From dbf13ce41f338054af6017ecff6fc3402d71e8a5 Mon Sep 17 00:00:00 2001 From: Google APIs Date: Wed, 3 Jul 2019 10:37:33 -0700 Subject: [PATCH] Synchronize new proto/yaml changes. PiperOrigin-RevId: 256395560 --- google/privacy/dlp/v2/dlp.proto | 164 ++++++++++++++++------------ google/privacy/dlp/v2/storage.proto | 11 +- 2 files changed, 100 insertions(+), 75 deletions(-) diff --git a/google/privacy/dlp/v2/dlp.proto b/google/privacy/dlp/v2/dlp.proto index ca1c30b1..b138c3b5 100644 --- a/google/privacy/dlp/v2/dlp.proto +++ b/google/privacy/dlp/v2/dlp.proto @@ -18,7 +18,6 @@ syntax = "proto3"; package google.privacy.dlp.v2; import "google/api/annotations.proto"; -import "google/api/client.proto"; import "google/privacy/dlp/v2/storage.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/empty.proto"; @@ -28,6 +27,7 @@ import "google/rpc/status.proto"; import "google/type/date.proto"; import "google/type/dayofweek.proto"; import "google/type/timeofday.proto"; +import "google/api/client.proto"; option csharp_namespace = "Google.Cloud.Dlp.V2"; option go_package = "google.golang.org/genproto/googleapis/privacy/dlp/v2;dlp"; @@ -47,6 +47,7 @@ option php_namespace = "Google\\Cloud\\Dlp\\V2"; // https://cloud.google.com/dlp/docs/. service DlpService { option (google.api.default_host) = "dlp.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; // Finds potentially sensitive info in content. // This method has limits on input size, processing time, and output size. @@ -87,8 +88,7 @@ service DlpService { // When no InfoTypes or CustomInfoTypes are specified in this request, the // system will automatically choose what detectors to run. By default this may // be all types, but may change over time as detectors are updated. - rpc DeidentifyContent(DeidentifyContentRequest) - returns (DeidentifyContentResponse) { + rpc DeidentifyContent(DeidentifyContentRequest) returns (DeidentifyContentResponse) { option (google.api.http) = { post: "/v2/{parent=projects/*}/content:deidentify" body: "*" @@ -99,8 +99,7 @@ service DlpService { // See // https://cloud.google.com/dlp/docs/pseudonymization#re-identification_in_free_text_code_example // to learn more. - rpc ReidentifyContent(ReidentifyContentRequest) - returns (ReidentifyContentResponse) { + rpc ReidentifyContent(ReidentifyContentRequest) returns (ReidentifyContentResponse) { option (google.api.http) = { post: "/v2/{parent=projects/*}/content:reidentify" body: "*" @@ -119,8 +118,7 @@ service DlpService { // Creates an InspectTemplate for re-using frequently used configuration // for inspecting content, images, and storage. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc CreateInspectTemplate(CreateInspectTemplateRequest) - returns (InspectTemplate) { + rpc CreateInspectTemplate(CreateInspectTemplateRequest) returns (InspectTemplate) { option (google.api.http) = { post: "/v2/{parent=organizations/*}/inspectTemplates" body: "*" @@ -133,8 +131,7 @@ service DlpService { // Updates the InspectTemplate. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc UpdateInspectTemplate(UpdateInspectTemplateRequest) - returns (InspectTemplate) { + rpc UpdateInspectTemplate(UpdateInspectTemplateRequest) returns (InspectTemplate) { option (google.api.http) = { patch: "/v2/{name=organizations/*/inspectTemplates/*}" body: "*" @@ -150,27 +147,31 @@ service DlpService { rpc GetInspectTemplate(GetInspectTemplateRequest) returns (InspectTemplate) { option (google.api.http) = { get: "/v2/{name=organizations/*/inspectTemplates/*}" - additional_bindings { get: "/v2/{name=projects/*/inspectTemplates/*}" } + additional_bindings { + get: "/v2/{name=projects/*/inspectTemplates/*}" + } }; } // Lists InspectTemplates. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc ListInspectTemplates(ListInspectTemplatesRequest) - returns (ListInspectTemplatesResponse) { + rpc ListInspectTemplates(ListInspectTemplatesRequest) returns (ListInspectTemplatesResponse) { option (google.api.http) = { get: "/v2/{parent=organizations/*}/inspectTemplates" - additional_bindings { get: "/v2/{parent=projects/*}/inspectTemplates" } + additional_bindings { + get: "/v2/{parent=projects/*}/inspectTemplates" + } }; } // Deletes an InspectTemplate. // See https://cloud.google.com/dlp/docs/creating-templates to learn more. - rpc DeleteInspectTemplate(DeleteInspectTemplateRequest) - returns (google.protobuf.Empty) { + rpc DeleteInspectTemplate(DeleteInspectTemplateRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=organizations/*/inspectTemplates/*}" - additional_bindings { delete: "/v2/{name=projects/*/inspectTemplates/*}" } + additional_bindings { + delete: "/v2/{name=projects/*/inspectTemplates/*}" + } }; } @@ -178,8 +179,7 @@ service DlpService { // for de-identifying content, images, and storage. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc CreateDeidentifyTemplate(CreateDeidentifyTemplateRequest) - returns (DeidentifyTemplate) { + rpc CreateDeidentifyTemplate(CreateDeidentifyTemplateRequest) returns (DeidentifyTemplate) { option (google.api.http) = { post: "/v2/{parent=organizations/*}/deidentifyTemplates" body: "*" @@ -193,8 +193,7 @@ service DlpService { // Updates the DeidentifyTemplate. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc UpdateDeidentifyTemplate(UpdateDeidentifyTemplateRequest) - returns (DeidentifyTemplate) { + rpc UpdateDeidentifyTemplate(UpdateDeidentifyTemplateRequest) returns (DeidentifyTemplate) { option (google.api.http) = { patch: "/v2/{name=organizations/*/deidentifyTemplates/*}" body: "*" @@ -208,30 +207,31 @@ service DlpService { // Gets a DeidentifyTemplate. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc GetDeidentifyTemplate(GetDeidentifyTemplateRequest) - returns (DeidentifyTemplate) { + rpc GetDeidentifyTemplate(GetDeidentifyTemplateRequest) returns (DeidentifyTemplate) { option (google.api.http) = { get: "/v2/{name=organizations/*/deidentifyTemplates/*}" - additional_bindings { get: "/v2/{name=projects/*/deidentifyTemplates/*}" } + additional_bindings { + get: "/v2/{name=projects/*/deidentifyTemplates/*}" + } }; } // Lists DeidentifyTemplates. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc ListDeidentifyTemplates(ListDeidentifyTemplatesRequest) - returns (ListDeidentifyTemplatesResponse) { + rpc ListDeidentifyTemplates(ListDeidentifyTemplatesRequest) returns (ListDeidentifyTemplatesResponse) { option (google.api.http) = { get: "/v2/{parent=organizations/*}/deidentifyTemplates" - additional_bindings { get: "/v2/{parent=projects/*}/deidentifyTemplates" } + additional_bindings { + get: "/v2/{parent=projects/*}/deidentifyTemplates" + } }; } // Deletes a DeidentifyTemplate. // See https://cloud.google.com/dlp/docs/creating-templates-deid to learn // more. - rpc DeleteDeidentifyTemplate(DeleteDeidentifyTemplateRequest) - returns (google.protobuf.Empty) { + rpc DeleteDeidentifyTemplate(DeleteDeidentifyTemplateRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=organizations/*/deidentifyTemplates/*}" additional_bindings { @@ -269,8 +269,7 @@ service DlpService { // Lists job triggers. // See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. - rpc ListJobTriggers(ListJobTriggersRequest) - returns (ListJobTriggersResponse) { + rpc ListJobTriggers(ListJobTriggersRequest) returns (ListJobTriggersResponse) { option (google.api.http) = { get: "/v2/{parent=projects/*}/jobTriggers" }; @@ -278,8 +277,7 @@ service DlpService { // Deletes a job trigger. // See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. - rpc DeleteJobTrigger(DeleteJobTriggerRequest) - returns (google.protobuf.Empty) { + rpc DeleteJobTrigger(DeleteJobTriggerRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=projects/*/jobTriggers/*}" }; @@ -352,8 +350,7 @@ service DlpService { // Creates a pre-built stored infoType to be used for inspection. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc CreateStoredInfoType(CreateStoredInfoTypeRequest) - returns (StoredInfoType) { + rpc CreateStoredInfoType(CreateStoredInfoTypeRequest) returns (StoredInfoType) { option (google.api.http) = { post: "/v2/{parent=organizations/*}/storedInfoTypes" body: "*" @@ -368,8 +365,7 @@ service DlpService { // will continue to be used until the new version is ready. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc UpdateStoredInfoType(UpdateStoredInfoTypeRequest) - returns (StoredInfoType) { + rpc UpdateStoredInfoType(UpdateStoredInfoTypeRequest) returns (StoredInfoType) { option (google.api.http) = { patch: "/v2/{name=organizations/*/storedInfoTypes/*}" body: "*" @@ -386,29 +382,33 @@ service DlpService { rpc GetStoredInfoType(GetStoredInfoTypeRequest) returns (StoredInfoType) { option (google.api.http) = { get: "/v2/{name=organizations/*/storedInfoTypes/*}" - additional_bindings { get: "/v2/{name=projects/*/storedInfoTypes/*}" } + additional_bindings { + get: "/v2/{name=projects/*/storedInfoTypes/*}" + } }; } // Lists stored infoTypes. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc ListStoredInfoTypes(ListStoredInfoTypesRequest) - returns (ListStoredInfoTypesResponse) { + rpc ListStoredInfoTypes(ListStoredInfoTypesRequest) returns (ListStoredInfoTypesResponse) { option (google.api.http) = { get: "/v2/{parent=organizations/*}/storedInfoTypes" - additional_bindings { get: "/v2/{parent=projects/*}/storedInfoTypes" } + additional_bindings { + get: "/v2/{parent=projects/*}/storedInfoTypes" + } }; } // Deletes a stored infoType. // See https://cloud.google.com/dlp/docs/creating-stored-infotypes to // learn more. - rpc DeleteStoredInfoType(DeleteStoredInfoTypeRequest) - returns (google.protobuf.Empty) { + rpc DeleteStoredInfoType(DeleteStoredInfoTypeRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v2/{name=organizations/*/storedInfoTypes/*}" - additional_bindings { delete: "/v2/{name=projects/*/storedInfoTypes/*}" } + additional_bindings { + delete: "/v2/{name=projects/*/storedInfoTypes/*}" + } }; } } @@ -426,6 +426,18 @@ message ExcludeInfoTypes { repeated InfoType info_types = 1; } +// Options describing which parts of the provided content should be scanned. +enum ContentOption { + // Includes entire content of a file or a data stream. + CONTENT_UNSPECIFIED = 0; + + // Text content within the data, excluding any metadata. + CONTENT_TEXT = 1; + + // Images found in the data. + CONTENT_IMAGE = 2; +} + // The rule that specifies conditions when findings of infoTypes specified in // `InspectionRuleSet` are removed from results. message ExclusionRule { @@ -444,18 +456,6 @@ message ExclusionRule { MatchingType matching_type = 4; } -// Options describing which parts of the provided content should be scanned. -enum ContentOption { - // Includes entire content of a file or a data stream. - CONTENT_UNSPECIFIED = 0; - - // Text content within the data, excluding any metadata. - CONTENT_TEXT = 1; - - // Images found in the data. - CONTENT_IMAGE = 2; -} - // A single inspection rule to be applied to infoTypes, specified in // `InspectionRuleSet`. message InspectionRule { @@ -1369,8 +1369,7 @@ message AnalyzeDataSourceRiskDetails { } // Histogram of value frequencies in the column. - repeated CategoricalStatsHistogramBucket value_frequency_histogram_buckets = - 5; + repeated CategoricalStatsHistogramBucket value_frequency_histogram_buckets = 5; } // Result of the k-anonymity computation. @@ -1448,8 +1447,7 @@ message AnalyzeDataSourceRiskDetails { } // Histogram of l-diversity equivalence class sensitive value frequencies. - repeated LDiversityHistogramBucket - sensitive_value_frequency_histogram_buckets = 5; + repeated LDiversityHistogramBucket sensitive_value_frequency_histogram_buckets = 5; } // Result of the reidentifiability analysis. Note that these results are an @@ -1555,8 +1553,7 @@ message AnalyzeDataSourceRiskDetails { // {min_probability: 0.3, max_probability: 0.4, frequency: 99} // mean that there are no record with an estimated probability in [0.1, 0.2) // nor larger or equal to 0.4. - repeated DeltaPresenceEstimationHistogramBucket - delta_presence_estimation_histogram = 1; + repeated DeltaPresenceEstimationHistogramBucket