From 65b0f874e01fc48b4361838af997b1b57f0a6b0f Mon Sep 17 00:00:00 2001 From: Google APIs Date: Fri, 29 Mar 2019 14:43:26 -0700 Subject: [PATCH] Synchronize new proto/yaml changes. PiperOrigin-RevId: 241054775 --- google/privacy/dlp/dlp_v2.yaml | 64 +------ google/privacy/dlp/v2/dlp.proto | 247 ++++++++++++++++++---------- google/privacy/dlp/v2/storage.proto | 7 +- 3 files changed, 165 insertions(+), 153 deletions(-) diff --git a/google/privacy/dlp/dlp_v2.yaml b/google/privacy/dlp/dlp_v2.yaml index 4594628a..d737692c 100644 --- a/google/privacy/dlp/dlp_v2.yaml +++ b/google/privacy/dlp/dlp_v2.yaml @@ -14,72 +14,12 @@ documentation: backend: rules: - - selector: google.privacy.dlp.v2.DlpService.InspectContent - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.RedactImage - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.DeidentifyContent - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ReidentifyContent - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ListInfoTypes - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.CreateInspectTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.UpdateInspectTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.GetInspectTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ListInspectTemplates - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.DeleteInspectTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.CreateDeidentifyTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.UpdateDeidentifyTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.GetDeidentifyTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ListDeidentifyTemplates - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.DeleteDeidentifyTemplate - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.CreateJobTrigger - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.UpdateJobTrigger - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.GetJobTrigger - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ListJobTriggers - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.DeleteJobTrigger - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ActivateJobTrigger - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.CreateDlpJob - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ListDlpJobs - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.GetDlpJob - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.DeleteDlpJob - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.CancelDlpJob - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.CreateStoredInfoType - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.UpdateStoredInfoType - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.GetStoredInfoType - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.ListStoredInfoTypes - deadline: 300.0 - - selector: google.privacy.dlp.v2.DlpService.DeleteStoredInfoType + - selector: 'google.privacy.dlp.v2.DlpService.*' deadline: 300.0 authentication: rules: - - selector: '*' + - selector: 'google.privacy.dlp.v2.DlpService.*' oauth: canonical_scopes: |- https://www.googleapis.com/auth/cloud-platform diff --git a/google/privacy/dlp/v2/dlp.proto b/google/privacy/dlp/v2/dlp.proto index 70457842..3a5dde11 100644 --- a/google/privacy/dlp/v2/dlp.proto +++ b/google/privacy/dlp/v2/dlp.proto @@ -1,4 +1,4 @@ -// Copyright 2018 Google LLC. +// Copyright 2019 Google LLC. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,6 +18,7 @@ syntax = "proto3"; package google.privacy.dlp.v2; import "google/api/annotations.proto"; +import "google/api/resource.proto"; import "google/privacy/dlp/v2/storage.