suguo
/
googleapis
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Synchronize new proto/yaml changes. 

PiperOrigin-RevId: 202142040
This commit is contained in:
Google APIs 2018-06-26 09:38:17 -07:00 committed by Copybara-Service
parent 9a10f6ec3d
commit ce7d34ee23
2 changed files with 286 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

310
google/privacy/dlp/v2/dlp.proto
View File

@ -41,11 +41,19 @@ option php_namespace = "Google\\Cloud\\Dlp\\V2";
// blocks or images.
// The service also includes methods for sensitive data redaction and
// scheduling of data scans on Google Cloud Platform based data sets.
//
// To learn more about concepts and find how-to guides see
// https://cloud.google.com/dlp/docs/.
service DlpService {
// Finds potentially sensitive info in content.
// This method has limits on input size, processing time, and output size.
// [How-to guide for text](/dlp/docs/inspecting-text), [How-to guide for
// images](/dlp/docs/inspecting-images)
//
// When no InfoTypes or CustomInfoTypes are specified in this request, the
// system will automatically choose what detectors to run. By default this may
// be all types, but may change over time as detectors are updated.
//
// For how to guides, see https://cloud.google.com/dlp/docs/inspecting-images
// and https://cloud.google.com/dlp/docs/inspecting-text,
rpc InspectContent(InspectContentRequest) returns (InspectContentResponse) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/content:inspect"
@ -55,7 +63,12 @@ service DlpService {
// Redacts potentially sensitive info from an image.
// This method has limits on input size, processing time, and output size.
// [How-to guide](/dlp/docs/redacting-sensitive-data-images)
// See https://cloud.google.com/dlp/docs/redacting-sensitive-data-images to
// learn more.
//
// When no InfoTypes or CustomInfoTypes are specified in this request, the
// system will automatically choose what detectors to run. By default this may
// be all types, but may change over time as detectors are updated.
rpc RedactImage(RedactImageRequest) returns (RedactImageResponse) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/image:redact"
@ -65,7 +78,12 @@ service DlpService {
// De-identifies potentially sensitive info from a ContentItem.
// This method has limits on input size and output size.
// [How-to guide](/dlp/docs/deidentify-sensitive-data)
// See https://cloud.google.com/dlp/docs/deidentify-sensitive-data to
// learn more.
//
// When no InfoTypes or CustomInfoTypes are specified in this request, the
// system will automatically choose what detectors to run. By default this may
// be all types, but may change over time as detectors are updated.
rpc DeidentifyContent(DeidentifyContentRequest) returns (DeidentifyContentResponse) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/content:deidentify"
@ -74,6 +92,9 @@ service DlpService {
}
// Re-identifies content that has been de-identified.
// See
// https://cloud.google.com/dlp/docs/pseudonymization#re-identification_in_free_text_code_example
// to learn more.
rpc ReidentifyContent(ReidentifyContentRequest) returns (ReidentifyContentResponse) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/content:reidentify"
@ -82,8 +103,8 @@ service DlpService {
}
// Returns a list of the sensitive information types that the DLP API
// supports. For more information, see [Listing supported predefined
// infoTypes](/dlp/docs/listing-infotypes).
// supports. See https://cloud.google.com/dlp/docs/infotypes-reference to
// learn more.
rpc ListInfoTypes(ListInfoTypesRequest) returns (ListInfoTypesResponse) {
option (google.api.http) = {
get: "/v2/infoTypes"
@ -92,6 +113,7 @@ service DlpService {
// Creates an InspectTemplate for re-using frequently used configuration
// for inspecting content, images, and storage.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc CreateInspectTemplate(CreateInspectTemplateRequest) returns (InspectTemplate) {
option (google.api.http) = {
post: "/v2/{parent=organizations/*}/inspectTemplates"
@ -104,6 +126,7 @@ service DlpService {
}
// Updates the InspectTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc UpdateInspectTemplate(UpdateInspectTemplateRequest) returns (InspectTemplate) {
option (google.api.http) = {
patch: "/v2/{name=organizations/*/inspectTemplates/*}"
@ -116,6 +139,7 @@ service DlpService {
}
// Gets an InspectTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc GetInspectTemplate(GetInspectTemplateRequest) returns (InspectTemplate) {
option (google.api.http) = {
get: "/v2/{name=organizations/*/inspectTemplates/*}"
@ -126,6 +150,7 @@ service DlpService {
}
// Lists InspectTemplates.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc ListInspectTemplates(ListInspectTemplatesRequest) returns (ListInspectTemplatesResponse) {
option (google.api.http) = {
get: "/v2/{parent=organizations/*}/inspectTemplates"
@ -136,6 +161,7 @@ service DlpService {
}
// Deletes an InspectTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates to learn more.
