1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="dlp_v2.html">Cloud Data Loss Prevention (DLP) API</a> . <a href="dlp_v2.projects.html">projects</a> . <a href="dlp_v2.projects.jobTriggers.html">jobTriggers</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#activate">activate(name, body=None, x__xgafv=None)</a></code></p> 79<p class="firstline">Activate a job trigger. Causes the immediate execute of a trigger</p> 80<p class="toc_element"> 81 <code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p> 82<p class="firstline">Creates a job trigger to run DLP actions such as scanning storage for</p> 83<p class="toc_element"> 84 <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p> 85<p class="firstline">Deletes a job trigger.</p> 86<p class="toc_element"> 87 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 88<p class="firstline">Gets a job trigger.</p> 89<p class="toc_element"> 90 <code><a href="#list">list(parent, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None, filter=None)</a></code></p> 91<p class="firstline">Lists job triggers.</p> 92<p class="toc_element"> 93 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> 94<p class="firstline">Retrieves the next page of results.</p> 95<p class="toc_element"> 96 <code><a href="#patch">patch(name, body, x__xgafv=None)</a></code></p> 97<p class="firstline">Updates a job trigger.</p> 98<h3>Method Details</h3> 99<div class="method"> 100 <code class="details" id="activate">activate(name, body=None, x__xgafv=None)</code> 101 <pre>Activate a job trigger. Causes the immediate execute of a trigger 102instead of waiting on the trigger event to occur. 103 104Args: 105 name: string, Resource name of the trigger to activate, for example 106`projects/dlp-test-project/jobTriggers/53234423`. (required) 107 body: object, The request body. 108 The object takes the form of: 109 110{ # Request message for ActivateJobTrigger. 111 } 112 113 x__xgafv: string, V1 error format. 114 Allowed values 115 1 - v1 error format 116 2 - v2 error format 117 118Returns: 119 An object of the form: 120 121 { # Combines all of the information about a DLP job. 122 "errors": [ # A stream of errors encountered running the job. 123 { # Details information about an error encountered during job execution or 124 # the results of an unsuccessful activation of the JobTrigger. 125 # Output only field. 126 "timestamps": [ # The times the error occurred. 127 "A String", 128 ], 129 "details": { # The `Status` type defines a logical error model that is suitable for 130 # different programming environments, including REST APIs and RPC APIs. It is 131 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 132 # three pieces of data: error code, error message, and error details. 133 # 134 # You can find out more about this error model and how to work with it in the 135 # [API Design Guide](https://cloud.google.com/apis/design/errors). 136 "message": "A String", # A developer-facing error message, which should be in English. Any 137 # user-facing error message should be localized and sent in the 138 # google.rpc.Status.details field, or localized by the client. 139 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 140 "details": [ # A list of messages that carry the error details. There is a common set of 141 # message types for APIs to use. 142 { 143 "a_key": "", # Properties of the object. Contains field @type with type URL. 144 }, 145 ], 146 }, 147 }, 148 ], 149 "name": "A String", # The server-assigned name. 150 "inspectDetails": { # The results of an inspect DataSource job. # Results from inspecting a data source. 151 "requestedOptions": { # The configuration used for this job. 152 "snapshotInspectTemplate": { # The inspectTemplate contains a configuration (set of types of sensitive data # If run with an InspectTemplate, a snapshot of its state at the time of 153 # this run. 154 # to be detected) to be used anywhere you otherwise would normally specify 155 # InspectConfig. See https://cloud.google.com/dlp/docs/concepts-templates 156 # to learn more. 157 "updateTime": "A String", # The last update timestamp of a inspectTemplate, output only field. 158 "displayName": "A String", # Display name (max 256 chars). 159 "description": "A String", # Short description (max 256 chars). 160 "inspectConfig": { # Configuration description of the scanning process. # The core content of the template. Configuration of the scanning process. 161 # When used with redactContent only info_types and min_likelihood are currently 162 # used. 163 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 164 "limits": { 165 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 166 # When set within `InspectContentRequest`, the maximum returned is 2000 167 # regardless if this is set higher. 168 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 169 { # Max findings configuration per infoType, per content item or long 170 # running DlpJob. 171 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 172 # info_type should be provided. If InfoTypeLimit does not have an 173 # info_type, the DLP API applies the limit against all info_types that 174 # are found but not specified in another InfoTypeLimit. 175 "name": "A String", # Name of the information type. Either a name of your choosing when 176 # creating a CustomInfoType, or one of the names listed 177 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 178 # a built-in type. InfoType names should conform to the pattern 179 # [a-zA-Z0-9_]{1,64}. 180 }, 181 "maxFindings": 42, # Max findings limit for the given infoType. 