suguo
/
googleapis
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Release new file type enums and new MetadataLocation proto. 

PiperOrigin-RevId: 310622219
This commit is contained in:
Google APIs 2020-05-08 13:49:57 -07:00 committed by Copybara-Service
parent 482e5206e0
commit 1019b0d9db
2 changed files with 256 additions and 186 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

426
google/privacy/dlp/v2/dlp.proto
View File

@ -53,8 +53,7 @@ option (google.api.resource_definition) = {
// https://cloud.google.com/dlp/docs/.
service DlpService {
option (google.api.default_host) = "dlp.googleapis.com";
option (google.api.oauth_scopes) =
"https://www.googleapis.com/auth/cloud-platform";
option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
// Finds potentially sensitive info in content.
// This method has limits on input size, processing time, and output size.
@ -103,8 +102,7 @@ service DlpService {
// When no InfoTypes or CustomInfoTypes are specified in this request, the
// system will automatically choose what detectors to run. By default this may
// be all types, but may change over time as detectors are updated.
rpc DeidentifyContent(DeidentifyContentRequest)
returns (DeidentifyContentResponse) {
rpc DeidentifyContent(DeidentifyContentRequest) returns (DeidentifyContentResponse) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/content:deidentify"
body: "*"
@ -119,8 +117,7 @@ service DlpService {
// See
// https://cloud.google.com/dlp/docs/pseudonymization#re-identification_in_free_text_code_example
// to learn more.
rpc ReidentifyContent(ReidentifyContentRequest)
returns (ReidentifyContentResponse) {
rpc ReidentifyContent(ReidentifyContentRequest) returns (ReidentifyContentResponse) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/content:reidentify"
body: "*"
@ -137,7 +134,9 @@ service DlpService {
rpc ListInfoTypes(ListInfoTypesRequest) returns (ListInfoTypesResponse) {
option (google.api.http) = {
get: "/v2/infoTypes"
additional_bindings { get: "/v2/locations/{location_id}/infoTypes" }
additional_bindings {
get: "/v2/locations/{location_id}/infoTypes"
}
};
option (google.api.method_signature) = "location_id";
}
@ -145,8 +144,7 @@ service DlpService {
// Creates an InspectTemplate for re-using frequently used configuration
// for inspecting content, images, and storage.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc CreateInspectTemplate(CreateInspectTemplateRequest)
returns (InspectTemplate) {
rpc CreateInspectTemplate(CreateInspectTemplateRequest) returns (InspectTemplate) {
option (google.api.http) = {
post: "/v2/{parent=organizations/*}/inspectTemplates"
body: "*"
@ -164,14 +162,12 @@ service DlpService {
}
};
option (google.api.method_signature) = "parent,inspect_template";
option (google.api.method_signature) =
"parent,inspect_template,location_id";
option (google.api.method_signature) = "parent,inspect_template,location_id";
}
// Updates the InspectTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc UpdateInspectTemplate(UpdateInspectTemplateRequest)
returns (InspectTemplate) {
rpc UpdateInspectTemplate(UpdateInspectTemplateRequest) returns (InspectTemplate) {
option (google.api.http) = {
patch: "/v2/{name=organizations/*/inspectTemplates/*}"
body: "*"
@ -199,7 +195,9 @@ service DlpService {
additional_bindings {
get: "/v2/{name=organizations/*/locations/*/inspectTemplates/*}"
}
additional_bindings { get: "/v2/{name=projects/*/inspectTemplates/*}" }
additional_bindings {
get: "/v2/{name=projects/*/inspectTemplates/*}"
}
additional_bindings {
get: "/v2/{name=projects/*/locations/*/inspectTemplates/*}"
}
@ -209,14 +207,15 @@ service DlpService {
// Lists InspectTemplates.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc ListInspectTemplates(ListInspectTemplatesRequest)
returns (ListInspectTemplatesResponse) {
rpc ListInspectTemplates(ListInspectTemplatesRequest) returns (ListInspectTemplatesResponse) {
option (google.api.http) = {
get: "/v2/{parent=organizations/*}/inspectTemplates"
additional_bindings {
get: "/v2/{parent=organizations/*}/locations/{location_id}/inspectTemplates"
}
additional_bindings { get: "/v2/{parent=projects/*}/inspectTemplates" }
additional_bindings {
get: "/v2/{parent=projects/*}/inspectTemplates"
}
additional_bindings {
get: "/v2/{parent=projects/*}/locations/{location_id}/inspectTemplates"
}
@ -226,14 +225,15 @@ service DlpService {
// Deletes an InspectTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc DeleteInspectTemplate(DeleteInspectTemplateRequest)
returns (google.protobuf.Empty) {
rpc DeleteInspectTemplate(DeleteInspectTemplateRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=organizations/*/inspectTemplates/*}"
additional_bindings {
delete: "/v2/{name=organizations/*/locations/*/inspectTemplates/*}"
}
additional_bindings { delete: "/v2/{name=projects/*/inspectTemplates/*}" }
additional_bindings {
delete: "/v2/{name=projects/*/inspectTemplates/*}"
