google-cloud-dlp 0.15.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +2 -1
- data/AUTHENTICATION.md +51 -59
- data/LICENSE.md +203 -0
- data/MIGRATING.md +303 -0
- data/README.md +35 -26
- data/lib/{google/cloud/dlp/v2/doc/google/protobuf/empty.rb → google-cloud-dlp.rb} +4 -14
- data/lib/google/cloud/dlp.rb +82 -119
- data/lib/google/cloud/dlp/version.rb +6 -2
- metadata +85 -56
- data/LICENSE +0 -201
- data/lib/google/cloud/dlp/v2.rb +0 -155
- data/lib/google/cloud/dlp/v2/credentials.rb +0 -41
- data/lib/google/cloud/dlp/v2/dlp_service_client.rb +0 -2368
- data/lib/google/cloud/dlp/v2/dlp_service_client_config.json +0 -191
- data/lib/google/cloud/dlp/v2/doc/google/privacy/dlp/v2/dlp.rb +0 -3163
- data/lib/google/cloud/dlp/v2/doc/google/privacy/dlp/v2/storage.rb +0 -682
- data/lib/google/cloud/dlp/v2/doc/google/protobuf/any.rb +0 -131
- data/lib/google/cloud/dlp/v2/doc/google/protobuf/duration.rb +0 -91
- data/lib/google/cloud/dlp/v2/doc/google/protobuf/field_mask.rb +0 -222
- data/lib/google/cloud/dlp/v2/doc/google/protobuf/timestamp.rb +0 -113
- data/lib/google/cloud/dlp/v2/doc/google/rpc/status.rb +0 -39
- data/lib/google/cloud/dlp/v2/doc/google/type/date.rb +0 -43
- data/lib/google/cloud/dlp/v2/doc/google/type/timeofday.rb +0 -37
- data/lib/google/privacy/dlp/v2/dlp_pb.rb +0 -1200
- data/lib/google/privacy/dlp/v2/dlp_services_pb.rb +0 -214
- data/lib/google/privacy/dlp/v2/storage_pb.rb +0 -246
@@ -1,682 +0,0 @@
|
|
1
|
-
# Copyright 2020 Google LLC
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
-
# you may not use this file except in compliance with the License.
|
5
|
-
# You may obtain a copy of the License at
|
6
|
-
#
|
7
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
8
|
-
#
|
9
|
-
# Unless required by applicable law or agreed to in writing, software
|
10
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
-
# See the License for the specific language governing permissions and
|
13
|
-
# limitations under the License.
|
14
|
-
|
15
|
-
|
16
|
-
module Google
|
17
|
-
module Privacy
|
18
|
-
module Dlp
|
19
|
-
module V2
|
20
|
-
# Type of information detected by the API.
|
21
|
-
# @!attribute [rw] name
|
22
|
-
# @return [String]
|
23
|
-
# Name of the information type. Either a name of your choosing when
|
24
|
-
# creating a CustomInfoType, or one of the names listed
|
25
|
-
# at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
|
26
|
-
# a built-in type. InfoType names should conform to the pattern
|
27
|
-
# [a-zA-Z0-9_]\\{1,64}.
|
28
|
-
class InfoType; end
|
29
|
-
|
30
|
-
# A reference to a StoredInfoType to use with scanning.
|
31
|
-
# @!attribute [rw] name
|
32
|
-
# @return [String]
|
33
|
-
# Resource name of the requested `StoredInfoType`, for example
|
34
|
-
# `organizations/433245324/storedInfoTypes/432452342` or
|
35
|
-
# `projects/project-id/storedInfoTypes/432452342`.
|
36
|
-
# @!attribute [rw] create_time
|
37
|
-
# @return [Google::Protobuf::Timestamp]
|
38
|
-
# Timestamp indicating when the version of the `StoredInfoType` used for
|
39
|
-
# inspection was created. Output-only field, populated by the system.
|
40
|
-
class StoredType; end
|
41
|
-
|
42
|
-
# Custom information type provided by the user. Used to find domain-specific
|
43
|
-
# sensitive information configurable to the data in question.
|
44
|
-
# @!attribute [rw] info_type
|
45
|
-
# @return [Google::Privacy::Dlp::V2::InfoType]
|
46
|
-
# CustomInfoType can either be a new infoType, or an extension of built-in
|
47
|
-
# infoType, when the name matches one of existing infoTypes and that infoType
|
48
|
-
# is specified in `InspectContent.info_types` field. Specifying the latter
|
49
|
-
# adds findings to the one detected by the system. If built-in info type is
|
50
|
-
# not specified in `InspectContent.info_types` list then the name is treated
|
51
|
-
# as a custom info type.
|
52
|
-
# @!attribute [rw] likelihood
|
53
|
-
# @return [Google::Privacy::Dlp::V2::Likelihood]
|
54
|
-
# Likelihood to return for this CustomInfoType. This base value can be
|
55
|
-
# altered by a detection rule if the finding meets the criteria specified by
|
56
|
-
# the rule. Defaults to `VERY_LIKELY` if not specified.
|
57
|
-
# @!attribute [rw] dictionary
|
58
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::Dictionary]
