locations/{location_id}`
3940
+ # + Projects scope, no location specified (defaults to global):
3941
+ # `projects/{project_id}`
3903
3942
  #
3904
3943
  # The following example `parent` string specifies a parent project with the
3905
3944
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -3916,7 +3955,7 @@ module Google
3916
3955
  # Size of the page. This value can be limited by a server.
3917
3956
  # @!attribute [rw] order_by
3918
3957
  # @return [::String]
3919
- # Comma separated list of triggeredJob fields to order by,
3958
+ # Comma-separated list of triggeredJob fields to order by,
3920
3959
  # followed by `asc` or `desc` postfix. This list is case insensitive. The
3921
3960
  # default sorting order is ascending. Redundant space characters are
3922
3961
  # insignificant.
@@ -4074,6 +4113,9 @@ module Google
4074
4113
 
4075
4114
  # The name of the profiled resource.
4076
4115
  RESOURCE_NAME = 2
4116
+
4117
+ # The full file store data profile.
4118
+ FILE_STORE_PROFILE = 3
4077
4119
  end
4078
4120
  end
4079
4121
 
@@ -4191,7 +4233,7 @@ module Google
4191
4233
  # The ID of an organization to scan.
4192
4234
  # @!attribute [rw] folder_id
4193
4235
  # @return [::Integer]
4194
- # The ID of the Folder within an organization to scan.
4236
+ # The ID of the folder within an organization to scan.
4195
4237
  class DataProfileLocation
4196
4238
  include ::Google::Protobuf::MessageExts
4197
4239
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -4303,6 +4345,10 @@ module Google
4303
4345
  # Discovery target that looks for credentials and secrets stored in cloud
4304
4346
  # resource metadata and reports them as vulnerabilities to Security Command
4305
4347
  # Center. Only one target of this type is allowed.
4348
+ # @!attribute [rw] cloud_storage_target
4349
+ # @return [::Google::Cloud::Dlp::V2::CloudStorageDiscoveryTarget]
4350
+ # Cloud Storage target for Discovery. The first target to match a table
4351
+ # will be the one applied.
4306
4352
  class DiscoveryTarget
4307
4353
  include ::Google::Protobuf::MessageExts
4308
4354
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -4420,6 +4466,15 @@ module Google
4420
4466
  # @!attribute [rw] table_modified_cadence
4421
4467
  # @return [::Google::Cloud::Dlp::V2::DiscoveryTableModifiedCadence]
4422
4468
  # Governs when to update data profiles when a table is modified.
4469
+ # @!attribute [rw] inspect_template_modified_cadence
4470
+ # @return [::Google::Cloud::Dlp::V2::DiscoveryInspectTemplateModifiedCadence]
4471
+ # Governs when to update data profiles when the inspection rules
4472
+ # defined by the `InspectTemplate` change.
4473
+ # If not set, changing the template will not cause a data profile to update.
4474
+ # @!attribute [rw] refresh_frequency
4475
+ # @return [::Google::Cloud::Dlp::V2::DataProfileUpdateFrequency]
4476
+ # Frequency at which profiles should be updated, regardless of whether the
4477
+ # underlying resource has changed. Defaults to never.
4423
4478
  class DiscoveryGenerationCadence
4424
4479
  include ::Google::Protobuf::MessageExts
4425
4480
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -4455,6 +4510,17 @@ module Google
4455
4510
  extend ::Google::Protobuf::MessageExts::ClassMethods
4456
4511
  end
4457
4512
 
4513
+ # The cadence at which to update data profiles when the inspection rules
4514
+ # defined by the `InspectTemplate` change.
4515
+ # @!attribute [rw] frequency
4516
+ # @return [::Google::Cloud::Dlp::V2::DataProfileUpdateFrequency]
4517
+ # How frequently data profiles can be updated when the template is modified.
4518
+ # Defaults to never.
4519
+ class DiscoveryInspectTemplateModifiedCadence
4520
+ include ::Google::Protobuf::MessageExts
4521
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4522
+ end
4523
+
4458
4524
  # Target used to match against for discovery with Cloud SQL tables.
4459
4525
  # @!attribute [rw] filter
4460
4526
  # @return [::Google::Cloud::Dlp::V2::DiscoveryCloudSqlFilter]
@@ -4676,6 +4742,224 @@ module Google
4676
4742
  extend ::Google::Protobuf::MessageExts::ClassMethods
4677
4743
  end
4678
4744
 
4745
+ # Target used to match against for discovery with Cloud Storage buckets.
4746
+ # @!attribute [rw] filter
4747
+ # @return [::Google::Cloud::Dlp::V2::DiscoveryCloudStorageFilter]
4748
+ # Required. The buckets the generation_cadence applies to. The first target
4749
+ # with a matching filter will be the one to apply to a bucket.
4750
+ # @!attribute [rw] conditions
4751
+ # @return [::Google::Cloud::Dlp::V2::DiscoveryFileStoreConditions]
4752
+ # Optional. In addition to matching the filter, these conditions must be true
4753
+ # before a profile is generated.
4754
+ # @!attribute [rw] generation_cadence
4755
+ # @return [::Google::Cloud::Dlp::V2::DiscoveryCloudStorageGenerationCadence]
4756
+ # Optional. How often and when to update profiles. New buckets that match
4757
+ # both the filter and conditions are scanned as quickly as possible
4758
+ # depending on system capacity.
4759
+ # @!attribute [rw] disabled
4760
+ # @return [::Google::Cloud::Dlp::V2::Disabled]
4761
+ # Optional. Disable profiling for buckets that match this filter.
4762
+ class CloudStorageDiscoveryTarget
4763
+ include ::Google::Protobuf::MessageExts
4764
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4765
+ end
4766
+
4767
+ # Determines which buckets will have profiles generated within an organization
4768
+ # or project. Includes the ability to filter by regular expression patterns
4769
+ # on project ID and bucket name.