}
additional_bindings {
delete: "/v2/{name=projects/*/locations/*/inspectTemplates/*}"
}
@ -245,8 +245,7 @@ service DlpService {
// for de-identifying content, images, and storage.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc CreateDeidentifyTemplate(CreateDeidentifyTemplateRequest)
returns (DeidentifyTemplate) {
rpc CreateDeidentifyTemplate(CreateDeidentifyTemplateRequest) returns (DeidentifyTemplate) {
option (google.api.http) = {
post: "/v2/{parent=organizations/*}/deidentifyTemplates"
body: "*"
@ -264,15 +263,13 @@ service DlpService {
}
};
option (google.api.method_signature) = "parent,deidentify_template";
option (google.api.method_signature) =
"parent,deidentify_template,location_id";
option (google.api.method_signature) = "parent,deidentify_template,location_id";
}
// Updates the DeidentifyTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc UpdateDeidentifyTemplate(UpdateDeidentifyTemplateRequest)
returns (DeidentifyTemplate) {
rpc UpdateDeidentifyTemplate(UpdateDeidentifyTemplateRequest) returns (DeidentifyTemplate) {
option (google.api.http) = {
patch: "/v2/{name=organizations/*/deidentifyTemplates/*}"
body: "*"
@ -289,21 +286,21 @@ service DlpService {
body: "*"
}
};
option (google.api.method_signature) =
"name,deidentify_template,update_mask";
option (google.api.method_signature) = "name,deidentify_template,update_mask";
}
// Gets a DeidentifyTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc GetDeidentifyTemplate(GetDeidentifyTemplateRequest)
returns (DeidentifyTemplate) {
rpc GetDeidentifyTemplate(GetDeidentifyTemplateRequest) returns (DeidentifyTemplate) {
option (google.api.http) = {
get: "/v2/{name=organizations/*/deidentifyTemplates/*}"
additional_bindings {
get: "/v2/{name=organizations/*/locations/*/deidentifyTemplates/*}"
}
additional_bindings { get: "/v2/{name=projects/*/deidentifyTemplates/*}" }
additional_bindings {
get: "/v2/{name=projects/*/deidentifyTemplates/*}"
}
additional_bindings {
get: "/v2/{name=projects/*/locations/*/deidentifyTemplates/*}"
}
@ -314,14 +311,15 @@ service DlpService {
// Lists DeidentifyTemplates.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc ListDeidentifyTemplates(ListDeidentifyTemplatesRequest)
returns (ListDeidentifyTemplatesResponse) {
rpc ListDeidentifyTemplates(ListDeidentifyTemplatesRequest) returns (ListDeidentifyTemplatesResponse) {
option (google.api.http) = {
get: "/v2/{parent=organizations/*}/deidentifyTemplates"
additional_bindings {
get: "/v2/{parent=organizations/*}/locations/{location_id}/deidentifyTemplates"
}
additional_bindings { get: "/v2/{parent=projects/*}/deidentifyTemplates" }
additional_bindings {
get: "/v2/{parent=projects/*}/deidentifyTemplates"
}
additional_bindings {
get: "/v2/{parent=projects/*}/locations/{location_id}/deidentifyTemplates"
}
@ -332,8 +330,7 @@ service DlpService {
// Deletes a DeidentifyTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc DeleteDeidentifyTemplate(DeleteDeidentifyTemplateRequest)
returns (google.protobuf.Empty) {
rpc DeleteDeidentifyTemplate(DeleteDeidentifyTemplateRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=organizations/*/deidentifyTemplates/*}"
additional_bindings {
@ -385,8 +382,7 @@ service DlpService {
// Early access feature is in a pre-release state and might change or have
// limited support. For more information, see
// https://cloud.google.com/products#product-launch-stages.
rpc HybridInspectJobTrigger(HybridInspectJobTriggerRequest)
returns (HybridInspectResponse) {
rpc HybridInspectJobTrigger(HybridInspectJobTriggerRequest) returns (HybridInspectResponse) {
option (google.api.http) = {
post: "/v2/{name=projects/*/locations/*/jobTriggers/*}:hybridInspect"
body: "*"
@ -408,8 +404,7 @@ service DlpService {
// Lists job triggers.
// See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
rpc ListJobTriggers(ListJobTriggersRequest)
returns (ListJobTriggersResponse) {
rpc ListJobTriggers(ListJobTriggersRequest) returns (ListJobTriggersResponse) {
option (google.api.http) = {
get: "/v2/{parent=projects/*}/jobTriggers"
additional_bindings {
@ -421,8 +416,7 @@ service DlpService {
// Deletes a job trigger.
// See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
rpc DeleteJobTrigger(DeleteJobTriggerRequest)
returns (google.protobuf.Empty) {
rpc DeleteJobTrigger(DeleteJobTriggerRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=projects/*/jobTriggers/*}"
additional_bindings {
@ -486,7 +480,9 @@ service DlpService {
rpc GetDlpJob(GetDlpJobRequest) returns (DlpJob) {
option (google.api.http) = {
get: "/v2/{name=projects/*/dlpJobs/*}"
additional_bindings { get: "/v2/{name=projects/*/locations/*/dlpJobs/*}" }
additional_bindings {
get: "/v2/{name=projects/*/locations/*/dlpJobs/*}"
}
};
option (google.api.method_signature) = "name";
}
@ -525,8 +521,7 @@ service DlpService {
// Creates a pre-built stored infoType to be used for inspection.
