google-cloud-dlp 0.13.2 → 1.1.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,176 +0,0 @@
1
- {
2
- "interfaces": {
3
- "google.privacy.dlp.v2.DlpService": {
4
- "retry_codes": {
5
- "idempotent": [
6
- "DEADLINE_EXCEEDED",
7
- "UNAVAILABLE"
8
- ],
9
- "non_idempotent": []
10
- },
11
- "retry_params": {
12
- "default": {
13
- "initial_retry_delay_millis": 100,
14
- "retry_delay_multiplier": 1.3,
15
- "max_retry_delay_millis": 60000,
16
- "initial_rpc_timeout_millis": 20000,
17
- "rpc_timeout_multiplier": 1.0,
18
- "max_rpc_timeout_millis": 20000,
19
- "total_timeout_millis": 600000
20
- }
21
- },
22
- "methods": {
23
- "InspectContent": {
24
- "timeout_millis": 300000,
25
- "retry_codes_name": "idempotent",
26
- "retry_params_name": "default"
27
- },
28
- "RedactImage": {
29
- "timeout_millis": 300000,
30
- "retry_codes_name": "idempotent",
31
- "retry_params_name": "default"
32
- },
33
- "DeidentifyContent": {
34
- "timeout_millis": 300000,
35
- "retry_codes_name": "idempotent",
36
- "retry_params_name": "default"
37
- },
38
- "ReidentifyContent": {
39
- "timeout_millis": 300000,
40
- "retry_codes_name": "idempotent",
41
- "retry_params_name": "default"
42
- },
43
- "ListInfoTypes": {
44
- "timeout_millis": 300000,
45
- "retry_codes_name": "idempotent",
46
- "retry_params_name": "default"
47
- },
48
- "CreateInspectTemplate": {
49
- "timeout_millis": 300000,
50
- "retry_codes_name": "non_idempotent",
51
- "retry_params_name": "default"
52
- },
53
- "UpdateInspectTemplate": {
54
- "timeout_millis": 300000,
55
- "retry_codes_name": "non_idempotent",
56
- "retry_params_name": "default"
57
- },
58
- "GetInspectTemplate": {
59
- "timeout_millis": 300000,
60
- "retry_codes_name": "idempotent",
61
- "retry_params_name": "default"
62
- },
63
- "ListInspectTemplates": {
64
- "timeout_millis": 300000,
65
- "retry_codes_name": "idempotent",
66
- "retry_params_name": "default"
67
- },
68
- "DeleteInspectTemplate": {
69
- "timeout_millis": 300000,
70
- "retry_codes_name": "idempotent",
71
- "retry_params_name": "default"
72
- },
73
- "CreateDeidentifyTemplate": {
74
- "timeout_millis": 300000,
75
- "retry_codes_name": "non_idempotent",
76
- "retry_params_name": "default"
77
- },
78
- "UpdateDeidentifyTemplate": {
79
- "timeout_millis": 300000,
80
- "retry_codes_name": "non_idempotent",
81
- "retry_params_name": "default"
82
- },
83
- "GetDeidentifyTemplate": {
84
- "timeout_millis": 300000,
85
- "retry_codes_name": "idempotent",
86
- "retry_params_name": "default"
87
- },
88
- "ListDeidentifyTemplates": {
89
- "timeout_millis": 300000,
90
- "retry_codes_name": "idempotent",
91
- "retry_params_name": "default"
92
- },
93
- "DeleteDeidentifyTemplate": {
94
- "timeout_millis": 300000,
95
- "retry_codes_name": "idempotent",
96
- "retry_params_name": "default"
97
- },
98
- "CreateDlpJob": {
99
- "timeout_millis": 300000,
100
- "retry_codes_name": "non_idempotent",
101
- "retry_params_name": "default"
102
- },
103
- "ListDlpJobs": {
104
- "timeout_millis": 300000,
105
- "retry_codes_name": "idempotent",
106
- "retry_params_name": "default"
107
- },
108
- "GetDlpJob": {
109
- "timeout_millis": 300000,
110
- "retry_codes_name": "idempotent",
111
- "retry_params_name": "default"
112
- },
113
- "DeleteDlpJob": {
114
- "timeout_millis": 300000,
115
- "retry_codes_name": "idempotent",
116
- "retry_params_name": "default"
117
- },
118
- "CancelDlpJob": {
119
- "timeout_millis": 300000,
120
- "retry_codes_name": "non_idempotent",
121
- "retry_params_name": "default"
122
- },
123
- "ListJobTriggers": {
124
- "timeout_millis": 300000,
125
- "retry_codes_name": "idempotent",
126
- "retry_params_name": "default"
127
- },
128
- "GetJobTrigger": {
129
- "timeout_millis": 300000,
130
- "retry_codes_name": "idempotent",
131
- "retry_params_name": "default"
132
- },
133
- "DeleteJobTrigger": {
134
- "timeout_millis": 300000,
135
- "retry_codes_name": "idempotent",
136
- "retry_params_name": "default"
137
- },
138
- "UpdateJobTrigger": {
139
- "timeout_millis": 300000,
140
- "retry_codes_name": "non_idempotent",
141
- "retry_params_name": "default"
142
- },
143
- "CreateJobTrigger": {
144
- "timeout_millis": 300000,
145
- "retry_codes_name": "non_idempotent",
146
- "retry_params_name": "default"
147
- },
148
- "CreateStoredInfoType": {
149
- "timeout_millis": 300000,
150
- "retry_codes_name": "non_idempotent",
151
- "retry_params_name": "default"
152
- },
153
- "UpdateStoredInfoType": {
154
- "timeout_millis": 300000,
155
- "retry_codes_name": "non_idempotent",
156
- "retry_params_name": "default"
157
- },
158
- "GetStoredInfoType": {
159
- "timeout_millis": 300000,
160
- "retry_codes_name": "idempotent",
161
- "retry_params_name": "default"
162
- },
163
- "ListStoredInfoTypes": {
164
- "timeout_millis": 300000,
165
- "retry_codes_name": "idempotent",
166
- "retry_params_name": "default"
167
- },
168
- "DeleteStoredInfoType": {
169
- "timeout_millis": 300000,
170
- "retry_codes_name": "idempotent",
171
- "retry_params_name": "default"
172
- }
173
- }
174
- }
175
- }
176
- }
@@ -1,2925 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Privacy
18
- module Dlp
19
- module V2
20
- # List of exclude infoTypes.
21
- # @!attribute [rw] info_types
22
- # @return [Array<Google::Privacy::Dlp::V2::InfoType>]
23
- # InfoType list in ExclusionRule rule drops a finding when it overlaps or
24
- # contained within with a finding of an infoType from this list. For
25
- # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
26
- # `exclusion_rule` containing `exclude_info_types.info_types` with
27
- # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
28
- # with EMAIL_ADDRESS finding.
29
- # That leads to "555-222-2222@example.org" to generate only a single
30
- # finding, namely email address.
31
- class ExcludeInfoTypes; end
32
-
33
- # The rule that specifies conditions when findings of infoTypes specified in
34
- # `InspectionRuleSet` are removed from results.
35
- # @!attribute [rw] dictionary
36
- # @return [Google::Privacy::Dlp::V2::CustomInfoType::Dictionary]
37
- # Dictionary which defines the rule.
38
- # @!attribute [rw] regex
39
- # @return [Google::Privacy::Dlp::V2::CustomInfoType::Regex]
40
- # Regular expression which defines the rule.
41
- # @!attribute [rw] exclude_info_types
42
- # @return [Google::Privacy::Dlp::V2::ExcludeInfoTypes]
43
- # Set of infoTypes for which findings would affect this rule.
44
- # @!attribute [rw] matching_type
45
- # @return [Google::Privacy::Dlp::V2::MatchingType]
46
- # How the rule is applied, see MatchingType documentation for details.
47
- class ExclusionRule; end
48
-
49
- # A single inspection rule to be applied to infoTypes, specified in
50
- # `InspectionRuleSet`.
51
- # @!attribute [rw] hotword_rule
52
- # @return [Google::Privacy::Dlp::V2::CustomInfoType::DetectionRule::HotwordRule]
53
- # Hotword-based detection rule.
54
- # @!attribute [rw] exclusion_rule
55
- # @return [Google::Privacy::Dlp::V2::ExclusionRule]
56
- # Exclusion rule.
57
- class InspectionRule; end
58
-
59
- # Rule set for modifying a set of infoTypes to alter behavior under certain
60
- # circumstances, depending on the specific details of the rules within the set.
61
- # @!attribute [rw] info_types
62
- # @return [Array<Google::Privacy::Dlp::V2::InfoType>]
63
- # List of infoTypes this rule set is applied to.
64
- # @!attribute [rw] rules
65
- # @return [Array<Google::Privacy::Dlp::V2::InspectionRule>]
66
- # Set of rules to be applied to infoTypes. The rules are applied in order.
67
- class InspectionRuleSet; end
68
-
69
- # Configuration description of the scanning process.
70
- # When used with redactContent only info_types and min_likelihood are currently
71
- # used.
72
- # @!attribute [rw] info_types
73
- # @return [Array<Google::Privacy::Dlp::V2::InfoType>]
74
- # Restricts what info_types to look for. The values must correspond to
75
- # InfoType values returned by ListInfoTypes or listed at
76
- # https://cloud.google.com/dlp/docs/infotypes-reference.
77
- #
78
- # When no InfoTypes or CustomInfoTypes are specified in a request, the
79
- # system may automatically choose what detectors to run. By default this may
80
- # be all types, but may change over time as detectors are updated.
81
- #
82
- # If you need precise control and predictability as to what detectors are
83
- # run you should specify specific InfoTypes listed in the reference,
84
- # otherwise a default list will be used, which may change over time.
85
- # @!attribute [rw] min_likelihood
86
- # @return [Google::Privacy::Dlp::V2::Likelihood]
87
- # Only returns findings equal or above this threshold. The default is
88
- # POSSIBLE.
89
- # See https://cloud.google.com/dlp/docs/likelihood to learn more.
90
- # @!attribute [rw] limits
91
- # @return [Google::Privacy::Dlp::V2::InspectConfig::FindingLimits]
92
- # Configuration to control the number of findings returned.
93
- # @!attribute [rw] include_quote
94
- # @return [true, false]
95
- # When true, a contextual quote from the data that triggered a finding is
96
- # included in the response; see Finding.quote.
97
- # @!attribute [rw] exclude_info_types
98
- # @return [true, false]
99
- # When true, excludes type information of the findings.
100
- # @!attribute [rw] custom_info_types
101
- # @return [Array<Google::Privacy::Dlp::V2::CustomInfoType>]
102
- # CustomInfoTypes provided by the user. See
103
- # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
104
- # @!attribute [rw] content_options
105
- # @return [Array<Google::Privacy::Dlp::V2::ContentOption>]
106
- # List of options defining data content to scan.
107
- # If empty, text, images, and other content will be included.
108
- # @!attribute [rw] rule_set
109
- # @return [Array<Google::Privacy::Dlp::V2::InspectionRuleSet>]
110
- # Set of rules to apply to the findings for this InspectConfig.
111
- # Exclusion rules, contained in the set are executed in the end, other
112
- # rules are executed in the order they are specified for each info type.
113
- class InspectConfig
114
- # Configuration to control the number of findings returned.
115
- # @!attribute [rw] max_findings_per_item
116
- # @return [Integer]
117
- # Max number of findings that will be returned for each item scanned.
118
- # When set within `InspectDataSourceRequest`,
119
- # the maximum returned is 2000 regardless if this is set higher.
120
- # When set within `InspectContentRequest`, this field is ignored.
121
- # @!attribute [rw] max_findings_per_request
122
- # @return [Integer]
123
- # Max number of findings that will be returned per request/job.
124
- # When set within `InspectContentRequest`, the maximum returned is 2000
125
- # regardless if this is set higher.
126
- # @!attribute [rw] max_findings_per_info_type
127
- # @return [Array<Google::Privacy::Dlp::V2::InspectConfig::FindingLimits::InfoTypeLimit>]
128
- # Configuration of findings limit given for specified infoTypes.
129
- class FindingLimits
130
- # Max findings configuration per infoType, per content item or long
131
- # running DlpJob.
132
- # @!attribute [rw] info_type
133
- # @return [Google::Privacy::Dlp::V2::InfoType]
134
- # Type of information the findings limit applies to. Only one limit per
135
- # info_type should be provided. If InfoTypeLimit does not have an
136
- # info_type, the DLP API applies the limit against all info_types that
137
- # are found but not specified in another InfoTypeLimit.
138
- # @!attribute [rw] max_findings
139
- # @return [Integer]
140
- # Max findings limit for the given infoType.
141
- class InfoTypeLimit; end
142
- end
143
- end
144
-
145
- # Container for bytes to inspect or redact.
146
- # @!attribute [rw] type
147
- # @return [Google::Privacy::Dlp::V2::ByteContentItem::BytesType]
148
- # The type of data stored in the bytes string. Default will be TEXT_UTF8.
149
- # @!attribute [rw] data
150
- # @return [String]
151
- # Content data to inspect or redact.
152
- class ByteContentItem
153
- # The type of data being sent to in data.
154
- module BytesType
155
- # Unused
156
- BYTES_TYPE_UNSPECIFIED = 0
157
-
158
- # Any image type.
159
- IMAGE = 6
160
-
161
- # jpeg
162
- IMAGE_JPEG = 1
163
-
164
- # bmp
165
- IMAGE_BMP = 2
166
-
167
- # png
168
- IMAGE_PNG = 3
169
-
170
- # svg
171
- IMAGE_SVG = 4
172
-
173
- # plain text
174
- TEXT_UTF8 = 5
175
-
176
- # avro
177
- AVRO = 11
178
- end
179
- end
180
-
181
- # Container structure for the content to inspect.
182
- # @!attribute [rw] value
183
- # @return [String]
184
- # String data to inspect or redact.
185
- # @!attribute [rw] table
186
- # @return [Google::Privacy::Dlp::V2::Table]
187
- # Structured content for inspection. See
188
- # https://cloud.google.com/dlp/docs/inspecting-text#inspecting_a_table to
189
- # learn more.
190
- # @!attribute [rw] byte_item
191
- # @return [Google::Privacy::Dlp::V2::ByteContentItem]
192
- # Content data to inspect or redact. Replaces `type` and `data`.
193
- class ContentItem; end
194
-
195
- # Structured content to inspect. Up to 50,000 `Value`s per request allowed.
196
- # See https://cloud.google.com/dlp/docs/inspecting-text#inspecting_a_table to
197
- # learn more.
198
- # @!attribute [rw] headers
199
- # @return [Array<Google::Privacy::Dlp::V2::FieldId>]
200
- # Headers of the table.
201
- # @!attribute [rw] rows
202
- # @return [Array<Google::Privacy::Dlp::V2::Table::Row>]
203
- # Rows of the table.
204
- class Table
205
- # Values of the row.
206
- # @!attribute [rw] values
207
- # @return [Array<Google::Privacy::Dlp::V2::Value>]
208
- # Individual cells.
209
- class Row; end
210
- end
211
-
212
- # All the findings for a single scanned item.
213
- # @!attribute [rw] findings
214
- # @return [Array<Google::Privacy::Dlp::V2::Finding>]
215
- # List of findings for an item.
216
- # @!attribute [rw] findings_truncated
217
- # @return [true, false]
218
- # If true, then this item might have more findings than were returned,
219
- # and the findings returned are an arbitrary subset of all findings.
220
- # The findings list might be truncated because the input items were too
221
- # large, or because the server reached the maximum amount of resources
222
- # allowed for a single API call. For best results, divide the input into
223
- # smaller batches.
224
- class InspectResult; end
225
-
226
- # Represents a piece of potentially sensitive content.
227
- # @!attribute [rw] quote
228
- # @return [String]
229
- # The content that was found. Even if the content is not textual, it
230
- # may be converted to a textual representation here.
231
- # Provided if `include_quote` is true and the finding is
232
- # less than or equal to 4096 bytes long. If the finding exceeds 4096 bytes
233
- # in length, the quote may be omitted.
234
- # @!attribute [rw] info_type
235
- # @return [Google::Privacy::Dlp::V2::InfoType]
236
- # The type of content that might have been found.
237
- # Provided if `excluded_types` is false.
238
- # @!attribute [rw] likelihood
239
- # @return [Google::Privacy::Dlp::V2::Likelihood]
240
- # Confidence of how likely it is that the `info_type` is correct.
241
- # @!attribute [rw] location
242
- # @return [Google::Privacy::Dlp::V2::Location]
243
- # Where the content was found.
244
- # @!attribute [rw] create_time
245
- # @return [Google::Protobuf::Timestamp]
246
- # Timestamp when finding was detected.
247
- # @!attribute [rw] quote_info
248
- # @return [Google::Privacy::Dlp::V2::QuoteInfo]
249
- # Contains data parsed from quotes. Only populated if include_quote was set
250
- # to true and a supported infoType was requested. Currently supported
251
- # infoTypes: DATE, DATE_OF_BIRTH and TIME.
252
- class Finding; end
253
-
254
- # Specifies the location of the finding.
255
- # @!attribute [rw] byte_range
256
- # @return [Google::Privacy::Dlp::V2::Range]
257
- # Zero-based byte offsets delimiting the finding.
258
- # These are relative to the finding's containing element.
259
- # Note that when the content is not textual, this references
260
- # the UTF-8 encoded textual representation of the content.
261
- # Omitted if content is an image.
262
- # @!attribute [rw] codepoint_range
263
- # @return [Google::Privacy::Dlp::V2::Range]
264
- # Unicode character offsets delimiting the finding.
265
- # These are relative to the finding's containing element.
266
- # Provided when the content is text.
267
- # @!attribute [rw] content_locations
268
- # @return [Array<Google::Privacy::Dlp::V2::ContentLocation>]
269
- # List of nested objects pointing to the precise location of the finding
270
- # within the file or record.
271
- class Location; end
272
-
273
- # Findings container location data.
274
- # @!attribute [rw] container_name
275
- # @return [String]
276
- # Name of the container where the finding is located.