rpc DeleteInspectTemplate(DeleteInspectTemplateRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=organizations/*/inspectTemplates/*}"
@ -147,6 +173,8 @@ service DlpService {
// Creates a DeidentifyTemplate for re-using frequently used configuration
// for de-identifying content, images, and storage.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc CreateDeidentifyTemplate(CreateDeidentifyTemplateRequest) returns (DeidentifyTemplate) {
option (google.api.http) = {
post: "/v2/{parent=organizations/*}/deidentifyTemplates"
@ -159,6 +187,8 @@ service DlpService {
}
// Updates the DeidentifyTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc UpdateDeidentifyTemplate(UpdateDeidentifyTemplateRequest) returns (DeidentifyTemplate) {
option (google.api.http) = {
patch: "/v2/{name=organizations/*/deidentifyTemplates/*}"
@ -171,6 +201,8 @@ service DlpService {
}
// Gets a DeidentifyTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc GetDeidentifyTemplate(GetDeidentifyTemplateRequest) returns (DeidentifyTemplate) {
option (google.api.http) = {
get: "/v2/{name=organizations/*/deidentifyTemplates/*}"
@ -181,6 +213,8 @@ service DlpService {
}
// Lists DeidentifyTemplates.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc ListDeidentifyTemplates(ListDeidentifyTemplatesRequest) returns (ListDeidentifyTemplatesResponse) {
option (google.api.http) = {
get: "/v2/{parent=organizations/*}/deidentifyTemplates"
@ -191,6 +225,8 @@ service DlpService {
}
// Deletes a DeidentifyTemplate.
// See https://cloud.google.com/dlp/docs/creating-templates-deid to learn
// more.
rpc DeleteDeidentifyTemplate(DeleteDeidentifyTemplateRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=organizations/*/deidentifyTemplates/*}"
@ -202,6 +238,7 @@ service DlpService {
// Creates a job trigger to run DLP actions such as scanning storage for
// sensitive information on a set schedule.
// See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
rpc CreateJobTrigger(CreateJobTriggerRequest) returns (JobTrigger) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/jobTriggers"
@ -210,6 +247,7 @@ service DlpService {
}
// Updates a job trigger.
// See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
rpc UpdateJobTrigger(UpdateJobTriggerRequest) returns (JobTrigger) {
option (google.api.http) = {
patch: "/v2/{name=projects/*/jobTriggers/*}"
@ -218,6 +256,7 @@ service DlpService {
}
// Gets a job trigger.
// See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
rpc GetJobTrigger(GetJobTriggerRequest) returns (JobTrigger) {
option (google.api.http) = {
get: "/v2/{name=projects/*/jobTriggers/*}"
@ -225,6 +264,7 @@ service DlpService {
}
// Lists job triggers.
// See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
rpc ListJobTriggers(ListJobTriggersRequest) returns (ListJobTriggersResponse) {
option (google.api.http) = {
get: "/v2/{parent=projects/*}/jobTriggers"
@ -232,6 +272,7 @@ service DlpService {
}
// Deletes a job trigger.
// See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
rpc DeleteJobTrigger(DeleteJobTriggerRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=projects/*/jobTriggers/*}"
@ -239,7 +280,12 @@ service DlpService {
}
// Creates a new job to inspect storage or calculate risk metrics.
// [How-to guide](/dlp/docs/compute-risk-analysis).
// See https://cloud.google.com/dlp/docs/inspecting-storage and
// https://cloud.google.com/dlp/docs/compute-risk-analysis to learn more.
//
// When no InfoTypes or CustomInfoTypes are specified in inspect jobs, the
// system will automatically choose what detectors to run. By default this may
// be all types, but may change over time as detectors are updated.
rpc CreateDlpJob(CreateDlpJobRequest) returns (DlpJob) {
option (google.api.http) = {
post: "/v2/{parent=projects/*}/dlpJobs"
@ -248,6 +294,8 @@ service DlpService {
}
// Lists DlpJobs that match the specified filter in the request.