182 }, 183 ], 184 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 185 # When set within `InspectDataSourceRequest`, 186 # the maximum returned is 2000 regardless if this is set higher. 187 # When set within `InspectContentRequest`, this field is ignored. 188 }, 189 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 190 # POSSIBLE. 191 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 192 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 193 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 194 { # Custom information type provided by the user. Used to find domain-specific 195 # sensitive information configurable to the data in question. 196 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 197 "pattern": "A String", # Pattern defining the regular expression. Its syntax 198 # (https://github.com/google/re2/wiki/Syntax) can be found under the 199 # google/re2 repository on GitHub. 200 "groupIndexes": [ # The index of the submatch to extract as findings. When not 201 # specified, the entire match is returned. No more than 3 may be included. 202 42, 203 ], 204 }, 205 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 206 # support reversing. 207 # such as 208 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 209 # These types of transformations are 210 # those that perform pseudonymization, thereby producing a "surrogate" as 211 # output. This should be used in conjunction with a field on the 212 # transformation such as `surrogate_info_type`. This CustomInfoType does 213 # not support the use of `detection_rules`. 214 }, 215 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 216 # infoType, when the name matches one of existing infoTypes and that infoType 217 # is specified in `InspectContent.info_types` field. Specifying the latter 218 # adds findings to the one detected by the system. If built-in info type is 219 # not specified in `InspectContent.info_types` list then the name is treated 220 # as a custom info type. 221 "name": "A String", # Name of the information type. Either a name of your choosing when 222 # creating a CustomInfoType, or one of the names listed 223 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 224 # a built-in type. InfoType names should conform to the pattern 225 # [a-zA-Z0-9_]{1,64}. 226 }, 227 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 228 # be used to match sensitive information specific to the data, such as a list 229 # of employee IDs or job titles. 230 # 231 # Dictionary words are case-insensitive and all characters other than letters 232 # and digits in the unicode [Basic Multilingual 233 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 234 # will be replaced with whitespace when scanning for matches, so the 235 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 236 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 237 # surrounding any match must be of a different type than the adjacent 238 # characters within the word, so letters must be next to non-letters and 239 # digits next to non-digits. For example, the dictionary word "jen" will 240 # match the first three letters of the text "jen123" but will return no 241 # matches for "jennifer". 242 # 243 # Dictionary words containing a large number of characters that are not 244 # letters or digits may result in unexpected findings because such characters 245 # are treated as whitespace. The 246 # [limits](https://cloud.google.com/dlp/limits) page contains details about 247 # the size limits of dictionaries. For dictionaries that do not fit within 248 # these constraints, consider using `LargeCustomDictionaryConfig` in the 249 # `StoredInfoType` API. 250 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 251 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 252 # at least one phrase and every phrase must contain at least 2 characters 253 # that are letters or digits. [required] 254 "A String", 255 ], 256 }, 257 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 258 # is accepted. 259 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 260 # Example: gs://[BUCKET_NAME]/dictionary.txt 261 }, 262 }, 263 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 264 # `InspectDataSource`. Not currently supported in `InspectContent`. 265 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 266 # `organizations/433245324/storedInfoTypes/432452342` or 267 # `projects/project-id/storedInfoTypes/432452342`. 268 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 269 # inspection was created. Output-only field, populated by the system. 270 }, 271 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 272 # Rules are applied in order that they are specified. Not supported for the 273 # `surrogate_type` CustomInfoType. 274 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 275 # `CustomInfoType` to alter behavior under certain circumstances, depending 276 # on the specific details of the rule. Not supported for the `surrogate_type` 277 # custom infoType. 278 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 279 # proximity of hotwords. 280 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 281 # The total length of the window cannot exceed 1000 characters. Note that 282 # the finding itself will be included in the window, so that hotwords may 283 # be used to match substrings of the finding itself. For example, the 284 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 285 # adjusted upwards if the area code is known to be the local area code of 286 # a company office using the hotword regex "\(xxx\)", where "xxx" 287 # is the area code in question. 288 # rule. 289 "windowAfter": 42, # Number of characters after the finding to consider. 