|
59
|
-
# A list of phrases to detect as a CustomInfoType.
|
60
|
-
# @!attribute [rw] regex
|
61
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::Regex]
|
62
|
-
# Regular expression based CustomInfoType.
|
63
|
-
# @!attribute [rw] surrogate_type
|
64
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::SurrogateType]
|
65
|
-
# Message for detecting output from deidentification transformations that
|
66
|
-
# support reversing.
|
67
|
-
# @!attribute [rw] stored_type
|
68
|
-
# @return [Google::Privacy::Dlp::V2::StoredType]
|
69
|
-
# Load an existing `StoredInfoType` resource for use in
|
70
|
-
# `InspectDataSource`. Not currently supported in `InspectContent`.
|
71
|
-
# @!attribute [rw] detection_rules
|
72
|
-
# @return [Array<Google::Privacy::Dlp::V2::CustomInfoType::DetectionRule>]
|
73
|
-
# Set of detection rules to apply to all findings of this CustomInfoType.
|
74
|
-
# Rules are applied in order that they are specified. Not supported for the
|
75
|
-
# `surrogate_type` CustomInfoType.
|
76
|
-
# @!attribute [rw] exclusion_type
|
77
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::ExclusionType]
|
78
|
-
# If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
|
79
|
-
# to be returned. It still can be used for rules matching.
|
80
|
-
class CustomInfoType
|
81
|
-
# Custom information type based on a dictionary of words or phrases. This can
|
82
|
-
# be used to match sensitive information specific to the data, such as a list
|
83
|
-
# of employee IDs or job titles.
|
84
|
-
#
|
85
|
-
# Dictionary words are case-insensitive and all characters other than letters
|
86
|
-
# and digits in the unicode [Basic Multilingual
|
87
|
-
# Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
|
88
|
-
# will be replaced with whitespace when scanning for matches, so the
|
89
|
-
# dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
|
90
|
-
# "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
|
91
|
-
# surrounding any match must be of a different type than the adjacent
|
92
|
-
# characters within the word, so letters must be next to non-letters and
|
93
|
-
# digits next to non-digits. For example, the dictionary word "jen" will
|
94
|
-
# match the first three letters of the text "jen123" but will return no
|
95
|
-
# matches for "jennifer".
|
96
|
-
#
|
97
|
-
# Dictionary words containing a large number of characters that are not
|
98
|
-
# letters or digits may result in unexpected findings because such characters
|
99
|
-
# are treated as whitespace. The
|
100
|
-
# [limits](https://cloud.google.com/dlp/limits) page contains details about
|
101
|
-
# the size limits of dictionaries. For dictionaries that do not fit within
|
102
|
-
# these constraints, consider using `LargeCustomDictionaryConfig` in the
|
103
|
-
# `StoredInfoType` API.
|
104
|
-
# @!attribute [rw] word_list
|
105
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::Dictionary::WordList]