// See https://cloud.google.com/dlp/docs/inspecting-storage and
// https://cloud.google.com/dlp/docs/compute-risk-analysis to learn more.
rpc ListDlpJobs(ListDlpJobsRequest) returns (ListDlpJobsResponse) {
option (google.api.http) = {
get: "/v2/{parent=projects/*}/dlpJobs"
@ -255,6 +303,8 @@ service DlpService {
}
// Gets the latest state of a long-running DlpJob.
// See https://cloud.google.com/dlp/docs/inspecting-storage and
// https://cloud.google.com/dlp/docs/compute-risk-analysis to learn more.
rpc GetDlpJob(GetDlpJobRequest) returns (DlpJob) {
option (google.api.http) = {
get: "/v2/{name=projects/*/dlpJobs/*}"
@ -264,6 +314,8 @@ service DlpService {
// Deletes a long-running DlpJob. This method indicates that the client is
// no longer interested in the DlpJob result. The job will be cancelled if
// possible.
// See https://cloud.google.com/dlp/docs/inspecting-storage and
// https://cloud.google.com/dlp/docs/compute-risk-analysis to learn more.
rpc DeleteDlpJob(DeleteDlpJobRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v2/{name=projects/*/dlpJobs/*}"
@ -273,6 +325,8 @@ service DlpService {
// Starts asynchronous cancellation on a long-running DlpJob. The server
// makes a best effort to cancel the DlpJob, but success is not
// guaranteed.
// See https://cloud.google.com/dlp/docs/inspecting-storage and
// https://cloud.google.com/dlp/docs/compute-risk-analysis to learn more.
rpc CancelDlpJob(CancelDlpJobRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/v2/{name=projects/*/dlpJobs/*}:cancel"
@ -315,11 +369,17 @@ message InspectConfig {
}
// Restricts what info_types to look for. The values must correspond to
// InfoType values returned by ListInfoTypes or found in documentation.
// InfoType values returned by ListInfoTypes or listed at
// https://cloud.google.com/dlp/docs/infotypes-reference.
//
// When no InfoTypes or CustomInfoTypes are specified in a request, the
// system may automatically choose what detectors to run. By default this may
// be all types, but may change over time as detectors are updated.
repeated InfoType info_types = 1;
// Only returns findings equal or above this threshold. The default is
// POSSIBLE.
// See https://cloud.google.com/dlp/docs/likelihood to learn more.
Likelihood min_likelihood = 2;
FindingLimits limits = 3;
@ -331,7 +391,8 @@ message InspectConfig {
// When true, excludes type information of the findings.
bool exclude_info_types = 5;
// Custom infoTypes provided by the user.
// CustomInfoTypes provided by the user. See
// https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
repeated CustomInfoType custom_info_types = 6;
// List of options defining data content to scan.
@ -371,7 +432,9 @@ message ContentItem {
// String data to inspect or redact.
string value = 3;
// Structured content for inspection.
// Structured content for inspection. See
// https://cloud.google.com/dlp/docs/inspecting-text#inspecting_a_table to
// learn more.
Table table = 4;
// Content data to inspect or redact. Replaces `type` and `data`.
@ -380,6 +443,8 @@ message ContentItem {
}
// Structured content to inspect. Up to 50,000 `Value`s per request allowed.
// See https://cloud.google.com/dlp/docs/inspecting-text#inspecting_a_table to
// learn more.
message Table {
message Row {
repeated Value values = 1;
@ -408,16 +473,16 @@ message InspectResult {
message Finding {
// The content that was found. Even if the content is not textual, it
// may be converted to a textual representation here.
// Provided if requested by the `InspectConfig` and the finding is
// Provided if `include_quote` is true and the finding is
// less than or equal to 4096 bytes long. If the finding exceeds 4096 bytes
// in length, the quote may be omitted.
string quote = 1;
// The type of content that might have been found.
// Provided if requested by the `InspectConfig`.
// Provided if `excluded_types` is false.
InfoType info_type = 2;
// Estimate of how likely it is that the `info_type` is correct.
// Confidence of how likely it is that the `info_type` is correct.
Likelihood likelihood = 3;
// Where the content was found.
@ -537,8 +602,8 @@ message BoundingBox {
int32 height = 4;
}
// Request to search for potentially sensitive info in a list of items
// and replace it with a default or provided content.