290 "windowBefore": 42, # Number of characters before the finding to consider. 291 }, 292 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 293 "pattern": "A String", # Pattern defining the regular expression. Its syntax 294 # (https://github.com/google/re2/wiki/Syntax) can be found under the 295 # google/re2 repository on GitHub. 296 "groupIndexes": [ # The index of the submatch to extract as findings. When not 297 # specified, the entire match is returned. No more than 3 may be included. 298 42, 299 ], 300 }, 301 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 302 # part of a detection rule. 303 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 304 # levels. For example, if a finding would be `POSSIBLE` without the 305 # detection rule and `relative_likelihood` is 1, then it is upgraded to 306 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 307 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 308 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 309 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 310 # a final likelihood of `LIKELY`. 311 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 312 }, 313 }, 314 }, 315 ], 316 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 317 # to be returned. It still can be used for rules matching. 318 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 319 # altered by a detection rule if the finding meets the criteria specified by 320 # the rule. Defaults to `VERY_LIKELY` if not specified. 321 }, 322 ], 323 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 324 # included in the response; see Finding.quote. 325 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 326 # Exclusion rules, contained in the set are executed in the end, other 327 # rules are executed in the order they are specified for each info type. 328 { # Rule set for modifying a set of infoTypes to alter behavior under certain 329 # circumstances, depending on the specific details of the rules within the set. 330 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 331 { # A single inspection rule to be applied to infoTypes, specified in 332 # `InspectionRuleSet`. 333 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 334 # proximity of hotwords. 335 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 336 # The total length of the window cannot exceed 1000 characters. Note that 337 # the finding itself will be included in the window, so that hotwords may 338 # be used to match substrings of the finding itself. For example, the 339 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 340 # adjusted upwards if the area code is known to be the local area code of 341 # a company office using the hotword regex "\(xxx\)", where "xxx" 342 # is the area code in question. 343 # rule. 344 "windowAfter": 42, # Number of characters after the finding to consider. 345 "windowBefore": 42, # Number of characters before the finding to consider. 346 }, 347 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 348 "pattern": "A String", # Pattern defining the regular expression. Its syntax 349 # (https://github.com/google/re2/wiki/Syntax) can be found under the 350 # google/re2 repository on GitHub. 351 "groupIndexes": [ # The index of the submatch to extract as findings. When not 352 # specified, the entire match is returned. No more than 3 may be included. 353 42, 354 ], 355 }, 356 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 357 # part of a detection rule. 358 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 359 # levels. For example, if a finding would be `POSSIBLE` without the 360 # detection rule and `relative_likelihood` is 1, then it is upgraded to 361 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 362 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 363 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 364 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 365 # a final likelihood of `LIKELY`. 366 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 367 }, 368 }, 369 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 370 # `InspectionRuleSet` are removed from results. 371 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 372 "pattern": "A String", # Pattern defining the regular expression. Its syntax 373 # (https://github.com/google/re2/wiki/Syntax) can be found under the 374 # google/re2 repository on GitHub. 375 "groupIndexes": [ # The index of the submatch to extract as findings. When not 376 # specified, the entire match is returned. No more than 3 may be included. 377 42, 378 ], 379 }, 380 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 381 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 382 # contained within with a finding of an infoType from this list. For 383 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 384 # `exclusion_rule` containing `exclude_info_types.info_types` with 385 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 386 # with EMAIL_ADDRESS finding. 387 # That leads to "555-222-2222@example.org" to generate only a single 388 # finding, namely email address. 389 { # Type of information detected by the API. 390 "name": "A String", # Name of the information type. Either a name of your choosing when 391 # creating a CustomInfoType, or one of the names listed 392 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 393 # a built-in type. InfoType names should conform to the pattern 394 # [a-zA-Z0-9_]{1,64}. 395 }, 396 ], 397 }, 398 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 399 # be used to match sensitive information specific to the data, such as a list 400 # of employee IDs or job titles. 