|
106
|
-
# List of words or phrases to search for.
|
107
|
-
# @!attribute [rw] cloud_storage_path
|
108
|
-
# @return [Google::Privacy::Dlp::V2::CloudStoragePath]
|
109
|
-
# Newline-delimited file of words in Cloud Storage. Only a single file
|
110
|
-
# is accepted.
|
111
|
-
class Dictionary
|
112
|
-
# Message defining a list of words or phrases to search for in the data.
|
113
|
-
# @!attribute [rw] words
|
114
|
-
# @return [Array<String>]
|
115
|
-
# Words or phrases defining the dictionary. The dictionary must contain
|
116
|
-
# at least one phrase and every phrase must contain at least 2 characters
|
117
|
-
# that are letters or digits. [required]
|
118
|
-
class WordList; end
|
119
|
-
end
|
120
|
-
|
121
|
-
# Message defining a custom regular expression.
|
122
|
-
# @!attribute [rw] pattern
|
123
|
-
# @return [String]
|
124
|
-
# Pattern defining the regular expression. Its syntax
|
125
|
-
# (https://github.com/google/re2/wiki/Syntax) can be found under the
|
126
|
-
# google/re2 repository on GitHub.
|
127
|
-
# @!attribute [rw] group_indexes
|
128
|
-
# @return [Array<Integer>]
|
129
|
-
# The index of the submatch to extract as findings. When not
|
130
|
-
# specified, the entire match is returned. No more than 3 may be included.
|
131
|
-
class Regex; end
|
132
|
-
|
133
|
-
# Message for detecting output from deidentification transformations
|
134
|
-
# such as
|
135
|
-
# [`CryptoReplaceFfxFpeConfig`](https://cloud.google.com/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
|
136
|
-
# These types of transformations are
|
137
|
-
# those that perform pseudonymization, thereby producing a "surrogate" as
|
138
|
-
# output. This should be used in conjunction with a field on the
|
139
|
-
# transformation such as `surrogate_info_type`. This CustomInfoType does
|
140
|
-
# not support the use of `detection_rules`.
|
141
|
-
class SurrogateType; end
|
142
|
-
|
143
|
-
# Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
|
144
|
-
# `CustomInfoType` to alter behavior under certain circumstances, depending
|
145
|
-
# on the specific details of the rule. Not supported for the `surrogate_type`
|
146
|
-
# custom infoType.
|
147
|
-
# @!attribute [rw] hotword_rule
|
148
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::DetectionRule::HotwordRule]
|
149
|
-
# Hotword-based detection rule.
|
150
|
-
class DetectionRule
|
151
|
-
# Message for specifying a window around a finding to apply a detection
|
152
|
-
# rule.
|
153
|
-
# @!attribute [rw] window_before
|
154
|
-
# @return [Integer]
|
155
|
-
# Number of characters before the finding to consider.
|
156
|
-
# @!attribute [rw] window_after
|
157
|
-
# @return [Integer]
|
158
|
-
# Number of characters after the finding to consider.
|
159
|
-
class Proximity; end
|
160
|
-
|
161
|
-
# Message for specifying an adjustment to the likelihood of a finding as
|
162
|
-
# part of a detection rule.
|
163
|
-
# @!attribute [rw] fixed_likelihood
|
164
|
-
# @return [Google::Privacy::Dlp::V2::Likelihood]
|
165
|
-
# Set the likelihood of a finding to a fixed value.
|
166
|
-
# @!attribute [rw] relative_likelihood
|
167
|
-
# @return [Integer]
|
168
|
-
# Increase or decrease the likelihood by the specified number of
|
169
|
-
# levels. For example, if a finding would be `POSSIBLE` without the
|
170
|
-
# detection rule and `relative_likelihood` is 1, then it is upgraded to
|
171
|
-
# `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
|
172
|
-
# Likelihood may never drop below `VERY_UNLIKELY` or exceed
|
173
|
-
# `VERY_LIKELY`, so applying an adjustment of 1 followed by an
|
174
|
-
# adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
|
175
|
-
# a final likelihood of `LIKELY`.
|
176
|
-
class LikelihoodAdjustment; end
|
177
|
-
|
178
|
-
# The rule that adjusts the likelihood of findings within a certain
|
179
|
-
# proximity of hotwords.
|
180
|
-
# @!attribute [rw] hotword_regex
|
181
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::Regex]
|
182
|
-
# Regular expression pattern defining what qualifies as a hotword.
|
183
|
-
# @!attribute [rw] proximity
|
184
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::DetectionRule::Proximity]