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; @@ -84,8 +85,7 @@ service DlpService { // When no InfoTypes or CustomInfoTypes are specified in this request, the // system will automatically choose what detectors to run. By default this may // be all types, but may change over time as detectors are updated. - rpc DeidentifyContent(DeidentifyContentRequest) - returns (DeidentifyContentResponse) { + rpc DeidentifyContent(DeidentifyContentRequest) returns (DeidentifyContentResponse) { option (google.api.http) = { post: "/v2/{parent=projects/*}/content:deidentify" body: "*" @@ -96,8 +96,7 @@ service DlpService { // See // https://cloud.google.com/dlp/docs/pseudonymization#re-identification_in_free_text_code_example // to learn more. - rpc ReidentifyContent(ReidentifyContentRequest) - returns (ReidentifyContentResponse) { + rpc ReidentifyContent(ReidentifyContentRequest) returns (ReidentifyContentResponse) { option (google.api.http) = { post: "/v2/{parent=projects/*}/content:reidentify" body: "*" @@ -116,8 +115,7 @@ service DlpService { // Creates an InspectTemplate for re-using frequently used configuration // for inspecting content, images, and storage. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc CreateInspectTemplate(CreateInspectTemplateRequest) - returns (InspectTemplate) { + rpc CreateInspectTemplate(CreateInspectTemplateRequest) returns (InspectTemplate) { option (google.api.http) = { post: "/v2/{parent=organizations/*}/inspectTemplates" body: "*" @@ -130,8 +128,7 @@ service DlpService { // Updates the InspectTemplate. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc UpdateInspectTemplate(UpdateInspectTemplateRequest) - returns (InspectTemplate) { + rpc UpdateInspectTemplate(UpdateInspectTemplateRequest) returns (InspectTemplate) { option (google.api.http) = { patch: "/v2/{name=organizations/*/inspectTemplates/*}" body: "*" @@ -147,27 +144,31 @@ service DlpService { rpc GetInspectTemplate(GetInspectTemplateRequest) returns (InspectTemplate) { option (google.api.http) = { get: "/v2/{name=organizations/*/inspectTemplates/*}" - additional_bindings { get: "/v2/{name=projects/*/inspectTemplates/*}" } + additional_bindings { + get: "/v2/{name=projects/*/inspectTemplates/*}" + } }; } // Lists InspectTemplates. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc ListInspectTemplates(ListInspectTemplatesRequest) - returns (ListInspectTemplatesResponse) { + rpc ListInspectTemplates(ListInspectTemplatesRequest) returns (ListInspectTemplatesResponse) { option (google.api.http) = { get: "/v2/{parent=organizations/*}/inspectTemplates" - additional_bindings { get: "/v2/{parent=projects/*}/inspectTemplates" } + additional_bindings { + get: "/v2/{parent=projects/*}/inspectTemplates" + } }; } // Deletes an InspectTemplate. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc DeleteInspectTemplate(DeleteInspectTemplateRequest) - returns (google.protobuf.Empty) { + rpc DeleteInspectTemplate(DeleteInspectTemplateRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=organizations/*/inspectTemplates/*}" - additional_bindings { delete: "/v2/{name=projects/*/inspectTemplates/*}" } + additional_bindings { + delete: "/v2/{name=projects/*/inspectTemplates/*}" + } }; } @@ -175,8 +176,7 @@ service DlpService { // for de-identifying content, images, and storage. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc CreateDeidentifyTemplate(CreateDeidentifyTemplateRequest) - returns (DeidentifyTemplate) { + rpc CreateDeidentifyTemplate(CreateDeidentifyTemplateRequest) returns (DeidentifyTemplate) { option (google.api.http) = { post: "/v2/{parent=organizations/*}/deidentifyTemplates" body: "*" @@ -190,8 +190,7 @@ service DlpService { // Updates the DeidentifyTemplate. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc UpdateDeidentifyTemplate(UpdateDeidentifyTemplateRequest) - returns (DeidentifyTemplate) { + rpc UpdateDeidentifyTemplate(UpdateDeidentifyTemplateRequest) returns (DeidentifyTemplate) { option (google.api.http) = { patch: "/v2/{name=organizations/*/deidentifyTemplates/*}" body: "*" @@ -205,30 +204,31 @@ service DlpService { // Gets a DeidentifyTemplate. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc GetDeidentifyTemplate(GetDeidentifyTemplateRequest) - returns (DeidentifyTemplate) { + rpc GetDeidentifyTemplate(GetDeidentifyTemplateRequest) returns (DeidentifyTemplate) { option (google.api.http) = { get: "/v2/{name=organizations/*/deidentifyTemplates/*}" - additional_bindings { get: "/v2/{name=projects/*/deidentifyTemplates/*}" } + additional_bindings { + get: "/v2/{name=projects/*/deidentifyTemplates/*}" + } }; } // Lists DeidentifyTemplates. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc ListDeidentifyTemplates(ListDeidentifyTemplatesRequest) - returns (ListDeidentifyTemplatesResponse) { + rpc ListDeidentifyTemplates(ListDeidentifyTemplatesRequest) returns (ListDeidentifyTemplatesResponse) { option (google.api.http) = { get: "/v2/{parent=organizations/*}/deidentifyTemplates" - additional_bindings { get: "/v2/{parent=projects/*}/deidentifyTemplates" } + additional_bindings { + get: "/v2/{parent=projects/*}/deidentifyTemplates" + } }; } // Deletes a DeidentifyTemplate. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc DeleteDeidentifyTemplate(DeleteDeidentifyTemplateRequest) - returns (google.protobuf.Empty) { + rpc DeleteDeidentifyTemplate(DeleteDeidentifyTemplateRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=organizations/*/deidentifyTemplates/*}" additional_bindings { @@ -266,8 +266,7 @@ service DlpService { // Lists job triggers. // See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. - rpc ListJobTriggers(ListJobTriggersRequest) - returns (ListJobTriggersResponse) { + rpc ListJobTriggers(ListJobTriggersRequest) returns (ListJobTriggersResponse) { option (google.api.http) = { get: "/v2/{parent=projects/*}/jobTriggers" }; @@ -275,8 +274,7 @@ service DlpService { // Deletes a job trigger. // See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. - rpc DeleteJobTrigger(DeleteJobTriggerRequest) - returns (google.protobuf.Empty) { + rpc DeleteJobTrigger(DeleteJobTriggerRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=projects/*/jobTriggers/*}" }; @@ -349,8 +347,7 @@ service DlpService { // Creates a pre-built stored infoType to be used for inspection. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc CreateStoredInfoType(CreateStoredInfoTypeRequest) - returns (StoredInfoType) { + rpc CreateStoredInfoType(CreateStoredInfoTypeRequest) returns (StoredInfoType) { option (google.api.http) = { post: "/v2/{parent=organizations/*}/storedInfoTypes" body: "*" @@ -365,8 +362,7 @@ service DlpService { // will continue to be used until the new version is ready. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc UpdateStoredInfoType(UpdateStoredInfoTypeRequest) - returns (StoredInfoType) { + rpc UpdateStoredInfoType(UpdateStoredInfoTypeRequest) returns (StoredInfoType) { option (google.api.http) = { patch: "/v2/{name=organizations/*/storedInfoTypes/*}" body: "*" @@ -383,29 +379,33 @@ service DlpService { rpc GetStoredInfoType(GetStoredInfoTypeRequest) returns (StoredInfoType) { option (google.api.http) = { get: "/v2/{name=organizations/*/storedInfoTypes/*}" - additional_bindings { get: "/v2/{name=projects/*/storedInfoTypes/*}" } + additional_bindings { + get: "/v2/{name=projects/*/storedInfoTypes/*}" + } }; } // Lists stored infoTypes. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc ListStoredInfoTypes(ListStoredInfoTypesRequest) - returns (ListStoredInfoTypesResponse) { + rpc ListStoredInfoTypes(ListStoredInfoTypesRequest) returns (ListStoredInfoTypesResponse) { option (google.api.http) = { get: "/v2/{parent=organizations/*}/storedInfoTypes" - additional_bindings { get: "/v2/{parent=projects/*}/storedInfoTypes" } + additional_bindings { + get: "/v2/{parent=projects/*}/storedInfoTypes" + } }; } // Deletes a stored infoType. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc DeleteStoredInfoType(DeleteStoredInfoTypeRequest) - returns (google.protobuf.Empty) { + rpc DeleteStoredInfoType(DeleteStoredInfoTypeRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=organizations/*/storedInfoTypes/*}" - additional_bindings { delete: "/v2/{name=projects/*/storedInfoTypes/*}" } + additional_bindings { + delete: "/v2/{name=projects/*/storedInfoTypes/*}" + } }; } } @@ -423,6 +423,18 @@ message ExcludeInfoTypes { repeated InfoType info_types = 1; } +// Options describing which parts of the provided content should be scanned. +enum ContentOption { + // Includes entire content of a file or a data stream. + CONTENT_UNSPECIFIED = 0; + + // Text content within the data, excluding any metadata. + CONTENT_TEXT = 1; + + // Images found in the data. + CONTENT_IMAGE = 2; +} + // The rule that specifies conditions when findings of infoTypes specified in // `InspectionRuleSet` are removed from results. message ExclusionRule { @@ -441,18 +453,6 @@ message ExclusionRule { MatchingType matching_type = 4; } -// Options describing which parts of the provided content should be scanned. -enum ContentOption { - // Includes entire content of a file or a data stream. - CONTENT_UNSPECIFIED = 0; - - // Text content within the data, excluding any metadata. - CONTENT_TEXT = 1; - - // Images found in the data. - CONTENT_IMAGE = 2; -} - // A single inspection rule to be applied to infoTypes, specified in // `InspectionRuleSet`. message InspectionRule { @@ -1040,6 +1040,7 @@ message InspectDataSourceDetails { InspectJobConfig job_config = 3; } + // All result fields mentioned below are updated while the job is processing. message Result { // Total size in bytes that were processed. int64 processed_bytes = 1; @@ -1363,8 +1364,7 @@ message AnalyzeDataSourceRiskDetails { } // Histogram of value frequencies in the column. - repeated CategoricalStatsHistogramBucket value_frequency_histogram_buckets = - 5; + repeated CategoricalStatsHistogramBucket value_frequency_histogram_buckets = 5; } // Result of the k-anonymity computation. @@ -1442,8 +1442,7 @@ message AnalyzeDataSourceRiskDetails { } // Histogram of l-diversity equivalence class sensitive value frequencies. - repeated LDiversityHistogramBucket - sensitive_value_frequency_histogram_buckets = 5; + repeated LDiversityHistogramBucket sensitive_value_frequency_histogram_buckets = 5; } // Result of the reidentifiability analysis. Note that these results are an @@ -1549,8 +1548,7 @@ message AnalyzeDataSourceRiskDetails { // {min_probability: 0.3, max_probability: 0.4, frequency: 99} // mean that there are no record with an estimated probability in [0.1, 0.2) // nor larger or equal to 0.4. - repeated DeltaPresenceEstimationHistogramBucket - delta_presence_estimation_histogram = 1; + repeated DeltaPresenceEstimationHistogramBucket delta_presence_estimation_histogram = 1; } // Privacy metric to compute. @@ -1675,6 +1673,8 @@ message PrimitiveTransformation { CryptoHashConfig crypto_hash_config = 9; DateShiftConfig date_shift_config = 11; + + CryptoDeterministicConfig crypto_deterministic_config = 12; } } @@ -1718,6 +1718,63 @@ message CryptoHashConfig { CryptoKey crypto_key = 1; } +// Pseudonymization method that generates deterministic encryption for the given +// input. Outputs a base64 encoded representation of the encrypted output. +// Uses AES-SIV based on the RFC https://tools.ietf.org/html/rfc5297. +message CryptoDeterministicConfig { + // The key used by the encryption function. + CryptoKey crypto_key = 1; + + // The custom info type to annotate the surrogate with. + // This annotation will be applied to the surrogate by prefixing it with + // the name of the custom info type followed by the number of + // characters comprising the surrogate. The following scheme defines the + // format: (): + // + // For example, if the name of custom info type is 'MY_TOKEN_INFO_TYPE' and + // the surrogate is 'abc', the full replacement value + // will be: 'MY_TOKEN_INFO_TYPE(3):abc' + // + // This annotation identifies the surrogate when inspecting content using the + // custom info type 'Surrogate'. This facilitates reversal of the + // surrogate when it occurs in free text. + // + // In order for inspection to work properly, the name of this info type must + // not occur naturally anywhere in your data; otherwise, inspection may either + // + // - reverse a surrogate that does not correspond to an actual identifier + // - be unable to parse the surrogate and result in an error + // + // Therefore, choose your custom info type name carefully after considering + // what your data looks like. One way to select a name that has a high chance + // of yielding reliable detection is to include one or more unicode characters + // that are highly improbable to exist in your data. + // For example, assuming your data is entered from a regular ASCII keyboard, + // the symbol with the hex code point 29DD might be used like so: + // ⧝MY_TOKEN_TYPE + InfoType surrogate_info_type = 2; + + // Optional. A context may be used for higher security and maintaining + // referential integrity such that