401 # 402 # Dictionary words are case-insensitive and all characters other than letters 403 # and digits in the unicode [Basic Multilingual 404 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 405 # will be replaced with whitespace when scanning for matches, so the 406 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 407 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 408 # surrounding any match must be of a different type than the adjacent 409 # characters within the word, so letters must be next to non-letters and 410 # digits next to non-digits. For example, the dictionary word "jen" will 411 # match the first three letters of the text "jen123" but will return no 412 # matches for "jennifer". 413 # 414 # Dictionary words containing a large number of characters that are not 415 # letters or digits may result in unexpected findings because such characters 416 # are treated as whitespace. The 417 # [limits](https://cloud.google.com/dlp/limits) page contains details about 418 # the size limits of dictionaries. For dictionaries that do not fit within 419 # these constraints, consider using `LargeCustomDictionaryConfig` in the 420 # `StoredInfoType` API. 421 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 422 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 423 # at least one phrase and every phrase must contain at least 2 characters 424 # that are letters or digits. [required] 425 "A String", 426 ], 427 }, 428 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 429 # is accepted. 430 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 431 # Example: gs://[BUCKET_NAME]/dictionary.txt 432 }, 433 }, 434 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 435 }, 436 }, 437 ], 438 "infoTypes": [ # List of infoTypes this rule set is applied to. 439 { # Type of information detected by the API. 440 "name": "A String", # Name of the information type. Either a name of your choosing when 441 # creating a CustomInfoType, or one of the names listed 442 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 443 # a built-in type. InfoType names should conform to the pattern 444 # [a-zA-Z0-9_]{1,64}. 445 }, 446 ], 447 }, 448 ], 449 "contentOptions": [ # List of options defining data content to scan. 450 # If empty, text, images, and other content will be included. 451 "A String", 452 ], 453 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 454 # InfoType values returned by ListInfoTypes or listed at 455 # https://cloud.google.com/dlp/docs/infotypes-reference. 456 # 457 # When no InfoTypes or CustomInfoTypes are specified in a request, the 458 # system may automatically choose what detectors to run. By default this may 459 # be all types, but may change over time as detectors are updated. 460 # 461 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 462 # but may change over time as new InfoTypes are added. If you need precise 463 # control and predictability as to what detectors are run you should specify 464 # specific InfoTypes listed in the reference. 465 { # Type of information detected by the API. 466 "name": "A String", # Name of the information type. Either a name of your choosing when 467 # creating a CustomInfoType, or one of the names listed 468 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 469 # a built-in type. InfoType names should conform to the pattern 470 # [a-zA-Z0-9_]{1,64}. 471 }, 472 ], 473 }, 474 "createTime": "A String", # The creation timestamp of a inspectTemplate, output only field. 475 "name": "A String", # The template name. Output only. 476 # 477 # The template will have one of the following formats: 478 # `projects/PROJECT_ID/inspectTemplates/TEMPLATE_ID` OR 479 # `organizations/ORGANIZATION_ID/inspectTemplates/TEMPLATE_ID` 480 }, 481 "jobConfig": { 482 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan. 483 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification. 484 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always 485 # by project and namespace, however the namespace ID may be empty. 486 # A partition ID identifies a grouping of entities. The grouping is always 487 # by project and namespace, however the namespace ID may be empty. 488 # 489 # A partition ID contains several dimensions: 490 # project ID and namespace ID. 491 "projectId": "A String", # The ID of the project to which the entities belong. 492 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong. 493 }, 494 "kind": { # A representation of a Datastore kind. # The kind to process. 495 "name": "A String", # The name of the kind. 496 }, 497 }, 498 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification. 499 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip 500 # inspection of entire columns which you know have no findings. 501 { # General identifier of a data field in a storage service. 502 "name": "A String", # Name describing the field. 503 }, 504 ], 505 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the 506 # rest of the rows are omitted. If not set, or if set to 0, all rows will be 507 # scanned. Only one of rows_limit and rows_limit_percent can be specified. 508 # Cannot be used in conjunction with TimespanConfig. 509 "sampleMethod": "A String", 510 "identifyingFields": [ # References to fields uniquely identifying rows within the table. 511 # Nested fields in the format, like `person.birthdate.year`, are allowed. 512 { # General identifier of a data field in a storage service. 513 "name": "A String", # Name describing the field. 