277
- # The top level name is the source file name or table name. Names of some
278
- # common storage containers are formatted as follows:
279
- #
280
- # * BigQuery tables: `{project_id}:{dataset_id}.{table_id}`
281
- # * Cloud Storage files: `gs://{bucket}/{path}`
282
- # * Datastore namespace: \\{namespace}
283
- #
284
- # Nested names could be absent if the embedded object has no string
285
- # identifier (for an example an image contained within a document).
286
- # @!attribute [rw] record_location
287
- # @return [Google::Privacy::Dlp::V2::RecordLocation]
288
- # Location within a row or record of a database table.
289
- # @!attribute [rw] image_location
290
- # @return [Google::Privacy::Dlp::V2::ImageLocation]
291
- # Location within an image's pixels.
292
- # @!attribute [rw] document_location
293
- # @return [Google::Privacy::Dlp::V2::DocumentLocation]
294
- # Location data for document files.
295
- # @!attribute [rw] container_timestamp
296
- # @return [Google::Protobuf::Timestamp]
297
- # Findings container modification timestamp, if applicable.
298
- # For Google Cloud Storage contains last file modification timestamp.
299
- # For BigQuery table contains last_modified_time property.
300
- # For Datastore - not populated.
301
- # @!attribute [rw] container_version
302
- # @return [String]
303
- # Findings container version, if available
304
- # ("generation" for Google Cloud Storage).
305
- class ContentLocation; end
306
-
307
- # Location of a finding within a document.
308
- # @!attribute [rw] file_offset
309
- # @return [Integer]
310
- # Offset of the line, from the beginning of the file, where the finding
311
- # is located.
312
- class DocumentLocation; end
313
-
314
- # Location of a finding within a row or record.
315
- # @!attribute [rw] record_key
316
- # @return [Google::Privacy::Dlp::V2::RecordKey]
317
- # Key of the finding.
318
- # @!attribute [rw] field_id
319
- # @return [Google::Privacy::Dlp::V2::FieldId]
320
- # Field id of the field containing the finding.
321
- # @!attribute [rw] table_location
322
- # @return [Google::Privacy::Dlp::V2::TableLocation]
323
- # Location within a `ContentItem.Table`.
324
- class RecordLocation; end
325
-
326
- # Location of a finding within a table.
327
- # @!attribute [rw] row_index
328
- # @return [Integer]
329
- # The zero-based index of the row where the finding is located.
330
- class TableLocation; end
331
-
332
- # Generic half-open interval [start, end)
333
- # @!attribute [rw] start
334
- # @return [Integer]
335
- # Index of the first character of the range (inclusive).
336
- # @!attribute [rw] end
337
- # @return [Integer]
338
- # Index of the last character of the range (exclusive).
339
- class Range; end
340
-
341
- # Location of the finding within an image.
342
- # @!attribute [rw] bounding_boxes
343
- # @return [Array<Google::Privacy::Dlp::V2::BoundingBox>]
344
- # Bounding boxes locating the pixels within the image containing the finding.
345
- class ImageLocation; end
346
-
347
- # Bounding box encompassing detected text within an image.
348
- # @!attribute [rw] top
349
- # @return [Integer]
350
- # Top coordinate of the bounding box. (0,0) is upper left.
351
- # @!attribute [rw] left
352
- # @return [Integer]
353
- # Left coordinate of the bounding box. (0,0) is upper left.
354
- # @!attribute [rw] width
355
- # @return [Integer]
356
- # Width of the bounding box in pixels.
357
- # @!attribute [rw] height
358
- # @return [Integer]
359
- # Height of the bounding box in pixels.
360
- class BoundingBox; end
361
-
362
- # Request to search for potentially sensitive info in an image and redact it
363
- # by covering it with a colored rectangle.
364
- # @!attribute [rw] parent
365
- # @return [String]
366
- # The parent resource name, for example projects/my-project-id.
367
- # @!attribute [rw] location_id
368
- # @return [String]
369
- # The geographic location to process the request. Reserved for future
370
- # extensions.
371
- # @!attribute [rw] inspect_config
372
- # @return [Google::Privacy::Dlp::V2::InspectConfig]
373
- # Configuration for the inspector.
374
- # @!attribute [rw] image_redaction_configs
375
- # @return [Array<Google::Privacy::Dlp::V2::RedactImageRequest::ImageRedactionConfig>]
376
- # The configuration for specifying what content to redact from images.
377
- # @!attribute [rw] include_findings
378
- # @return [true, false]
379
- # Whether the response should include findings along with the redacted
380
- # image.
381
- # @!attribute [rw] byte_item
382
- # @return [Google::Privacy::Dlp::V2::ByteContentItem]
383
- # The content must be PNG, JPEG, SVG or BMP.
384
- class RedactImageRequest
385
- # Configuration for determining how redaction of images should occur.
386
- # @!attribute [rw] info_type
387
- # @return [Google::Privacy::Dlp::V2::InfoType]
388
- # Only one per info_type should be provided per request. If not
389
- # specified, and redact_all_text is false, the DLP API will redact all
390
- # text that it matches against all info_types that are found, but not
391
- # specified in another ImageRedactionConfig.
392
- # @!attribute [rw] redact_all_text
393
- # @return [true, false]
394
- # If true, all text found in the image, regardless whether it matches an
395
- # info_type, is redacted. Only one should be provided.
396
- # @!attribute [rw] redaction_color
397
- # @return [Google::Privacy::Dlp::V2::Color]
398
- # The color to use when redacting content from an image. If not specified,
399
- # the default is black.
400
- class ImageRedactionConfig; end
401
- end
402
-
403
- # Represents a color in the RGB color space.
404
- # @!attribute [rw] red
405
- # @return [Float]
406
- # The amount of red in the color as a value in the interval [0, 1].
407
- # @!attribute [rw] green
408
- # @return [Float]
409
- # The amount of green in the color as a value in the interval [0, 1].
410
- # @!attribute [rw] blue
411
- # @return [Float]
412
- # The amount of blue in the color as a value in the interval [0, 1].
413
- class Color; end
414
-
415
- # Results of redacting an image.
416
- # @!attribute [rw] redacted_image
417
- # @return [String]
418
- # The redacted image. The type will be the same as the original image.
419
- # @!attribute [rw] extracted_text
420
- # @return [String]
421
- # If an image was being inspected and the InspectConfig's include_quote was
422
- # set to true, then this field will include all text, if any, that was found
423
- # in the image.
424
- # @!attribute [rw] inspect_result
425
- # @return [Google::Privacy::Dlp::V2::InspectResult]
426
- # The findings. Populated when include_findings in the request is true.
427
- class RedactImageResponse; end
428
-
429
- # Request to de-identify a list of items.
430
- # @!attribute [rw] parent
431
- # @return [String]
432
- # The parent resource name, for example projects/my-project-id.
433
- # @!attribute [rw] deidentify_config
434
- # @return [Google::Privacy::Dlp::V2::DeidentifyConfig]
435
- # Configuration for the de-identification of the content item.
436
- # Items specified here will override the template referenced by the
437
- # deidentify_template_name argument.
438
- # @!attribute [rw] inspect_config
439
- # @return [Google::Privacy::Dlp::V2::InspectConfig]
440
- # Configuration for the inspector.
441
- # Items specified here will override the template referenced by the
442
- # inspect_template_name argument.
443
- # @!attribute [rw] item
444
- # @return [Google::Privacy::Dlp::V2::ContentItem]
445
- # The item to de-identify. Will be treated as text.
446
- # @!attribute [rw] inspect_template_name
447
- # @return [String]
448
- # Template to use. Any configuration directly specified in
449
- # inspect_config will override those set in the template. Singular fields
450
- # that are set in this request will replace their corresponding fields in the
451
- # template. Repeated fields are appended. Singular sub-messages and groups
452
- # are recursively merged.
453
- # @!attribute [rw] deidentify_template_name
454
- # @return [String]
455
- # Template to use. Any configuration directly specified in
456
- # deidentify_config will override those set in the template. Singular fields
457
- # that are set in this request will replace their corresponding fields in the
458
- # template. Repeated fields are appended. Singular sub-messages and groups
459
- # are recursively merged.
460
- # @!attribute [rw] location_id
461
- # @return [String]
462
- # The geographic location to process de-identification. Reserved for future
463
- # extensions.
464
- class DeidentifyContentRequest; end
465
-
466
- # Results of de-identifying a ContentItem.
467
- # @!attribute [rw] item
468
- # @return [Google::Privacy::Dlp::V2::ContentItem]
469
- # The de-identified item.
470
- # @!attribute [rw] overview
471
- # @return [Google::Privacy::Dlp::V2::TransformationOverview]
472
- # An overview of the changes that were made on the `item`.
473
- class DeidentifyContentResponse; end
474
-
475
- # Request to re-identify an item.
476
- # @!attribute [rw] parent
477
- # @return [String]
478
- # Required. The parent resource name.
479
- # @!attribute [rw] reidentify_config
480
- # @return [Google::Privacy::Dlp::V2::DeidentifyConfig]
481
- # Configuration for the re-identification of the content item.
482
- # This field shares the same proto message type that is used for
483
- # de-identification, however its usage here is for the reversal of the
484
- # previous de-identification. Re-identification is performed by examining
485
- # the transformations used to de-identify the items and executing the
486
- # reverse. This requires that only reversible transformations
487
- # be provided here. The reversible transformations are:
488
- #
489
- # * `CryptoDeterministicConfig`
490
- # * `CryptoReplaceFfxFpeConfig`
491
- # @!attribute [rw] inspect_config
492
- # @return [Google::Privacy::Dlp::V2::InspectConfig]
493
- # Configuration for the inspector.
494
- # @!attribute [rw] item
495
- # @return [Google::Privacy::Dlp::V2::ContentItem]
496
- # The item to re-identify. Will be treated as text.
497
- # @!attribute [rw] inspect_template_name
498
- # @return [String]
499
- # Template to use. Any configuration directly specified in
500
- # `inspect_config` will override those set in the template. Singular fields
501
- # that are set in this request will replace their corresponding fields in the
502
- # template. Repeated fields are appended. Singular sub-messages and groups
503
- # are recursively merged.
504
- # @!attribute [rw] reidentify_template_name
505
- # @return [String]
506
- # Template to use. References an instance of `DeidentifyTemplate`.
507
- # Any configuration directly specified in `reidentify_config` or
508
- # `inspect_config` will override those set in the template. Singular fields
509
- # that are set in this request will replace their corresponding fields in the
510
- # template. Repeated fields are appended. Singular sub-messages and groups
511
- # are recursively merged.
512
- # @!attribute [rw] location_id
513
- # @return [String]
514
- # The geographic location to process content reidentification. Reserved for
515
- # future extensions.
516
- class ReidentifyContentRequest; end
517
-
518
- # Results of re-identifying a item.
519
- # @!attribute [rw] item
520
- # @return [Google::Privacy::Dlp::V2::ContentItem]
521
- # The re-identified item.
522
- # @!attribute [rw] overview
523
- # @return [Google::Privacy::Dlp::V2::TransformationOverview]
524
- # An overview of the changes that were made to the `item`.
525
- class ReidentifyContentResponse; end
526
-
527
- # Request to search for potentially sensitive info in a ContentItem.
528
- # @!attribute [rw] parent
529
- # @return [String]
530
- # The parent resource name, for example projects/my-project-id.
531
- # @!attribute [rw] inspect_config
532
- # @return [Google::Privacy::Dlp::V2::InspectConfig]
533
- # Configuration for the inspector. What specified here will override
534
- # the template referenced by the inspect_template_name argument.
535
- # @!attribute [rw] item
536
- # @return [Google::Privacy::Dlp::V2::ContentItem]
537
- # The item to inspect.
538
- # @!attribute [rw] inspect_template_name
539
- # @return [String]
540
- # Template to use. Any configuration directly specified in
541
- # inspect_config will override those set in the template. Singular fields
542
- # that are set in this request will replace their corresponding fields in the
543
- # template. Repeated fields are appended. Singular sub-messages and groups
544
- # are recursively merged.
545
- # @!attribute [rw] location_id
546
- # @return [String]
547
- # The geographic location to process content inspection. Reserved for future
548
- # extensions.
549
- class InspectContentRequest; end
550
-
551
- # Results of inspecting an item.
552
- # @!attribute [rw] result
553
- # @return [Google::Privacy::Dlp::V2::InspectResult]
554
- # The findings.
555
- class InspectContentResponse; end
556
-
557
- # Cloud repository for storing output.
558
- # @!attribute [rw] table
559
- # @return [Google::Privacy::Dlp::V2::BigQueryTable]
560
- # Store findings in an existing table or a new table in an existing
561
- # dataset. If table_id is not set a new one will be generated
562
- # for you with the following format:
563
- # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
564
- # generating the date details.
565
- #
566
- # For Inspect, each column in an existing output table must have the same
567
- # name, type, and mode of a field in the `Finding` object.
568
- #
569
- # For Risk, an existing output table should be the output of a previous
570
- # Risk analysis job run on the same source table, with the same privacy
571
- # metric and quasi-identifiers. Risk jobs that analyze the same table but
572
- # compute a different privacy metric, or use different sets of
573
- # quasi-identifiers, cannot store their results in the same table.
574
- # @!attribute [rw] output_schema
575
- # @return [Google::Privacy::Dlp::V2::OutputStorageConfig::OutputSchema]
576
- # Schema used for writing the findings for Inspect jobs. This field is only
577
- # used for Inspect and must be unspecified for Risk jobs. Columns are derived
578
- # from the `Finding` object. If appending to an existing table, any columns
579
- # from the predefined schema that are missing will be added. No columns in
580
- # the existing table will be deleted.
581
- #
582
- # If unspecified, then all available columns will be used for a new table or
583
- # an (existing) table with no schema, and no changes will be made to an
584
- # existing table that has a schema.
585
- class OutputStorageConfig
586
- # Predefined schemas for storing findings.
587
- module OutputSchema
588
- # Unused.
589
- OUTPUT_SCHEMA_UNSPECIFIED = 0
590
-
591
- # Basic schema including only `info_type`, `quote`, `certainty`, and
592
- # `timestamp`.
593
- BASIC_COLUMNS = 1
594
-
595
- # Schema tailored to findings from scanning Google Cloud Storage.
596
- GCS_COLUMNS = 2
597
-
598
- # Schema tailored to findings from scanning Google Datastore.
599
- DATASTORE_COLUMNS = 3
600
-
601
- # Schema tailored to findings from scanning Google BigQuery.
602
- BIG_QUERY_COLUMNS = 4
603
-
604
- # Schema containing all columns.
605
- ALL_COLUMNS = 5
606
- end
607
- end
608
-
609
- # Statistics regarding a specific InfoType.
610
- # @!attribute [rw] info_type
611
- # @return [Google::Privacy::Dlp::V2::InfoType]
612
- # The type of finding this stat is for.
613
- # @!attribute [rw] count
614
- # @return [Integer]
615
- # Number of findings for this infoType.
616
- class InfoTypeStats; end
617
-
618
- # The results of an inspect DataSource job.
619
- # @!attribute [rw] requested_options
620
- # @return [Google::Privacy::Dlp::V2::InspectDataSourceDetails::RequestedOptions]
621
- # The configuration used for this job.
622
- # @!attribute [rw] result
623
- # @return [Google::Privacy::Dlp::V2::InspectDataSourceDetails::Result]
624
- # A summary of the outcome of this inspect job.
625
- class InspectDataSourceDetails
626
- # Snapshot of the inspection configuration.
627
- # @!attribute [rw] snapshot_inspect_template
628
- # @return [Google::Privacy::Dlp::V2::InspectTemplate]
629
- # If run with an InspectTemplate, a snapshot of its state at the time of
630
- # this run.
631
- # @!attribute [rw] job_config
632
- # @return [Google::Privacy::Dlp::V2::InspectJobConfig]
633
- # Inspect config.
634
- class RequestedOptions; end
635
-
636
- # All result fields mentioned below are updated while the job is processing.
637
- # @!attribute [rw] processed_bytes
638
- # @return [Integer]
639
- # Total size in bytes that were processed.
640
- # @!attribute [rw] total_estimated_bytes
641
- # @return [Integer]
642
- # Estimate of the number of bytes to process.
643
- # @!attribute [rw] info_type_stats
644
- # @return [Array<Google::Privacy::Dlp::V2::InfoTypeStats>]
645
- # Statistics of how many instances of each info type were found during
646
- # inspect job.
647
- class Result; end
648
- end
649
-
650
- # InfoType description.
651
- # @!attribute [rw] name
652
- # @return [String]
653
- # Internal name of the infoType.
654
- # @!attribute [rw] display_name
655
- # @return [String]
656
- # Human readable form of the infoType name.
657
- # @!attribute [rw] supported_by
658
- # @return [Array<Google::Privacy::Dlp::V2::InfoTypeSupportedBy>]
659
- # Which parts of the API supports this InfoType.
660
- # @!attribute [rw] description
661
- # @return [String]
662
- # Description of the infotype. Translated when language is provided in the
663
- # request.
664
- class InfoTypeDescription; end
665
-
666
- # Request for the list of infoTypes.
667
- # @!attribute [rw] language_code
668
- # @return [String]
669
- # BCP-47 language code for localized infoType friendly
670
- # names. If omitted, or if localized strings are not available,
671
- # en-US strings will be returned.
672
- # @!attribute [rw] filter
673
- # @return [String]
674
- # filter to only return infoTypes supported by certain parts of the
675
- # API. Defaults to supported_by=INSPECT.
676
- # @!attribute [rw] location_id
677
- # @return [String]
678
- # The geographic location to list info types. Reserved for future
679
- # extensions.
680
- class ListInfoTypesRequest; end
681
-
682
- # Response to the ListInfoTypes request.
683
- # @!attribute [rw] info_types
684
- # @return [Array<Google::Privacy::Dlp::V2::InfoTypeDescription>]
685
- # Set of sensitive infoTypes.
686
- class ListInfoTypesResponse; end
687
-
688
- # Configuration for a risk analysis job. See
689
- # https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more.
690
- # @!attribute [rw] privacy_metric
691
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric]
692
- # Privacy metric to compute.