// See https://cloud.google.com/dlp/docs/creating-stored-infotypes to
// learn more.
rpc CreateStoredInfoType(CreateStoredInfoTypeRequest)
returns (StoredInfoType) {
rpc CreateStoredInfoType(CreateStoredInfoTypeRequest) returns (StoredInfoType) {
option (google.api.http) = {
post: "/v2/{parent=organizations/*}/storedInfoTypes"
body: "*"
@ -551,8 +546,7 @@ service DlpService {
// will continue to be used until the new version is ready.
// See https://cloud.google.com/dlp/docs/creating-stored-infotypes to
// learn more.
rpc UpdateStoredInfoType(UpdateStoredInfoTypeRequest)
returns (StoredInfoType) {
rpc UpdateStoredInfoType(UpdateStoredInfoTypeRequest) returns (StoredInfoType) {
option (google.api.http) = {
patch: "/v2/{name=organizations/*/storedInfoTypes/*}"
body: "*"
@ -581,7 +575,9 @@ service DlpService {
additional_bindings {
get: "/v2/{name=organizations/*/locations/*/storedInfoTypes/*}"
}
additional_bindings { get: "/v2/{name=projects/*/storedInfoTypes/*}" }
additional_bindings {
get: "/v2/{name=projects/*/storedInfoTypes/*}"
}
additional_bindings {
get: "/v2/{name=projects/*/locations/*/storedInfoTypes/*}"
}
@ -592,14 +588,15 @@ service DlpService {
// Lists stored infoTypes.
// See https://cloud.google.com/dlp/docs/creating-stored-infotypes to
// learn more.
rpc ListStoredInfoTypes(ListStoredInfoTypesRequest)
returns (ListStoredInfoTypesResponse) {
rpc ListStoredInfoTypes(ListStoredInfoTypesRequest) returns (ListStoredInfoTypesResponse) {
option (google.api.http) = {
get: "/v2/{parent=organizations/*}/storedInfoTypes"
additional_bindings {
get: "/v2/{parent=organizations/*}/locations/{location_id}/storedInfoTypes"
}
additional_bindings { get: "/v2/{parent=projects/*}/storedInfoTypes" }
additional_bindings {
get: "/v2/{parent=projects/*}/storedInfoTypes"
}
additional_bindings {
get: "/v2/{parent=projects/*}/locations/{location_id}/storedInfoTypes"
}
@ -610,14 +607,15 @@ service DlpService {
// Deletes a stored infoType.
// See https://cloud.google.com/dlp/docs/creating-stored-infotypes to
// learn more.
rpc DeleteStoredInfoType(DeleteStoredInfoTypeRequest)
returns (google.protobuf.Empty) {
rpc DeleteStoredInfoType(DeleteStoredInfoTypeRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=organizations/*/storedInfoTypes/*}"
additional_bindings {
delete: "/v2/{name=organizations/*/locations/*/storedInfoTypes/*}"
}
additional_bindings { delete: "/v2/{name=projects/*/storedInfoTypes/*}" }
additional_bindings {
delete: "/v2/{name=projects/*/storedInfoTypes/*}"
}
additional_bindings {
delete: "/v2/{name=projects/*/locations/*/storedInfoTypes/*}"
}
@ -631,8 +629,7 @@ service DlpService {
// Early access feature is in a pre-release state and might change or have
// limited support. For more information, see
// https://cloud.google.com/products#product-launch-stages.
rpc HybridInspectDlpJob(HybridInspectDlpJobRequest)
returns (HybridInspectResponse) {
rpc HybridInspectDlpJob(HybridInspectDlpJobRequest) returns (HybridInspectResponse) {
option (google.api.http) = {
post: "/v2/{name=projects/*/locations/*/dlpJobs/*}:hybridInspect"
body: "*"
@ -786,7 +783,7 @@ message InspectConfig {
// Container for bytes to inspect or redact.
message ByteContentItem {
// The type of data being sent to in data.
// The type of data being sent for inspection.
enum BytesType {
// Unused
BYTES_TYPE_UNSPECIFIED = 0;
@ -809,6 +806,12 @@ message ByteContentItem {
// plain text
TEXT_UTF8 = 5;
// docx, docm, dotx, dotm
WORD_DOCUMENT = 7;
// pdf
PDF = 8;
// avro
AVRO = 11;
}
@ -871,13 +874,13 @@ message InspectResult {
// Represents a piece of potentially sensitive content.
message Finding {
option (google.api.resource) = {
type: "dlp.googleapis.com/InspectFinding"
type: "dlp.googleapis.com/Finding"
pattern: "projects/{project}/locations/{location}/findings/{finding}"
};
// Resource name in format
// projects/{project}/locations/{location}/findings/{finding}
// Populated only when viewing persisted findings.
// projects/{project}/locations/{location}/findings/{finding} Populated only
// when viewing persisted findings.
string name = 14;
// The content that was found. Even if the content is not textual, it
@ -906,19 +909,16 @@ message Finding {
QuoteInfo quote_info = 7;
// The job that stored the finding.
string resource_name = 8
[(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }];
string resource_name = 8 [(google.api.resource_reference) = {
type: "dlp.googleapis.com/DlpJob"
}];
// Job trigger name, if applicable, for this finding.