514 }, 515 ], 516 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows 517 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 518 # 100 means no limit. Defaults to 0. Only one of rows_limit and 519 # rows_limit_percent can be specified. Cannot be used in conjunction with 520 # TimespanConfig. 521 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference. 522 # identified by its project_id, dataset_id, and table_name. Within a query 523 # a table is often referenced with a string in the format of: 524 # `<project_id>:<dataset_id>.<table_id>` or 525 # `<project_id>.<dataset_id>.<table_id>`. 526 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 527 # If omitted, project ID is inferred from the API call. 528 "tableId": "A String", # Name of the table. 529 "datasetId": "A String", # Dataset ID of the table. 530 }, 531 }, 532 "timespanConfig": { # Configuration of the timespan of the items to include in scanning. 533 # Currently only supported when inspecting Google Cloud Storage and BigQuery. 534 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items. 535 # Used for data sources like Datastore or BigQuery. 536 # If not specified for BigQuery, table last modification timestamp 537 # is checked against given time span. 538 # The valid data types of the timestamp field are: 539 # for BigQuery - timestamp, date, datetime; 540 # for Datastore - timestamp. 541 # Datastore entity will be scanned if the timestamp property does not exist 542 # or its value is empty or invalid. 543 "name": "A String", # Name describing the field. 544 }, 545 "endTime": "A String", # Exclude files or rows newer than this value. 546 # If set to zero, no upper time limit is applied. 547 "startTime": "A String", # Exclude files or rows older than this value. 548 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out 549 # a valid start_time to avoid scanning files that have not been modified 550 # since the last time the JobTrigger executed. This will be based on the 551 # time of the execution of the last run of the JobTrigger. 552 }, 553 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification. 554 # bucket. 555 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger 556 # than this value then the rest of the bytes are omitted. Only one 557 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 558 "sampleMethod": "A String", 559 "fileSet": { # Set of files to scan. # The set of one or more files to scan. 560 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format 561 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed. 562 # 563 # If the url ends in a trailing slash, the bucket or directory represented 564 # by the url will be scanned non-recursively (content in sub-directories 565 # will not be scanned). This means that `gs://mybucket/` is equivalent to 566 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to 567 # `gs://mybucket/directory/*`. 568 # 569 # Exactly one of `url` or `regex_file_set` must be set. 570 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or 571 # `regex_file_set` must be set. 572 # expressions are used to allow fine-grained control over which files in the 573 # bucket to include. 574 # 575 # Included files are those that match at least one item in `include_regex` and 576 # do not match any items in `exclude_regex`. Note that a file that matches 577 # items from both lists will _not_ be included. For a match to occur, the 578 # entire file path (i.e., everything in the url after the bucket name) must 579 # match the regular expression. 580 # 581 # For example, given the input `{bucket_name: "mybucket", include_regex: 582 # ["directory1/.*"], exclude_regex: 583 # ["directory1/excluded.*"]}`: 584 # 585 # * `gs://mybucket/directory1/myfile` will be included 586 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches 587 # across `/`) 588 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the 589 # full path doesn't match any items in `include_regex`) 590 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path 591 # matches an item in `exclude_regex`) 592 # 593 # If `include_regex` is left empty, it will match all files by default 594 # (this is equivalent to setting `include_regex: [".*"]`). 595 # 596 # Some other common use cases: 597 # 598 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all 599 # files in `mybucket` except for .pdf files 600 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will 601 # include all files directly under `gs://mybucket/directory/`, without matching 602 # across `/` 603 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in 604 # the bucket that match at least one of these regular expressions will be 605 # excluded from the scan. 606 # 607 # Regular expressions use RE2 608 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 609 # under the google/re2 repository on GitHub. 610 "A String", 611 ], 612 "bucketName": "A String", # The name of a Cloud Storage bucket. Required. 613 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in 614 # the bucket that match at least one of these regular expressions will be 615 # included in the set of files, except for those that also match an item in 616 # `exclude_regex`. Leaving this field empty will match all files by default 617 # (this is equivalent to including `.*` in the list). 618 # 619 # Regular expressions use RE2 620 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 621 # under the google/re2 repository on GitHub. 622 "A String", 623 ], 624 }, 625 }, 626 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The 627 # number of bytes scanned is rounded down. Must be between 0 and 100, 628 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one 629 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 630 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet. 631 # Number of files scanned is rounded down. Must be between 0 and 100, 632 # inclusively. Both 0 and 100 means no limit. Defaults to 0. 