693
- # @!attribute [rw] source_table
694
- # @return [Google::Privacy::Dlp::V2::BigQueryTable]
695
- # Input dataset to compute metrics over.
696
- # @!attribute [rw] actions
697
- # @return [Array<Google::Privacy::Dlp::V2::Action>]
698
- # Actions to execute at the completion of the job. Are executed in the order
699
- # provided.
700
- class RiskAnalysisJobConfig; end
701
-
702
- # A column with a semantic tag attached.
703
- # @!attribute [rw] field
704
- # @return [Google::Privacy::Dlp::V2::FieldId]
705
- # Required. Identifies the column.
706
- # @!attribute [rw] info_type
707
- # @return [Google::Privacy::Dlp::V2::InfoType]
708
- # A column can be tagged with a InfoType to use the relevant public
709
- # dataset as a statistical model of population, if available. We
710
- # currently support US ZIP codes, region codes, ages and genders.
711
- # To programmatically obtain the list of supported InfoTypes, use
712
- # ListInfoTypes with the supported_by=RISK_ANALYSIS filter.
713
- # @!attribute [rw] custom_tag
714
- # @return [String]
715
- # A column can be tagged with a custom tag. In this case, the user must
716
- # indicate an auxiliary table that contains statistical information on
717
- # the possible values of this column (below).
718
- # @!attribute [rw] inferred
719
- # @return [Google::Protobuf::Empty]
720
- # If no semantic tag is indicated, we infer the statistical model from
721
- # the distribution of values in the input data
722
- class QuasiId; end
723
-
724
- # An auxiliary table containing statistical information on the relative
725
- # frequency of different quasi-identifiers values. It has one or several
726
- # quasi-identifiers columns, and one column that indicates the relative
727
- # frequency of each quasi-identifier tuple.
728
- # If a tuple is present in the data but not in the auxiliary table, the
729
- # corresponding relative frequency is assumed to be zero (and thus, the
730
- # tuple is highly reidentifiable).
731
- # @!attribute [rw] table
732
- # @return [Google::Privacy::Dlp::V2::BigQueryTable]
733
- # Required. Auxiliary table location.
734
- # @!attribute [rw] quasi_ids
735
- # @return [Array<Google::Privacy::Dlp::V2::StatisticalTable::QuasiIdentifierField>]
736
- # Required. Quasi-identifier columns.
737
- # @!attribute [rw] relative_frequency
738
- # @return [Google::Privacy::Dlp::V2::FieldId]
739
- # Required. The relative frequency column must contain a floating-point number
740
- # between 0 and 1 (inclusive). Null values are assumed to be zero.
741
- class StatisticalTable
742
- # A quasi-identifier column has a custom_tag, used to know which column
743
- # in the data corresponds to which column in the statistical model.
744
- # @!attribute [rw] field
745
- # @return [Google::Privacy::Dlp::V2::FieldId]
746
- # Identifies the column.
747
- # @!attribute [rw] custom_tag
748
- # @return [String]
749
- # A column can be tagged with a custom tag. In this case, the user must
750
- # indicate an auxiliary table that contains statistical information on
751
- # the possible values of this column (below).
752
- class QuasiIdentifierField; end
753
- end
754
-
755
- # Privacy metric to compute for reidentification risk analysis.
756
- # @!attribute [rw] numerical_stats_config
757
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric::NumericalStatsConfig]
758
- # Numerical stats
759
- # @!attribute [rw] categorical_stats_config
760
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric::CategoricalStatsConfig]
761
- # Categorical stats
762
- # @!attribute [rw] k_anonymity_config
763
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric::KAnonymityConfig]
764
- # K-anonymity
765
- # @!attribute [rw] l_diversity_config
766
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric::LDiversityConfig]
767
- # l-diversity
768
- # @!attribute [rw] k_map_estimation_config
769
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric::KMapEstimationConfig]
770
- # k-map
771
- # @!attribute [rw] delta_presence_estimation_config
772
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric::DeltaPresenceEstimationConfig]
773
- # delta-presence
774
- class PrivacyMetric
775
- # Compute numerical stats over an individual column, including
776
- # min, max, and quantiles.
777
- # @!attribute [rw] field
778
- # @return [Google::Privacy::Dlp::V2::FieldId]
779
- # Field to compute numerical stats on. Supported types are
780
- # integer, float, date, datetime, timestamp, time.
781
- class NumericalStatsConfig; end
782
-
783
- # Compute numerical stats over an individual column, including
784
- # number of distinct values and value count distribution.
785
- # @!attribute [rw] field
786
- # @return [Google::Privacy::Dlp::V2::FieldId]
787
- # Field to compute categorical stats on. All column types are
788
- # supported except for arrays and structs. However, it may be more
789
- # informative to use NumericalStats when the field type is supported,
790
- # depending on the data.
791
- class CategoricalStatsConfig; end
792
-
793
- # k-anonymity metric, used for analysis of reidentification risk.
794
- # @!attribute [rw] quasi_ids
795
- # @return [Array<Google::Privacy::Dlp::V2::FieldId>]
796
- # Set of fields to compute k-anonymity over. When multiple fields are
797
- # specified, they are considered a single composite key. Structs and
798
- # repeated data types are not supported; however, nested fields are
799
- # supported so long as they are not structs themselves or nested within
800
- # a repeated field.
801
- # @!attribute [rw] entity_id
802
- # @return [Google::Privacy::Dlp::V2::EntityId]
803
- # Message indicating that multiple rows might be associated to a
804
- # single individual. If the same entity_id is associated to multiple
805
- # quasi-identifier tuples over distinct rows, we consider the entire
806
- # collection of tuples as the composite quasi-identifier. This collection
807
- # is a multiset: the order in which the different tuples appear in the
808
- # dataset is ignored, but their frequency is taken into account.
809
- #
810
- # Important note: a maximum of 1000 rows can be associated to a single
811
- # entity ID. If more rows are associated with the same entity ID, some
812
- # might be ignored.
813
- class KAnonymityConfig; end
814
-
815
- # l-diversity metric, used for analysis of reidentification risk.
816
- # @!attribute [rw] quasi_ids
817
- # @return [Array<Google::Privacy::Dlp::V2::FieldId>]
818
- # Set of quasi-identifiers indicating how equivalence classes are
819
- # defined for the l-diversity computation. When multiple fields are
820
- # specified, they are considered a single composite key.
821
- # @!attribute [rw] sensitive_attribute
822
- # @return [Google::Privacy::Dlp::V2::FieldId]
823
- # Sensitive field for computing the l-value.
824
- class LDiversityConfig; end
825
-
826
- # Reidentifiability metric. This corresponds to a risk model similar to what
827
- # is called "journalist risk" in the literature, except the attack dataset is
828
- # statistically modeled instead of being perfectly known. This can be done
829
- # using publicly available data (like the US Census), or using a custom
830
- # statistical model (indicated as one or several BigQuery tables), or by
831
- # extrapolating from the distribution of values in the input dataset.
832
- # @!attribute [rw] quasi_ids
833
- # @return [Array<Google::Privacy::Dlp::V2::PrivacyMetric::KMapEstimationConfig::TaggedField>]
834
- # Required. Fields considered to be quasi-identifiers. No two columns can have the
835
- # same tag.
836
- # @!attribute [rw] region_code
837
- # @return [String]
838
- # ISO 3166-1 alpha-2 region code to use in the statistical modeling.
839
- # Set if no column is tagged with a region-specific InfoType (like
840
- # US_ZIP_5) or a region code.
841
- # @!attribute [rw] auxiliary_tables
842
- # @return [Array<Google::Privacy::Dlp::V2::PrivacyMetric::KMapEstimationConfig::AuxiliaryTable>]
843
- # Several auxiliary tables can be used in the analysis. Each custom_tag
844
- # used to tag a quasi-identifiers column must appear in exactly one column
845
- # of one auxiliary table.
846
- class KMapEstimationConfig
847
- # A column with a semantic tag attached.
848
- # @!attribute [rw] field
849
- # @return [Google::Privacy::Dlp::V2::FieldId]
850
- # Required. Identifies the column.
851
- # @!attribute [rw] info_type
852
- # @return [Google::Privacy::Dlp::V2::InfoType]
853
- # A column can be tagged with a InfoType to use the relevant public
854
- # dataset as a statistical model of population, if available. We
855
- # currently support US ZIP codes, region codes, ages and genders.
856
- # To programmatically obtain the list of supported InfoTypes, use
857
- # ListInfoTypes with the supported_by=RISK_ANALYSIS filter.
858
- # @!attribute [rw] custom_tag
859
- # @return [String]
860
- # A column can be tagged with a custom tag. In this case, the user must
861
- # indicate an auxiliary table that contains statistical information on
862
- # the possible values of this column (below).
863
- # @!attribute [rw] inferred
864
- # @return [Google::Protobuf::Empty]
865
- # If no semantic tag is indicated, we infer the statistical model from
866
- # the distribution of values in the input data
867
- class TaggedField; end
868
-
869
- # An auxiliary table contains statistical information on the relative
870
- # frequency of different quasi-identifiers values. It has one or several
871
- # quasi-identifiers columns, and one column that indicates the relative
872
- # frequency of each quasi-identifier tuple.
873
- # If a tuple is present in the data but not in the auxiliary table, the
874
- # corresponding relative frequency is assumed to be zero (and thus, the
875
- # tuple is highly reidentifiable).
876
- # @!attribute [rw] table
877
- # @return [Google::Privacy::Dlp::V2::BigQueryTable]
878
- # Required. Auxiliary table location.
879
- # @!attribute [rw] quasi_ids
880
- # @return [Array<Google::Privacy::Dlp::V2::PrivacyMetric::KMapEstimationConfig::AuxiliaryTable::QuasiIdField>]
881
- # Required. Quasi-identifier columns.
882
- # @!attribute [rw] relative_frequency
883
- # @return [Google::Privacy::Dlp::V2::FieldId]
884
- # Required. The relative frequency column must contain a floating-point number
885
- # between 0 and 1 (inclusive). Null values are assumed to be zero.
886
- class AuxiliaryTable
887
- # A quasi-identifier column has a custom_tag, used to know which column
888
- # in the data corresponds to which column in the statistical model.
889
- # @!attribute [rw] field
890
- # @return [Google::Privacy::Dlp::V2::FieldId]
891
- # Identifies the column.
892
- # @!attribute [rw] custom_tag
893
- # @return [String]
894
- # A auxiliary field.
895
- class QuasiIdField; end
896
- end
897
- end
898
-
899
- # δ-presence metric, used to estimate how likely it is for an attacker to
900
- # figure out that one given individual appears in a de-identified dataset.
901
- # Similarly to the k-map metric, we cannot compute δ-presence exactly without
902
- # knowing the attack dataset, so we use a statistical model instead.
903
- # @!attribute [rw] quasi_ids
904
- # @return [Array<Google::Privacy::Dlp::V2::QuasiId>]
905
- # Required. Fields considered to be quasi-identifiers. No two fields can have the
906
- # same tag.
907
- # @!attribute [rw] region_code
908
- # @return [String]
909
- # ISO 3166-1 alpha-2 region code to use in the statistical modeling.
910
- # Set if no column is tagged with a region-specific InfoType (like
911
- # US_ZIP_5) or a region code.
912
- # @!attribute [rw] auxiliary_tables
913
- # @return [Array<Google::Privacy::Dlp::V2::StatisticalTable>]
914
- # Several auxiliary tables can be used in the analysis. Each custom_tag
915
- # used to tag a quasi-identifiers field must appear in exactly one
916
- # field of one auxiliary table.
917
- class DeltaPresenceEstimationConfig; end
918
- end
919
-
920
- # Result of a risk analysis operation request.
921
- # @!attribute [rw] requested_privacy_metric
922
- # @return [Google::Privacy::Dlp::V2::PrivacyMetric]
923
- # Privacy metric to compute.
924
- # @!attribute [rw] requested_source_table
925
- # @return [Google::Privacy::Dlp::V2::BigQueryTable]
926
- # Input dataset to compute metrics over.
927
- # @!attribute [rw] numerical_stats_result
928
- # @return [Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::NumericalStatsResult]
929
- # Numerical stats result
930
- # @!attribute [rw] categorical_stats_result
931
- # @return [Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::CategoricalStatsResult]
932
- # Categorical stats result
933
- # @!attribute [rw] k_anonymity_result
934
- # @return [Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::KAnonymityResult]
935
- # K-anonymity result
936
- # @!attribute [rw] l_diversity_result
937
- # @return [Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::LDiversityResult]
938
- # L-divesity result
939
- # @!attribute [rw] k_map_estimation_result
940
- # @return [Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::KMapEstimationResult]
941
- # K-map result
942
- # @!attribute [rw] delta_presence_estimation_result
943
- # @return [Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::DeltaPresenceEstimationResult]
944
- # Delta-presence result
945
- class AnalyzeDataSourceRiskDetails
946
- # Result of the numerical stats computation.
947
- # @!attribute [rw] min_value
948
- # @return [Google::Privacy::Dlp::V2::Value]
949
- # Minimum value appearing in the column.
950
- # @!attribute [rw] max_value
951
- # @return [Google::Privacy::Dlp::V2::Value]
952
- # Maximum value appearing in the column.
953
- # @!attribute [rw] quantile_values
954
- # @return [Array<Google::Privacy::Dlp::V2::Value>]
955
- # List of 99 values that partition the set of field values into 100 equal
956
- # sized buckets.
957
- class NumericalStatsResult; end
958
-
959
- # Result of the categorical stats computation.
960
- # @!attribute [rw] value_frequency_histogram_buckets
961
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::CategoricalStatsResult::CategoricalStatsHistogramBucket>]
962
- # Histogram of value frequencies in the column.
963
- class CategoricalStatsResult
964
- # Histogram of value frequencies in the column.
965
- # @!attribute [rw] value_frequency_lower_bound
966
- # @return [Integer]
967
- # Lower bound on the value frequency of the values in this bucket.
968
- # @!attribute [rw] value_frequency_upper_bound
969
- # @return [Integer]
970
- # Upper bound on the value frequency of the values in this bucket.
971
- # @!attribute [rw] bucket_size
972
- # @return [Integer]
973
- # Total number of values in this bucket.
974
- # @!attribute [rw] bucket_values
975
- # @return [Array<Google::Privacy::Dlp::V2::ValueFrequency>]
976
- # Sample of value frequencies in this bucket. The total number of
977
- # values returned per bucket is capped at 20.
978
- # @!attribute [rw] bucket_value_count
979
- # @return [Integer]
980
- # Total number of distinct values in this bucket.
981
- class CategoricalStatsHistogramBucket; end
982
- end
983
-
984
- # Result of the k-anonymity computation.
985
- # @!attribute [rw] equivalence_class_histogram_buckets
986
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::KAnonymityResult::KAnonymityHistogramBucket>]
987
- # Histogram of k-anonymity equivalence classes.
988
- class KAnonymityResult
989
- # The set of columns' values that share the same ldiversity value
990
- # @!attribute [rw] quasi_ids_values
991
- # @return [Array<Google::Privacy::Dlp::V2::Value>]
992
- # Set of values defining the equivalence class. One value per
993
- # quasi-identifier column in the original KAnonymity metric message.
994
- # The order is always the same as the original request.
995
- # @!attribute [rw] equivalence_class_size
996
- # @return [Integer]
997
- # Size of the equivalence class, for example number of rows with the
998
- # above set of values.
999
- class KAnonymityEquivalenceClass; end
1000
-
1001
- # Histogram of k-anonymity equivalence classes.
1002
- # @!attribute [rw] equivalence_class_size_lower_bound
1003
- # @return [Integer]
1004
- # Lower bound on the size of the equivalence classes in this bucket.
1005
- # @!attribute [rw] equivalence_class_size_upper_bound
1006
- # @return [Integer]
1007
- # Upper bound on the size of the equivalence classes in this bucket.
1008
- # @!attribute [rw] bucket_size
1009
- # @return [Integer]
1010
- # Total number of equivalence classes in this bucket.
1011
- # @!attribute [rw] bucket_values
1012
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::KAnonymityResult::KAnonymityEquivalenceClass>]
1013
- # Sample of equivalence classes in this bucket. The total number of
1014
- # classes returned per bucket is capped at 20.
1015
- # @!attribute [rw] bucket_value_count
1016
- # @return [Integer]
1017
- # Total number of distinct equivalence classes in this bucket.
1018
- class KAnonymityHistogramBucket; end
1019
- end
1020
-
1021
- # Result of the l-diversity computation.
1022
- # @!attribute [rw] sensitive_value_frequency_histogram_buckets
1023
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::LDiversityResult::LDiversityHistogramBucket>]
1024
- # Histogram of l-diversity equivalence class sensitive value frequencies.
1025
- class LDiversityResult
1026
- # The set of columns' values that share the same ldiversity value.
1027
- # @!attribute [rw] quasi_ids_values
1028
- # @return [Array<Google::Privacy::Dlp::V2::Value>]
1029
- # Quasi-identifier values defining the k-anonymity equivalence
1030
- # class. The order is always the same as the original request.
1031
- # @!attribute [rw] equivalence_class_size
1032
- # @return [Integer]
1033
- # Size of the k-anonymity equivalence class.
1034
- # @!attribute [rw] num_distinct_sensitive_values
1035
- # @return [Integer]
1036
- # Number of distinct sensitive values in this equivalence class.
1037
- # @!attribute [rw] top_sensitive_values
1038
- # @return [Array<Google::Privacy::Dlp::V2::ValueFrequency>]
1039
- # Estimated frequencies of top sensitive values.
1040
- class LDiversityEquivalenceClass; end
1041
-
1042
- # Histogram of l-diversity equivalence class sensitive value frequencies.
1043
- # @!attribute [rw] sensitive_value_frequency_lower_bound
1044
- # @return [Integer]
1045
- # Lower bound on the sensitive value frequencies of the equivalence
1046
- # classes in this bucket.
1047
- # @!attribute [rw] sensitive_value_frequency_upper_bound
1048
- # @return [Integer]
1049
- # Upper bound on the sensitive value frequencies of the equivalence
1050
- # classes in this bucket.