// Request to search for potentially sensitive info in an image and redact it
// by covering it with a colored rectangle.
message RedactImageRequest {
// Configuration for determining how redaction of images should occur.
message ImageRedactionConfig {
@ -551,7 +616,7 @@ message RedactImageRequest {
InfoType info_type = 1;
// If true, all text found in the image, regardless whether it matches an
// info_type, is redacted.
// info_type, is redacted. Only one should be provided.
bool redact_all_text = 2;
}
@ -569,6 +634,10 @@ message RedactImageRequest {
// The configuration for specifying what content to redact from images.
repeated ImageRedactionConfig image_redaction_configs = 5;
// Whether the response should include findings along with the redacted
// image.
bool include_findings = 6;
// The content must be PNG, JPEG, SVG or BMP.
ByteContentItem byte_item = 7;
}
@ -594,6 +663,9 @@ message RedactImageResponse {
// set to true, then this field will include all text, if any, that was found
// in the image.
string extracted_text = 2;
// The findings. Populated when include_findings in the request is true.
InspectResult inspect_result = 3;
}
// Request to de-identify a list of items.
@ -736,18 +808,27 @@ message OutputStorageConfig {
oneof type {
// Store findings in an existing table or a new table in an existing
// dataset. Each column in an existing table must have the same name, type,
// and mode of a field in the `Finding` object. If table_id is not set a new
// one will be generated for you with the following format:
// dataset. If table_id is not set a new one will be generated
// for you with the following format:
// dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
// generating the date details.
//
// For Inspect, each column in an existing output table must have the same
// name, type, and mode of a field in the `Finding` object.
//
// For Risk, an existing output table should be the output of a previous
// Risk analysis job run on the same source table, with the same privacy
// metric and quasi-identifiers. Risk jobs that analyze the same table but
// compute a different privacy metric, or use different sets of
// quasi-identifiers, cannot store their results in the same table.
BigQueryTable table = 1;
}
// Schema used for writing the findings. Columns are derived from the
// `Finding` object. If appending to an existing table, any columns from the
// predefined schema that are missing will be added. No columns in the
// existing table will be deleted.
// Schema used for writing the findings for Inspect jobs. This field is only
// used for Inspect and must be unspecified for Risk jobs. Columns are derived
// from the `Finding` object. If appending to an existing table, any columns
// from the predefined schema that are missing will be added. No columns in
// the existing table will be deleted.
//
// If unspecified, then all available columns will be used for a new table,
// and no changes will be made to an existing table.
@ -822,7 +903,8 @@ message ListInfoTypesResponse {
repeated InfoTypeDescription info_types = 1;
}
// Configuration for a risk analysis job.
// Configuration for a risk analysis job. See
// https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more.
message RiskAnalysisJobConfig {
// Privacy metric to compute.
PrivacyMetric privacy_metric = 1;
@ -835,6 +917,61 @@ message RiskAnalysisJobConfig {
repeated Action actions = 3;
}
// A column with a semantic tag attached.
message QuasiId {
// Identifies the column. [required]
FieldId field = 1;
// Semantic tag that identifies what a column contains, to determine which
// statistical model to use to estimate the reidentifiability of each
// value. [required]
oneof tag {
// A column can be tagged with a InfoType to use the relevant public
// dataset as a statistical model of population, if available. We
// currently support US ZIP codes, region codes, ages and genders.
// To programmatically obtain the list of supported InfoTypes, use
// ListInfoTypes with the supported_by=RISK_ANALYSIS filter.
InfoType info_type = 2;
// A column can be tagged with a custom tag. In this case, the user must
// indicate an auxiliary table that contains statistical information on
// the possible values of this column (below).
string custom_tag = 3;
// If no semantic tag is indicated, we infer the statistical model from
// the distribution of values in the input data
google.protobuf.Empty inferred = 4;
}
}
// An auxiliary table containing statistical information on the relative
// frequency of different quasi-identifiers values. It has one or several
// quasi-identifiers columns, and one column that indicates the relative
// frequency of each quasi-identifier tuple.
// If a tuple is present in the data but not in the auxiliary table, the
// corresponding relative frequency is assumed to be zero (and thus, the
// tuple is highly reidentifiable).
message StatisticalTable {
// A quasi-identifier column has a custom_tag, used to know which column
// in the data corresponds to which column in the statistical model.
message QuasiIdentifierField {
FieldId field = 1;
string custom_tag = 2;
}
// Auxiliary table location. [required]
BigQueryTable table = 3;
// Quasi-identifier columns. [required]
repeated QuasiIdentifierField quasi_ids = 1;
// The relative frequency column must contain a floating-point number
// between 0 and 1 (inclusive). Null values are assumed to be zero.