633 "fileTypes": [ # List of file type groups to include in the scan. 634 # If empty, all files are scanned and available data format processors 635 # are applied. In addition, the binary content of the selected files 636 # is always scanned as well. 637 "A String", 638 ], 639 }, 640 }, 641 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for. 642 # When used with redactContent only info_types and min_likelihood are currently 643 # used. 644 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 645 "limits": { 646 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 647 # When set within `InspectContentRequest`, the maximum returned is 2000 648 # regardless if this is set higher. 649 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 650 { # Max findings configuration per infoType, per content item or long 651 # running DlpJob. 652 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 653 # info_type should be provided. If InfoTypeLimit does not have an 654 # info_type, the DLP API applies the limit against all info_types that 655 # are found but not specified in another InfoTypeLimit. 656 "name": "A String", # Name of the information type. Either a name of your choosing when 657 # creating a CustomInfoType, or one of the names listed 658 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 659 # a built-in type. InfoType names should conform to the pattern 660 # [a-zA-Z0-9_]{1,64}. 661 }, 662 "maxFindings": 42, # Max findings limit for the given infoType. 663 }, 664 ], 665 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 666 # When set within `InspectDataSourceRequest`, 667 # the maximum returned is 2000 regardless if this is set higher. 668 # When set within `InspectContentRequest`, this field is ignored. 669 }, 670 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 671 # POSSIBLE. 672 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 673 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 674 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 675 { # Custom information type provided by the user. Used to find domain-specific 676 # sensitive information configurable to the data in question. 677 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 678 "pattern": "A String", # Pattern defining the regular expression. Its syntax 679 # (https://github.com/google/re2/wiki/Syntax) can be found under the 680 # google/re2 repository on GitHub. 681 "groupIndexes": [ # The index of the submatch to extract as findings. When not 682 # specified, the entire match is returned. No more than 3 may be included. 683 42, 684 ], 685 }, 686 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 687 # support reversing. 688 # such as 689 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 690 # These types of transformations are 691 # those that perform pseudonymization, thereby producing a "surrogate" as 692 # output. This should be used in conjunction with a field on the 693 # transformation such as `surrogate_info_type`. This CustomInfoType does 694 # not support the use of `detection_rules`. 695 }, 696 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 697 # infoType, when the name matches one of existing infoTypes and that infoType 698 # is specified in `InspectContent.info_types` field. Specifying the latter 699 # adds findings to the one detected by the system. If built-in info type is 700 # not specified in `InspectContent.info_types` list then the name is treated 701 # as a custom info type. 702 "name": "A String", # Name of the information type. Either a name of your choosing when 703 # creating a CustomInfoType, or one of the names listed 704 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 705 # a built-in type. InfoType names should conform to the pattern 706 # [a-zA-Z0-9_]{1,64}. 707 }, 708 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 709 # be used to match sensitive information specific to the data, such as a list 710 # of employee IDs or job titles. 711 # 712 # Dictionary words are case-insensitive and all characters other than letters 713 # and digits in the unicode [Basic Multilingual 714 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 715 # will be replaced with whitespace when scanning for matches, so the 716 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 717 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 718 # surrounding any match must be of a different type than the adjacent 719 # characters within the word, so letters must be next to non-letters and 720 # digits next to non-digits. For example, the dictionary word "jen" will 721 # match the first three letters of the text "jen123" but will return no 722 # matches for "jennifer". 723 # 724 # Dictionary words containing a large number of characters that are not 725 # letters or digits may result in unexpected findings because such characters 726 # are treated as whitespace. The 727 # [limits](https://cloud.google.com/dlp/limits) page contains details about 728 # the size limits of dictionaries. For dictionaries that do not fit within 729 # these constraints, consider using `LargeCustomDictionaryConfig` in the 730 # `StoredInfoType` API. 731 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 732 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 733 # at least one phrase and every phrase must contain at least 2 characters 734 # that are letters or digits. [required] 735 "A String", 736 ], 737 }, 738 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 739 # is accepted. 