4770
+ # @!attribute [rw] collection
4771
+ # @return [::Google::Cloud::Dlp::V2::FileStoreCollection]
4772
+ # Optional. A specific set of buckets for this filter to apply to.
4773
+ # @!attribute [rw] cloud_storage_resource_reference
4774
+ # @return [::Google::Cloud::Dlp::V2::CloudStorageResourceReference]
4775
+ # Optional. The bucket to scan. Targets including this can only include one
4776
+ # target (the target with this bucket). This enables profiling the contents
4777
+ # of a single bucket, while the other options allow for easy profiling of
4778
+ # many bucets within a project or an organization.
4779
+ # @!attribute [rw] others
4780
+ # @return [::Google::Cloud::Dlp::V2::AllOtherResources]
4781
+ # Optional. Catch-all. This should always be the last target in the list
4782
+ # because anything above it will apply first. Should only appear once in a
4783
+ # configuration. If none is specified, a default one will be added
4784
+ # automatically.
4785
+ class DiscoveryCloudStorageFilter
4786
+ include ::Google::Protobuf::MessageExts
4787
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4788
+ end
4789
+
4790
+ # Match file stores (e.g. buckets) using regex filters.
4791
+ # @!attribute [rw] include_regexes
4792
+ # @return [::Google::Cloud::Dlp::V2::FileStoreRegexes]
4793
+ # Optional. A collection of regular expressions to match a file store
4794
+ # against.
4795
+ class FileStoreCollection
4796
+ include ::Google::Protobuf::MessageExts
4797
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4798
+ end
4799
+
4800
+ # A collection of regular expressions to determine what file store to match
4801
+ # against.
4802
+ # @!attribute [rw] patterns
4803
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileStoreRegex>]
4804
+ # Required. The group of regular expression patterns to match against one or
4805
+ # more file stores. Maximum of 100 entries. The sum of all regular
4806
+ # expression's length can't exceed 10 KiB.
4807
+ class FileStoreRegexes
4808
+ include ::Google::Protobuf::MessageExts
4809
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4810
+ end
4811
+
4812
+ # A pattern to match against one or more file stores.
4813
+ # @!attribute [rw] cloud_storage_regex
4814
+ # @return [::Google::Cloud::Dlp::V2::CloudStorageRegex]
4815
+ # Optional. Regex for Cloud Storage.
4816
+ class FileStoreRegex
4817
+ include ::Google::Protobuf::MessageExts
4818
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4819
+ end
4820
+
4821
+ # A pattern to match against one or more file stores. At least one
4822
+ # pattern must be specified. Regular expressions use RE2
4823
+ # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
4824
+ # under the google/re2 repository on GitHub.
4825
+ # @!attribute [rw] project_id_regex
4826
+ # @return [::String]
4827
+ # Optional. For organizations, if unset, will match all projects.
4828
+ # @!attribute [rw] bucket_name_regex
4829
+ # @return [::String]
4830
+ # Optional. Regex to test the bucket name against. If empty, all buckets
4831
+ # match. Example: "marketing2021" or "(marketing)\d\\{4}" will both match the
4832
+ # bucket gs://marketing2021
4833
+ class CloudStorageRegex
4834
+ include ::Google::Protobuf::MessageExts
4835
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4836
+ end
4837
+
4838
+ # Identifies a single Cloud Storage bucket.
4839
+ # @!attribute [rw] bucket_name
4840
+ # @return [::String]
4841
+ # Required. The bucket to scan.
4842
+ # @!attribute [rw] project_id
4843
+ # @return [::String]
4844
+ # Required. If within a project-level config, then this must match the
4845
+ # config's project id.
4846
+ class CloudStorageResourceReference
4847
+ include ::Google::Protobuf::MessageExts
4848
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4849
+ end
4850
+
4851
+ # How often existing buckets should have their profiles refreshed.
4852
+ # New buckets are scanned as quickly as possible depending on system
4853
+ # capacity.
4854
+ # @!attribute [rw] refresh_frequency
4855
+ # @return [::Google::Cloud::Dlp::V2::DataProfileUpdateFrequency]
4856
+ # Optional. Data changes in Cloud Storage can't trigger reprofiling. If you
4857
+ # set this field, profiles are refreshed at this frequency regardless of
4858
+ # whether the underlying buckets have changed. Defaults to never.
4859
+ # @!attribute [rw] inspect_template_modified_cadence
4860
+ # @return [::Google::Cloud::Dlp::V2::DiscoveryInspectTemplateModifiedCadence]
4861
+ # Optional. Governs when to update data profiles when the inspection rules
4862
+ # defined by the `InspectTemplate` change.
4863
+ # If not set, changing the template will not cause a data profile to update.
4864
+ class DiscoveryCloudStorageGenerationCadence
4865
+ include ::Google::Protobuf::MessageExts
4866
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4867
+ end
4868
+
4869
+ # Requirements that must be true before a Cloud Storage bucket or object is
4870
+ # scanned in discovery for the first time. There is an AND relationship between
4871
+ # the top-level attributes.
4872
+ # @!attribute [rw] included_object_attributes
4873
+ # @return [::Array<::Google::Cloud::Dlp::V2::DiscoveryCloudStorageConditions::CloudStorageObjectAttribute>]
4874
+ # Required. Only objects with the specified attributes will be scanned. If an
4875
+ # object has one of the specified attributes but is inside an excluded
4876
+ # bucket, it will not be scanned. Defaults to [ALL_SUPPORTED_OBJECTS]. A
4877
+ # profile will be created even if no objects match the
4878
+ # included_object_attributes.
4879
+ # @!attribute [rw] included_bucket_attributes
4880
+ # @return [::Array<::Google::Cloud::Dlp::V2::DiscoveryCloudStorageConditions::CloudStorageBucketAttribute>]
4881
+ # Required. Only objects with the specified attributes will be scanned.