// [required]
FieldId relative_frequency = 2;
}
// Privacy metric to compute for reidentification risk analysis.
message PrivacyMetric {
// Compute numerical stats over an individual column, including
@ -965,6 +1102,26 @@ message PrivacyMetric {
repeated AuxiliaryTable auxiliary_tables = 3;
}
// δ-presence metric, used to estimate how likely it is for an attacker to
// figure out that one given individual appears in a de-identified dataset.
// Similarly to the k-map metric, we cannot compute δ-presence exactly without
// knowing the attack dataset, so we use a statistical model instead.
message DeltaPresenceEstimationConfig {
// Fields considered to be quasi-identifiers. No two fields can have the
// same tag. [required]
repeated QuasiId quasi_ids = 1;
// ISO 3166-1 alpha-2 region code to use in the statistical modeling.
// Required if no column is tagged with a region-specific InfoType (like
// US_ZIP_5) or a region code.
string region_code = 2;
// Several auxiliary tables can be used in the analysis. Each custom_tag
// used to tag a quasi-identifiers field must appear in exactly one
// field of one auxiliary table.
repeated StatisticalTable auxiliary_tables = 3;
}
oneof type {
NumericalStatsConfig numerical_stats_config = 1;
@ -975,6 +1132,8 @@ message PrivacyMetric {
LDiversityConfig l_diversity_config = 4;
KMapEstimationConfig k_map_estimation_config = 5;
DeltaPresenceEstimationConfig delta_presence_estimation_config = 6;
}
}
@ -1144,6 +1303,63 @@ message AnalyzeDataSourceRiskDetails {
repeated KMapEstimationHistogramBucket k_map_estimation_histogram = 1;
}
// Result of the δ-presence computation. Note that these results are an
// estimation, not exact values.
message DeltaPresenceEstimationResult {
// A tuple of values for the quasi-identifier columns.
message DeltaPresenceEstimationQuasiIdValues {
// The quasi-identifier values.
repeated Value quasi_ids_values = 1;
// The estimated probability that a given individual sharing these
// quasi-identifier values is in the dataset. This value, typically called
// δ, is the ratio between the number of records in the dataset with these
// quasi-identifier values, and the total number of individuals (inside
// *and* outside the dataset) with these quasi-identifier values.
// For example, if there are 15 individuals in the dataset who share the
// same quasi-identifier values, and an estimated 100 people in the entire
// population with these values, then δ is 0.15.
double estimated_probability = 2;
}
// A DeltaPresenceEstimationHistogramBucket message with the following
// values:
// min_probability: 0.1
// max_probability: 0.2
// frequency: 42
// means that there are 42 records for which δ is in [0.1, 0.2). An
// important particular case is when min_probability = max_probability = 1:
// then, every individual who shares this quasi-identifier combination is in
// the dataset.
message DeltaPresenceEstimationHistogramBucket {
// Between 0 and 1.
double min_probability = 1;
// Always greater than or equal to min_probability.
double max_probability = 2;
// Number of records within these probability bounds.
int64 bucket_size = 5;
// Sample of quasi-identifier tuple values in this bucket. The total
// number of classes returned per bucket is capped at 20.
repeated DeltaPresenceEstimationQuasiIdValues bucket_values = 6;
// Total number of distinct quasi-identifier tuple values in this bucket.
int64 bucket_value_count = 7;
}
// The intervals [min_probability, max_probability) do not overlap. If a
// value doesn't correspond to any such interval, the associated frequency
// is zero. For example, the following records:
// {min_probability: 0, max_probability: 0.1, frequency: 17}
// {min_probability: 0.2, max_probability: 0.3, frequency: 42}
// {min_probability: 0.3, max_probability: 0.4, frequency: 99}
// mean that there are no record with an estimated probability in [0.1, 0.2)
// nor larger or equal to 0.4.
repeated DeltaPresenceEstimationHistogramBucket delta_presence_estimation_histogram = 1;
}
// Privacy metric to compute.