740 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 741 # Example: gs://[BUCKET_NAME]/dictionary.txt 742 }, 743 }, 744 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 745 # `InspectDataSource`. Not currently supported in `InspectContent`. 746 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 747 # `organizations/433245324/storedInfoTypes/432452342` or 748 # `projects/project-id/storedInfoTypes/432452342`. 749 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 750 # inspection was created. Output-only field, populated by the system. 751 }, 752 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 753 # Rules are applied in order that they are specified. Not supported for the 754 # `surrogate_type` CustomInfoType. 755 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 756 # `CustomInfoType` to alter behavior under certain circumstances, depending 757 # on the specific details of the rule. Not supported for the `surrogate_type` 758 # custom infoType. 759 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 760 # proximity of hotwords. 761 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 762 # The total length of the window cannot exceed 1000 characters. Note that 763 # the finding itself will be included in the window, so that hotwords may 764 # be used to match substrings of the finding itself. For example, the 765 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 766 # adjusted upwards if the area code is known to be the local area code of 767 # a company office using the hotword regex "\(xxx\)", where "xxx" 768 # is the area code in question. 769 # rule. 770 "windowAfter": 42, # Number of characters after the finding to consider. 771 "windowBefore": 42, # Number of characters before the finding to consider. 772 }, 773 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 774 "pattern": "A String", # Pattern defining the regular expression. Its syntax 775 # (https://github.com/google/re2/wiki/Syntax) can be found under the 776 # google/re2 repository on GitHub. 777 "groupIndexes": [ # The index of the submatch to extract as findings. When not 778 # specified, the entire match is returned. No more than 3 may be included. 779 42, 780 ], 781 }, 782 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 783 # part of a detection rule. 784 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 785 # levels. For example, if a finding would be `POSSIBLE` without the 786 # detection rule and `relative_likelihood` is 1, then it is upgraded to 787 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 788 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 789 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 790 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 791 # a final likelihood of `LIKELY`. 792 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 793 }, 794 }, 795 }, 796 ], 797 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 798 # to be returned. It still can be used for rules matching. 799 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 800 # altered by a detection rule if the finding meets the criteria specified by 801 # the rule. Defaults to `VERY_LIKELY` if not specified. 802 }, 803 ], 804 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 805 # included in the response; see Finding.quote. 806 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 807 # Exclusion rules, contained in the set are executed in the end, other 808 # rules are executed in the order they are specified for each info type. 809 { # Rule set for modifying a set of infoTypes to alter behavior under certain 810 # circumstances, depending on the specific details of the rules within the set. 811 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 812 { # A single inspection rule to be applied to infoTypes, specified in 813 # `InspectionRuleSet`. 814 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 815 # proximity of hotwords. 816 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 817 # The total length of the window cannot exceed 1000 characters. Note that 818 # the finding itself will be included in the window, so that hotwords may 819 # be used to match substrings of the finding itself. For example, the 820 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 821 # adjusted upwards if the area code is known to be the local area code of 822 # a company office using the hotword regex "\(xxx\)", where "xxx" 823 # is the area code in question. 824 # rule. 825 "windowAfter": 42, # Number of characters after the finding to consider. 826 "windowBefore": 42, # Number of characters before the finding to consider. 827 }, 828 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 829 "pattern": "A String", # Pattern defining the regular expression. Its syntax 830 # (https://github.com/google/re2/wiki/Syntax) can be found under the 831 # google/re2 repository on GitHub. 832 "groupIndexes": [ # The index of the submatch to extract as findings. When not 833 # specified, the entire match is returned. No more than 3 may be included. 834 42, 835 ], 836 }, 837 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 838 # part of a detection rule. 839 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 840 # levels. For example, if a finding would be `POSSIBLE` without the 841 # detection rule and `relative_likelihood` is 1, then it is upgraded to 842 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 843 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 844 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 845 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 846 # a final likelihood of `LIKELY`. 