|
185
|
-
# Proximity of the finding within which the entire hotword must reside.
|
186
|
-
# The total length of the window cannot exceed 1000 characters. Note that
|
187
|
-
# the finding itself will be included in the window, so that hotwords may
|
188
|
-
# be used to match substrings of the finding itself. For example, the
|
189
|
-
# certainty of a phone number regex "\(\d\\{3}\) \d\\{3}-\d\\{4}" could be
|
190
|
-
# adjusted upwards if the area code is known to be the local area code of
|
191
|
-
# a company office using the hotword regex "\(xxx\)", where "xxx"
|
192
|
-
# is the area code in question.
|
193
|
-
# @!attribute [rw] likelihood_adjustment
|
194
|
-
# @return [Google::Privacy::Dlp::V2::CustomInfoType::DetectionRule::LikelihoodAdjustment]
|
195
|
-
# Likelihood adjustment to apply to all matching findings.
|
196
|
-
class HotwordRule; end
|
197
|
-
end
|
198
|
-
|
199
|
-
module ExclusionType
|
200
|
-
# A finding of this custom info type will not be excluded from results.
|
201
|
-
EXCLUSION_TYPE_UNSPECIFIED = 0
|
202
|
-
|
203
|
-
# A finding of this custom info type will be excluded from final results,
|
204
|
-
# but can still affect rule execution.
|
205
|
-
EXCLUSION_TYPE_EXCLUDE = 1
|
206
|
-
end
|
207
|
-
end
|
208
|
-
|
209
|
-
# General identifier of a data field in a storage service.
|
210
|
-
# @!attribute [rw] name
|
211
|
-
# @return [String]
|
212
|
-
# Name describing the field.
|
213
|
-
class FieldId; end
|
214
|
-
|
215
|
-
# Datastore partition ID.
|
216
|
-
# A partition ID identifies a grouping of entities. The grouping is always
|
217
|
-
# by project and namespace, however the namespace ID may be empty.
|
218
|
-
#
|
219
|
-
# A partition ID contains several dimensions:
|
220
|
-
# project ID and namespace ID.
|
221
|
-
# @!attribute [rw] project_id
|
222
|
-
# @return [String]
|
223
|
-
# The ID of the project to which the entities belong.
|
224
|
-
# @!attribute [rw] namespace_id
|
225
|
-
# @return [String]
|
226
|
-
# If not empty, the ID of the namespace to which the entities belong.
|
227
|
-
class PartitionId; end
|
228
|
-
|
229
|
-
# A representation of a Datastore kind.
|
230
|
-
# @!attribute [rw] name
|
231
|
-
# @return [String]
|
232
|
-
# The name of the kind.
|
233
|
-
class KindExpression; end
|
234
|
-
|
235
|
-
# Options defining a data set within Google Cloud Datastore.
|
236
|
-
# @!attribute [rw] partition_id
|
237
|
-
# @return [Google::Privacy::Dlp::V2::PartitionId]
|
238
|
-
# A partition ID identifies a grouping of entities. The grouping is always
|
239
|
-
# by project and namespace, however the namespace ID may be empty.
|
240
|
-
# @!attribute [rw] kind
|
241
|
-
# @return [Google::Privacy::Dlp::V2::KindExpression]
|
242
|
-
# The kind to process.
|
243
|
-
class DatastoreOptions; end
|
244
|
-
|
245
|
-
# Message representing a set of files in a Cloud Storage bucket. Regular
|
246
|
-
# expressions are used to allow fine-grained control over which files in the
|
247
|
-
# bucket to include.
|
248
|
-
#
|
249
|
-
# Included files are those that match at least one item in `include_regex` and
|
250
|
-
# do not match any items in `exclude_regex`. Note that a file that matches
|
251
|
-
# items from both lists will _not_ be included. For a match to occur, the
|
252
|
-
# entire file path (i.e., everything in the url after the bucket name) must
|
253
|
-
# match the regular expression.
|
254
|
-
#
|
255
|
-
# For example, given the input `{bucket_name: "mybucket", include_regex:
|
256
|
-
# ["directory1/.*"], exclude_regex:
|
257
|
-
# ["directory1/excluded.*"]}`:
|
258
|
-
#
|
259
|
-
# * `gs://mybucket/directory1/myfile` will be included
|
260
|
-
# * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
|
261
|
-
# across `/`)
|
262
|
-
# * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
|
263
|
-
# full path doesn't match any items in `include_regex`)
|
264
|
-
# * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
|
265
|
-
# matches an item in `exclude_regex`)
|
266
|
-
#
|
267
|
-
# If `include_regex` is left empty, it will match all files by default
|
268
|
-
# (this is equivalent to setting `include_regex: [".*"]`).
|
269
|
-
#
|
270
|
-
# Some other common use cases:
|
271
|
-
#
|
272
|
-
# * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
|
273
|
-
# files in `mybucket` except for .pdf files
|
274
|
-
# * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
|
275
|
-
# include all files directly under `gs://mybucket/directory/`, without matching
|
276
|
-
# across `/`
|
277
|
-
# @!attribute [rw] bucket_name
|
278
|
-
# @return [String]
|
279
|
-
# The name of a Cloud Storage bucket. Required.
|
280
|
-
# @!attribute [rw] include_regex
|
281
|
-
# @return [Array<String>]
|
282
|
-
# A list of regular expressions matching file paths to include. All files in
|
283
|
-
# the bucket that match at least one of these regular expressions will be
|
284
|
-