1051
- # @!attribute [rw] bucket_size
1052
- # @return [Integer]
1053
- # Total number of equivalence classes in this bucket.
1054
- # @!attribute [rw] bucket_values
1055
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::LDiversityResult::LDiversityEquivalenceClass>]
1056
- # Sample of equivalence classes in this bucket. The total number of
1057
- # classes returned per bucket is capped at 20.
1058
- # @!attribute [rw] bucket_value_count
1059
- # @return [Integer]
1060
- # Total number of distinct equivalence classes in this bucket.
1061
- class LDiversityHistogramBucket; end
1062
- end
1063
-
1064
- # Result of the reidentifiability analysis. Note that these results are an
1065
- # estimation, not exact values.
1066
- # @!attribute [rw] k_map_estimation_histogram
1067
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::KMapEstimationResult::KMapEstimationHistogramBucket>]
1068
- # The intervals [min_anonymity, max_anonymity] do not overlap. If a value
1069
- # doesn't correspond to any such interval, the associated frequency is
1070
- # zero. For example, the following records:
1071
- # {min_anonymity: 1, max_anonymity: 1, frequency: 17}
1072
- # {min_anonymity: 2, max_anonymity: 3, frequency: 42}
1073
- # {min_anonymity: 5, max_anonymity: 10, frequency: 99}
1074
- # mean that there are no record with an estimated anonymity of 4, 5, or
1075
- # larger than 10.
1076
- class KMapEstimationResult
1077
- # A tuple of values for the quasi-identifier columns.
1078
- # @!attribute [rw] quasi_ids_values
1079
- # @return [Array<Google::Privacy::Dlp::V2::Value>]
1080
- # The quasi-identifier values.
1081
- # @!attribute [rw] estimated_anonymity
1082
- # @return [Integer]
1083
- # The estimated anonymity for these quasi-identifier values.
1084
- class KMapEstimationQuasiIdValues; end
1085
-
1086
- # A KMapEstimationHistogramBucket message with the following values:
1087
- # min_anonymity: 3
1088
- # max_anonymity: 5
1089
- # frequency: 42
1090
- # means that there are 42 records whose quasi-identifier values correspond
1091
- # to 3, 4 or 5 people in the overlying population. An important particular
1092
- # case is when min_anonymity = max_anonymity = 1: the frequency field then
1093
- # corresponds to the number of uniquely identifiable records.
1094
- # @!attribute [rw] min_anonymity
1095
- # @return [Integer]
1096
- # Always positive.
1097
- # @!attribute [rw] max_anonymity
1098
- # @return [Integer]
1099
- # Always greater than or equal to min_anonymity.
1100
- # @!attribute [rw] bucket_size
1101
- # @return [Integer]
1102
- # Number of records within these anonymity bounds.
1103
- # @!attribute [rw] bucket_values
1104
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::KMapEstimationResult::KMapEstimationQuasiIdValues>]
1105
- # Sample of quasi-identifier tuple values in this bucket. The total
1106
- # number of classes returned per bucket is capped at 20.
1107
- # @!attribute [rw] bucket_value_count
1108
- # @return [Integer]
1109
- # Total number of distinct quasi-identifier tuple values in this bucket.
1110
- class KMapEstimationHistogramBucket; end
1111
- end
1112
-
1113
- # Result of the δ-presence computation. Note that these results are an
1114
- # estimation, not exact values.
1115
- # @!attribute [rw] delta_presence_estimation_histogram
1116
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::DeltaPresenceEstimationResult::DeltaPresenceEstimationHistogramBucket>]
1117
- # The intervals [min_probability, max_probability) do not overlap. If a
1118
- # value doesn't correspond to any such interval, the associated frequency
1119
- # is zero. For example, the following records:
1120
- # {min_probability: 0, max_probability: 0.1, frequency: 17}
1121
- # {min_probability: 0.2, max_probability: 0.3, frequency: 42}
1122
- # {min_probability: 0.3, max_probability: 0.4, frequency: 99}
1123
- # mean that there are no record with an estimated probability in [0.1, 0.2)
1124
- # nor larger or equal to 0.4.
1125
- class DeltaPresenceEstimationResult
1126
- # A tuple of values for the quasi-identifier columns.
1127
- # @!attribute [rw] quasi_ids_values
1128
- # @return [Array<Google::Privacy::Dlp::V2::Value>]
1129
- # The quasi-identifier values.
1130
- # @!attribute [rw] estimated_probability
1131
- # @return [Float]
1132
- # The estimated probability that a given individual sharing these
1133
- # quasi-identifier values is in the dataset. This value, typically called
1134
- # δ, is the ratio between the number of records in the dataset with these
1135
- # quasi-identifier values, and the total number of individuals (inside
1136
- # *and* outside the dataset) with these quasi-identifier values.
1137
- # For example, if there are 15 individuals in the dataset who share the
1138
- # same quasi-identifier values, and an estimated 100 people in the entire
1139
- # population with these values, then δ is 0.15.
1140
- class DeltaPresenceEstimationQuasiIdValues; end
1141
-
1142
- # A DeltaPresenceEstimationHistogramBucket message with the following
1143
- # values:
1144
- # min_probability: 0.1
1145
- # max_probability: 0.2
1146
- # frequency: 42
1147
- # means that there are 42 records for which δ is in [0.1, 0.2). An
1148
- # important particular case is when min_probability = max_probability = 1:
1149
- # then, every individual who shares this quasi-identifier combination is in
1150
- # the dataset.
1151
- # @!attribute [rw] min_probability
1152
- # @return [Float]
1153
- # Between 0 and 1.
1154
- # @!attribute [rw] max_probability
1155
- # @return [Float]
1156
- # Always greater than or equal to min_probability.
1157
- # @!attribute [rw] bucket_size
1158
- # @return [Integer]
1159
- # Number of records within these probability bounds.
1160
- # @!attribute [rw] bucket_values
1161
- # @return [Array<Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails::DeltaPresenceEstimationResult::DeltaPresenceEstimationQuasiIdValues>]
1162
- # Sample of quasi-identifier tuple values in this bucket. The total
1163
- # number of classes returned per bucket is capped at 20.
1164
- # @!attribute [rw] bucket_value_count
1165
- # @return [Integer]
1166
- # Total number of distinct quasi-identifier tuple values in this bucket.
1167
- class DeltaPresenceEstimationHistogramBucket; end
1168
- end
1169
- end
1170
-
1171
- # A value of a field, including its frequency.
1172
- # @!attribute [rw] value
1173
- # @return [Google::Privacy::Dlp::V2::Value]
1174
- # A value contained in the field in question.
1175
- # @!attribute [rw] count
1176
- # @return [Integer]
1177
- # How many times the value is contained in the field.
1178
- class ValueFrequency; end
1179
-
1180
- # Set of primitive values supported by the system.
1181
- # Note that for the purposes of inspection or transformation, the number
1182
- # of bytes considered to comprise a 'Value' is based on its representation
1183
- # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1184
- # 123456789, the number of bytes would be counted as 9, even though an
1185
- # int64 only holds up to 8 bytes of data.
1186
- # @!attribute [rw] integer_value
1187
- # @return [Integer]
1188
- # integer
1189
- # @!attribute [rw] float_value
1190
- # @return [Float]
1191
- # float
1192
- # @!attribute [rw] string_value
1193
- # @return [String]
1194
- # string
1195
- # @!attribute [rw] boolean_value
1196
- # @return [true, false]
1197
- # boolean
1198
- # @!attribute [rw] timestamp_value
1199
- # @return [Google::Protobuf::Timestamp]
1200
- # timestamp
1201
- # @!attribute [rw] time_value
1202
- # @return [Google::Type::TimeOfDay]
1203
- # time of day
1204
- # @!attribute [rw] date_value
1205
- # @return [Google::Type::Date]
1206
- # date
1207
- # @!attribute [rw] day_of_week_value
1208
- # @return [Google::Type::DayOfWeek]
1209
- # day of week
1210
- class Value; end
1211
-
1212
- # Message for infoType-dependent details parsed from quote.
1213
- # @!attribute [rw] date_time
1214
- # @return [Google::Privacy::Dlp::V2::DateTime]
1215
- # The date time indicated by the quote.
1216
- class QuoteInfo; end
1217
-
1218
- # Message for a date time object.
1219
- # e.g. 2018-01-01, 5th August.
1220
- # @!attribute [rw] date
1221
- # @return [Google::Type::Date]
1222
- # One or more of the following must be set.
1223
- # Must be a valid date or time value.
1224
- # @!attribute [rw] day_of_week
1225
- # @return [Google::Type::DayOfWeek]
1226
- # Day of week
1227
- # @!attribute [rw] time
1228
- # @return [Google::Type::TimeOfDay]
1229
- # Time of day
1230
- # @!attribute [rw] time_zone
1231
- # @return [Google::Privacy::Dlp::V2::DateTime::TimeZone]
1232
- # Time zone
1233
- class DateTime
1234
- # Time zone of the date time object.
1235
- # @!attribute [rw] offset_minutes
1236
- # @return [Integer]
1237
- # Set only if the offset can be determined. Positive for time ahead of UTC.
1238
- # E.g. For "UTC-9", this value is -540.
1239
- class TimeZone; end
1240
- end
1241
-
1242
- # The configuration that controls how the data will change.
1243
- # @!attribute [rw] info_type_transformations
1244
- # @return [Google::Privacy::Dlp::V2::InfoTypeTransformations]
1245
- # Treat the dataset as free-form text and apply the same free text
1246
- # transformation everywhere.
1247
- # @!attribute [rw] record_transformations
1248
- # @return [Google::Privacy::Dlp::V2::RecordTransformations]
1249
- # Treat the dataset as structured. Transformations can be applied to
1250
- # specific locations within structured datasets, such as transforming
1251
- # a column within a table.
1252
- class DeidentifyConfig; end
1253
-
1254
- # A rule for transforming a value.
1255
- # @!attribute [rw] replace_config
1256
- # @return [Google::Privacy::Dlp::V2::ReplaceValueConfig]
1257
- # Replace
1258
- # @!attribute [rw] redact_config
1259
- # @return [Google::Privacy::Dlp::V2::RedactConfig]
1260
- # Redact
1261
- # @!attribute [rw] character_mask_config
1262
- # @return [Google::Privacy::Dlp::V2::CharacterMaskConfig]
1263
- # Mask
1264
- # @!attribute [rw] crypto_replace_ffx_fpe_config
1265
- # @return [Google::Privacy::Dlp::V2::CryptoReplaceFfxFpeConfig]
1266
- # Ffx-Fpe
1267
- # @!attribute [rw] fixed_size_bucketing_config
1268
- # @return [Google::Privacy::Dlp::V2::FixedSizeBucketingConfig]
1269
- # Fixed size bucketing
1270
- # @!attribute [rw] bucketing_config
1271
- # @return [Google::Privacy::Dlp::V2::BucketingConfig]
1272
- # Bucketing
1273
- # @!attribute [rw] replace_with_info_type_config
1274
- # @return [Google::Privacy::Dlp::V2::ReplaceWithInfoTypeConfig]
1275
- # Replace with infotype
1276
- # @!attribute [rw] time_part_config
1277
- # @return [Google::Privacy::Dlp::V2::TimePartConfig]
1278
- # Time extraction
1279
- # @!attribute [rw] crypto_hash_config
1280
- # @return [Google::Privacy::Dlp::V2::CryptoHashConfig]
1281
- # Crypto
1282
- # @!attribute [rw] date_shift_config
1283
- # @return [Google::Privacy::Dlp::V2::DateShiftConfig]
1284
- # Date Shift
1285
- # @!attribute [rw] crypto_deterministic_config
1286
- # @return [Google::Privacy::Dlp::V2::CryptoDeterministicConfig]
1287
- # Deterministic Crypto
1288
- class PrimitiveTransformation; end
1289
-
1290
- # For use with `Date`, `Timestamp`, and `TimeOfDay`, extract or preserve a
1291
- # portion of the value.
1292
- # @!attribute [rw] part_to_extract
1293
- # @return [Google::Privacy::Dlp::V2::TimePartConfig::TimePart]
1294
- # The part of the time to keep.
1295
- class TimePartConfig
1296
- # Components that make up time.
1297
- module TimePart
1298
- # Unused
1299
- TIME_PART_UNSPECIFIED = 0
1300
-
1301
- # [0-9999]
1302
- YEAR = 1
1303
-
1304
- # [1-12]
1305
- MONTH = 2
1306
-
1307
- # [1-31]
1308
- DAY_OF_MONTH = 3
1309
-
1310
- # [1-7]
1311
- DAY_OF_WEEK = 4
1312
-
1313
- # [1-53]
1314
- WEEK_OF_YEAR = 5
1315
-
1316
- # [0-23]
1317
- HOUR_OF_DAY = 6
1318
- end
1319
- end
1320
-
1321
- # Pseudonymization method that generates surrogates via cryptographic hashing.
1322
- # Uses SHA-256.
1323
- # The key size must be either 32 or 64 bytes.
1324
- # Outputs a base64 encoded representation of the hashed output
1325
- # (for example, L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=).
1326
- # Currently, only string and integer values can be hashed.
1327
- # See https://cloud.google.com/dlp/docs/pseudonymization to learn more.
1328
- # @!attribute [rw] crypto_key
1329
- # @return [Google::Privacy::Dlp::V2::CryptoKey]
1330
- # The key used by the hash function.
1331
- class CryptoHashConfig; end
1332
-
1333
- # Pseudonymization method that generates deterministic encryption for the given
1334
- # input. Outputs a base64 encoded representation of the encrypted output.
1335
- # Uses AES-SIV based on the RFC https://tools.ietf.org/html/rfc5297.
1336
- # @!attribute [rw] crypto_key
1337
- # @return [Google::Privacy::Dlp::V2::CryptoKey]
1338
- # The key used by the encryption function.
1339
- # @!attribute [rw] surrogate_info_type
1340
- # @return [Google::Privacy::Dlp::V2::InfoType]
1341
- # The custom info type to annotate the surrogate with.
1342
- # This annotation will be applied to the surrogate by prefixing it with
1343
- # the name of the custom info type followed by the number of
1344
- # characters comprising the surrogate. The following scheme defines the
1345
- # format: {info type name}({surrogate character count}):\\{surrogate}
1346
- #
1347
- # For example, if the name of custom info type is 'MY_TOKEN_INFO_TYPE' and
1348
- # the surrogate is 'abc', the full replacement value
1349
- # will be: 'MY_TOKEN_INFO_TYPE(3):abc'
1350
- #
1351
- # This annotation identifies the surrogate when inspecting content using the
1352
- # custom info type 'Surrogate'. This facilitates reversal of the
1353
- # surrogate when it occurs in free text.
1354
- #
1355
- # Note: For record transformations where the entire cell in a table is being
1356
- # transformed, surrogates are not mandatory. Surrogates are used to denote
1357
- # the location of the token and are necessary for re-identification in free
1358
- # form text.
1359
- #
1360
- # In order for inspection to work properly, the name of this info type must
1361
- # not occur naturally anywhere in your data; otherwise, inspection may either
1362
- #
1363
- # * reverse a surrogate that does not correspond to an actual identifier
1364
- # * be unable to parse the surrogate and result in an error
1365
- #
1366
- # Therefore, choose your custom info type name carefully after considering
1367
- # what your data looks like. One way to select a name that has a high chance
1368
- # of yielding reliable detection is to include one or more unicode characters
1369
- # that are highly improbable to exist in your data.
1370
- # For example, assuming your data is entered from a regular ASCII keyboard,
1371
- # the symbol with the hex code point 29DD might be used like so:
1372
- # ⧝MY_TOKEN_TYPE.
1373
- # @!attribute [rw] context
1374
- # @return [Google::Privacy::Dlp::V2::FieldId]
1375
- # A context may be used for higher security and maintaining
1376
- # referential integrity such that the same identifier in two different
1377
- # contexts will be given a distinct surrogate. The context is appended to
1378
- # plaintext value being encrypted. On decryption the provided context is
1379
- # validated against the value used during encryption. If a context was
1380
- # provided during encryption, same context must be provided during decryption
1381
- # as well.
1382
- #
1383
- # If the context is not set, plaintext would be used as is for encryption.
1384
- # If the context is set but:
1385
- #
1386
- # 1. there is no record present when transforming a given value or
1387
- # 2. the field is not present when transforming a given value,
1388
- #
1389
- # plaintext would be used as is for encryption.
1390
- #
1391
- # Note that case (1) is expected when an `InfoTypeTransformation` is
1392
- # applied to both structured and non-structured `ContentItem`s.
1393
- class CryptoDeterministicConfig; end
1394
-
1395
- # Replace each input value with a given `Value`.
1396
- # @!attribute [rw] new_value
1397
- # @return [Google::Privacy::Dlp::V2::Value]
1398
- # Value to replace it with.
1399
- class ReplaceValueConfig; end
1400
-
1401
- # Replace each matching finding with the name of the info_type.
1402
- class ReplaceWithInfoTypeConfig; end
1403
-
1404
- # Redact a given value. For example, if used with an `InfoTypeTransformation`
1405
- # transforming PHONE_NUMBER, and input 'My phone number is 206-555-0123', the
1406
- # output would be 'My phone number is '.
1407
- class RedactConfig; end
1408
-
1409
- # Characters to skip when doing deidentification of a value. These will be left
1410
- # alone and skipped.
1411
- # @!attribute [rw] characters_to_skip
1412
- # @return [String]
1413
- # Characters to not transform when masking.
1414
- # @!attribute [rw] common_characters_to_ignore
1415
- # @return [Google::Privacy::Dlp::V2::CharsToIgnore::CommonCharsToIgnore]
1416
- # Common characters to not transform when masking. Useful to avoid removing
1417
- # punctuation.
1418
- class CharsToIgnore
1419
- # Convenience enum for indication common characters to not transform.
1420
- module CommonCharsToIgnore
1421
- # Unused.