// (-- api-linter: core::0122::name-suffix=disabled
// aip.dev/not-precedent: AIP-122 discourages _name suffixes for
// resource names, but this has existed as part of the bigquery schema
// before this rule existed. --)
string trigger_name = 9 [
(google.api.resource_reference) = { type: "dlp.googleapis.com/JobTrigger" }
];
string trigger_name = 9 [(google.api.resource_reference) = {
type: "dlp.googleapis.com/JobTrigger"
}];
// The labels associated with this `InspectFinding`.
// The labels associated with this `Finding`.
//
// Label keys must be between 1 and 63 characters long and must conform
// to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`.
@ -937,12 +937,9 @@ message Finding {
google.protobuf.Timestamp job_create_time = 11;
// The job that stored the finding.
// (-- api-linter: core::0122::name-suffix=disabled
// aip.dev/not-precedent: AIP-122 discourages _name suffixes for
// resource names, but this has existed as part of the bigquery schema
// before this rule existed. --)
string job_name = 13
[(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }];
string job_name = 13 [(google.api.resource_reference) = {
type: "dlp.googleapis.com/DlpJob"
}];
}
// Specifies the location of the finding.
@ -992,6 +989,9 @@ message ContentLocation {
// Location data for document files.
DocumentLocation document_location = 5;
// Location within the metadata for inspected content.
MetadataLocation metadata_location = 8;
}
// Findings container modification timestamp, if applicable.
@ -1005,6 +1005,24 @@ message ContentLocation {
string container_version = 7;
}
// Metadata Location
message MetadataLocation {
// Type of metadata containing the finding.
MetadataType type = 1;
// Label of the piece of metadata containing the finding, for example -
// latitude, author, caption.
oneof label {
// Storage metadata.
StorageMetadataLabel storage_label = 3;
}
}
// Storage metadata label to indicate which metadata entry contains findings.
message StorageMetadataLabel {
string key = 1;
}
// Location of a finding within a document.
message DocumentLocation {
// Offset of the line, from the beginning of the file, where the finding
@ -1026,7 +1044,12 @@ message RecordLocation {
// Location of a finding within a table.
message TableLocation {
// The zero-based index of the row where the finding is located.
// The zero-based index of the row where the finding is located. Only
// populated for resources that have a natural ordering, not BigQuery. In
// BigQuery, to identify the row a finding came from, populate
// BigQueryOptions.identifying_fields with your primary key column names and
// when you store the findings the value of those columns will be stored
// inside of Finding.
int64 row_index = 1;
}
@ -1128,11 +1151,12 @@ message RedactImageRequest {
// The parent resource name, for example projects/my-project-id.
string parent = 1 [(google.api.resource_reference) = {
type: "cloudresourcemanager.googleapis.com/Project"
}];
type: "cloudresourcemanager.googleapis.com/Project"
}];
// The geographic location to process the request. Reserved for future
// extensions.
// Location is restricted to 'global', 'us', 'asia', and 'europe'.
string location_id = 8;
// Configuration for the inspector.
@ -1179,8 +1203,8 @@ message RedactImageResponse {
message DeidentifyContentRequest {
// The parent resource name, for example projects/my-project-id.
string parent = 1 [(google.api.resource_reference) = {
type: "cloudresourcemanager.googleapis.com/Project"
}];
type: "cloudresourcemanager.googleapis.com/Project"
}];
// Configuration for the de-identification of the content item.
// Items specified here will override the template referenced by the
@ -1284,8 +1308,8 @@ message ReidentifyContentResponse {
message InspectContentRequest {
// The parent resource name, for example projects/my-project-id.
string parent = 1 [(google.api.resource_reference) = {
type: "cloudresourcemanager.googleapis.com/Project"
}];
type: "cloudresourcemanager.googleapis.com/Project"
}];
// Configuration for the inspector. What specified here will override
// the template referenced by the inspect_template_name argument.
@ -1303,6 +1327,8 @@ message InspectContentRequest {
// The geographic location to process content inspection. Reserved for future
// extensions.
// When inspecting images location is restricted to 'global', 'us', 'asia',
// and 'europe'.
string location_id = 5;
}
@ -1416,7 +1442,7 @@ message InspectDataSourceDetails {
Result result = 3;
}
// Statistics related to processing hybrid inspect requests.s
// Statistics related to processing hybrid inspect requests.
message HybridInspectStatistics {
// The number of hybrid inspection requests processed within this job.
int64 processed_count = 1;
@ -1536,11 +1562,10 @@ message StatisticalTable {
BigQueryTable table = 3 [(google.api.field_behavior) = REQUIRED];
// Required. Quasi-identifier columns.
repeated QuasiIdentifierField quasi_ids = 1
[(google.api.field_behavior) = REQUIRED];
repeated QuasiIdentifierField quasi_ids = 1 [(google.api.field_behavior) = REQUIRED];
// Required. The relative frequency column must contain a floating-point
// number between 0 and 1 (inclusive). Null values are assumed to be zero.
// Required. The relative frequency column must contain a floating-point number
// between 0 and 1 (inclusive). Null values are assumed to be zero.
FieldId relative_frequency = 2 [(google.api.field_behavior) = REQUIRED];
}
@ -1653,16 +1678,15 @@ message PrivacyMetric {
BigQueryTable table = 3 [(google.api.field_behavior) = REQUIRED];
// Required. Quasi-identifier columns.
repeated QuasiIdField quasi_ids = 1
[(google.api.field_behavior) = REQUIRED];
repeated QuasiIdField quasi_ids = 1 [(google.api.field_behavior) = REQUIRED];
// Required. The relative frequency column must contain a floating-point
// number between 0 and 1 (inclusive). Null values are assumed to be zero.