4882
+ # Defaults to [ALL_SUPPORTED_BUCKETS] if unset.
4883
+ class DiscoveryCloudStorageConditions
4884
+ include ::Google::Protobuf::MessageExts
4885
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4886
+
4887
+ # The attribute of an object. See
4888
+ # https://cloud.google.com/storage/docs/storage-classes for more information
4889
+ # on storage classes.
4890
+ module CloudStorageObjectAttribute
4891
+ # Unused.
4892
+ CLOUD_STORAGE_OBJECT_ATTRIBUTE_UNSPECIFIED = 0
4893
+
4894
+ # Scan objects regardless of the attribute.
4895
+ ALL_SUPPORTED_OBJECTS = 1
4896
+
4897
+ # Scan objects with the standard storage class.
4898
+ STANDARD = 2
4899
+
4900
+ # Scan objects with the nearline storage class. This will incur retrieval
4901
+ # fees.
4902
+ NEARLINE = 3
4903
+
4904
+ # Scan objects with the coldline storage class. This will incur retrieval
4905
+ # fees.
4906
+ COLDLINE = 4
4907
+
4908
+ # Scan objects with the archive storage class. This will incur retrieval
4909
+ # fees.
4910
+ ARCHIVE = 5
4911
+
4912
+ # Scan objects with the regional storage class.
4913
+ REGIONAL = 6
4914
+
4915
+ # Scan objects with the multi-regional storage class.
4916
+ MULTI_REGIONAL = 7
4917
+
4918
+ # Scan objects with the dual-regional storage class. This will incur
4919
+ # retrieval fees.
4920
+ DURABLE_REDUCED_AVAILABILITY = 8
4921
+ end
4922
+
4923
+ # The attribute of a bucket.
4924
+ module CloudStorageBucketAttribute
4925
+ # Unused.
4926
+ CLOUD_STORAGE_BUCKET_ATTRIBUTE_UNSPECIFIED = 0
4927
+
4928
+ # Scan buckets regardless of the attribute.
4929
+ ALL_SUPPORTED_BUCKETS = 1
4930
+
4931
+ # Buckets with autoclass disabled
4932
+ # (https://cloud.google.com/storage/docs/autoclass). Only one of
4933
+ # AUTOCLASS_DISABLED or AUTOCLASS_ENABLED should be set.
4934
+ AUTOCLASS_DISABLED = 2
4935
+
4936
+ # Buckets with autoclass enabled
4937
+ # (https://cloud.google.com/storage/docs/autoclass). Only one of
4938
+ # AUTOCLASS_DISABLED or AUTOCLASS_ENABLED should be set. Scanning
4939
+ # Autoclass-enabled buckets can affect object storage classes.
4940
+ AUTOCLASS_ENABLED = 3
4941
+ end
4942
+ end
4943
+
4944
+ # Requirements that must be true before a file store is scanned in discovery
4945
+ # for the first time. There is an AND relationship between the top-level
4946
+ # attributes.
4947
+ # @!attribute [rw] created_after
4948
+ # @return [::Google::Protobuf::Timestamp]
4949
+ # Optional. File store must have been created after this date. Used to avoid
4950
+ # backfilling.
4951
+ # @!attribute [rw] min_age
4952
+ # @return [::Google::Protobuf::Duration]
4953
+ # Optional. Minimum age a file store must have. If set, the value must be 1
4954
+ # hour or greater.
4955
+ # @!attribute [rw] cloud_storage_conditions
4956
+ # @return [::Google::Cloud::Dlp::V2::DiscoveryCloudStorageConditions]
4957
+ # Optional. Cloud Storage conditions.
4958
+ class DiscoveryFileStoreConditions
4959
+ include ::Google::Protobuf::MessageExts
4960
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4961
+ end
4962
+
4679
4963
  # The location to begin a discovery scan. Denotes an organization ID or folder
4680
4964
  # ID within an organization.
4681
4965
  # @!attribute [rw] organization_id
@@ -4683,12 +4967,18 @@ module Google
4683
4967
  # The ID of an organization to scan.
4684
4968
  # @!attribute [rw] folder_id
4685
4969
  # @return [::Integer]
4686
- # The ID of the Folder within an organization to scan.
4970
+ # The ID of the folder within an organization to be scanned.
4687
4971
  class DiscoveryStartingLocation
4688
4972
  include ::Google::Protobuf::MessageExts
4689
4973
  extend ::Google::Protobuf::MessageExts::ClassMethods
4690
4974
  end
4691
4975
 
4976
+ # Match discovery resources not covered by any other filter.
4977
+ class AllOtherResources
4978
+ include ::Google::Protobuf::MessageExts
4979
+ extend ::Google::Protobuf::MessageExts::ClassMethods
4980
+ end
4981
+
4692
4982
  # Combines all of the information about a DLP job.
4693
4983
  # @!attribute [rw] name
4694
4984
  # @return [::String]
@@ -4778,10 +5068,10 @@ module Google
4778
5068
  # processing
4779
5069
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
4780
5070
  #
4781
- # + Projects scope, location specified:<br/>
4782
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
4783
- # + Projects scope, no location specified (defaults to global):<br/>
4784
- # `projects/`<var>PROJECT_ID</var>
5071
+ # + Projects scope, location specified:
5072
+ # `projects/{project_id}/locations/{location_id}`
5073
+ # + Projects scope, no location specified (defaults to global):
5074
+ # `projects/{project_id}`
4785
5075
  #
4786
5076
  # The following example `parent` string specifies a parent project with the
4787
5077
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -4829,7 +5119,7 @@ module Google