1422
- COMMON_CHARS_TO_IGNORE_UNSPECIFIED = 0
1423
-
1424
- # 0-9
1425
- NUMERIC = 1
1426
-
1427
- # A-Z
1428
- ALPHA_UPPER_CASE = 2
1429
-
1430
- # a-z
1431
- ALPHA_LOWER_CASE = 3
1432
-
1433
- # US Punctuation, one of !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
1434
- PUNCTUATION = 4
1435
-
1436
- # Whitespace character, one of [ \t\n\x0B\f\r]
1437
- WHITESPACE = 5
1438
- end
1439
- end
1440
-
1441
- # Partially mask a string by replacing a given number of characters with a
1442
- # fixed character. Masking can start from the beginning or end of the string.
1443
- # This can be used on data of any type (numbers, longs, and so on) and when
1444
- # de-identifying structured data we'll attempt to preserve the original data's
1445
- # type. (This allows you to take a long like 123 and modify it to a string like
1446
- # **3.
1447
- # @!attribute [rw] masking_character
1448
- # @return [String]
1449
- # Character to use to mask the sensitive values&mdash;for example, `*` for an
1450
- # alphabetic string such as a name, or `0` for a numeric string such as ZIP
1451
- # code or credit card number. This string must have a length of 1. If not
1452
- # supplied, this value defaults to `*` for strings, and `0` for digits.
1453
- # @!attribute [rw] number_to_mask
1454
- # @return [Integer]
1455
- # Number of characters to mask. If not set, all matching chars will be
1456
- # masked. Skipped characters do not count towards this tally.
1457
- # @!attribute [rw] reverse_order
1458
- # @return [true, false]
1459
- # Mask characters in reverse order. For example, if `masking_character` is
1460
- # `0`, `number_to_mask` is `14`, and `reverse_order` is `false`, then the
1461
- # input string `1234-5678-9012-3456` is masked as `00000000000000-3456`.
1462
- # If `masking_character` is `*`, `number_to_mask` is `3`, and `reverse_order`
1463
- # is `true`, then the string `12345` is masked as `12***`.
1464
- # @!attribute [rw] characters_to_ignore
1465
- # @return [Array<Google::Privacy::Dlp::V2::CharsToIgnore>]
1466
- # When masking a string, items in this list will be skipped when replacing
1467
- # characters. For example, if the input string is `555-555-5555` and you
1468
- # instruct Cloud DLP to skip `-` and mask 5 characters with `*`, Cloud DLP
1469
- # returns `***-**5-5555`.
1470
- class CharacterMaskConfig; end
1471
-
1472
- # Buckets values based on fixed size ranges. The
1473
- # Bucketing transformation can provide all of this functionality,
1474
- # but requires more configuration. This message is provided as a convenience to
1475
- # the user for simple bucketing strategies.
1476
- #
1477
- # The transformed value will be a hyphenated string of
1478
- # \\{lower_bound}-\\{upper_bound}, i.e if lower_bound = 10 and upper_bound = 20
1479
- # all values that are within this bucket will be replaced with "10-20".
1480
- #
1481
- # This can be used on data of type: double, long.
1482
- #
1483
- # If the bound Value type differs from the type of data
1484
- # being transformed, we will first attempt converting the type of the data to
1485
- # be transformed to match the type of the bound before comparing.
1486
- #
1487
- # See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.
1488
- # @!attribute [rw] lower_bound
1489
- # @return [Google::Privacy::Dlp::V2::Value]
1490
- # Required. Lower bound value of buckets. All values less than `lower_bound` are
1491
- # grouped together into a single bucket; for example if `lower_bound` = 10,
1492
- # then all values less than 10 are replaced with the value “-10”.
1493
- # @!attribute [rw] upper_bound
1494
- # @return [Google::Privacy::Dlp::V2::Value]
1495
- # Required. Upper bound value of buckets. All values greater than upper_bound are
1496
- # grouped together into a single bucket; for example if `upper_bound` = 89,
1497
- # then all values greater than 89 are replaced with the value “89+”.
1498
- # @!attribute [rw] bucket_size
1499
- # @return [Float]
1500
- # Required. Size of each bucket (except for minimum and maximum buckets). So if
1501
- # `lower_bound` = 10, `upper_bound` = 89, and `bucket_size` = 10, then the
1502
- # following buckets would be used: -10, 10-20, 20-30, 30-40, 40-50, 50-60,
1503
- # 60-70, 70-80, 80-89, 89+. Precision up to 2 decimals works.
1504
- class FixedSizeBucketingConfig; end
1505
-
1506
- # Generalization function that buckets values based on ranges. The ranges and
1507
- # replacement values are dynamically provided by the user for custom behavior,
1508
- # such as 1-30 -> LOW 31-65 -> MEDIUM 66-100 -> HIGH
1509
- # This can be used on
1510
- # data of type: number, long, string, timestamp.
1511
- # If the bound `Value` type differs from the type of data being transformed, we
1512
- # will first attempt converting the type of the data to be transformed to match
1513
- # the type of the bound before comparing.
1514
- # See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.
1515
- # @!attribute [rw] buckets
1516
- # @return [Array<Google::Privacy::Dlp::V2::BucketingConfig::Bucket>]
1517
- # Set of buckets. Ranges must be non-overlapping.
1518
- class BucketingConfig
1519
- # Bucket is represented as a range, along with replacement values.
1520
- # @!attribute [rw] min
1521
- # @return [Google::Privacy::Dlp::V2::Value]
1522
- # Lower bound of the range, inclusive. Type should be the same as max if
1523
- # used.
1524
- # @!attribute [rw] max
1525
- # @return [Google::Privacy::Dlp::V2::Value]
1526
- # Upper bound of the range, exclusive; type must match min.
1527
- # @!attribute [rw] replacement_value
1528
- # @return [Google::Privacy::Dlp::V2::Value]
1529
- # Replacement value for this bucket. If not provided
1530
- # the default behavior will be to hyphenate the min-max range.
1531
- class Bucket; end
1532
- end
1533
-
1534
- # Replaces an identifier with a surrogate using Format Preserving Encryption
1535
- # (FPE) with the FFX mode of operation; however when used in the
1536
- # `ReidentifyContent` API method, it serves the opposite function by reversing
1537
- # the surrogate back into the original identifier. The identifier must be
1538
- # encoded as ASCII. For a given crypto key and context, the same identifier
1539
- # will be replaced with the same surrogate. Identifiers must be at least two
1540
- # characters long. In the case that the identifier is the empty string, it will
1541
- # be skipped. See https://cloud.google.com/dlp/docs/pseudonymization to learn
1542
- # more.
1543
- #
1544
- # Note: We recommend using CryptoDeterministicConfig for all use cases which
1545
- # do not require preserving the input alphabet space and size, plus warrant
1546
- # referential integrity.
1547
- # @!attribute [rw] crypto_key
1548
- # @return [Google::Privacy::Dlp::V2::CryptoKey]
1549
- # Required. The key used by the encryption algorithm.
1550
- # @!attribute [rw] context
1551
- # @return [Google::Privacy::Dlp::V2::FieldId]
1552
- # The 'tweak', a context may be used for higher security since the same
1553
- # identifier in two different contexts won't be given the same surrogate. If
1554
- # the context is not set, a default tweak will be used.
1555
- #
1556
- # If the context is set but:
1557
- #
1558
- # 1. there is no record present when transforming a given value or
1559
- # 1. the field is not present when transforming a given value,
1560
- #
1561
- # a default tweak will be used.
1562
- #
1563
- # Note that case (1) is expected when an `InfoTypeTransformation` is
1564
- # applied to both structured and non-structured `ContentItem`s.
1565
- # Currently, the referenced field may be of value type integer or string.
1566
- #
1567
- # The tweak is constructed as a sequence of bytes in big endian byte order
1568
- # such that:
1569
- #
1570
- # * a 64 bit integer is encoded followed by a single byte of value 1
1571
- # * a string is encoded in UTF-8 format followed by a single byte of value 2
1572
- # @!attribute [rw] common_alphabet
1573
- # @return [Google::Privacy::Dlp::V2::CryptoReplaceFfxFpeConfig::FfxCommonNativeAlphabet]
1574
- # Common alphabets.
1575
- # @!attribute [rw] custom_alphabet
1576
- # @return [String]
1577
- # This is supported by mapping these to the alphanumeric characters
1578
- # that the FFX mode natively supports. This happens before/after
1579
- # encryption/decryption.
1580
- # Each character listed must appear only once.
1581
- # Number of characters must be in the range [2, 95].
1582
- # This must be encoded as ASCII.
1583
- # The order of characters does not matter.
1584
- # @!attribute [rw] radix
1585
- # @return [Integer]
1586
- # The native way to select the alphabet. Must be in the range [2, 95].
1587
- # @!attribute [rw] surrogate_info_type
1588
- # @return [Google::Privacy::Dlp::V2::InfoType]
1589
- # The custom infoType to annotate the surrogate with.
1590
- # This annotation will be applied to the surrogate by prefixing it with
1591
- # the name of the custom infoType followed by the number of
1592
- # characters comprising the surrogate. The following scheme defines the
1593
- # format: info_type_name(surrogate_character_count):surrogate
1594
- #
1595
- # For example, if the name of custom infoType is 'MY_TOKEN_INFO_TYPE' and
1596
- # the surrogate is 'abc', the full replacement value
1597
- # will be: 'MY_TOKEN_INFO_TYPE(3):abc'
1598
- #
1599
- # This annotation identifies the surrogate when inspecting content using the
1600
- # custom infoType
1601
- # [`SurrogateType`](https://cloud.google.com/dlp/docs/reference/rest/v2/InspectConfig#surrogatetype).
1602
- # This facilitates reversal of the surrogate when it occurs in free text.
1603
- #
1604
- # In order for inspection to work properly, the name of this infoType must
1605
- # not occur naturally anywhere in your data; otherwise, inspection may
1606
- # find a surrogate that does not correspond to an actual identifier.
1607
- # Therefore, choose your custom infoType name carefully after considering
1608
- # what your data looks like. One way to select a name that has a high chance
1609
- # of yielding reliable detection is to include one or more unicode characters
1610
- # that are highly improbable to exist in your data.
1611
- # For example, assuming your data is entered from a regular ASCII keyboard,
1612
- # the symbol with the hex code point 29DD might be used like so:
1613
- # ⧝MY_TOKEN_TYPE
1614
- class CryptoReplaceFfxFpeConfig
1615
- # These are commonly used subsets of the alphabet that the FFX mode
1616
- # natively supports. In the algorithm, the alphabet is selected using
1617
- # the "radix". Therefore each corresponds to particular radix.
1618
- module FfxCommonNativeAlphabet
1619
- # Unused.
1620
- FFX_COMMON_NATIVE_ALPHABET_UNSPECIFIED = 0
1621
-
1622
- # [0-9] (radix of 10)
1623
- NUMERIC = 1
1624
-
1625
- # [0-9A-F] (radix of 16)
1626
- HEXADECIMAL = 2
1627
-
1628
- # [0-9A-Z] (radix of 36)
1629
- UPPER_CASE_ALPHA_NUMERIC = 3
1630
-
1631
- # [0-9A-Za-z] (radix of 62)
1632
- ALPHA_NUMERIC = 4
1633
- end
1634
- end
1635
-
1636
- # This is a data encryption key (DEK) (as opposed to
1637
- # a key encryption key (KEK) stored by KMS).
1638
- # When using KMS to wrap/unwrap DEKs, be sure to set an appropriate
1639
- # IAM policy on the KMS CryptoKey (KEK) to ensure an attacker cannot
1640
- # unwrap the data crypto key.
1641
- # @!attribute [rw] transient
1642
- # @return [Google::Privacy::Dlp::V2::TransientCryptoKey]
1643
- # Transient crypto key
1644
- # @!attribute [rw] unwrapped
1645
- # @return [Google::Privacy::Dlp::V2::UnwrappedCryptoKey]
1646
- # Unwrapped crypto key
1647
- # @!attribute [rw] kms_wrapped
1648
- # @return [Google::Privacy::Dlp::V2::KmsWrappedCryptoKey]
1649
- # Kms wrapped key
1650
- class CryptoKey; end
1651
-
1652
- # Use this to have a random data crypto key generated.
1653
- # It will be discarded after the request finishes.
1654
- # @!attribute [rw] name
1655
- # @return [String]
1656
- # Required. Name of the key.
1657
- # This is an arbitrary string used to differentiate different keys.
1658
- # A unique key is generated per name: two separate `TransientCryptoKey`
1659
- # protos share the same generated key if their names are the same.
1660
- # When the data crypto key is generated, this name is not used in any way
1661
- # (repeating the api call will result in a different key being generated).
1662
- class TransientCryptoKey; end
1663
-
1664
- # Using raw keys is prone to security risks due to accidentally
1665
- # leaking the key. Choose another type of key if possible.
1666
- # @!attribute [rw] key
1667
- # @return [String]
1668
- # Required. A 128/192/256 bit key.
1669
- class UnwrappedCryptoKey; end
1670
-
1671
- # Include to use an existing data crypto key wrapped by KMS.
1672
- # The wrapped key must be a 128/192/256 bit key.
1673
- # Authorization requires the following IAM permissions when sending a request
1674
- # to perform a crypto transformation using a kms-wrapped crypto key:
1675
- # dlp.kms.encrypt
1676
- # @!attribute [rw] wrapped_key
1677
- # @return [String]
1678
- # Required. The wrapped data crypto key.
1679
- # @!attribute [rw] crypto_key_name
1680
- # @return [String]
1681
- # Required. The resource name of the KMS CryptoKey to use for unwrapping.
1682
- class KmsWrappedCryptoKey; end
1683
-
1684
- # Shifts dates by random number of days, with option to be consistent for the
1685
- # same context. See https://cloud.google.com/dlp/docs/concepts-date-shifting
1686
- # to learn more.
1687
- # @!attribute [rw] upper_bound_days
1688
- # @return [Integer]
1689
- # Required. Range of shift in days. Actual shift will be selected at random within this
1690
- # range (inclusive ends). Negative means shift to earlier in time. Must not
1691
- # be more than 365250 days (1000 years) each direction.
1692
- #
1693
- # For example, 3 means shift date to at most 3 days into the future.
1694
- # @!attribute [rw] lower_bound_days
1695
- # @return [Integer]
1696
- # Required. For example, -5 means shift date to at most 5 days back in the past.
1697
- # @!attribute [rw] context
1698
- # @return [Google::Privacy::Dlp::V2::FieldId]
1699
- # Points to the field that contains the context, for example, an entity id.
1700
- # If set, must also set cryptoKey. If set, shift will be consistent for the
1701
- # given context.
1702
- # @!attribute [rw] crypto_key
1703
- # @return [Google::Privacy::Dlp::V2::CryptoKey]
1704
- # Causes the shift to be computed based on this key and the context. This
1705
- # results in the same shift for the same context and crypto_key. If
1706
- # set, must also set context. Can only be applied to table items.
1707
- class DateShiftConfig; end
1708
-
1709
- # A type of transformation that will scan unstructured text and
1710
- # apply various `PrimitiveTransformation`s to each finding, where the
1711
- # transformation is applied to only values that were identified as a specific
1712
- # info_type.
1713
- # @!attribute [rw] transformations
1714
- # @return [Array<Google::Privacy::Dlp::V2::InfoTypeTransformations::InfoTypeTransformation>]
1715
- # Required. Transformation for each infoType. Cannot specify more than one
1716
- # for a given infoType.
1717
- class InfoTypeTransformations
1718
- # A transformation to apply to text that is identified as a specific
1719
- # info_type.
1720
- # @!attribute [rw] info_types
1721
- # @return [Array<Google::Privacy::Dlp::V2::InfoType>]
1722
- # InfoTypes to apply the transformation to. An empty list will cause
1723
- # this transformation to apply to all findings that correspond to
1724
- # infoTypes that were requested in `InspectConfig`.
1725
- # @!attribute [rw] primitive_transformation
1726
- # @return [Google::Privacy::Dlp::V2::PrimitiveTransformation]
1727
- # Required. Primitive transformation to apply to the infoType.
1728
- class InfoTypeTransformation; end
1729
- end
1730
-
1731
- # The transformation to apply to the field.
1732
- # @!attribute [rw] fields
1733
- # @return [Array<Google::Privacy::Dlp::V2::FieldId>]
1734
- # Required. Input field(s) to apply the transformation to.
1735
- # @!attribute [rw] condition
1736
- # @return [Google::Privacy::Dlp::V2::RecordCondition]
1737
- # Only apply the transformation if the condition evaluates to true for the
1738
- # given `RecordCondition`. The conditions are allowed to reference fields
1739
- # that are not used in the actual transformation.
1740
- #
1741
- # Example Use Cases:
1742
- #
1743
- # * Apply a different bucket transformation to an age column if the zip code
1744
- # column for the same record is within a specific range.
1745
- # * Redact a field if the date of birth field is greater than 85.
1746
- # @!attribute [rw] primitive_transformation
1747
- # @return [Google::Privacy::Dlp::V2::PrimitiveTransformation]
1748
- # Apply the transformation to the entire field.
1749
- # @!attribute [rw] info_type_transformations
1750
- # @return [Google::Privacy::Dlp::V2::InfoTypeTransformations]
1751
- # Treat the contents of the field as free text, and selectively
1752
- # transform content that matches an `InfoType`.
1753
- class FieldTransformation; end
1754
-
1755
- # A type of transformation that is applied over structured data such as a
1756
- # table.
1757
- # @!attribute [rw] field_transformations
1758
- # @return [Array<Google::Privacy::Dlp::V2::FieldTransformation>]
1759
- # Transform the record by applying various field transformations.
1760
- # @!attribute [rw] record_suppressions
1761
- # @return [Array<Google::Privacy::Dlp::V2::RecordSuppression>]
1762
- # Configuration defining which records get suppressed entirely. Records that
1763
- # match any suppression rule are omitted from the output.
1764
- class RecordTransformations; end
1765
-
1766
- # Configuration to suppress records whose suppression conditions evaluate to
1767
- # true.
1768
- # @!attribute [rw] condition
1769
- # @return [Google::Privacy::Dlp::V2::RecordCondition]
1770
- # A condition that when it evaluates to true will result in the record being
1771
- # evaluated to be suppressed from the transformed content.