// Required. The relative frequency column must contain a floating-point number
// between 0 and 1 (inclusive). Null values are assumed to be zero.
FieldId relative_frequency = 2 [(google.api.field_behavior) = REQUIRED];
}
// Required. Fields considered to be quasi-identifiers. No two columns can
// have the same tag.
// Required. Fields considered to be quasi-identifiers. No two columns can have the
// same tag.
repeated TaggedField quasi_ids = 1 [(google.api.field_behavior) = REQUIRED];
// ISO 3166-1 alpha-2 region code to use in the statistical modeling.
@ -1681,8 +1705,8 @@ message PrivacyMetric {
// Similarly to the k-map metric, we cannot compute δ-presence exactly without
// knowing the attack dataset, so we use a statistical model instead.
message DeltaPresenceEstimationConfig {
// Required. Fields considered to be quasi-identifiers. No two fields can
// have the same tag.
// Required. Fields considered to be quasi-identifiers. No two fields can have the
// same tag.
repeated QuasiId quasi_ids = 1 [(google.api.field_behavior) = REQUIRED];
// ISO 3166-1 alpha-2 region code to use in the statistical modeling.
@ -1755,8 +1779,7 @@ message AnalyzeDataSourceRiskDetails {
}
// Histogram of value frequencies in the column.
repeated CategoricalStatsHistogramBucket value_frequency_histogram_buckets =
5;
repeated CategoricalStatsHistogramBucket value_frequency_histogram_buckets = 5;
}
// Result of the k-anonymity computation.
@ -1836,8 +1859,7 @@ message AnalyzeDataSourceRiskDetails {
}
// Histogram of l-diversity equivalence class sensitive value frequencies.
repeated LDiversityHistogramBucket
sensitive_value_frequency_histogram_buckets = 5;
repeated LDiversityHistogramBucket sensitive_value_frequency_histogram_buckets = 5;
}
// Result of the reidentifiability analysis. Note that these results are an
@ -1943,8 +1965,7 @@ message AnalyzeDataSourceRiskDetails {
// {min_probability: 0.3, max_probability: 0.4, frequency: 99}
// mean that there are no record with an estimated probability in [0.1, 0.2)
// nor larger or equal to 0.4.
repeated DeltaPresenceEstimationHistogramBucket
delta_presence_estimation_histogram = 1;
repeated DeltaPresenceEstimationHistogramBucket delta_presence_estimation_histogram = 1;
}
// Privacy metric to compute.
@ -2080,13 +2101,17 @@ message DeidentifyConfig {
// `TransformationOverviews`.
message TransformationErrorHandling {
// Throw an error and fail the request when a transformation error occurs.
message ThrowError {}
message ThrowError {
}
// Skips the data without modifying it if the requested transformation would
// cause an error. For example, if a `DateShift` transformation were applied
// an an IP address, this mode would leave the IP address unchanged in the
// response.
message LeaveUntransformed {}
message LeaveUntransformed {
}
// How transformation errors should be handled.
oneof mode {
@ -2248,12 +2273,16 @@ message ReplaceValueConfig {
}
// Replace each matching finding with the name of the info_type.
message ReplaceWithInfoTypeConfig {}
message ReplaceWithInfoTypeConfig {
}
// Redact a given value. For example, if used with an `InfoTypeTransformation`
// transforming PHONE_NUMBER, and input 'My phone number is 206-555-0123', the
// output would be 'My phone number is '.
message RedactConfig {}
message RedactConfig {
}
// Characters to skip when doing deidentification of a value. These will be left
// alone and skipped.
@ -2337,18 +2366,18 @@ message CharacterMaskConfig {
//
// See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.
message FixedSizeBucketingConfig {
// Required. Lower bound value of buckets. All values less than `lower_bound`
// are grouped together into a single bucket; for example if `lower_bound` =
// 10, then all values less than 10 are replaced with the value -10.
// Required. Lower bound value of buckets. All values less than `lower_bound` are
// grouped together into a single bucket; for example if `lower_bound` = 10,
// then all values less than 10 are replaced with the value -10.
Value lower_bound = 1 [(google.api.field_behavior) = REQUIRED];
// Required. Upper bound value of buckets. All values greater than upper_bound
// are grouped together into a single bucket; for example if `upper_bound` =
// 89, then all values greater than 89 are replaced with the value 89+.
// Required. Upper bound value of buckets. All values greater than upper_bound are
// grouped together into a single bucket; for example if `upper_bound` = 89,
// then all values greater than 89 are replaced with the value 89+.