4829
5119
  # The type of job. Defaults to `DlpJobType.INSPECT`
4830
5120
  # @!attribute [rw] order_by
4831
5121
  # @return [::String]
4832
- # Comma separated list of fields to order by,
5122
+ # Comma-separated list of fields to order by,
4833
5123
  # followed by `asc` or `desc` postfix. This list is case insensitive. The
4834
5124
  # default sorting order is ascending. Redundant space characters are
4835
5125
  # insignificant.
@@ -4898,14 +5188,14 @@ module Google
4898
5188
  # (project or organization) and whether you have [specified a processing
4899
5189
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
4900
5190
  #
4901
- # + Projects scope, location specified:<br/>
4902
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
4903
- # + Projects scope, no location specified (defaults to global):<br/>
4904
- # `projects/`<var>PROJECT_ID</var>
4905
- # + Organizations scope, location specified:<br/>
4906
- # `organizations/`<var>ORG_ID</var>`/locations/`<var>LOCATION_ID</var>
4907
- # + Organizations scope, no location specified (defaults to global):<br/>
4908
- # `organizations/`<var>ORG_ID</var>
5191
+ # + Projects scope, location specified:
5192
+ # `projects/{project_id}/locations/{location_id}`
5193
+ # + Projects scope, no location specified (defaults to global):
5194
+ # `projects/{project_id}`
5195
+ # + Organizations scope, location specified:
5196
+ # `organizations/{org_id}/locations/{location_id}`
5197
+ # + Organizations scope, no location specified (defaults to global):
5198
+ # `organizations/{org_id}`
4909
5199
  #
4910
5200
  # The following example `parent` string specifies a parent project with the
4911
5201
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -4967,14 +5257,14 @@ module Google
4967
5257
  # (project or organization) and whether you have [specified a processing
4968
5258
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
4969
5259
  #
4970
- # + Projects scope, location specified:<br/>
4971
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
4972
- # + Projects scope, no location specified (defaults to global):<br/>
4973
- # `projects/`<var>PROJECT_ID</var>
4974
- # + Organizations scope, location specified:<br/>
4975
- # `organizations/`<var>ORG_ID</var>`/locations/`<var>LOCATION_ID</var>
4976
- # + Organizations scope, no location specified (defaults to global):<br/>
4977
- # `organizations/`<var>ORG_ID</var>
5260
+ # + Projects scope, location specified:
5261
+ # `projects/{project_id}/locations/{location_id}`
5262
+ # + Projects scope, no location specified (defaults to global):
5263
+ # `projects/{project_id}`
5264
+ # + Organizations scope, location specified:
5265
+ # `organizations/{org_id}/locations/{location_id}`
5266
+ # + Organizations scope, no location specified (defaults to global):
5267
+ # `organizations/{org_id}`
4978
5268
  #
4979
5269
  # The following example `parent` string specifies a parent project with the
4980
5270
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -4991,7 +5281,7 @@ module Google
4991
5281
  # returns a page of max size 100.
4992
5282
  # @!attribute [rw] order_by
4993
5283
  # @return [::String]
4994
- # Comma separated list of fields to order by,
5284
+ # Comma-separated list of fields to order by,
4995
5285
  # followed by `asc` or `desc` postfix. This list is case insensitive. The
4996
5286
  # default sorting order is ascending. Redundant space characters are
4997
5287
  # insignificant.
@@ -5164,14 +5454,14 @@ module Google
5164
5454
  # (project or organization) and whether you have [specified a processing
5165
5455
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
5166
5456
  #
5167
- # + Projects scope, location specified:<br/>
5168
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
5169
- # + Projects scope, no location specified (defaults to global):<br/>
5170
- # `projects/`<var>PROJECT_ID</var>
5171
- # + Organizations scope, location specified:<br/>
5172
- # `organizations/`<var>ORG_ID</var>`/locations/`<var>LOCATION_ID</var>
5173
- # + Organizations scope, no location specified (defaults to global):<br/>
5174
- # `organizations/`<var>ORG_ID</var>
5457
+ # + Projects scope, location specified:
5458
+ # `projects/{project_id}/locations/{location_id}`
5459
+ # + Projects scope, no location specified (defaults to global):
5460
+ # `projects/{project_id}`
5461
+ # + Organizations scope, location specified:
5462
+ # `organizations/{org_id}/locations/{location_id}`
5463
+ # + Organizations scope, no location specified (defaults to global):
5464
+ # `organizations/{org_id}`
5175
5465
  #
5176
5466
  # The following example `parent` string specifies a parent project with the
5177
5467
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -5234,10 +5524,10 @@ module Google
5234
5524
  # (project or organization) and whether you have [specified a processing
5235
5525
  # location](https://cloud.google.com/sensitive-data-protection/docs/specifying-location):
5236
5526
  #
5237
- # + Projects scope, location specified:<br/>
5238
- # `projects/`<var>PROJECT_ID</var>`/locations/`<var>LOCATION_ID</var>
5239
- # + Projects scope, no location specified (defaults to global):<br/>
5240
- # `projects/`<var>PROJECT_ID</var>
5527
+ # + Projects scope, location specified:
5528
+ # `projects/{project_id}/locations/{location_id}`
5529
+ # + Projects scope, no location specified (defaults to global):