1772
- class RecordSuppression; end
1773
-
1774
- # A condition for determining whether a transformation should be applied to
1775
- # a field.
1776
- # @!attribute [rw] expressions
1777
- # @return [Google::Privacy::Dlp::V2::RecordCondition::Expressions]
1778
- # An expression.
1779
- class RecordCondition
1780
- # The field type of `value` and `field` do not need to match to be
1781
- # considered equal, but not all comparisons are possible.
1782
- # EQUAL_TO and NOT_EQUAL_TO attempt to compare even with incompatible types,
1783
- # but all other comparisons are invalid with incompatible types.
1784
- # A `value` of type:
1785
- #
1786
- # * `string` can be compared against all other types
1787
- # * `boolean` can only be compared against other booleans
1788
- # * `integer` can be compared against doubles or a string if the string value
1789
- # can be parsed as an integer.
1790
- # * `double` can be compared against integers or a string if the string can
1791
- # be parsed as a double.
1792
- # * `Timestamp` can be compared against strings in RFC 3339 date string
1793
- # format.
1794
- # * `TimeOfDay` can be compared against timestamps and strings in the format
1795
- # of 'HH:mm:ss'.
1796
- #
1797
- # If we fail to compare do to type mismatch, a warning will be given and
1798
- # the condition will evaluate to false.
1799
- # @!attribute [rw] field
1800
- # @return [Google::Privacy::Dlp::V2::FieldId]
1801
- # Required. Field within the record this condition is evaluated against.
1802
- # @!attribute [rw] operator
1803
- # @return [Google::Privacy::Dlp::V2::RelationalOperator]
1804
- # Required. Operator used to compare the field or infoType to the value.
1805
- # @!attribute [rw] value
1806
- # @return [Google::Privacy::Dlp::V2::Value]
1807
- # Value to compare against. [Mandatory, except for `EXISTS` tests.]
1808
- class Condition; end
1809
-
1810
- # A collection of conditions.
1811
- # @!attribute [rw] conditions
1812
- # @return [Array<Google::Privacy::Dlp::V2::RecordCondition::Condition>]
1813
- # A collection of conditions.
1814
- class Conditions; end
1815
-
1816
- # An expression, consisting or an operator and conditions.
1817
- # @!attribute [rw] logical_operator
1818
- # @return [Google::Privacy::Dlp::V2::RecordCondition::Expressions::LogicalOperator]
1819
- # The operator to apply to the result of conditions. Default and currently
1820
- # only supported value is `AND`.
1821
- # @!attribute [rw] conditions
1822
- # @return [Google::Privacy::Dlp::V2::RecordCondition::Conditions]
1823
- # Conditions to apply to the expression.
1824
- class Expressions
1825
- # Logical operators for conditional checks.
1826
- module LogicalOperator
1827
- # Unused
1828
- LOGICAL_OPERATOR_UNSPECIFIED = 0
1829
-
1830
- # Conditional AND
1831
- AND = 1
1832
- end
1833
- end
1834
- end
1835
-
1836
- # Overview of the modifications that occurred.
1837
- # @!attribute [rw] transformed_bytes
1838
- # @return [Integer]
1839
- # Total size in bytes that were transformed in some way.
1840
- # @!attribute [rw] transformation_summaries
1841
- # @return [Array<Google::Privacy::Dlp::V2::TransformationSummary>]
1842
- # Transformations applied to the dataset.
1843
- class TransformationOverview; end
1844
-
1845
- # Summary of a single transformation.
1846
- # Only one of 'transformation', 'field_transformation', or 'record_suppress'
1847
- # will be set.
1848
- # @!attribute [rw] info_type
1849
- # @return [Google::Privacy::Dlp::V2::InfoType]
1850
- # Set if the transformation was limited to a specific InfoType.
1851
- # @!attribute [rw] field
1852
- # @return [Google::Privacy::Dlp::V2::FieldId]
1853
- # Set if the transformation was limited to a specific FieldId.
1854
- # @!attribute [rw] transformation
1855
- # @return [Google::Privacy::Dlp::V2::PrimitiveTransformation]
1856
- # The specific transformation these stats apply to.
1857
- # @!attribute [rw] field_transformations
1858
- # @return [Array<Google::Privacy::Dlp::V2::FieldTransformation>]
1859
- # The field transformation that was applied.
1860
- # If multiple field transformations are requested for a single field,
1861
- # this list will contain all of them; otherwise, only one is supplied.
1862
- # @!attribute [rw] record_suppress
1863
- # @return [Google::Privacy::Dlp::V2::RecordSuppression]
1864
- # The specific suppression option these stats apply to.
1865
- # @!attribute [rw] results
1866
- # @return [Array<Google::Privacy::Dlp::V2::TransformationSummary::SummaryResult>]
1867
- # Collection of all transformations that took place or had an error.
1868
- # @!attribute [rw] transformed_bytes
1869
- # @return [Integer]
1870
- # Total size in bytes that were transformed in some way.
1871
- class TransformationSummary
1872
- # A collection that informs the user the number of times a particular
1873
- # `TransformationResultCode` and error details occurred.
1874
- # @!attribute [rw] count
1875
- # @return [Integer]
1876
- # Number of transformations counted by this result.
1877
- # @!attribute [rw] code
1878
- # @return [Google::Privacy::Dlp::V2::TransformationSummary::TransformationResultCode]
1879
- # Outcome of the transformation.
1880
- # @!attribute [rw] details
1881
- # @return [String]
1882
- # A place for warnings or errors to show up if a transformation didn't
1883
- # work as expected.
1884
- class SummaryResult; end
1885
-
1886
- # Possible outcomes of transformations.
1887
- module TransformationResultCode
1888
- # Unused
1889
- TRANSFORMATION_RESULT_CODE_UNSPECIFIED = 0
1890
-
1891
- # Transformation completed without an error.
1892
- SUCCESS = 1
1893
-
1894
- # Transformation had an error.
1895
- ERROR = 2
1896
- end
1897
- end
1898
-
1899
- # Schedule for triggeredJobs.
1900
- # @!attribute [rw] recurrence_period_duration
1901
- # @return [Google::Protobuf::Duration]
1902
- # With this option a job is started a regular periodic basis. For
1903
- # example: every day (86400 seconds).
1904
- #
1905
- # A scheduled start time will be skipped if the previous
1906
- # execution has not ended when its scheduled time occurs.
1907
- #
1908
- # This value must be set to a time duration greater than or equal
1909
- # to 1 day and can be no longer than 60 days.
1910
- class Schedule; end
1911
-
1912
- # The inspectTemplate contains a configuration (set of types of sensitive data
1913
- # to be detected) to be used anywhere you otherwise would normally specify
1914
- # InspectConfig. See https://cloud.google.com/dlp/docs/concepts-templates
1915
- # to learn more.
1916
- # @!attribute [rw] name
1917
- # @return [String]
1918
- # Output only. The template name.
1919
- #
1920
- # The template will have one of the following formats:
1921
- # `projects/PROJECT_ID/inspectTemplates/TEMPLATE_ID` OR
1922
- # `organizations/ORGANIZATION_ID/inspectTemplates/TEMPLATE_ID`;
1923
- # @!attribute [rw] display_name
1924
- # @return [String]
1925
- # Display name (max 256 chars).
1926
- # @!attribute [rw] description
1927
- # @return [String]
1928
- # Short description (max 256 chars).
1929
- # @!attribute [rw] create_time
1930
- # @return [Google::Protobuf::Timestamp]
1931
- # Output only. The creation timestamp of an inspectTemplate.
1932
- # @!attribute [rw] update_time
1933
- # @return [Google::Protobuf::Timestamp]
1934
- # Output only. The last update timestamp of an inspectTemplate.
1935
- # @!attribute [rw] inspect_config
1936
- # @return [Google::Privacy::Dlp::V2::InspectConfig]
1937
- # The core content of the template. Configuration of the scanning process.
1938
- class InspectTemplate; end
1939
-
1940
- # DeidentifyTemplates contains instructions on how to de-identify content.
1941
- # See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
1942
- # @!attribute [rw] name
1943
- # @return [String]
1944
- # Output only. The template name.
1945
- #
1946
- # The template will have one of the following formats:
1947
- # `projects/PROJECT_ID/deidentifyTemplates/TEMPLATE_ID` OR
1948
- # `organizations/ORGANIZATION_ID/deidentifyTemplates/TEMPLATE_ID`
1949
- # @!attribute [rw] display_name
1950
- # @return [String]
1951
- # Display name (max 256 chars).
1952
- # @!attribute [rw] description
1953
- # @return [String]
1954
- # Short description (max 256 chars).
1955
- # @!attribute [rw] create_time
1956
- # @return [Google::Protobuf::Timestamp]
1957
- # Output only. The creation timestamp of an inspectTemplate.
1958
- # @!attribute [rw] update_time
1959
- # @return [Google::Protobuf::Timestamp]
1960
- # Output only. The last update timestamp of an inspectTemplate.
1961
- # @!attribute [rw] deidentify_config
1962
- # @return [Google::Privacy::Dlp::V2::DeidentifyConfig]
1963
- # ///////////// // The core content of the template // ///////////////
1964
- class DeidentifyTemplate; end
1965
-
1966
- # Details information about an error encountered during job execution or
1967
- # the results of an unsuccessful activation of the JobTrigger.
1968
- # @!attribute [rw] details
1969
- # @return [Google::Rpc::Status]
1970
- # Detailed error codes and messages.
1971
- # @!attribute [rw] timestamps
1972
- # @return [Array<Google::Protobuf::Timestamp>]
1973
- # The times the error occurred.
1974
- class Error; end
1975
-
1976
- # Contains a configuration to make dlp api calls on a repeating basis.
1977
- # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
1978
- # @!attribute [rw] name
1979
- # @return [String]
1980
- # Unique resource name for the triggeredJob, assigned by the service when the
1981
- # triggeredJob is created, for example
1982
- # `projects/dlp-test-project/jobTriggers/53234423`.
1983
- # @!attribute [rw] display_name
1984
- # @return [String]
1985
- # Display name (max 100 chars)
1986
- # @!attribute [rw] description
1987
- # @return [String]
1988
- # User provided description (max 256 chars)
1989
- # @!attribute [rw] inspect_job
1990
- # @return [Google::Privacy::Dlp::V2::InspectJobConfig]
1991
- # For inspect jobs, a snapshot of the configuration.
1992
- # @!attribute [rw] triggers
1993
- # @return [Array<Google::Privacy::Dlp::V2::JobTrigger::Trigger>]
1994
- # A list of triggers which will be OR'ed together. Only one in the list
1995
- # needs to trigger for a job to be started. The list may contain only
1996
- # a single Schedule trigger and must have at least one object.
1997
- # @!attribute [rw] errors
1998
- # @return [Array<Google::Privacy::Dlp::V2::Error>]
1999
- # Output only. A stream of errors encountered when the trigger was activated. Repeated
2000
- # errors may result in the JobTrigger automatically being paused.
2001
- # Will return the last 100 errors. Whenever the JobTrigger is modified
2002
- # this list will be cleared.
2003
- # @!attribute [rw] create_time
2004
- # @return [Google::Protobuf::Timestamp]
2005
- # Output only. The creation timestamp of a triggeredJob.
2006
- # @!attribute [rw] update_time
2007
- # @return [Google::Protobuf::Timestamp]
2008
- # Output only. The last update timestamp of a triggeredJob.
2009
- # @!attribute [rw] last_run_time
2010
- # @return [Google::Protobuf::Timestamp]
2011
- # Output only. The timestamp of the last time this trigger executed.
2012
- # @!attribute [rw] status
2013
- # @return [Google::Privacy::Dlp::V2::JobTrigger::Status]
2014
- # Required. A status for this trigger.
2015
- class JobTrigger
2016
- # What event needs to occur for a new job to be started.
2017
- # @!attribute [rw] schedule
2018
- # @return [Google::Privacy::Dlp::V2::Schedule]
2019
- # Create a job on a repeating basis based on the elapse of time.
2020
- class Trigger; end
2021
-
2022
- # Whether the trigger is currently active. If PAUSED or CANCELLED, no jobs
2023
- # will be created with this configuration. The service may automatically
2024
- # pause triggers experiencing frequent errors. To restart a job, set the
2025
- # status to HEALTHY after correcting user errors.
2026
- module Status
2027
- # Unused.
2028
- STATUS_UNSPECIFIED = 0
2029
-
2030
- # Trigger is healthy.
2031
- HEALTHY = 1
2032
-
2033
- # Trigger is temporarily paused.
2034
- PAUSED = 2
2035
-
2036
- # Trigger is cancelled and can not be resumed.
2037
- CANCELLED = 3
2038
- end
2039
- end
2040
-
2041
- # A task to execute on the completion of a job.
2042
- # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
2043
- # @!attribute [rw] save_findings
2044
- # @return [Google::Privacy::Dlp::V2::Action::SaveFindings]
2045
- # Save resulting findings in a provided location.
2046
- # @!attribute [rw] pub_sub
2047
- # @return [Google::Privacy::Dlp::V2::Action::PublishToPubSub]
2048
- # Publish a notification to a pubsub topic.
2049
- # @!attribute [rw] publish_summary_to_cscc
2050
- # @return [Google::Privacy::Dlp::V2::Action::PublishSummaryToCscc]
2051
- # Publish summary to Cloud Security Command Center (Alpha).
2052
- # @!attribute [rw] publish_findings_to_cloud_data_catalog
2053
- # @return [Google::Privacy::Dlp::V2::Action::PublishFindingsToCloudDataCatalog]
2054
- # Publish findings to Cloud Datahub.
2055
- # @!attribute [rw] job_notification_emails
2056
- # @return [Google::Privacy::Dlp::V2::Action::JobNotificationEmails]
2057
- # Enable email notification for project owners and editors on job's
2058
- # completion/failure.
2059
- # @!attribute [rw] publish_to_stackdriver
2060
- # @return [Google::Privacy::Dlp::V2::Action::PublishToStackdriver]
2061
- # Enable Stackdriver metric dlp.googleapis.com/finding_count.
2062
- class Action
2063
- # If set, the detailed findings will be persisted to the specified
2064
- # OutputStorageConfig. Only a single instance of this action can be
2065
- # specified.
2066
- # Compatible with: Inspect, Risk
2067
- # @!attribute [rw] output_config
2068
- # @return [Google::Privacy::Dlp::V2::OutputStorageConfig]
2069
- # Location to store findings outside of DLP.
2070
- class SaveFindings; end
2071
-
2072
- # Publish a message into given Pub/Sub topic when DlpJob has completed. The
2073
- # message contains a single field, `DlpJobName`, which is equal to the
2074
- # finished job's
2075
- # [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
2076
- # Compatible with: Inspect, Risk
2077
- # @!attribute [rw] topic
2078
- # @return [String]
2079
- # Cloud Pub/Sub topic to send notifications to. The topic must have given
2080
- # publishing access rights to the DLP API service account executing
2081
- # the long running DlpJob sending the notifications.
2082
- # Format is projects/\\{project}/topics/\\{topic}.
2083
- class PublishToPubSub; end
2084
-
2085
- # Publish the result summary of a DlpJob to the Cloud Security
2086
- # Command Center (CSCC Alpha).
2087
- # This action is only available for projects which are parts of
2088
- # an organization and whitelisted for the alpha Cloud Security Command
2089
- # Center.
2090
- # The action will publish count of finding instances and their info types.
2091
- # The summary of findings will be persisted in CSCC and are governed by CSCC
2092
- # service-specific policy, see https://cloud.google.com/terms/service-terms
2093
- # Only a single instance of this action can be specified.
2094
- # Compatible with: Inspect
2095
- class PublishSummaryToCscc; end
2096
-
2097
- # Publish findings of a DlpJob to Cloud Data Catalog. Labels summarizing the
2098
- # results of the DlpJob will be applied to the entry for the resource scanned
2099
- # in Cloud Data Catalog. Any labels previously written by another DlpJob will
2100
- # be deleted. InfoType naming patterns are strictly enforced when using this
2101
- # feature. Note that the findings will be persisted in Cloud Data Catalog
2102
- # storage and are governed by Data Catalog service-specific policy, see
2103
- # https://cloud.google.com/terms/service-terms
2104
- # Only a single instance of this action can be specified and only allowed if
2105
- # all resources being scanned are BigQuery tables.
2106
- # Compatible with: Inspect
2107
- class PublishFindingsToCloudDataCatalog; end
2108
-
2109
- # Enable email notification to project owners and editors on jobs's
2110
- # completion/failure.
2111
- class JobNotificationEmails; end
2112
-
2113
- # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
2114
- # will publish a metric to stack driver on each infotype requested and
2115
- # how many findings were found for it. CustomDetectors will be bucketed
2116
- # as 'Custom' under the Stackdriver label 'info_type'.
2117
- class PublishToStackdriver; end
2118
- end
2119
-
2120
- # Request message for CreateInspectTemplate.
2121
- # @!attribute [rw] parent
2122
- # @return [String]
2123
- # Required. The parent resource name, for example projects/my-project-id or
2124
- # organizations/my-org-id.
2125
- # @!attribute [rw] inspect_template
2126
- # @return [Google::Privacy::Dlp::V2::InspectTemplate]
2127
- # Required. The InspectTemplate to create.
2128
- # @!attribute [rw] template_id
2129
- # @return [String]
2130
- # The template id can contain uppercase and lowercase letters,
2131
- # numbers, and hyphens; that is, it must match the regular
2132
- # expression: `[a-zA-Z\\d-_]+`. The maximum length is 100
2133
- # characters. Can be empty to allow the system to generate one.
2134
- # @!attribute [rw] location_id
2135
- # @return [String]
2136
- # The geographic location to store the inspection template. Reserved for
2137
- # future extensions.
2138
- class CreateInspectTemplateRequest; end
2139
-
2140
- # Request message for UpdateInspectTemplate.
2141
- # @!attribute [rw] name
2142
- # @return [String]
2143
- # Required. Resource name of organization and inspectTemplate to be updated, for
2144
- # example `organizations/433245324/inspectTemplates/432452342` or
2145
- # projects/project-id/inspectTemplates/432452342.