Value upper_bound = 2 [(google.api.field_behavior) = REQUIRED];
// Required. Size of each bucket (except for minimum and maximum buckets). So
// if `lower_bound` = 10, `upper_bound` = 89, and `bucket_size` = 10, then the
// Required. Size of each bucket (except for minimum and maximum buckets). So if
// `lower_bound` = 10, `upper_bound` = 89, and `bucket_size` = 10, then the
// following buckets would be used: -10, 10-20, 20-30, 30-40, 40-50, 50-60,
// 60-70, 70-80, 80-89, 89+. Precision up to 2 decimals works.
double bucket_size = 3 [(google.api.field_behavior) = REQUIRED];
@ -2542,15 +2571,14 @@ message KmsWrappedCryptoKey {
// same context. See https://cloud.google.com/dlp/docs/concepts-date-shifting
// to learn more.
message DateShiftConfig {
// Required. Range of shift in days. Actual shift will be selected at random
// within this range (inclusive ends). Negative means shift to earlier in
// time. Must not be more than 365250 days (1000 years) each direction.
// Required. Range of shift in days. Actual shift will be selected at random within this
// range (inclusive ends). Negative means shift to earlier in time. Must not
// be more than 365250 days (1000 years) each direction.
//
// For example, 3 means shift date to at most 3 days into the future.
int32 upper_bound_days = 1 [(google.api.field_behavior) = REQUIRED];
// Required. For example, -5 means shift date to at most 5 days back in the
// past.
// Required. For example, -5 means shift date to at most 5 days back in the past.
int32 lower_bound_days = 2 [(google.api.field_behavior) = REQUIRED];
// Points to the field that contains the context, for example, an entity id.
@ -2582,14 +2610,12 @@ message InfoTypeTransformations {
repeated InfoType info_types = 1;
// Required. Primitive transformation to apply to the infoType.
PrimitiveTransformation primitive_transformation = 2
[(google.api.field_behavior) = REQUIRED];
PrimitiveTransformation primitive_transformation = 2 [(google.api.field_behavior) = REQUIRED];
}
// Required. Transformation for each infoType. Cannot specify more than one
// for a given infoType.
repeated InfoTypeTransformation transformations = 1
[(google.api.field_behavior) = REQUIRED];
repeated InfoTypeTransformation transformations = 1 [(google.api.field_behavior) = REQUIRED];
}
// The transformation to apply to the field.
@ -2783,7 +2809,9 @@ message Schedule {
// Job trigger option for hybrid jobs. Jobs must be manually created
// and finished.
message Manual {}
message Manual {
}
// The inspectTemplate contains a configuration (set of types of sensitive data
// to be detected) to be used anywhere you otherwise would normally specify
@ -2812,12 +2840,10 @@ message InspectTemplate {
string description = 3;
// Output only. The creation timestamp of an inspectTemplate.
google.protobuf.Timestamp create_time = 4
[(google.api.field_behavior) = OUTPUT_ONLY];
google.protobuf.Timestamp create_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The last update timestamp of an inspectTemplate.
google.protobuf.Timestamp update_time = 5
[(google.api.field_behavior) = OUTPUT_ONLY];
google.protobuf.Timestamp update_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
// The core content of the template. Configuration of the scanning process.
InspectConfig inspect_config = 6;
@ -2848,12 +2874,10 @@ message DeidentifyTemplate {
string description = 3;
// Output only. The creation timestamp of an inspectTemplate.
google.protobuf.Timestamp create_time = 4
[(google.api.field_behavior) = OUTPUT_ONLY];
google.protobuf.Timestamp create_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The last update timestamp of an inspectTemplate.
google.protobuf.Timestamp update_time = 5
[(google.api.field_behavior) = OUTPUT_ONLY];
google.protobuf.Timestamp update_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
// ///////////// // The core content of the template // ///////////////
DeidentifyConfig deidentify_config = 6;
@ -2932,23 +2956,20 @@ message JobTrigger {
// a single Schedule trigger and must have at least one object.
repeated Trigger triggers = 5;
// Output only. A stream of errors encountered when the trigger was activated.
// Repeated errors may result in the JobTrigger automatically being paused.
// Output only. A stream of errors encountered when the trigger was activated. Repeated
// errors may result in the JobTrigger automatically being paused.
// Will return the last 100 errors. Whenever the JobTrigger is modified
// this list will be cleared.
repeated Error errors = 6 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The creation timestamp of a triggeredJob.
google.protobuf.Timestamp create_time = 7
[(google.api.field_behavior) = OUTPUT_ONLY];
google.protobuf.Timestamp create_time = 7 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The last update timestamp of a triggeredJob.
google.protobuf.Timestamp update_time = 8
[(google.api.field_behavior) = OUTPUT_ONLY];
google.protobuf.Timestamp update_time = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The timestamp of the last time this trigger executed.
google.protobuf.Timestamp last_run_time = 9
[(google.api.field_behavior) = OUTPUT_ONLY];
google.protobuf.Timestamp last_run_time = 9 [(google.api.field_behavior) = OUTPUT_ONLY];
// Required. A status for this trigger.
Status status = 10 [(google.api.field_behavior) = REQUIRED];
@ -2989,7 +3010,9 @@ message Action {
// service-specific policy, see https://cloud.google.com/terms/service-terms
// Only a single instance of this action can be specified.
// Compatible with: Inspect
message PublishSummaryToCscc {}
message PublishSummaryToCscc {
}
// Publish findings of a DlpJob to Cloud Data Catalog. Labels summarizing the
// results of the DlpJob will be applied to the entry for the resource scanned
@ -3001,17 +3024,23 @@ message Action {
// Only a single instance of this action can be specified and only allowed if
// all resources being scanned are BigQuery tables.