5530
+ # `projects/{project_id}`
5241
5531
  #
5242
5532
  # The following example `parent` string specifies a parent project with the
5243
5533
  # identifier `example-project`, and specifies the `europe-west3` location
@@ -5254,7 +5544,7 @@ module Google
5254
5544
  # returns a page of max size 100.
5255
5545
  # @!attribute [rw] order_by
5256
5546
  # @return [::String]
5257
- # Comma separated list of fields to order by,
5547
+ # Comma-separated list of fields to order by,
5258
5548
  # followed by `asc` or `desc` postfix. This list is case insensitive. The
5259
5549
  # default sorting order is ascending. Redundant space characters are
5260
5550
  # insignificant.
@@ -5377,6 +5667,7 @@ module Google
5377
5667
  # No more than 10 labels can be associated with a given finding.
5378
5668
  #
5379
5669
  # Examples:
5670
+ #
5380
5671
  # * `"environment" : "production"`
5381
5672
  # * `"pipeline" : "etl"`
5382
5673
  class HybridFindingDetails
@@ -5412,7 +5703,7 @@ module Google
5412
5703
  # returns a page of max size 100.
5413
5704
  # @!attribute [rw] order_by
5414
5705
  # @return [::String]
5415
- # Comma separated list of fields to order by, followed by `asc` or `desc`
5706
+ # Comma-separated list of fields to order by, followed by `asc` or `desc`
5416
5707
  # postfix. This list is case insensitive. The default sorting order is
5417
5708
  # ascending. Redundant space characters are insignificant. Only one order
5418
5709
  # field at a time is allowed.
@@ -5483,7 +5774,7 @@ module Google
5483
5774
  # returns a page of max size 100.
5484
5775
  # @!attribute [rw] order_by
5485
5776
  # @return [::String]
5486
- # Comma separated list of fields to order by, followed by `asc` or `desc`
5777
+ # Comma-separated list of fields to order by, followed by `asc` or `desc`
5487
5778
  # postfix. This list is case insensitive. The default sorting order is
5488
5779
  # ascending. Redundant space characters are insignificant. Only one order
5489
5780
  # field at a time is allowed.
@@ -5565,12 +5856,13 @@ module Google
5565
5856
  # returns a page of max size 100.
5566
5857
  # @!attribute [rw] order_by
5567
5858
  # @return [::String]
5568
- # Comma separated list of fields to order by, followed by `asc` or `desc`
5859
+ # Comma-separated list of fields to order by, followed by `asc` or `desc`
5569
5860
  # postfix. This list is case insensitive. The default sorting order is
5570
5861
  # ascending. Redundant space characters are insignificant. Only one order
5571
5862
  # field at a time is allowed.
5572
5863
  #
5573
5864
  # Examples:
5865
+ #
5574
5866
  # * `project_id asc`
5575
5867
  # * `table_id`
5576
5868
  # * `sensitivity_level desc`
@@ -5652,6 +5944,9 @@ module Google
5652
5944
  # data found.
5653
5945
  RISK_LOW = 10
5654
5946
 
5947
+ # Unable to determine risk.
5948
+ RISK_UNKNOWN = 12
5949
+
5655
5950
  # Medium risk - Sensitive data may be present but additional access or fine
5656
5951
  # grain access restrictions appear to be present. Consider limiting
5657
5952
  # access even further or transform data to mask.
@@ -5684,6 +5979,12 @@ module Google
5684
5979
  # @!attribute [rw] profile_status
5685
5980
  # @return [::Google::Cloud::Dlp::V2::ProfileStatus]
5686
5981
  # Success or error status of the last attempt to profile the project.
5982
+ # @!attribute [rw] table_data_profile_count
5983
+ # @return [::Integer]
5984
+ # The number of table data profiles generated for this project.
5985
+ # @!attribute [rw] file_store_data_profile_count
5986
+ # @return [::Integer]
5987
+ # The number of file store data profiles generated for this project.
5687
5988
  class ProjectDataProfile
5688
5989
  include ::Google::Protobuf::MessageExts
5689
5990
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -5725,7 +6026,7 @@ module Google
5725
6026
  # The resource type that was profiled.
5726
6027
  # @!attribute [rw] project_data_profile
5727
6028
  # @return [::String]
5728
- # The resource name to the project data profile for this table.
6029
+ # The resource name of the project data profile for this table.
5729
6030
  # @!attribute [rw] dataset_project_id
5730
6031
  # @return [::String]
5731
6032
  # The Google Cloud project ID that owns the resource.
@@ -6031,6 +6332,188 @@ module Google
6031
6332
  end
6032
6333
  end
6033
6334
 
6335
+ # The profile for a file store.
6336
+ #
6337
+ # * Cloud Storage: maps 1:1 with a bucket.
6338
+ # @!attribute [rw] name
6339
+ # @return [::String]
6340
+ # The name of the profile.
6341
+ # @!attribute [rw] data_source_type
6342
+ # @return [::Google::Cloud::Dlp::V2::DataSourceType]
6343
+ # The resource type that was profiled.
6344
+ # @!attribute [rw] project_data_profile
6345
+ # @return [::String]
6346
+ # The resource name of the project data profile for this file store.
6347
+ # @!attribute [rw] project_id
6348
+ # @return [::String]
6349
+ # The Google Cloud project ID that owns the resource.
6350
+ # @!attribute [rw] file_store_location
6351
+ # @return [::String]
6352
+ # The location of the file store.
6353
+ #
6354
+ # * Cloud Storage:
6355
+ # https://cloud.google.com/storage/docs/locations#available-locations
6356
+ # @!attribute [rw] data_storage_locations
6357
+ # @return [::Array<::String>]
6358
+ # For resources that have multiple storage locations, these are those
6359
+ # regions. For Cloud Storage this is the list of regions chosen for
6360
+ # dual-region storage. `file_store_location` will normally be the
6361
+ # corresponding multi-region for the list of individual locations. The first
6362
+ # region is always picked as the processing and storage location for the data
6363
+ # profile.
6364
+ # @!attribute [rw] location_type
6365
+ # @return [::String]
6366
+ # The location type of the bucket (region, dual-region, multi-region, etc).
6367
+ # If dual-region, expect data_storage_locations to be populated.
6368
+ # @!attribute [rw] file_store_path
6369
+ # @return [::String]
6370
+ # The file store path.
6371
+ #
6372
+ # * Cloud Storage: `gs://{bucket}`
6373
+ # @!attribute [rw] full_resource
6374
+ # @return [::String]
6375
+ # The resource name of the resource profiled.
6376
+ # https://cloud.google.com/apis/design/resource_names#full_resource_name
6377
+ # @!attribute [rw] config_snapshot
6378
+ # @return [::Google::Cloud::Dlp::V2::DataProfileConfigSnapshot]
6379
+ # The snapshot of the configurations used to generate the profile.