the same identifier in two different + // contexts will be given a distinct surrogate. The context is appended to + // plaintext value being encrypted. On decryption the provided context is + // validated against the value used during encryption. If a context was + // provided during encryption, same context must be provided during decryption + // as well. + // + // If the context is not set, plaintext would be used as is for encryption. + // If the context is set but: + // + // 1. there is no record present when transforming a given value or + // 2. the field is not present when transforming a given value, + // + // plaintext would be used as is for encryption. + // + // Note that case (1) is expected when an `InfoTypeTransformation` is + // applied to both structured and non-structured `ContentItem`s. + FieldId context = 3; +} + // Replace each input value with a given `Value`. message ReplaceValueConfig { // Value to replace it with. @@ -1725,12 +1782,16 @@ message ReplaceValueConfig { } // Replace each matching finding with the name of the info_type. -message ReplaceWithInfoTypeConfig {} +message ReplaceWithInfoTypeConfig { + +} // Redact a given value. For example, if used with an `InfoTypeTransformation` // transforming PHONE_NUMBER, and input 'My phone number is 206-555-0123', the // output would be 'My phone number is '. -message RedactConfig {} +message RedactConfig { + +} // Characters to skip when doing deidentification of a value. These will be left // alone and skipped. @@ -1854,16 +1915,19 @@ message BucketingConfig { repeated Bucket buckets = 1; } -// Replaces an identifier with a surrogate using FPE with the FFX -// mode of operation; however when used in the `ReidentifyContent` API method, -// it serves the opposite function by reversing the surrogate back into -// the original identifier. -// The identifier must be encoded as ASCII. -// For a given crypto key and context, the same identifier will be -// replaced with the same surrogate. -// Identifiers must be at least two characters long. -// In the case that the identifier is the empty string, it will be skipped. -// See https://cloud.google.com/dlp/docs/pseudonymization to learn more. +// Replaces an identifier with a surrogate using Format Preserving Encryption +// (FPE) with the FFX mode of operation; however when used in the +// `ReidentifyContent` API method, it serves the opposite function by reversing +// the surrogate back into the original identifier. The identifier must be +// encoded as ASCII. For a given crypto key and context, the same identifier +// will be replaced with the same surrogate. Identifiers must be at least two +// characters long. In the case that the identifier is the empty string, it will +// be skipped. See https://cloud.google.com/dlp/docs/pseudonymization to learn +// more. +// +// Note: We recommend using CryptoDeterministicConfig for all use cases which +// do not require preserving the input alphabet space and size, plus warrant +// referential integrity. message CryptoReplaceFfxFpeConfig { // These are commonly used subsets of the alphabet that the FFX mode // natively supports. In the algorithm, the alphabet is selected using @@ -1980,13 +2044,6 @@ message TransientCryptoKey { string name = 1; } -// Using raw keys is prone to security risks due to accidentally -// leaking the key. Choose another type of key if possible. -message UnwrappedCryptoKey { - // The AES 128/192/256 bit key. [required] - bytes key = 1; -} - // Parts of the APIs which use certain infoTypes. enum InfoTypeSupportedBy { ENUM_TYPE_UNSPECIFIED = 0; @@ -1998,7 +2055,15 @@ enum InfoTypeSupportedBy { RISK_ANALYSIS = 2; } +// Using raw keys is prone to security risks due to accidentally +// leaking the key. Choose another type of key if possible. +message UnwrappedCryptoKey { + // A 128/192/256 bit key. [required] + bytes key = 1; +} + // Include to use an existing data crypto key wrapped by KMS. +// The wrapped key must be a 128/192/256 bit key. // Authorization requires the following IAM permissions when sending a request // to perform a crypto transformation using a kms-wrapped crypto key: // dlp.kms.encrypt @@ -2176,7 +2241,7 @@ message TransformationOverview { repeated TransformationSummary transformation_summaries = 3; } -// Summary of a single tranformation. +// Summary of a single transformation. // Only one of 'transformation', 'field_transformation', or 'record_suppress' // will be set. message TransformationSummary { @@ -2402,11 +2467,15 @@ message Action { // service-specific policy, see https://cloud.google.com/terms/service-terms // Only a single instance of this action can be specified. // Compatible with: Inspect - message PublishSummaryToCscc {} + message PublishSummaryToCscc { + + } // Enable email notification to project owners and editors on jobs's // completion/failure. - message JobNotificationEmails {} + message JobNotificationEmails { + + } oneof action { // Save resulting findings in a provided location. @@ -2418,7 +2487,7 @@ message Action { // Publish summary to Cloud Security Command Center (Alpha). PublishSummaryToCscc publish_summary_to_cscc = 3; - // Enable email notification to project owners and editors on job‘s + // Enable email notification to project owners and editors on job's // completion/failure. JobNotificationEmails job_notification_emails = 8; } @@ -2435,7 +2504,7 @@ message CreateInspectTemplateRequest { // The template id can contain uppercase and lowercase letters, // numbers, and hyphens; that is, it must match the regular - // expression: `[a-zA-Z\\d-]+`. The maximum length is 100 + // expression: `[a-zA-Z\\d-_]+`. The maximum length is 100 // characters. Can be empty to allow the system to generate one. string template_id = 3; } @@ -2520,7 +2589,7 @@ message CreateJobTriggerRequest { // The trigger id can contain uppercase and lowercase letters, // numbers, and hyphens; that is, it must match the regular - // expression: `[a-zA-Z\\d-]+`. The maximum length is 100 + // expression: `[a-zA-Z\\d-_]+`. The maximum length is 100 // characters. Can be empty to allow the system to generate one. string trigger_id = 3; } @@ -2568,7 +2637,7 @@ message CreateDlpJobRequest { // The job id can contain uppercase and lowercase letters, // numbers, and hyphens; that is, it must match the regular - // expression: `[a-zA-Z\\d-]+`. The maximum length is 100 + // expression: `[a-zA-Z\\d-_]+`. The maximum length is 100 // characters. Can be empty to allow the system to generate one. string job_id = 4; } @@ -2838,7 +2907,7 @@ message CreateDeidentifyTemplateRequest { // The template id can contain uppercase and lowercase letters, // numbers, and hyphens; that is, it must match the regular - // expression: `[a-zA-Z\\d-]+`. The maximum length is 100 + // expression: `[a-zA-Z\\d-_]+`. The maximum length is 100 // characters. Can be empty to allow the system to generate one. string template_id = 3; } @@ -3003,7 +3072,7 @@ message CreateStoredInfoTypeRequest { // The storedInfoType ID can contain uppercase and lowercase letters, // numbers, and hyphens; that is, it must match the regular - // expression: `[a-zA-Z\\d-]+`. The maximum length is 100 + // expression: `[a-zA-Z\\d-_]+`. The maximum length is 100 // characters. Can be empty to allow the system to generate one. string stored_info_type_id = 3; } diff --git a/google/privacy/dlp/v2/storage.proto b/google/privacy/dlp/v2/storage.proto index 9e03e070..12b42840 100644 --- a/google/privacy/dlp/v2/storage.proto +++ b/google/privacy/dlp/v2/storage.proto @@ -1,4 +1,4 @@ -// Copyright 2018 Google LLC. +// Copyright 2019 Google LLC. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,6 +18,7 @@ syntax = "proto3"; package google.privacy.dlp.v2; import "google/api/annotations.proto"; +import "google/api/resource.proto"; import "google/protobuf/timestamp.proto"; option csharp_namespace = "Google.Cloud.Dlp.V2"; @@ -134,7 +135,9 @@ message CustomInfoType { // output. This should be used in conjunction with a field on the // transformation such as `surrogate_info_type`. This CustomInfoType does // not support the use of `detection_rules`. - message SurrogateType {} + message SurrogateType { + + } // Rule for modifying a CustomInfoType to alter behavior under certain // circumstances, depending on the specific details of the rule. Not supported