// Compatible with: Inspect
message PublishFindingsToCloudDataCatalog {}
message PublishFindingsToCloudDataCatalog {
}
// Enable email notification to project owners and editors on jobs's
// completion/failure.
message JobNotificationEmails {}
message JobNotificationEmails {
}
// Enable Stackdriver metric dlp.googleapis.com/finding_count. This
// will publish a metric to stack driver on each infotype requested and
// how many findings were found for it. CustomDetectors will be bucketed
// as 'Custom' under the Stackdriver label 'info_type'.
message PublishToStackdriver {}
message PublishToStackdriver {
}
oneof action {
// Save resulting findings in a provided location.
@ -3024,8 +3053,7 @@ message Action {
PublishSummaryToCscc publish_summary_to_cscc = 3;
// Publish findings to Cloud Datahub.
PublishFindingsToCloudDataCatalog publish_findings_to_cloud_data_catalog =
5;
PublishFindingsToCloudDataCatalog publish_findings_to_cloud_data_catalog = 5;
// Enable email notification for project owners and editors on job's
// completion/failure.
@ -3063,8 +3091,8 @@ message CreateInspectTemplateRequest {
// Request message for UpdateInspectTemplate.
message UpdateInspectTemplateRequest {
// Required. Resource name of organization and inspectTemplate to be updated,
// for example `organizations/433245324/inspectTemplates/432452342` or
// Required. Resource name of organization and inspectTemplate to be updated, for
// example `organizations/433245324/inspectTemplates/432452342` or
// projects/project-id/inspectTemplates/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
@ -3082,8 +3110,8 @@ message UpdateInspectTemplateRequest {
// Request message for GetInspectTemplate.
message GetInspectTemplateRequest {
// Required. Resource name of the organization and inspectTemplate to be read,
// for example `organizations/433245324/inspectTemplates/432452342` or
// Required. Resource name of the organization and inspectTemplate to be read, for
// example `organizations/433245324/inspectTemplates/432452342` or
// projects/project-id/inspectTemplates/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
@ -3144,9 +3172,9 @@ message ListInspectTemplatesResponse {
// Request message for DeleteInspectTemplate.
message DeleteInspectTemplateRequest {
// Required. Resource name of the organization and inspectTemplate to be
// deleted, for example `organizations/433245324/inspectTemplates/432452342`
// or projects/project-id/inspectTemplates/432452342.
// Required. Resource name of the organization and inspectTemplate to be deleted, for
// example `organizations/433245324/inspectTemplates/432452342` or
// projects/project-id/inspectTemplates/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
@ -3185,7 +3213,9 @@ message ActivateJobTriggerRequest {
// `projects/dlp-test-project/jobTriggers/53234423`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/JobTrigger" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/JobTrigger"
}
];
}
@ -3195,7 +3225,9 @@ message UpdateJobTriggerRequest {
// `projects/dlp-test-project/jobTriggers/53234423`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/JobTrigger" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/JobTrigger"
}
];
// New JobTrigger value.
@ -3211,7 +3243,9 @@ message GetJobTriggerRequest {
// `projects/dlp-test-project/jobTriggers/53234423`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/JobTrigger" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/JobTrigger"
}
];
}
@ -3329,7 +3363,9 @@ message DeleteJobTriggerRequest {
// `projects/dlp-test-project/jobTriggers/53234423`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/JobTrigger" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/JobTrigger"
}
];
}
@ -3425,7 +3461,9 @@ message GetDlpJobRequest {
// Required. The name of the DlpJob resource.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/DlpJob"
}
];
}
@ -3512,7 +3550,9 @@ message CancelDlpJobRequest {
// Required. The name of the DlpJob resource to be cancelled.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/DlpJob"
}
];
}
@ -3521,7 +3561,9 @@ message FinishDlpJobRequest {
// Required. The name of the DlpJob resource to be cancelled.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/DlpJob"
}
];
}
@ -3530,7 +3572,9 @@ message DeleteDlpJobRequest {
// Required. The name of the DlpJob resource to be deleted.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/DlpJob"
}
];
}
@ -3546,8 +3590,7 @@ message CreateDeidentifyTemplateRequest {
];
// Required. The DeidentifyTemplate to create.
DeidentifyTemplate deidentify_template = 2
[(google.api.field_behavior) = REQUIRED];
DeidentifyTemplate deidentify_template = 2 [(google.api.field_behavior) = REQUIRED];
// The template id can contain uppercase and lowercase letters,
// numbers, and hyphens; that is, it must match the regular
@ -3562,9 +3605,8 @@ message CreateDeidentifyTemplateRequest {
// Request message for UpdateDeidentifyTemplate.
message UpdateDeidentifyTemplateRequest {
// Required. Resource name of organization and deidentify template to be
// updated, for example
// `organizations/433245324/deidentifyTemplates/432452342` or
// Required. Resource name of organization and deidentify template to be updated, for
// example `organizations/433245324/deidentifyTemplates/432452342` or
// projects/project-id/deidentifyTemplates/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
@ -3582,9 +3624,9 @@ message UpdateDeidentifyTemplateRequest {
// Request message for GetDeidentifyTemplate.
message GetDeidentifyTemplateRequest {
// Required. Resource name of the organization and deidentify template to be
// read, for example `organizations/433245324/deidentifyTemplates/432452342`
// or projects/project-id/deidentifyTemplates/432452342.