# included in the set of files, except for those that also match an item in
|
285
|
-
# `exclude_regex`. Leaving this field empty will match all files by default
|
286
|
-
# (this is equivalent to including `.*` in the list).
|
287
|
-
#
|
288
|
-
# Regular expressions use RE2
|
289
|
-
# [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
|
290
|
-
# under the google/re2 repository on GitHub.
|
291
|
-
# @!attribute [rw] exclude_regex
|
292
|
-
# @return [Array<String>]
|
293
|
-
# A list of regular expressions matching file paths to exclude. All files in
|
294
|
-
# the bucket that match at least one of these regular expressions will be
|
295
|
-
# excluded from the scan.
|
296
|
-
#
|
297
|
-
# Regular expressions use RE2
|
298
|
-
# [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
|
299
|
-
# under the google/re2 repository on GitHub.
|
300
|
-
class CloudStorageRegexFileSet; end
|
301
|
-
|
302
|
-
# Options defining a file or a set of files within a Google Cloud Storage
|
303
|
-
# bucket.
|
304
|
-
# @!attribute [rw] file_set
|
305
|
-
# @return [Google::Privacy::Dlp::V2::CloudStorageOptions::FileSet]
|
306
|
-
# The set of one or more files to scan.
|
307
|
-
# @!attribute [rw] bytes_limit_per_file
|
308
|
-
# @return [Integer]
|
309
|
-
# Max number of bytes to scan from a file. If a scanned file's size is bigger
|
310
|
-
# than this value then the rest of the bytes are omitted. Only one
|
311
|
-
# of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
|
312
|
-
# @!attribute [rw] bytes_limit_per_file_percent
|
313
|
-
# @return [Integer]
|
314
|
-
# Max percentage of bytes to scan from a file. The rest are omitted. The
|
315
|
-
# number of bytes scanned is rounded down. Must be between 0 and 100,
|
316
|
-
# inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
|
317
|
-
# of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
|
318
|
-
# @!attribute [rw] file_types
|
319
|
-
# @return [Array<Google::Privacy::Dlp::V2::FileType>]
|
320
|
-
# List of file type groups to include in the scan.
|
321
|
-
# If empty, all files are scanned and available data format processors
|
322
|
-
# are applied. In addition, the binary content of the selected files
|
323
|
-
# is always scanned as well.
|
324
|
-
# @!attribute [rw] sample_method
|
325
|
-
# @return [Google::Privacy::Dlp::V2::CloudStorageOptions::SampleMethod]
|
326
|
-
# @!attribute [rw] files_limit_percent
|
327
|
-
# @return [Integer]
|
328
|
-
# Limits the number of files to scan to this percentage of the input FileSet.
|
329
|
-
# Number of files scanned is rounded down. Must be between 0 and 100,
|
330
|
-
# inclusively. Both 0 and 100 means no limit. Defaults to 0.
|
331
|
-
class CloudStorageOptions
|
332
|
-
# Set of files to scan.
|
333
|
-
# @!attribute [rw] url
|
334
|
-
# @return [String]
|
335
|
-
# The Cloud Storage url of the file(s) to scan, in the format
|
336
|
-
# `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
|
337
|
-
#
|
338
|
-
# If the url ends in a trailing slash, the bucket or directory represented
|
339
|
-
# by the url will be scanned non-recursively (content in sub-directories
|
340
|
-
# will not be scanned). This means that `gs://mybucket/` is equivalent to
|
341
|
-
# `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
|
342
|
-
# `gs://mybucket/directory/*`.
|
343
|
-
#
|
344
|
-
# Exactly one of `url` or `regex_file_set` must be set.
|
345
|
-
# @!attribute [rw] regex_file_set
|
346
|
-
# @return [Google::Privacy::Dlp::V2::CloudStorageRegexFileSet]
|
347
|
-
# The regex-filtered set of files to scan. Exactly one of `url` or
|
348
|
-
# `regex_file_set` must be set.
|
349
|
-
class FileSet; end
|
350
|
-
|
351
|
-
# How to sample bytes if not all bytes are scanned. Meaningful only when used
|
352
|
-
# in conjunction with bytes_limit_per_file. If not specified, scanning would
|
353
|
-
# start from the top.
|
354
|
-
module SampleMethod
|
355
|
-
SAMPLE_METHOD_UNSPECIFIED = 0
|
356
|
-
|
357
|
-
# Scan from the top (default).
|
358
|
-
TOP = 1
|
359
|
-
|
360
|
-
# For each file larger than bytes_limit_per_file, randomly pick the offset
|
361
|
-
# to start scanning. The scanned bytes are contiguous.
|
362
|
-
RANDOM_START = 2
|
363
|
-
end
|
364
|
-
end
|
365
|
-
|
366
|
-
# Message representing a set of files in Cloud Storage.
|
367
|
-
# @!attribute [rw] url
|
368
|
-
# @return [String]
|
369
|
-
# The url, in the format `gs://<bucket>/<path>`. Trailing wildcard in the
|
370
|
-
# path is allowed.
|
371
|
-
class CloudStorageFileSet; end
|
372
|
-
|
373
|
-
# Message representing a single file or path in Cloud Storage.
|
374
|
-
# @!attribute [rw] path
|
375
|
-
# @return [String]
|
376
|
-
# A url representing a file or path (no wildcards) in Cloud Storage.
|
377
|
-
# Example: gs://[BUCKET_NAME]/dictionary.txt
|
378
|
-
class CloudStoragePath; end
|
379
|
-
|
380
|
-
# Options defining BigQuery table and row identifiers.
|
381
|
-
# @!attribute [rw] table_reference
|
382
|
-