6380
+ # @!attribute [rw] profile_status
6381
+ # @return [::Google::Cloud::Dlp::V2::ProfileStatus]
6382
+ # Success or error status from the most recent profile generation attempt.
6383
+ # May be empty if the profile is still being generated.
6384
+ # @!attribute [rw] state
6385
+ # @return [::Google::Cloud::Dlp::V2::FileStoreDataProfile::State]
6386
+ # State of a profile.
6387
+ # @!attribute [rw] profile_last_generated
6388
+ # @return [::Google::Protobuf::Timestamp]
6389
+ # The last time the profile was generated.
6390
+ # @!attribute [rw] resource_visibility
6391
+ # @return [::Google::Cloud::Dlp::V2::ResourceVisibility]
6392
+ # How broadly a resource has been shared.
6393
+ # @!attribute [rw] sensitivity_score
6394
+ # @return [::Google::Cloud::Dlp::V2::SensitivityScore]
6395
+ # The sensitivity score of this resource.
6396
+ # @!attribute [rw] data_risk_level
6397
+ # @return [::Google::Cloud::Dlp::V2::DataRiskLevel]
6398
+ # The data risk level of this resource.
6399
+ # @!attribute [rw] create_time
6400
+ # @return [::Google::Protobuf::Timestamp]
6401
+ # The time the file store was first created.
6402
+ # @!attribute [rw] last_modified_time
6403
+ # @return [::Google::Protobuf::Timestamp]
6404
+ # The time the file store was last modified.
6405
+ # @!attribute [rw] file_cluster_summaries
6406
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileClusterSummary>]
6407
+ # FileClusterSummary per each cluster.
6408
+ # @!attribute [rw] resource_attributes
6409
+ # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::Dlp::V2::Value}]
6410
+ # Attributes of the resource being profiled.
6411
+ # Currently used attributes:
6412
+ #
6413
+ # * customer_managed_encryption: boolean
6414
+ # - true: the resource is encrypted with a customer-managed key.
6415
+ # - false: the resource is encrypted with a provider-managed key.
6416
+ # @!attribute [rw] resource_labels
6417
+ # @return [::Google::Protobuf::Map{::String => ::String}]
6418
+ # The labels applied to the resource at the time the profile was generated.
6419
+ # @!attribute [rw] file_store_info_type_summaries
6420
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileStoreInfoTypeSummary>]
6421
+ # InfoTypes detected in this file store.
6422
+ # @!attribute [rw] file_store_is_empty
6423
+ # @return [::Boolean]
6424
+ # The file store does not have any files.
6425
+ class FileStoreDataProfile
6426
+ include ::Google::Protobuf::MessageExts
6427
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6428
+
6429
+ # @!attribute [rw] key
6430
+ # @return [::String]
6431
+ # @!attribute [rw] value
6432
+ # @return [::Google::Cloud::Dlp::V2::Value]
6433
+ class ResourceAttributesEntry
6434
+ include ::Google::Protobuf::MessageExts
6435
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6436
+ end
6437
+
6438
+ # @!attribute [rw] key
6439
+ # @return [::String]
6440
+ # @!attribute [rw] value
6441
+ # @return [::String]
6442
+ class ResourceLabelsEntry
6443
+ include ::Google::Protobuf::MessageExts
6444
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6445
+ end
6446
+
6447
+ # Possible states of a profile. New items may be added.
6448
+ module State
6449
+ # Unused.
6450
+ STATE_UNSPECIFIED = 0
6451
+
6452
+ # The profile is currently running. Once a profile has finished it will
6453
+ # transition to DONE.
6454
+ RUNNING = 1
6455
+
6456
+ # The profile is no longer generating.
6457
+ # If profile_status.status.code is 0, the profile succeeded, otherwise, it
6458
+ # failed.
6459
+ DONE = 2
6460
+ end
6461
+ end
6462
+
6463
+ # Information regarding the discovered InfoType.
6464
+ # @!attribute [rw] info_type
6465
+ # @return [::Google::Cloud::Dlp::V2::InfoType]
6466
+ # The InfoType seen.
6467
+ class FileStoreInfoTypeSummary
6468
+ include ::Google::Protobuf::MessageExts
6469
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6470
+ end
6471
+
6472
+ # Information regarding the discovered file extension.
6473
+ # @!attribute [rw] file_extension
6474
+ # @return [::String]
6475
+ # The file extension if set. (aka .pdf, .jpg, .txt)
6476
+ class FileExtensionInfo
6477
+ include ::Google::Protobuf::MessageExts
6478
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6479
+ end
6480
+
6481
+ # The file cluster summary.
6482
+ # @!attribute [rw] file_cluster_type
6483
+ # @return [::Google::Cloud::Dlp::V2::FileClusterType]
6484
+ # The file cluster type.
6485
+ # @!attribute [rw] file_store_info_type_summaries
6486
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileStoreInfoTypeSummary>]
6487
+ # InfoTypes detected in this cluster.
6488
+ # @!attribute [rw] sensitivity_score
6489
+ # @return [::Google::Cloud::Dlp::V2::SensitivityScore]
6490
+ # The sensitivity score of this cluster. The score will be SENSITIVITY_LOW
6491
+ # if nothing has been scanned.
6492
+ # @!attribute [rw] data_risk_level
6493
+ # @return [::Google::Cloud::Dlp::V2::DataRiskLevel]
6494
+ # The data risk level of this cluster. RISK_LOW if nothing has been
6495
+ # scanned.
6496
+ # @!attribute [rw] errors
6497
+ # @return [::Array<::Google::Cloud::Dlp::V2::Error>]
6498
+ # A list of errors detected while scanning this cluster. The list is
6499
+ # truncated to 10 per cluster.