PrivacyMetric requested_privacy_metric = 1;
@ -1161,6 +1377,8 @@ message AnalyzeDataSourceRiskDetails {
LDiversityResult l_diversity_result = 6;
KMapEstimationResult k_map_estimation_result = 7;
DeltaPresenceEstimationResult delta_presence_estimation_result = 9;
}
}
@ -1395,6 +1613,8 @@ message CharacterMaskConfig {
// If the bound Value type differs from the type of data
// being transformed, we will first attempt converting the type of the data to
// be transformed to match the type of the bound before comparing.
//
// See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.
message FixedSizeBucketingConfig {
// Lower bound value of buckets. All values less than `lower_bound` are
// grouped together into a single bucket; for example if `lower_bound` = 10,
@ -1422,6 +1642,7 @@ message FixedSizeBucketingConfig {
// If the bound `Value` type differs from the type of data being transformed, we
// will first attempt converting the type of the data to be transformed to match
// the type of the bound before comparing.
// See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.
message BucketingConfig {
// Bucket is represented as a range, along with replacement values.
message Bucket {
@ -1450,7 +1671,7 @@ message BucketingConfig {
// replaced with the same surrogate.
// Identifiers must be at least two characters long.
// In the case that the identifier is the empty string, it will be skipped.
// See [Pseudonymization](/dlp/docs/pseudonymization) for example usage.
// See https://cloud.google.com/dlp/docs/pseudonymization to learn more.
message CryptoReplaceFfxFpeConfig {
// These are commonly used subsets of the alphabet that the FFX mode
// natively supports. In the algorithm, the alphabet is selected using
@ -1587,7 +1808,8 @@ message KmsWrappedCryptoKey {
}
// Shifts dates by random number of days, with option to be consistent for the
// same context.
// same context. See https://cloud.google.com/dlp/docs/concepts-date-shifting
// to learn more.
message DateShiftConfig {
// Range of shift in days. Actual shift will be selected at random within this
// range (inclusive ends). Negative means shift to earlier in time. Must not
@ -1623,8 +1845,9 @@ message InfoTypeTransformations {
// A transformation to apply to text that is identified as a specific
// info_type.
message InfoTypeTransformation {
// InfoTypes to apply the transformation to. Empty list will match all
// available infoTypes for this transformation.
// InfoTypes to apply the transformation to. An empty list will cause
// this transformation to apply to all findings that correspond to
// infoTypes that were requested in `InspectConfig`.
repeated InfoType info_types = 1;
// Primitive transformation to apply to the infoType. [required]
@ -1801,20 +2024,21 @@ message TransformationSummary {
message Schedule {
oneof option {
// With this option a job is started a regular periodic basis. For
// example: every 10 minutes.
// example: every day (86400 seconds).
//
// A scheduled start time will be skipped if the previous
// execution has not ended when its scheduled time occurs.
//
// This value must be set to a time duration greater than or equal
// to 60 minutes and can be no longer than 60 days.
// to 1 day and can be no longer than 60 days.
google.protobuf.Duration recurrence_period_duration = 1;
}
}
// The inspectTemplate contains a configuration (set of types of sensitive data
// to be detected) to be used anywhere you otherwise would normally specify
// InspectConfig.
// InspectConfig. See https://cloud.google.com/dlp/docs/concepts-templates
// to learn more.
message InspectTemplate {
// The template name. Output only.
//
@ -1840,6 +2064,7 @@ message InspectTemplate {
}
// The DeidentifyTemplates contains instructions on how to deidentify content.
// See https://cloud.google.com/dlp/docs/concepts-templates to learn more.
message DeidentifyTemplate {
// The template name. Output only.
//
@ -1875,6 +2100,7 @@ message Error {
}
// Contains a configuration to make dlp api calls on a repeating basis.
// See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
message JobTrigger {
// What event needs to occur for a new job to be started.
message Trigger {
@ -1942,11 +2168,12 @@ message JobTrigger {
}
// A task to execute on the completion of a job.
// See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
message Action {
// If set, the detailed findings will be persisted to the specified
// OutputStorageConfig. Only a single instance of this action can be
// specified.
// Compatible with: Inspect
// Compatible with: Inspect, Risk
message SaveFindings {
OutputStorageConfig output_config = 1;
}
@ -2116,30 +2343,29 @@ message CreateDlpJobRequest {
// Request message for ListJobTriggers.
message ListJobTriggersRequest {
// The parent resource name, for example projects/my-project-id.