# @return [Google::Privacy::Dlp::V2::BigQueryTable]
|
383
|
-
# Complete BigQuery table reference.
|
384
|
-
# @!attribute [rw] identifying_fields
|
385
|
-
# @return [Array<Google::Privacy::Dlp::V2::FieldId>]
|
386
|
-
# Table fields that may uniquely identify a row within the table. When
|
387
|
-
# `actions.saveFindings.outputConfig.table` is specified, the values of
|
388
|
-
# columns specified here are available in the output table under
|
389
|
-
# `location.content_locations.record_location.record_key.id_values`. Nested
|
390
|
-
# fields such as `person.birthdate.year` are allowed.
|
391
|
-
# @!attribute [rw] rows_limit
|
392
|
-
# @return [Integer]
|
393
|
-
# Max number of rows to scan. If the table has more rows than this value, the
|
394
|
-
# rest of the rows are omitted. If not set, or if set to 0, all rows will be
|
395
|
-
# scanned. Only one of rows_limit and rows_limit_percent can be specified.
|
396
|
-
# Cannot be used in conjunction with TimespanConfig.
|
397
|
-
# @!attribute [rw] rows_limit_percent
|
398
|
-
# @return [Integer]
|
399
|
-
# Max percentage of rows to scan. The rest are omitted. The number of rows
|
400
|
-
# scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
|
401
|
-
# 100 means no limit. Defaults to 0. Only one of rows_limit and
|
402
|
-
# rows_limit_percent can be specified. Cannot be used in conjunction with
|
403
|
-
# TimespanConfig.
|
404
|
-
# @!attribute [rw] sample_method
|
405
|
-
# @return [Google::Privacy::Dlp::V2::BigQueryOptions::SampleMethod]
|
406
|
-
# @!attribute [rw] excluded_fields
|
407
|
-
# @return [Array<Google::Privacy::Dlp::V2::FieldId>]
|
408
|
-
# References to fields excluded from scanning. This allows you to skip
|
409
|
-
# inspection of entire columns which you know have no findings.
|
410
|
-
class BigQueryOptions
|
411
|
-
# How to sample rows if not all rows are scanned. Meaningful only when used
|
412
|
-
# in conjunction with either rows_limit or rows_limit_percent. If not
|
413
|
-
# specified, scanning would start from the top.
|
414
|
-
module SampleMethod
|
415
|
-
SAMPLE_METHOD_UNSPECIFIED = 0
|
416
|
-
|
417
|
-
# Scan from the top (default).
|
418
|
-
TOP = 1
|
419
|
-
|
420
|
-
# Randomly pick the row to start scanning. The scanned rows are contiguous.
|
421
|
-
RANDOM_START = 2
|
422
|
-
end
|
423
|
-
end
|
424
|
-
|
425
|
-
# Shared message indicating Cloud storage type.
|
426
|
-
# @!attribute [rw] datastore_options
|
427
|
-
# @return [Google::Privacy::Dlp::V2::DatastoreOptions]
|
428
|
-
# Google Cloud Datastore options.
|
429
|
-
# @!attribute [rw] cloud_storage_options
|
430
|
-
# @return [Google::Privacy::Dlp::V2::CloudStorageOptions]
|
431
|
-
# Google Cloud Storage options.
|
432
|
-
# @!attribute [rw] big_query_options
|
433
|
-
# @return [Google::Privacy::Dlp::V2::BigQueryOptions]
|
434
|
-
# BigQuery options.
|
435
|
-
# @!attribute [rw] hybrid_options
|
436
|
-
# @return [Google::Privacy::Dlp::V2::HybridOptions]
|
437
|
-
# Hybrid inspection options.
|
438
|
-
# Early access feature is in a pre-release state and might change or have
|
439
|
-
# limited support. For more information, see
|
440
|
-
# https://cloud.google.com/products#product-launch-stages.
|
441
|
-
# @!attribute [rw] timespan_config
|
442
|
-
# @return [Google::Privacy::Dlp::V2::StorageConfig::TimespanConfig]
|
443
|
-
class StorageConfig
|
444
|
-
# Configuration of the timespan of the items to include in scanning.
|
445
|
-
# Currently only supported when inspecting Google Cloud Storage and BigQuery.
|
446
|
-
# @!attribute [rw] start_time
|
447
|
-
# @return [Google::Protobuf::Timestamp]
|
448
|
-
# Exclude files or rows older than this value.
|
449
|
-
# @!attribute [rw] end_time
|
450
|
-
# @return [Google::Protobuf::Timestamp]
|
451
|
-
# Exclude files or rows newer than this value.
|
452
|
-
# If set to zero, no upper time limit is applied.
|
453
|
-
# @!attribute [rw] timestamp_field
|
454
|
-
# @return [Google::Privacy::Dlp::V2::FieldId]
|
455
|
-
# Specification of the field containing the timestamp of scanned items.
|
456
|
-
# Used for data sources like Datastore and BigQuery.
|
457
|
-
#
|
458
|
-
# For BigQuery:
|
459
|
-
# Required to filter out rows based on the given start and
|
460
|
-
# end times. If not specified and the table was modified between the given
|
461
|
-
# start and end times, the entire table will be scanned.
|
462
|
-
# The valid data types of the timestamp field are: `INTEGER`, `DATE`,
|
463
|
-
# `TIMESTAMP`, or `DATETIME` BigQuery column.
|
464
|
-
#
|
465
|
-
# For Datastore.
|
466
|
-
# Valid data types of the timestamp field are: `TIMESTAMP`.
|
467
|
-
# Datastore entity will be scanned if the timestamp property does not
|
468
|
-
# exist or its value is empty or invalid.
|
469
|
-
# @!attribute [rw] enable_auto_population_of_timespan_config
|
470
|
-
# @return [true, false]
|
471
|
-
# When the job is started by a JobTrigger we will automatically figure out
|
472
|
-