2146
- # @!attribute [rw] inspect_template
2147
- # @return [Google::Privacy::Dlp::V2::InspectTemplate]
2148
- # New InspectTemplate value.
2149
- # @!attribute [rw] update_mask
2150
- # @return [Google::Protobuf::FieldMask]
2151
- # Mask to control which fields get updated.
2152
- class UpdateInspectTemplateRequest; end
2153
-
2154
- # Request message for GetInspectTemplate.
2155
- # @!attribute [rw] name
2156
- # @return [String]
2157
- # Required. Resource name of the organization and inspectTemplate to be read, for
2158
- # example `organizations/433245324/inspectTemplates/432452342` or
2159
- # projects/project-id/inspectTemplates/432452342.
2160
- class GetInspectTemplateRequest; end
2161
-
2162
- # Request message for ListInspectTemplates.
2163
- # @!attribute [rw] parent
2164
- # @return [String]
2165
- # Required. The parent resource name, for example projects/my-project-id or
2166
- # organizations/my-org-id.
2167
- # @!attribute [rw] page_token
2168
- # @return [String]
2169
- # Page token to continue retrieval. Comes from previous call
2170
- # to `ListInspectTemplates`.
2171
- # @!attribute [rw] page_size
2172
- # @return [Integer]
2173
- # Size of the page, can be limited by server. If zero server returns
2174
- # a page of max size 100.
2175
- # @!attribute [rw] order_by
2176
- # @return [String]
2177
- # Comma separated list of fields to order by,
2178
- # followed by `asc` or `desc` postfix. This list is case-insensitive,
2179
- # default sorting order is ascending, redundant space characters are
2180
- # insignificant.
2181
- #
2182
- # Example: `name asc,update_time, create_time desc`
2183
- #
2184
- # Supported fields are:
2185
- #
2186
- # * `create_time`: corresponds to time the template was created.
2187
- # * `update_time`: corresponds to time the template was last updated.
2188
- # * `name`: corresponds to template's name.
2189
- # * `display_name`: corresponds to template's display name.
2190
- # @!attribute [rw] location_id
2191
- # @return [String]
2192
- # The geographic location where inspection templates will be retrieved from.
2193
- # Use `-` for all locations. Reserved for future extensions.
2194
- class ListInspectTemplatesRequest; end
2195
-
2196
- # Response message for ListInspectTemplates.
2197
- # @!attribute [rw] inspect_templates
2198
- # @return [Array<Google::Privacy::Dlp::V2::InspectTemplate>]
2199
- # List of inspectTemplates, up to page_size in ListInspectTemplatesRequest.
2200
- # @!attribute [rw] next_page_token
2201
- # @return [String]
2202
- # If the next page is available then the next page token to be used
2203
- # in following ListInspectTemplates request.
2204
- class ListInspectTemplatesResponse; end
2205
-
2206
- # Request message for DeleteInspectTemplate.
2207
- # @!attribute [rw] name
2208
- # @return [String]
2209
- # Required. Resource name of the organization and inspectTemplate to be deleted, for
2210
- # example `organizations/433245324/inspectTemplates/432452342` or
2211
- # projects/project-id/inspectTemplates/432452342.
2212
- class DeleteInspectTemplateRequest; end
2213
-
2214
- # Request message for CreateJobTrigger.
2215
- # @!attribute [rw] parent
2216
- # @return [String]
2217
- # Required. The parent resource name, for example projects/my-project-id.
2218
- # @!attribute [rw] job_trigger
2219
- # @return [Google::Privacy::Dlp::V2::JobTrigger]
2220
- # Required. The JobTrigger to create.
2221
- # @!attribute [rw] trigger_id
2222
- # @return [String]
2223
- # The trigger id can contain uppercase and lowercase letters,
2224
- # numbers, and hyphens; that is, it must match the regular
2225
- # expression: `[a-zA-Z\\d-_]+`. The maximum length is 100
2226
- # characters. Can be empty to allow the system to generate one.
2227
- # @!attribute [rw] location_id
2228
- # @return [String]
2229
- # The geographic location to store the job trigger. Reserved for
2230
- # future extensions.
2231
- class CreateJobTriggerRequest; end
2232
-
2233
- # Request message for ActivateJobTrigger.
2234
- # @!attribute [rw] name
2235
- # @return [String]
2236
- # Required. Resource name of the trigger to activate, for example
2237
- # `projects/dlp-test-project/jobTriggers/53234423`.
2238
- class ActivateJobTriggerRequest; end
2239
-
2240
- # Request message for UpdateJobTrigger.
2241
- # @!attribute [rw] name
2242
- # @return [String]
2243
- # Required. Resource name of the project and the triggeredJob, for example
2244
- # `projects/dlp-test-project/jobTriggers/53234423`.
2245
- # @!attribute [rw] job_trigger
2246
- # @return [Google::Privacy::Dlp::V2::JobTrigger]
2247
- # New JobTrigger value.
2248
- # @!attribute [rw] update_mask
2249
- # @return [Google::Protobuf::FieldMask]
2250
- # Mask to control which fields get updated.
2251
- class UpdateJobTriggerRequest; end
2252
-
2253
- # Request message for GetJobTrigger.
2254
- # @!attribute [rw] name
2255
- # @return [String]
2256
- # Required. Resource name of the project and the triggeredJob, for example
2257
- # `projects/dlp-test-project/jobTriggers/53234423`.
2258
- class GetJobTriggerRequest; end
2259
-
2260
- # Request message for CreateDlpJobRequest. Used to initiate long running
2261
- # jobs such as calculating risk metrics or inspecting Google Cloud
2262
- # Storage.
2263
- # @!attribute [rw] parent
2264
- # @return [String]
2265
- # Required. The parent resource name, for example projects/my-project-id.
2266
- # @!attribute [rw] inspect_job
2267
- # @return [Google::Privacy::Dlp::V2::InspectJobConfig]
2268
- # Set to control what and how to inspect.
2269
- # @!attribute [rw] risk_job
2270
- # @return [Google::Privacy::Dlp::V2::RiskAnalysisJobConfig]
2271
- # Set to choose what metric to calculate.
2272
- # @!attribute [rw] job_id
2273
- # @return [String]
2274
- # The job id can contain uppercase and lowercase letters,
2275
- # numbers, and hyphens; that is, it must match the regular
2276
- # expression: `[a-zA-Z\\d-_]+`. The maximum length is 100
2277
- # characters. Can be empty to allow the system to generate one.
2278
- # @!attribute [rw] location_id
2279
- # @return [String]
2280
- # The geographic location to store and process the job. Reserved for
2281
- # future extensions.
2282
- class CreateDlpJobRequest; end
2283
-
2284
- # Request message for ListJobTriggers.
2285
- # @!attribute [rw] parent
2286
- # @return [String]
2287
- # Required. The parent resource name, for example `projects/my-project-id`.
2288
- # @!attribute [rw] page_token
2289
- # @return [String]
2290
- # Page token to continue retrieval. Comes from previous call
2291
- # to ListJobTriggers. `order_by` field must not
2292
- # change for subsequent calls.
2293
- # @!attribute [rw] page_size
2294
- # @return [Integer]
2295
- # Size of the page, can be limited by a server.
2296
- # @!attribute [rw] order_by
2297
- # @return [String]
2298
- # Comma separated list of triggeredJob fields to order by,
2299
- # followed by `asc` or `desc` postfix. This list is case-insensitive,
2300
- # default sorting order is ascending, redundant space characters are
2301
- # insignificant.
2302
- #
2303
- # Example: `name asc,update_time, create_time desc`
2304
- #
2305
- # Supported fields are:
2306
- #
2307
- # * `create_time`: corresponds to time the JobTrigger was created.
2308
- # * `update_time`: corresponds to time the JobTrigger was last updated.
2309
- # * `last_run_time`: corresponds to the last time the JobTrigger ran.
2310
- # * `name`: corresponds to JobTrigger's name.
2311
- # * `display_name`: corresponds to JobTrigger's display name.
2312
- # * `status`: corresponds to JobTrigger's status.
2313
- # @!attribute [rw] filter
2314
- # @return [String]
2315
- # Allows filtering.
2316
- #
2317
- # Supported syntax:
2318
- #
2319
- # * Filter expressions are made up of one or more restrictions.
2320
- # * Restrictions can be combined by `AND` or `OR` logical operators. A
2321
- # sequence of restrictions implicitly uses `AND`.
2322
- # * A restriction has the form of `{field} {operator} {value}`.
2323
- # * Supported fields/values for inspect jobs:
2324
- # * `status` - HEALTHY|PAUSED|CANCELLED
2325
- # * `inspected_storage` - DATASTORE|CLOUD_STORAGE|BIGQUERY
2326
- # * 'last_run_time` - RFC 3339 formatted timestamp, surrounded by
2327
- # quotation marks. Nanoseconds are ignored.
2328
- # * 'error_count' - Number of errors that have occurred while running.
2329
- # * The operator must be `=` or `!=` for status and inspected_storage.
2330
- #
2331
- # Examples:
2332
- #
2333
- # * inspected_storage = cloud_storage AND status = HEALTHY
2334
- # * inspected_storage = cloud_storage OR inspected_storage = bigquery
2335
- # * inspected_storage = cloud_storage AND (state = PAUSED OR state = HEALTHY)
2336
- # * last_run_time > \"2017-12-12T00:00:00+00:00\"
2337
- #
2338
- # The length of this field should be no more than 500 characters.
2339
- # @!attribute [rw] location_id
2340
- # @return [String]
2341
- # The geographic location where job triggers will be retrieved from.
2342
- # Use `-` for all locations. Reserved for future extensions.
2343
- class ListJobTriggersRequest; end
2344
-
2345
- # Response message for ListJobTriggers.
2346
- # @!attribute [rw] job_triggers
2347
- # @return [Array<Google::Privacy::Dlp::V2::JobTrigger>]
2348
- # List of triggeredJobs, up to page_size in ListJobTriggersRequest.
2349
- # @!attribute [rw] next_page_token
2350
- # @return [String]
2351
- # If the next page is available then the next page token to be used
2352
- # in following ListJobTriggers request.
2353
- class ListJobTriggersResponse; end
2354
-
2355
- # Request message for DeleteJobTrigger.
2356
- # @!attribute [rw] name
2357
- # @return [String]
2358
- # Required. Resource name of the project and the triggeredJob, for example
2359
- # `projects/dlp-test-project/jobTriggers/53234423`.
2360
- class DeleteJobTriggerRequest; end
2361
-
2362
- # Controls what and how to inspect for findings.
2363
- # @!attribute [rw] storage_config
2364
- # @return [Google::Privacy::Dlp::V2::StorageConfig]
2365
- # The data to scan.
2366
- # @!attribute [rw] inspect_config
2367
- # @return [Google::Privacy::Dlp::V2::InspectConfig]
2368
- # How and what to scan for.
2369
- # @!attribute [rw] inspect_template_name
2370
- # @return [String]
2371
- # If provided, will be used as the default for all values in InspectConfig.
2372
- # `inspect_config` will be merged into the values persisted as part of the
2373
- # template.
2374
- # @!attribute [rw] actions
2375
- # @return [Array<Google::Privacy::Dlp::V2::Action>]
2376
- # Actions to execute at the completion of the job.
2377
- class InspectJobConfig; end
2378
-
2379
- # Combines all of the information about a DLP job.
2380
- # @!attribute [rw] name
2381
- # @return [String]
2382
- # The server-assigned name.
2383
- # @!attribute [rw] type
2384
- # @return [Google::Privacy::Dlp::V2::DlpJobType]
2385
- # The type of job.
2386
- # @!attribute [rw] state
2387
- # @return [Google::Privacy::Dlp::V2::DlpJob::JobState]
2388
- # State of a job.
2389
- # @!attribute [rw] risk_details
2390
- # @return [Google::Privacy::Dlp::V2::AnalyzeDataSourceRiskDetails]
2391
- # Results from analyzing risk of a data source.
2392
- # @!attribute [rw] inspect_details
2393
- # @return [Google::Privacy::Dlp::V2::InspectDataSourceDetails]
2394
- # Results from inspecting a data source.
2395
- # @!attribute [rw] create_time
2396
- # @return [Google::Protobuf::Timestamp]
2397
- # Time when the job was created.
2398
- # @!attribute [rw] start_time
2399
- # @return [Google::Protobuf::Timestamp]
2400
- # Time when the job started.
2401
- # @!attribute [rw] end_time
2402
- # @return [Google::Protobuf::Timestamp]
2403
- # Time when the job finished.
2404
- # @!attribute [rw] job_trigger_name
2405
- # @return [String]
2406
- # If created by a job trigger, the resource name of the trigger that
2407
- # instantiated the job.
2408
- # @!attribute [rw] errors
2409
- # @return [Array<Google::Privacy::Dlp::V2::Error>]
2410
- # A stream of errors encountered running the job.
2411
- class DlpJob
2412
- # Possible states of a job.
2413
- module JobState
2414
- # Unused.
2415
- JOB_STATE_UNSPECIFIED = 0
2416
-
2417
- # The job has not yet started.
2418
- PENDING = 1
2419
-
2420
- # The job is currently running.
2421
- RUNNING = 2
2422
-
2423
- # The job is no longer running.
2424
- DONE = 3
2425
-
2426
- # The job was canceled before it could complete.
2427
- CANCELED = 4
2428
-
2429
- # The job had an error and did not complete.
2430
- FAILED = 5
2431
- end
2432
- end
2433
-
2434
- # The request message for {DlpJobs::GetDlpJob}.
2435
- # @!attribute [rw] name
2436
- # @return [String]
2437
- # Required. The name of the DlpJob resource.
2438
- class GetDlpJobRequest; end
2439
-
2440
- # The request message for listing DLP jobs.
2441
- # @!attribute [rw] parent
2442
- # @return [String]
2443
- # Required. The parent resource name, for example projects/my-project-id.
2444
- # @!attribute [rw] filter
2445
- # @return [String]
2446
- # Allows filtering.
2447
- #
2448
- # Supported syntax:
2449
- #
2450
- # * Filter expressions are made up of one or more restrictions.
2451
- # * Restrictions can be combined by `AND` or `OR` logical operators. A
2452
- # sequence of restrictions implicitly uses `AND`.
2453
- # * A restriction has the form of `{field} {operator} {value}`.
2454
- # * Supported fields/values for inspect jobs:
2455
- # * `state` - PENDING|RUNNING|CANCELED|FINISHED|FAILED
2456
- # * `inspected_storage` - DATASTORE|CLOUD_STORAGE|BIGQUERY
2457
- # * `trigger_name` - The resource name of the trigger that created job.
2458
- # * 'end_time` - Corresponds to time the job finished.
2459
- # * 'start_time` - Corresponds to time the job finished.
2460
- # * Supported fields for risk analysis jobs:
2461
- # * `state` - RUNNING|CANCELED|FINISHED|FAILED
2462
- # * 'end_time` - Corresponds to time the job finished.
2463
- # * 'start_time` - Corresponds to time the job finished.
2464
- # * The operator must be `=` or `!=`.
2465
- #
2466
- # Examples:
2467
- #
2468
- # * inspected_storage = cloud_storage AND state = done
2469
- # * inspected_storage = cloud_storage OR inspected_storage = bigquery
2470
- # * inspected_storage = cloud_storage AND (state = done OR state = canceled)
2471
- # * end_time > \"2017-12-12T00:00:00+00:00\"
2472
- #
2473
- # The length of this field should be no more than 500 characters.
2474
- # @!attribute [rw] page_size
2475
- # @return [Integer]
2476
- # The standard list page size.
2477
- # @!attribute [rw] page_token
2478
- # @return [String]
2479
- # The standard list page token.
2480
- # @!attribute [rw] type
2481
- # @return [Google::Privacy::Dlp::V2::DlpJobType]
2482
- # The type of job. Defaults to `DlpJobType.INSPECT`
2483
- # @!attribute [rw] order_by
2484
- # @return [String]
2485
- # Comma separated list of fields to order by,
2486
- # followed by `asc` or `desc` postfix. This list is case-insensitive,
2487
- # default sorting order is ascending, redundant space characters are
2488
- # insignificant.
2489
- #
2490
- # Example: `name asc, end_time asc, create_time desc`
2491
- #
2492
- # Supported fields are:
2493
- #
2494
- # * `create_time`: corresponds to time the job was created.
2495
- # * `end_time`: corresponds to time the job ended.
2496
- # * `name`: corresponds to job's name.
2497
- # * `state`: corresponds to `state`
2498
- # @!attribute [rw] location_id
2499
- # @return [String]
2500
- # The geographic location where jobs will be retrieved from.
2501
- # Use `-` for all locations. Reserved for future extensions.
2502
- class ListDlpJobsRequest; end
2503
-
2504
- # The response message for listing DLP jobs.
2505
- # @!attribute [rw] jobs
2506
- # @return [Array<Google::Privacy::Dlp::V2::DlpJob>]
2507
- # A list of DlpJobs that matches the specified filter in the request.
2508
- # @!attribute [rw] next_page_token
2509
- # @return [String]
2510
- # The standard List next-page token.
2511
- class ListDlpJobsResponse; end
2512
-
2513
- # The request message for canceling a DLP job.
2514
- # @!attribute [rw] name
2515
- # @return [String]
2516
- # Required. The name of the DlpJob resource to be cancelled.
2517
- class CancelDlpJobRequest; end
2518
-
2519
- # The request message for deleting a DLP job.
2520
- # @!attribute [rw] name
2521
- # @return [String]
2522
- # Required. The name of the DlpJob resource to be deleted.
2523
- class DeleteDlpJobRequest; end
2524
-
2525
- # Request message for CreateDeidentifyTemplate.
2526
- # @!attribute [rw] parent
2527
- # @return [String]
2528
- # Required. The parent resource name, for example projects/my-project-id or
2529
- # organizations/my-org-id.
2530
- # @!attribute [rw] deidentify_template
2531
- # @return [Google::Privacy::Dlp::V2::DeidentifyTemplate]
2532
- # Required. The DeidentifyTemplate to create.