// The parent resource name, for example `projects/my-project-id`.
string parent = 1;
// Optional page token to continue retrieval. Comes from previous call
// to ListJobTriggers. `order_by` and `filter` should not change for
// subsequent calls, but can be omitted if token is specified.
// to ListJobTriggers. `order_by` field must not
// change for subsequent calls.
string page_token = 2;
// Optional size of the page, can be limited by a server.
int32 page_size = 3;
// Optional comma separated list of triggeredJob fields to order by,
// followed by 'asc/desc' postfix, i.e.
// `"create_time asc,name desc,schedule_mode asc"`. This list is
// case-insensitive.
// followed by `asc` or `desc` postfix. This list is case-insensitive,
// default sorting order is ascending, redundant space characters are
// insignificant.
//
// Example: `"name asc,schedule_mode desc, status desc"`
// Example: `name asc,update_time, create_time desc`
//
// Supported filters keys and values are:
// Supported fields are:
//
// - `create_time`: corresponds to time the triggeredJob was created.
// - `update_time`: corresponds to time the triggeredJob was last updated.
// - `name`: corresponds to JobTrigger's display name.
// - `status`: corresponds to the triggeredJob status.
// - `name`: corresponds to JobTrigger's name.
string order_by = 4;
}

32
google/privacy/dlp/v2/storage.proto
View File

@ -29,7 +29,10 @@ option php_namespace = "Google\\Cloud\\Dlp\\V2";
// Type of information detected by the API.
message InfoType {
// Name of the information type.
// Name of the information type. Either a name of your choosing when
// creating a CustomInfoType, or one of the names listed
// at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
// a built-in type.
string name = 1;
}
@ -86,13 +89,13 @@ message CustomInfoType {
// These types of transformations are
// those that perform pseudonymization, thereby producing a "surrogate" as
// output. This should be used in conjunction with a field on the
// transformation such as `surrogate_info_type`. This custom info type does
// transformation such as `surrogate_info_type`. This CustomInfoType does
// not support the use of `detection_rules`.
message SurrogateType {
}
// Rule for modifying a custom info type to alter behavior under certain
// Rule for modifying a CustomInfoType to alter behavior under certain
// circumstances, depending on the specific details of the rule. Not supported
// for the `surrogate_type` custom info type.
message DetectionRule {
@ -125,10 +128,10 @@ message CustomInfoType {
}
}
// Detection rule that adjusts the likelihood of findings within a certain
// The rule that adjusts the likelihood of findings within a certain
// proximity of hotwords.
message HotwordRule {
// Regex pattern defining what qualifies as a hotword.
// Regular expression pattern defining what qualifies as a hotword.
Regex hotword_regex = 1;
// Proximity of the finding within which the entire hotword must reside.
@ -151,29 +154,30 @@ message CustomInfoType {
}
}
// Info type configuration. All custom info types must have configurations
// that do not conflict with built-in info types or other custom info types.
// All CustomInfoTypes must have a name
// that does not conflict with built-in InfoTypes or other CustomInfoTypes.
InfoType info_type = 1;
// Likelihood to return for this custom info type. This base value can be
// Likelihood to return for this CustomInfoType. This base value can be
// altered by a detection rule if the finding meets the criteria specified by
// the rule. Defaults to `VERY_LIKELY` if not specified.
Likelihood likelihood = 6;
oneof type {
// Dictionary-based custom info type.
// A list of phrases to detect as a CustomInfoType.
Dictionary dictionary = 2;
// Regex-based custom info type.
// Regular expression based CustomInfoType.
Regex regex = 3;
// Surrogate info type.
// Message for detecting output from deidentification transformations that
// support reversing.
SurrogateType surrogate_type = 4;
}
// Set of detection rules to apply to all findings of this custom info type.
// Set of detection rules to apply to all findings of this CustomInfoType.
// Rules are applied in order that they are specified. Not supported for the
// `surrogate_type` custom info type.
// `surrogate_type` CustomInfoType.
repeated DetectionRule detection_rules = 7;
}
@ -438,7 +442,7 @@ message EntityId {
// Categorization of results based on how likely they are to represent a match,
// based on the number of elements they contain which imply a match.
enum Likelihood {
// Default value; information with all likelihoods is included.
// Default value; same as POSSIBLE.
LIKELIHOOD_UNSPECIFIED = 0;
// Few matching elements.