# a valid start_time to avoid scanning files that have not been modified
|
473
|
-
# since the last time the JobTrigger executed. This will be based on the
|
474
|
-
# time of the execution of the last run of the JobTrigger.
|
475
|
-
class TimespanConfig; end
|
476
|
-
end
|
477
|
-
|
478
|
-
# Configuration to control jobs where the content being inspected is outside
|
479
|
-
# of Google Cloud Platform.
|
480
|
-
# @!attribute [rw] description
|
481
|
-
# @return [String]
|
482
|
-
# A short description of where the data is coming from. Will be stored once
|
483
|
-
# in the job. 256 max length.
|
484
|
-
# @!attribute [rw] required_finding_label_keys
|
485
|
-
# @return [Array<String>]
|
486
|
-
# These are labels that each inspection request must include within their
|
487
|
-
# 'finding_labels' map. Request may contain others, but any missing one of
|
488
|
-
# these will be rejected.
|
489
|
-
#
|
490
|
-
# Label keys must be between 1 and 63 characters long and must conform
|
491
|
-
# to the following regular expression: \[a-z\](https://cloud.google.com\[-a-z0-9\]*\[a-z0-9\])?.
|
492
|
-
#
|
493
|
-
# No more than 10 keys can be required.
|
494
|
-
# @!attribute [rw] labels
|
495
|
-
# @return [Hash{String => String}]
|
496
|
-
# To organize findings, these labels will be added to each finding.
|
497
|
-
#
|
498
|
-
# Label keys must be between 1 and 63 characters long and must conform
|
499
|
-
# to the following regular expression: \[a-z\](https://cloud.google.com\[-a-z0-9\]*\[a-z0-9\])?.
|
500
|
-
#
|
501
|
-
# Label values must be between 0 and 63 characters long and must conform
|
502
|
-
# to the regular expression (\[a-z\](https://cloud.google.com\[-a-z0-9\]*\[a-z0-9\])?)?.
|
503
|
-
#
|
504
|
-
# No more than 10 labels can be associated with a given finding.
|
505
|
-
#
|
506
|
-
# Example: <code>"environment" : "production"</code>
|
507
|
-
# Example: <code>"pipeline" : "etl"</code>
|
508
|
-
# @!attribute [rw] table_options
|
509
|
-
# @return [Google::Privacy::Dlp::V2::TableOptions]
|
510
|
-
# If the container is a table, additional information to make findings
|
511
|
-
# meaningful such as the columns that are primary keys.
|
512
|
-
class HybridOptions; end
|
513
|
-
|
514
|
-
# Row key for identifying a record in BigQuery table.
|
515
|
-
# @!attribute [rw] table_reference
|
516
|
-
# @return [Google::Privacy::Dlp::V2::BigQueryTable]
|
517
|
-
# Complete BigQuery table reference.
|
518
|
-
# @!attribute [rw] row_number
|
519
|
-
# @return [Integer]
|
520
|
-
# Row number inferred at the time the table was scanned. This value is
|
521
|
-
# nondeterministic, cannot be queried, and may be null for inspection
|
522
|
-
# jobs. To locate findings within a table, specify
|
523
|
-
# `inspect_job.storage_config.big_query_options.identifying_fields` in
|
524
|
-
# `CreateDlpJobRequest`.
|
525
|
-
class BigQueryKey; end
|
526
|
-
|
527
|
-
# Record key for a finding in Cloud Datastore.
|
528
|
-
# @!attribute [rw] entity_key
|
529
|
-
# @return [Google::Privacy::Dlp::V2::Key]
|
530
|
-
# Datastore entity key.
|
531
|
-
class DatastoreKey; end
|
532
|
-
|
533
|
-
# A unique identifier for a Datastore entity.
|
534
|
-
# If a key's partition ID or any of its path kinds or names are
|
535
|
-
# reserved/read-only, the key is reserved/read-only.
|
536
|
-
# A reserved/read-only key is forbidden in certain documented contexts.
|
537
|
-
# @!attribute [rw] partition_id
|
538
|
-
# @return [Google::Privacy::Dlp::V2::PartitionId]
|
539
|
-
# Entities are partitioned into subsets, currently identified by a project
|
540
|
-
# ID and namespace ID.
|
541
|
-
# Queries are scoped to a single partition.
|
542
|
-
# @!attribute [rw] path
|
543
|
-
# @return [Array<Google::Privacy::Dlp::V2::Key::PathElement>]
|
544
|
-
# The entity path.
|
545
|
-
# An entity path consists of one or more elements composed of a kind and a
|
546
|
-
# string or numerical identifier, which identify entities. The first
|
547
|
-
# element identifies a _root entity_, the second element identifies
|
548
|
-
# a _child_ of the root entity, the third element identifies a child of the
|
549
|
-
# second entity, and so forth. The entities identified by all prefixes of
|
550
|
-
# the path are called the element's _ancestors_.
|
551
|
-
#
|
552
|
-
# A path can never be empty, and a path can have at most 100 elements.
|
553
|
-
class Key
|
554
|
-
# A (kind, ID/name) pair used to construct a key path.
|
555
|
-
#
|
556
|
-
# If either name or ID is set, the element is complete.
|
557
|
-
# If neither is set, the element is incomplete.
|
558
|
-
# @!attribute [rw] kind
|
559
|
-
# @return [String]
|
560
|
-
# The kind of the entity.
|
561
|
-
# A kind matching regex `__.*__` is reserved/read-only.
|
562
|
-
# A kind must not contain more than 1500 bytes when UTF-8 encoded.
|
563
|
-
# Cannot be `""`.
|
564
|
-
# @!attribute [rw] id
|
565
|
-
# @return [Integer]
|
566
|
-
# The auto-allocated ID of the entity.
|
567