// Required. Resource name of the organization and deidentify template to be read, for
// example `organizations/433245324/deidentifyTemplates/432452342` or
// projects/project-id/deidentifyTemplates/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
@ -3645,9 +3687,8 @@ message ListDeidentifyTemplatesResponse {
// Request message for DeleteDeidentifyTemplate.
message DeleteDeidentifyTemplateRequest {
// Required. Resource name of the organization and deidentify template to be
// deleted, for example
// `organizations/433245324/deidentifyTemplates/432452342` or
// Required. Resource name of the organization and deidentify template to be deleted,
// for example `organizations/433245324/deidentifyTemplates/432452342` or
// projects/project-id/deidentifyTemplates/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
@ -3799,8 +3840,8 @@ message CreateStoredInfoTypeRequest {
// Request message for UpdateStoredInfoType.
message UpdateStoredInfoTypeRequest {
// Required. Resource name of organization and storedInfoType to be updated,
// for example `organizations/433245324/storedInfoTypes/432452342` or
// Required. Resource name of organization and storedInfoType to be updated, for
// example `organizations/433245324/storedInfoTypes/432452342` or
// projects/project-id/storedInfoTypes/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
@ -3820,8 +3861,8 @@ message UpdateStoredInfoTypeRequest {
// Request message for GetStoredInfoType.
message GetStoredInfoTypeRequest {
// Required. Resource name of the organization and storedInfoType to be read,
// for example `organizations/433245324/storedInfoTypes/432452342` or
// Required. Resource name of the organization and storedInfoType to be read, for
// example `organizations/433245324/storedInfoTypes/432452342` or
// projects/project-id/storedInfoTypes/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
@ -3883,8 +3924,8 @@ message ListStoredInfoTypesResponse {
// Request message for DeleteStoredInfoType.
message DeleteStoredInfoTypeRequest {
// Required. Resource name of the organization and storedInfoType to be
// deleted, for example `organizations/433245324/storedInfoTypes/432452342` or
// Required. Resource name of the organization and storedInfoType to be deleted, for
// example `organizations/433245324/storedInfoTypes/432452342` or
// projects/project-id/storedInfoTypes/432452342.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
@ -3896,11 +3937,13 @@ message DeleteStoredInfoTypeRequest {
// Request to search for potentially sensitive info in a custom location.
message HybridInspectJobTriggerRequest {
// Required. Resource name of the trigger to execute a hybrid inspect on, for
// example `projects/dlp-test-project/jobTriggers/53234423`.
// Required. Resource name of the trigger to execute a hybrid inspect on, for example
// `projects/dlp-test-project/jobTriggers/53234423`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/JobTrigger" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/JobTrigger"
}
];
// The item to inspect.
@ -3909,11 +3952,13 @@ message HybridInspectJobTriggerRequest {
// Request to search for potentially sensitive info in a custom location.
message HybridInspectDlpJobRequest {
// Required. Resource name of the job to execute a hybrid inspect on, for
// example `projects/dlp-test-project/dlpJob/53234423`.
// Required. Resource name of the job to execute a hybrid inspect on, for example
// `projects/dlp-test-project/dlpJob/53234423`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }
(google.api.resource_reference) = {
type: "dlp.googleapis.com/DlpJob"
}
];
// The item to inspect.
@ -3973,7 +4018,9 @@ message HybridFindingDetails {
}
// Quota exceeded errors will be thrown once quota has been met.
message HybridInspectResponse {}
message HybridInspectResponse {
}
// Operators available for comparing the value of fields.
enum RelationalOperator {
@ -4043,6 +4090,15 @@ enum ContentOption {
CONTENT_IMAGE = 2;
}
// Type of metadata containing the finding.
enum MetadataType {
// Unused
METADATATYPE_UNSPECIFIED = 0;
// General file metadata provided by GCS.
STORAGE_METADATA = 2;
}
// Parts of the APIs which use certain infoTypes.
enum InfoTypeSupportedBy {
// Unused.

16
google/privacy/dlp/v2/storage.proto
View File

@ -134,7 +134,9 @@ message CustomInfoType {
// output. This should be used in conjunction with a field on the
// transformation such as `surrogate_info_type`. This CustomInfoType does
// not support the use of `detection_rules`.
message SurrogateType {}
message SurrogateType {
}
// Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
// `CustomInfoType` to alter behavior under certain circumstances, depending
@ -391,6 +393,9 @@ message CloudStorageOptions {
// If empty, all files are scanned and available data format processors
// are applied. In addition, the binary content of the selected files
// is always scanned as well.
// Images are scanned only as binary if the specified region
// does not support image inspection and no file_types were specified.
// Image inspection is restricted to 'global', 'us', 'asia', and 'europe'.
repeated FileType file_types = 5;
SampleMethod sample_method = 6;
@ -534,8 +539,17 @@ enum FileType {
// Included file extensions:
// bmp, gif, jpg, jpeg, jpe, png.
// bytes_limit_per_file has no effect on image files.
// Image inspection is restricted to 'global', 'us', 'asia', and 'europe'.
IMAGE = 3;
// Included file extensions:
// docx, dotx, docm, dotm
WORD = 5;
// Included file extensions:
// pdf
PDF = 6;
// Included file extensions:
// avro
AVRO = 7;