delta_presence_estimation_histogram = 1; } // Privacy metric to compute. @@ -1790,12 +1787,16 @@ message ReplaceValueConfig { } // Replace each matching finding with the name of the info_type. -message ReplaceWithInfoTypeConfig {} +message ReplaceWithInfoTypeConfig { + +} // Redact a given value. For example, if used with an `InfoTypeTransformation` // transforming PHONE_NUMBER, and input 'My phone number is 206-555-0123', the // output would be 'My phone number is '. -message RedactConfig {} +message RedactConfig { + +} // Characters to skip when doing deidentification of a value. These will be left // alone and skipped. @@ -2474,11 +2475,29 @@ message Action { // service-specific policy, see https://cloud.google.com/terms/service-terms // Only a single instance of this action can be specified. // Compatible with: Inspect - message PublishSummaryToCscc {} + message PublishSummaryToCscc { + + } + + // Publish findings of a DlpJob to Cloud Data Catalog. Labels summarizing the + // results of the DlpJob will be applied to the entry for the resource scanned + // in Cloud Data Catalog. Any labels previously written by another DlpJob will + // be deleted. InfoType naming patterns are strictly enforced when using this + // feature. Note that the findings will be persisted in Cloud Data Catalog + // storage and are governed by Data Catalog service-specific policy, see + // https://cloud.google.com/terms/service-terms + // Only a single instance of this action can be specified and only allowed if + // all resources being scanned are BigQuery tables. + // Compatible with: Inspect + message PublishFindingsToCloudDataCatalog { + + } // Enable email notification to project owners and editors on jobs's // completion/failure. - message JobNotificationEmails {} + message JobNotificationEmails { + + } oneof action { // Save resulting findings in a provided location. @@ -2490,6 +2509,9 @@ message Action { // Publish summary to Cloud Security Command Center (Alpha). PublishSummaryToCscc publish_summary_to_cscc = 3; + // Publish findings to Cloud Datahub. + PublishFindingsToCloudDataCatalog publish_findings_to_cloud_data_catalog = 5; + // Enable email notification to project owners and editors on job's // completion/failure. JobNotificationEmails job_notification_emails = 8; @@ -2790,12 +2812,6 @@ message DlpJob { repeated Error errors = 11; } -// The request message for [DlpJobs.GetDlpJob][]. -message GetDlpJobRequest { - // The name of the DlpJob resource. - string name = 1; -} - // Operators available for comparing the value of fields. enum RelationalOperator { RELATIONAL_OPERATOR_UNSPECIFIED = 0; @@ -2822,6 +2838,12 @@ enum RelationalOperator { EXISTS = 7; } +// The request message for [DlpJobs.GetDlpJob][]. +message GetDlpJobRequest { + // The name of the DlpJob resource. + string name = 1; +} + // The request message for listing DLP jobs. message ListDlpJobsRequest { // The parent resource name, for example projects/my-project-id. diff --git a/google/privacy/dlp/v2/storage.proto b/google/privacy/dlp/v2/storage.proto index 0c93754c..c2f38a61 100644 --- a/google/privacy/dlp/v2/storage.proto +++ b/google/privacy/dlp/v2/storage.proto @@ -134,11 +134,14 @@ message CustomInfoType { // output. This should be used in conjunction with a field on the // transformation such as `surrogate_info_type`. This CustomInfoType does // not support the use of `detection_rules`. - message SurrogateType {} + message SurrogateType { - // Rule for modifying a CustomInfoType to alter behavior under certain - // circumstances, depending on the specific details of the rule. Not supported - // for the `surrogate_type` custom info type. + } + + // Deprecated; use `InspectionRuleSet` instead. Rule for modifying a + // `CustomInfoType` to alter behavior under certain circumstances, depending + // on the specific details of the rule. Not supported for the `surrogate_type` + // custom infoType. message DetectionRule { // Message for specifying a window around a finding to apply a detection // rule.