|
-
# Never equal to zero. Values less than zero are discouraged and may not
|
568
|
-
# be supported in the future.
|
569
|
-
# @!attribute [rw] name
|
570
|
-
# @return [String]
|
571
|
-
# The name of the entity.
|
572
|
-
# A name matching regex `__.*__` is reserved/read-only.
|
573
|
-
# A name must not be more than 1500 bytes when UTF-8 encoded.
|
574
|
-
# Cannot be `""`.
|
575
|
-
class PathElement; end
|
576
|
-
end
|
577
|
-
|
578
|
-
# Message for a unique key indicating a record that contains a finding.
|
579
|
-
# @!attribute [rw] datastore_key
|
580
|
-
# @return [Google::Privacy::Dlp::V2::DatastoreKey]
|
581
|
-
# @!attribute [rw] big_query_key
|
582
|
-
# @return [Google::Privacy::Dlp::V2::BigQueryKey]
|
583
|
-
# @!attribute [rw] id_values
|
584
|
-
# @return [Array<String>]
|
585
|
-
# Values of identifying columns in the given row. Order of values matches
|
586
|
-
# the order of `identifying_fields` specified in the scanning request.
|
587
|
-
class RecordKey; end
|
588
|
-
|
589
|
-
# Message defining the location of a BigQuery table. A table is uniquely
|
590
|
-
# identified by its project_id, dataset_id, and table_name. Within a query
|
591
|
-
# a table is often referenced with a string in the format of:
|
592
|
-
# `<project_id>:<dataset_id>.<table_id>` or
|
593
|
-
# `<project_id>.<dataset_id>.<table_id>`.
|
594
|
-
# @!attribute [rw] project_id
|
595
|
-
# @return [String]
|
596
|
-
# The Google Cloud Platform project ID of the project containing the table.
|
597
|
-
# If omitted, project ID is inferred from the API call.
|
598
|
-
# @!attribute [rw] dataset_id
|
599
|
-
# @return [String]
|
600
|
-
# Dataset ID of the table.
|
601
|
-
# @!attribute [rw] table_id
|
602
|
-
# @return [String]
|
603
|
-
# Name of the table.
|
604
|
-
class BigQueryTable; end
|
605
|
-
|
606
|
-
# Message defining a field of a BigQuery table.
|
607
|
-
# @!attribute [rw] table
|
608
|
-
# @return [Google::Privacy::Dlp::V2::BigQueryTable]
|
609
|
-
# Source table of the field.
|
610
|
-
# @!attribute [rw] field
|
611
|
-
# @return [Google::Privacy::Dlp::V2::FieldId]
|
612
|
-
# Designated field in the BigQuery table.
|
613
|
-
class BigQueryField; end
|
614
|
-
|
615
|
-
# An entity in a dataset is a field or set of fields that correspond to a
|
616
|
-
# single person. For example, in medical records the `EntityId` might be a
|
617
|
-
# patient identifier, or for financial records it might be an account
|
618
|
-
# identifier. This message is used when generalizations or analysis must take
|
619
|
-
# into account that multiple rows correspond to the same entity.
|
620
|
-
# @!attribute [rw] field
|
621
|
-
# @return [Google::Privacy::Dlp::V2::FieldId]
|
622
|
-
# Composite key indicating which field contains the entity identifier.
|
623
|
-
class EntityId; end
|
624
|
-
|
625
|
-
# Instructions regarding the table content being inspected.
|
626
|
-
# @!attribute [rw] identifying_fields
|
627
|
-
# @return [Array<Google::Privacy::Dlp::V2::FieldId>]
|
628
|
-
# The columns that are the primary keys for table objects included in
|
629
|
-
# ContentItem. A copy of this cell's value will stored alongside alongside
|
630
|
-
# each finding so that the finding can be traced to the specific row it came
|
631
|
-
# from. No more than 3 may be provided.
|
632
|
-
class TableOptions; end
|
633
|
-
|
634
|
-
# Definitions of file type groups to scan.
|
635
|
-
module FileType
|
636
|
-
# Includes all files.
|
637
|
-
FILE_TYPE_UNSPECIFIED = 0
|
638
|
-
|
639
|
-
# Includes all file extensions not covered by text file types.
|
640
|
-
BINARY_FILE = 1
|
641
|
-
|
642
|
-
# Included file extensions:
|
643
|
-
# asc, brf, c, cc, cpp, csv, cxx, c++, cs, css, dart, eml, go, h, hh, hpp,
|
644
|
-
# hxx, h++, hs, html, htm, shtml, shtm, xhtml, lhs, ini, java, js, json,
|
645
|
-
# ocaml, md, mkd, markdown, m, ml, mli, pl, pm, php, phtml, pht, py, pyw,
|
646
|
-
# rb, rbw, rs, rc, scala, sh, sql, tex, txt, text, tsv, vcard, vcs, wml,
|
647
|
-
# xml, xsl, xsd, yml, yaml.
|
648
|
-
TEXT_FILE = 2
|
649
|
-
|
650
|
-
# Included file extensions:
|
651
|
-
# bmp, gif, jpg, jpeg, jpe, png.
|
652
|
-
# bytes_limit_per_file has no effect on image files.
|
653
|
-
IMAGE = 3
|
654
|
-
|
655
|
-
# Included file extensions:
|
656
|
-
# avro
|
657
|
-
AVRO = 7
|
658
|
-
end
|
659
|
-
|
660
|
-
# Categorization of results based on how likely they are to represent a match,
|
661
|
-
# based on the number of elements they contain which imply a match.
|
662
|
-
module Likelihood
|
663
|
-
# Default value; same as POSSIBLE.
|
664
|
-
LIKELIHOOD_UNSPECIFIED = 0
|
665
|
-
|
666
|
-
# Few matching elements.
|
667
|
-
VERY_UNLIKELY = 1
|
668
|
-
|
669
|
-
UNLIKELY = 2
|
670
|
-
|
671
|
-
# Some matching elements.
|
672
|
-
POSSIBLE = 3
|
673
|
-
|
674
|
-
LIKELY = 4
|
675
|
-
|
676
|
-
# Many matching elements.
|
677
|
-
VERY_LIKELY = 5
|
678
|
-
end
|
679
|
-
end
|
680
|
-
end
|
681
|
-
end
|
682
|
-
end
|