6500
+ # @!attribute [rw] file_extensions_scanned
6501
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileExtensionInfo>]
6502
+ # A sample of file types scanned in this cluster. Empty if no files were
6503
+ # scanned.
6504
+ # @!attribute [rw] file_extensions_seen
6505
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileExtensionInfo>]
6506
+ # A sample of file types seen in this cluster. Empty if no files were seen.
6507
+ # @!attribute [rw] no_files_exist
6508
+ # @return [::Boolean]
6509
+ # True if no files exist in this cluster. If the bucket had more files than
6510
+ # could be listed, this will be false even if no files for this cluster
6511
+ # were seen and file_extensions_seen is empty.
6512
+ class FileClusterSummary
6513
+ include ::Google::Protobuf::MessageExts
6514
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6515
+ end
6516
+
6034
6517
  # Request to get a project data profile.
6035
6518
  # @!attribute [rw] name
6036
6519
  # @return [::String]
@@ -6041,6 +6524,109 @@ module Google
6041
6524
  extend ::Google::Protobuf::MessageExts::ClassMethods
6042
6525
  end
6043
6526
 
6527
+ # Request to get a file store data profile.
6528
+ # @!attribute [rw] name
6529
+ # @return [::String]
6530
+ # Required. Resource name, for example
6531
+ # `organizations/12345/locations/us/fileStoreDataProfiles/53234423`.
6532
+ class GetFileStoreDataProfileRequest
6533
+ include ::Google::Protobuf::MessageExts
6534
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6535
+ end
6536
+
6537
+ # Request to list the file store profiles generated for a given organization or
6538
+ # project.
6539
+ # @!attribute [rw] parent
6540
+ # @return [::String]
6541
+ # Required. Resource name of the organization or project, for
6542
+ # example `organizations/433245324/locations/europe` or
6543
+ # `projects/project-id/locations/asia`.
6544
+ # @!attribute [rw] page_token
6545
+ # @return [::String]
6546
+ # Optional. Page token to continue retrieval.
6547
+ # @!attribute [rw] page_size
6548
+ # @return [::Integer]
6549
+ # Optional. Size of the page. This value can be limited by the server. If
6550
+ # zero, server returns a page of max size 100.
6551
+ # @!attribute [rw] order_by
6552
+ # @return [::String]
6553
+ # Optional. Comma-separated list of fields to order by, followed by `asc` or
6554
+ # `desc` postfix. This list is case insensitive. The default sorting order is
6555
+ # ascending. Redundant space characters are insignificant. Only one order
6556
+ # field at a time is allowed.
6557
+ #
6558
+ # Examples:
6559
+ #
6560
+ # * `project_id asc`
6561
+ # * `name`
6562
+ # * `sensitivity_level desc`
6563
+ #
6564
+ # Supported fields are:
6565
+ #
6566
+ # - `project_id`: The Google Cloud project ID.
6567
+ # - `sensitivity_level`: How sensitive the data in a table is, at most.
6568
+ # - `data_risk_level`: How much risk is associated with this data.
6569
+ # - `profile_last_generated`: When the profile was last updated in epoch
6570
+ # seconds.
6571
+ # - `last_modified`: The last time the resource was modified.
6572
+ # - `resource_visibility`: Visibility restriction for this resource.
6573
+ # - `name`: The name of the profile.
6574
+ # - `create_time`: The time the file store was first created.
6575
+ # @!attribute [rw] filter
6576
+ # @return [::String]
6577
+ # Optional. Allows filtering.
6578
+ #
6579
+ # Supported syntax:
6580
+ #
6581
+ # * Filter expressions are made up of one or more restrictions.
6582
+ # * Restrictions can be combined by `AND` or `OR` logical operators. A
6583
+ # sequence of restrictions implicitly uses `AND`.
6584
+ # * A restriction has the form of `{field} {operator} {value}`.
6585
+ # * Supported fields/values:
6586
+ # - `project_id` - The Google Cloud project ID.
6587
+ # - `file_store_path` - The path like "gs://bucket".
6588
+ # - `sensitivity_level` - HIGH|MODERATE|LOW
6589
+ # - `data_risk_level` - HIGH|MODERATE|LOW
6590
+ # - `resource_visibility`: PUBLIC|RESTRICTED
6591
+ # - `status_code` - an RPC status code as defined in
6592
+ # https://github.com/googleapis/googleapis/blob/master/google/rpc/code.proto
6593
+ # * The operator must be `=` or `!=`.
6594
+ #
6595
+ # Examples:
6596
+ #
6597
+ # * `project_id = 12345 AND status_code = 1`
6598
+ # * `project_id = 12345 AND sensitivity_level = HIGH`
6599
+ # * `project_id = 12345 AND resource_visibility = PUBLIC`
6600
+ # * `file_store_path = "gs://mybucket"`
6601
+ #
6602
+ # The length of this field should be no more than 500 characters.
6603
+ class ListFileStoreDataProfilesRequest
6604
+ include ::Google::Protobuf::MessageExts
6605
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6606
+ end
6607
+
6608
+ # List of file store data profiles generated for a given organization or
6609
+ # project.
6610
+ # @!attribute [rw] file_store_data_profiles
6611
+ # @return [::Array<::Google::Cloud::Dlp::V2::FileStoreDataProfile>]
6612
+ # List of data profiles.
6613
+ # @!attribute [rw] next_page_token
6614
+ # @return [::String]
6615
+ # The next page token.
6616
+ class ListFileStoreDataProfilesResponse
6617
+ include ::Google::Protobuf::MessageExts
6618
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6619
+ end
6620
+
6621
+ # Request message for DeleteFileStoreProfile.
6622
+ # @!attribute [rw] name
6623
+ # @return [::String]
6624
+ # Required. Resource name of the file store data profile.