2533
- # @!attribute [rw] template_id
2534
- # @return [String]
2535
- # The template id can contain uppercase and lowercase letters,
2536
- # numbers, and hyphens; that is, it must match the regular
2537
- # expression: `[a-zA-Z\\d-_]+`. The maximum length is 100
2538
- # characters. Can be empty to allow the system to generate one.
2539
- # @!attribute [rw] location_id
2540
- # @return [String]
2541
- # The geographic location to store the deidentification template. Reserved
2542
- # for future extensions.
2543
- class CreateDeidentifyTemplateRequest; end
2544
-
2545
- # Request message for UpdateDeidentifyTemplate.
2546
- # @!attribute [rw] name
2547
- # @return [String]
2548
- # Required. Resource name of organization and deidentify template to be updated, for
2549
- # example `organizations/433245324/deidentifyTemplates/432452342` or
2550
- # projects/project-id/deidentifyTemplates/432452342.
2551
- # @!attribute [rw] deidentify_template
2552
- # @return [Google::Privacy::Dlp::V2::DeidentifyTemplate]
2553
- # New DeidentifyTemplate value.
2554
- # @!attribute [rw] update_mask
2555
- # @return [Google::Protobuf::FieldMask]
2556
- # Mask to control which fields get updated.
2557
- class UpdateDeidentifyTemplateRequest; end
2558
-
2559
- # Request message for GetDeidentifyTemplate.
2560
- # @!attribute [rw] name
2561
- # @return [String]
2562
- # Required. Resource name of the organization and deidentify template to be read, for
2563
- # example `organizations/433245324/deidentifyTemplates/432452342` or
2564
- # projects/project-id/deidentifyTemplates/432452342.
2565
- class GetDeidentifyTemplateRequest; end
2566
-
2567
- # Request message for ListDeidentifyTemplates.
2568
- # @!attribute [rw] parent
2569
- # @return [String]
2570
- # Required. The parent resource name, for example projects/my-project-id or
2571
- # organizations/my-org-id.
2572
- # @!attribute [rw] page_token
2573
- # @return [String]
2574
- # Page token to continue retrieval. Comes from previous call
2575
- # to `ListDeidentifyTemplates`.
2576
- # @!attribute [rw] page_size
2577
- # @return [Integer]
2578
- # Size of the page, can be limited by server. If zero server returns
2579
- # a page of max size 100.
2580
- # @!attribute [rw] order_by
2581
- # @return [String]
2582
- # Comma separated list of fields to order by,
2583
- # followed by `asc` or `desc` postfix. This list is case-insensitive,
2584
- # default sorting order is ascending, redundant space characters are
2585
- # insignificant.
2586
- #
2587
- # Example: `name asc,update_time, create_time desc`
2588
- #
2589
- # Supported fields are:
2590
- #
2591
- # * `create_time`: corresponds to time the template was created.
2592
- # * `update_time`: corresponds to time the template was last updated.
2593
- # * `name`: corresponds to template's name.
2594
- # * `display_name`: corresponds to template's display name.
2595
- # @!attribute [rw] location_id
2596
- # @return [String]
2597
- # The geographic location where deidentifications templates will be retrieved
2598
- # from. Use `-` for all locations. Reserved for future extensions.
2599
- class ListDeidentifyTemplatesRequest; end
2600
-
2601
- # Response message for ListDeidentifyTemplates.
2602
- # @!attribute [rw] deidentify_templates
2603
- # @return [Array<Google::Privacy::Dlp::V2::DeidentifyTemplate>]
2604
- # List of deidentify templates, up to page_size in
2605
- # ListDeidentifyTemplatesRequest.
2606
- # @!attribute [rw] next_page_token
2607
- # @return [String]
2608
- # If the next page is available then the next page token to be used
2609
- # in following ListDeidentifyTemplates request.
2610
- class ListDeidentifyTemplatesResponse; end
2611
-
2612
- # Request message for DeleteDeidentifyTemplate.
2613
- # @!attribute [rw] name
2614
- # @return [String]
2615
- # Required. Resource name of the organization and deidentify template to be deleted,
2616
- # for example `organizations/433245324/deidentifyTemplates/432452342` or
2617
- # projects/project-id/deidentifyTemplates/432452342.
2618
- class DeleteDeidentifyTemplateRequest; end
2619
-
2620
- # Configuration for a custom dictionary created from a data source of any size
2621
- # up to the maximum size defined in the
2622
- # [limits](https://cloud.google.com/dlp/limits) page. The artifacts of
2623
- # dictionary creation are stored in the specified Google Cloud Storage
2624
- # location. Consider using `CustomInfoType.Dictionary` for smaller dictionaries
2625
- # that satisfy the size requirements.
2626
- # @!attribute [rw] output_path
2627
- # @return [Google::Privacy::Dlp::V2::CloudStoragePath]
2628
- # Location to store dictionary artifacts in Google Cloud Storage. These files
2629
- # will only be accessible by project owners and the DLP API. If any of these
2630
- # artifacts are modified, the dictionary is considered invalid and can no
2631
- # longer be used.
2632
- # @!attribute [rw] cloud_storage_file_set
2633
- # @return [Google::Privacy::Dlp::V2::CloudStorageFileSet]
2634
- # Set of files containing newline-delimited lists of dictionary phrases.
2635
- # @!attribute [rw] big_query_field
2636
- # @return [Google::Privacy::Dlp::V2::BigQueryField]
2637
- # Field in a BigQuery table where each cell represents a dictionary phrase.
2638
- class LargeCustomDictionaryConfig; end
2639
-
2640
- # Summary statistics of a custom dictionary.
2641
- # @!attribute [rw] approx_num_phrases
2642
- # @return [Integer]
2643
- # Approximate number of distinct phrases in the dictionary.
2644
- class LargeCustomDictionaryStats; end
2645
-
2646
- # Configuration for stored infoTypes. All fields and subfield are provided
2647
- # by the user. For more information, see
2648
- # https://cloud.google.com/dlp/docs/creating-custom-infotypes.
2649
- # @!attribute [rw] display_name
2650
- # @return [String]
2651
- # Display name of the StoredInfoType (max 256 characters).
2652
- # @!attribute [rw] description
2653
- # @return [String]
2654
- # Description of the StoredInfoType (max 256 characters).
2655
- # @!attribute [rw] large_custom_dictionary
2656
- # @return [Google::Privacy::Dlp::V2::LargeCustomDictionaryConfig]
2657
- # StoredInfoType where findings are defined by a dictionary of phrases.
2658
- class StoredInfoTypeConfig; end
2659
-
2660
- # Statistics for a StoredInfoType.
2661
- # @!attribute [rw] large_custom_dictionary
2662
- # @return [Google::Privacy::Dlp::V2::LargeCustomDictionaryStats]
2663
- # StoredInfoType where findings are defined by a dictionary of phrases.
2664
- class StoredInfoTypeStats; end
2665
-
2666
- # Version of a StoredInfoType, including the configuration used to build it,
2667
- # create timestamp, and current state.
2668
- # @!attribute [rw] config
2669
- # @return [Google::Privacy::Dlp::V2::StoredInfoTypeConfig]
2670
- # StoredInfoType configuration.
2671
- # @!attribute [rw] create_time
2672
- # @return [Google::Protobuf::Timestamp]
2673
- # Create timestamp of the version. Read-only, determined by the system
2674
- # when the version is created.
2675
- # @!attribute [rw] state
2676
- # @return [Google::Privacy::Dlp::V2::StoredInfoTypeState]
2677
- # Stored info type version state. Read-only, updated by the system
2678
- # during dictionary creation.
2679
- # @!attribute [rw] errors
2680
- # @return [Array<Google::Privacy::Dlp::V2::Error>]
2681
- # Errors that occurred when creating this storedInfoType version, or
2682
- # anomalies detected in the storedInfoType data that render it unusable. Only
2683
- # the five most recent errors will be displayed, with the most recent error
2684
- # appearing first.
2685
- #
2686
- # For example, some of the data for stored custom dictionaries is put in
2687
- # the user's Google Cloud Storage bucket, and if this data is modified or
2688
- # deleted by the user or another system, the dictionary becomes invalid.
2689
- #
2690
- # If any errors occur, fix the problem indicated by the error message and
2691
- # use the UpdateStoredInfoType API method to create another version of the
2692
- # storedInfoType to continue using it, reusing the same `config` if it was
2693
- # not the source of the error.
2694
- # @!attribute [rw] stats
2695
- # @return [Google::Privacy::Dlp::V2::StoredInfoTypeStats]
2696
- # Statistics about this storedInfoType version.
2697
- class StoredInfoTypeVersion; end
2698
-
2699
- # StoredInfoType resource message that contains information about the current
2700
- # version and any pending updates.
2701
- # @!attribute [rw] name
2702
- # @return [String]
2703
- # Resource name.
2704
- # @!attribute [rw] current_version
2705
- # @return [Google::Privacy::Dlp::V2::StoredInfoTypeVersion]
2706
- # Current version of the stored info type.
2707
- # @!attribute [rw] pending_versions
2708
- # @return [Array<Google::Privacy::Dlp::V2::StoredInfoTypeVersion>]
2709
- # Pending versions of the stored info type. Empty if no versions are
2710
- # pending.
2711
- class StoredInfoType; end
2712
-
2713
- # Request message for CreateStoredInfoType.
2714
- # @!attribute [rw] parent
2715
- # @return [String]
2716
- # Required. The parent resource name, for example projects/my-project-id or
2717
- # organizations/my-org-id.
2718
- # @!attribute [rw] config
2719
- # @return [Google::Privacy::Dlp::V2::StoredInfoTypeConfig]
2720
- # Required. Configuration of the storedInfoType to create.
2721
- # @!attribute [rw] stored_info_type_id
2722
- # @return [String]
2723
- # The storedInfoType ID can contain uppercase and lowercase letters,
2724
- # numbers, and hyphens; that is, it must match the regular
2725
- # expression: `[a-zA-Z\\d-_]+`. The maximum length is 100
2726
- # characters. Can be empty to allow the system to generate one.
2727
- # @!attribute [rw] location_id
2728
- # @return [String]
2729
- # The geographic location to store the stored infoType. Reserved for
2730
- # future extensions.
2731
- class CreateStoredInfoTypeRequest; end
2732
-
2733
- # Request message for UpdateStoredInfoType.
2734
- # @!attribute [rw] name
2735
- # @return [String]
2736
- # Required. Resource name of organization and storedInfoType to be updated, for
2737
- # example `organizations/433245324/storedInfoTypes/432452342` or
2738
- # projects/project-id/storedInfoTypes/432452342.
2739
- # @!attribute [rw] config
2740
- # @return [Google::Privacy::Dlp::V2::StoredInfoTypeConfig]
2741
- # Updated configuration for the storedInfoType. If not provided, a new
2742
- # version of the storedInfoType will be created with the existing
2743
- # configuration.
2744
- # @!attribute [rw] update_mask
2745
- # @return [Google::Protobuf::FieldMask]
2746
- # Mask to control which fields get updated.
2747
- class UpdateStoredInfoTypeRequest; end
2748
-
2749
- # Request message for GetStoredInfoType.
2750
- # @!attribute [rw] name
2751
- # @return [String]
2752
- # Required. Resource name of the organization and storedInfoType to be read, for
2753
- # example `organizations/433245324/storedInfoTypes/432452342` or
2754
- # projects/project-id/storedInfoTypes/432452342.
2755
- class GetStoredInfoTypeRequest; end
2756
-
2757
- # Request message for ListStoredInfoTypes.
2758
- # @!attribute [rw] parent
2759
- # @return [String]
2760
- # Required. The parent resource name, for example projects/my-project-id or
2761
- # organizations/my-org-id.
2762
- # @!attribute [rw] page_token
2763
- # @return [String]
2764
- # Page token to continue retrieval. Comes from previous call
2765
- # to `ListStoredInfoTypes`.
2766
- # @!attribute [rw] page_size
2767
- # @return [Integer]
2768
- # Size of the page, can be limited by server. If zero server returns
2769
- # a page of max size 100.
2770
- # @!attribute [rw] order_by
2771
- # @return [String]
2772
- # Comma separated list of fields to order by,
2773
- # followed by `asc` or `desc` postfix. This list is case-insensitive,
2774
- # default sorting order is ascending, redundant space characters are
2775
- # insignificant.
2776
- #
2777
- # Example: `name asc, display_name, create_time desc`
2778
- #
2779
- # Supported fields are:
2780
- #
2781
- # * `create_time`: corresponds to time the most recent version of the
2782
- # resource was created.
2783
- # * `state`: corresponds to the state of the resource.
2784
- # * `name`: corresponds to resource name.
2785
- # * `display_name`: corresponds to info type's display name.
2786
- # @!attribute [rw] location_id
2787
- # @return [String]
2788
- # The geographic location where stored infoTypes will be retrieved from.
2789
- # Use `-` for all locations. Reserved for future extensions.
2790
- class ListStoredInfoTypesRequest; end
2791
-
2792
- # Response message for ListStoredInfoTypes.
2793
- # @!attribute [rw] stored_info_types
2794
- # @return [Array<Google::Privacy::Dlp::V2::StoredInfoType>]
2795
- # List of storedInfoTypes, up to page_size in ListStoredInfoTypesRequest.
2796
- # @!attribute [rw] next_page_token
2797
- # @return [String]
2798
- # If the next page is available then the next page token to be used
2799
- # in following ListStoredInfoTypes request.
2800
- class ListStoredInfoTypesResponse; end
2801
-
2802
- # Request message for DeleteStoredInfoType.
2803
- # @!attribute [rw] name
2804
- # @return [String]
2805
- # Required. Resource name of the organization and storedInfoType to be deleted, for
2806
- # example `organizations/433245324/storedInfoTypes/432452342` or
2807
- # projects/project-id/storedInfoTypes/432452342.
2808
- class DeleteStoredInfoTypeRequest; end
2809
-
2810
- # Options describing which parts of the provided content should be scanned.
2811
- module ContentOption
2812
- # Includes entire content of a file or a data stream.
2813
- CONTENT_UNSPECIFIED = 0
2814
-
2815
- # Text content within the data, excluding any metadata.
2816
- CONTENT_TEXT = 1
2817
-
2818
- # Images found in the data.
2819
- CONTENT_IMAGE = 2
2820
- end
2821
-
2822
- # An enum to represent the various types of DLP jobs.
2823
- module DlpJobType
2824
- # Unused
2825
- DLP_JOB_TYPE_UNSPECIFIED = 0
2826
-
2827
- # The job inspected Google Cloud for sensitive data.
2828
- INSPECT_JOB = 1
2829
-
2830
- # The job executed a Risk Analysis computation.
2831
- RISK_ANALYSIS_JOB = 2
2832
- end
2833
-
2834
- # Parts of the APIs which use certain infoTypes.
2835
- module InfoTypeSupportedBy
2836
- # Unused.
2837
- ENUM_TYPE_UNSPECIFIED = 0
2838
-
2839
- # Supported by the inspect operations.
2840
- INSPECT = 1
2841
-
2842
- # Supported by the risk analysis operations.
2843
- RISK_ANALYSIS = 2
2844
- end
2845
-
2846
- # Type of the match which can be applied to different ways of matching, like
2847
- # Dictionary, regular expression and intersecting with findings of another
2848
- # info type.
2849
- module MatchingType
2850
- # Invalid.
2851
- MATCHING_TYPE_UNSPECIFIED = 0
2852
-
2853
- # Full match.
2854
- #
2855
- # * Dictionary: join of Dictionary results matched complete finding quote
2856
- # * Regex: all regex matches fill a finding quote start to end
2857
- # * Exclude info type: completely inside affecting info types findings
2858
- MATCHING_TYPE_FULL_MATCH = 1
2859
-
2860
- # Partial match.
2861
- #
2862
- # * Dictionary: at least one of the tokens in the finding matches
2863
- # * Regex: substring of the finding matches
2864
- # * Exclude info type: intersects with affecting info types findings
2865
- MATCHING_TYPE_PARTIAL_MATCH = 2
2866
-
2867
- # Inverse match.
2868
- #
2869
- # * Dictionary: no tokens in the finding match the dictionary
2870
- # * Regex: finding doesn't match the regex
2871
- # * Exclude info type: no intersection with affecting info types findings
2872
- MATCHING_TYPE_INVERSE_MATCH = 3
2873
- end
2874
-
2875
- # Operators available for comparing the value of fields.
2876
- module RelationalOperator
2877
- # Unused
2878
- RELATIONAL_OPERATOR_UNSPECIFIED = 0
2879
-
2880
- # Equal. Attempts to match even with incompatible types.
2881
- EQUAL_TO = 1
2882
-
2883
- # Not equal to. Attempts to match even with incompatible types.
2884
- NOT_EQUAL_TO = 2
2885
-
2886
- # Greater than.
2887
- GREATER_THAN = 3
2888
-
2889
- # Less than.
2890
- LESS_THAN = 4
2891
-
2892
- # Greater than or equals.
2893
- GREATER_THAN_OR_EQUALS = 5
2894
-
2895
- # Less than or equals.
2896
- LESS_THAN_OR_EQUALS = 6
2897
-
2898
- # Exists
2899
- EXISTS = 7
2900
- end
2901
-
2902
- # State of a StoredInfoType version.
2903
- module StoredInfoTypeState
2904
- # Unused
2905
- STORED_INFO_TYPE_STATE_UNSPECIFIED = 0
2906
-
2907
- # StoredInfoType version is being created.
2908
- PENDING = 1
2909
-
2910
- # StoredInfoType version is ready for use.
2911
- READY = 2
2912
-
2913
- # StoredInfoType creation failed. All relevant error messages are returned in
2914
- # the `StoredInfoTypeVersion` message.
2915
- FAILED = 3
2916
-
2917
- # StoredInfoType is no longer valid because artifacts stored in
2918
- # user-controlled storage were modified. To fix an invalid StoredInfoType,
2919
- # use the `UpdateStoredInfoType` method to create a new version.
2920
- INVALID = 4
2921
- end
2922
- end
2923
- end
2924
- end
2925
- end