6625
+ class DeleteFileStoreDataProfileRequest
6626
+ include ::Google::Protobuf::MessageExts
6627
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6628
+ end
6629
+
6044
6630
  # Request to get a table data profile.
6045
6631
  # @!attribute [rw] name
6046
6632
  # @return [::String]
@@ -6126,6 +6712,11 @@ module Google
6126
6712
  # If `DetailLevel` is `TABLE_PROFILE` this will be fully populated.
6127
6713
  # Otherwise, if `DetailLevel` is `RESOURCE_NAME`, then only `name` and
6128
6714
  # `full_resource` will be populated.
6715
+ # @!attribute [rw] file_store_profile
6716
+ # @return [::Google::Cloud::Dlp::V2::FileStoreDataProfile]
6717
+ # If `DetailLevel` is `FILE_STORE_PROFILE` this will be fully populated.
6718
+ # Otherwise, if `DetailLevel` is `RESOURCE_NAME`, then only `name` and
6719
+ # `file_store_path` will be populated.
6129
6720
  # @!attribute [rw] event
6130
6721
  # @return [::Google::Cloud::Dlp::V2::DataProfileAction::EventType]
6131
6722
  # The event that caused the Pub/Sub message to be sent.
@@ -6137,8 +6728,15 @@ module Google
6137
6728
  # Request message for CreateConnection.
6138
6729
  # @!attribute [rw] parent
6139
6730
  # @return [::String]
6140
- # Required. Parent resource name in the format:
6141
- # `projects/{project}/locations/{location}`.
6731
+ # Required. Parent resource name.
6732
+ #
6733
+ # The format of this value varies depending on the scope of the request
6734
+ # (project or organization):
6735
+ #
6736
+ # + Projects scope:
6737
+ # `projects/{project_id}/locations/{location_id}`
6738
+ # + Organizations scope:
6739
+ # `organizations/{org_id}/locations/{location_id}`
6142
6740
  # @!attribute [rw] connection
6143
6741
  # @return [::Google::Cloud::Dlp::V2::Connection]
6144
6742
  # Required. The connection resource.
@@ -6160,8 +6758,9 @@ module Google
6160
6758
  # Request message for ListConnections.
6161
6759
  # @!attribute [rw] parent
6162
6760
  # @return [::String]
6163
- # Required. Parent name, for example:
6164
- # `projects/project-id/locations/global`.
6761
+ # Required. Resource name of the organization or project, for
6762
+ # example, `organizations/433245324/locations/europe` or
6763
+ # `projects/project-id/locations/asia`.
6165
6764
  # @!attribute [rw] page_size
6166
6765
  # @return [::Integer]
6167
6766
  # Optional. Number of results per page, max 1000.
@@ -6180,8 +6779,9 @@ module Google
6180
6779
  # Request message for SearchConnections.
6181
6780
  # @!attribute [rw] parent
6182
6781
  # @return [::String]
6183
- # Required. Parent name, typically an organization, without location.
6184
- # For example: `organizations/12345678`.
6782
+ # Required. Resource name of the organization or project with a wildcard
6783
+ # location, for example, `organizations/433245324/locations/-` or
6784
+ # `projects/project-id/locations/-`.
6185
6785
  # @!attribute [rw] page_size
6186
6786
  # @return [::Integer]
6187
6787
  # Optional. Number of results per page, max 1000.
@@ -6361,6 +6961,49 @@ module Google
6361
6961
  extend ::Google::Protobuf::MessageExts::ClassMethods
6362
6962
  end
6363
6963
 
6964
+ # Message used to identify file cluster type being profiled.
6965
+ # @!attribute [rw] cluster
6966
+ # @return [::Google::Cloud::Dlp::V2::FileClusterType::Cluster]
6967
+ # Cluster type.
6968
+ class FileClusterType
6969
+ include ::Google::Protobuf::MessageExts
6970
+ extend ::Google::Protobuf::MessageExts::ClassMethods
6971
+
6972
+ # Cluster type. Each cluster corresponds to a set of file types.
6973
+ # Over time, new types may be added and files may move between clusters.
6974
+ module Cluster
6975
+ # Unused.
6976
+ CLUSTER_UNSPECIFIED = 0
6977
+
6978
+ # Unsupported files.
6979
+ CLUSTER_UNKNOWN = 1
6980
+
6981
+ # Plain text.
6982
+ CLUSTER_TEXT = 2
6983
+
6984
+ # Structured data like CSV, TSV etc.
6985
+ CLUSTER_STRUCTURED_DATA = 3
6986
+
6987
+ # Source code.
6988
+ CLUSTER_SOURCE_CODE = 4
6989
+
6990
+ # Rich document like docx, xlsx etc.
6991
+ CLUSTER_RICH_DOCUMENT = 5
6992
+
6993
+ # Images like jpeg, bmp.
6994
+ CLUSTER_IMAGE = 6
6995
+
6996
+ # Archives and containers like .zip, .tar etc.
6997
+ CLUSTER_ARCHIVE = 7
6998
+
6999
+ # Multimedia like .mp4, .avi etc.
7000
+ CLUSTER_MULTIMEDIA = 8
7001
+
7002
+ # Executable files like .exe, .class, .apk etc.
7003
+ CLUSTER_EXECUTABLE = 9
7004
+ end
7005
+ end
7006
+
6364
7007
  # Enum of possible outcomes of transformations. SUCCESS if transformation and
6365
7008
  # storing of transformation was successful, otherwise, reason for not
6366
7009
  # transforming.
@@ -6657,7 +7300,7 @@ module Google
6657
7300
 
6658
7301
  # May contain public items.
6659
7302
  # For example, if a Cloud Storage bucket has uniform bucket level access
6660
- # disabled, some objects inside it may be public.
7303
+ # disabled, some objects inside it may be public, but none are known yet.
6661
7304
  RESOURCE_VISIBILITY_INCONCLUSIVE = 15
6662
7305
 
6663
7306
  # Visible only to specific users.