847 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 848 }, 849 }, 850 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 851 # `InspectionRuleSet` are removed from results. 852 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 853 "pattern": "A String", # Pattern defining the regular expression. Its syntax 854 # (https://github.com/google/re2/wiki/Syntax) can be found under the 855 # google/re2 repository on GitHub. 856 "groupIndexes": [ # The index of the submatch to extract as findings. When not 857 # specified, the entire match is returned. No more than 3 may be included. 858 42, 859 ], 860 }, 861 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 862 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 863 # contained within with a finding of an infoType from this list. For 864 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 865 # `exclusion_rule` containing `exclude_info_types.info_types` with 866 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 867 # with EMAIL_ADDRESS finding. 868 # That leads to "555-222-2222@example.org" to generate only a single 869 # finding, namely email address. 870 { # Type of information detected by the API. 871 "name": "A String", # Name of the information type. Either a name of your choosing when 872 # creating a CustomInfoType, or one of the names listed 873 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 874 # a built-in type. InfoType names should conform to the pattern 875 # [a-zA-Z0-9_]{1,64}. 876 }, 877 ], 878 }, 879 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 880 # be used to match sensitive information specific to the data, such as a list 881 # of employee IDs or job titles. 882 # 883 # Dictionary words are case-insensitive and all characters other than letters 884 # and digits in the unicode [Basic Multilingual 885 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 886 # will be replaced with whitespace when scanning for matches, so the 887 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 888 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 889 # surrounding any match must be of a different type than the adjacent 890 # characters within the word, so letters must be next to non-letters and 891 # digits next to non-digits. For example, the dictionary word "jen" will 892 # match the first three letters of the text "jen123" but will return no 893 # matches for "jennifer". 894 # 895 # Dictionary words containing a large number of characters that are not 896 # letters or digits may result in unexpected findings because such characters 897 # are treated as whitespace. The 898 # [limits](https://cloud.google.com/dlp/limits) page contains details about 899 # the size limits of dictionaries. For dictionaries that do not fit within 900 # these constraints, consider using `LargeCustomDictionaryConfig` in the 901 # `StoredInfoType` API. 902 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 903 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 904 # at least one phrase and every phrase must contain at least 2 characters 905 # that are letters or digits. [required] 906 "A String", 907 ], 908 }, 909 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 910 # is accepted. 911 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 912 # Example: gs://[BUCKET_NAME]/dictionary.txt 913 }, 914 }, 915 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 916 }, 917 }, 918 ], 919 "infoTypes": [ # List of infoTypes this rule set is applied to. 920 { # Type of information detected by the API. 921 "name": "A String", # Name of the information type. Either a name of your choosing when 922 # creating a CustomInfoType, or one of the names listed 923 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 924 # a built-in type. InfoType names should conform to the pattern 925 # [a-zA-Z0-9_]{1,64}. 926 }, 927 ], 928 }, 929 ], 930 "contentOptions": [ # List of options defining data content to scan. 931 # If empty, text, images, and other content will be included. 932 "A String", 933 ], 934 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 935 # InfoType values returned by ListInfoTypes or listed at 936 # https://cloud.google.com/dlp/docs/infotypes-reference. 937 # 938 # When no InfoTypes or CustomInfoTypes are specified in a request, the 939 # system may automatically choose what detectors to run. By default this may 940 # be all types, but may change over time as detectors are updated. 941 # 942 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 943 # but may change over time as new InfoTypes are added. If you need precise 944 # control and predictability as to what detectors are run you should specify 945 # specific InfoTypes listed in the reference. 946 { # Type of information detected by the API. 947 "name": "A String", # Name of the information type. Either a name of your choosing when 948 # creating a CustomInfoType, or one of the names listed 949 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 950 # a built-in type. InfoType names should conform to the pattern 951 # [a-zA-Z0-9_]{1,64}. 952 }, 953 ], 954 }, 955 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig. 956 # `inspect_config` will be merged into the values persisted as part of the 957 # template. 958 "actions": [ # Actions to execute at the completion of the job. 959 { # A task to execute on the completion of a job. 960 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more. 961 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location. 962 # OutputStorageConfig. Only a single instance of this action can be 963 # specified. 964 # Compatible with: Inspect, Risk 965 "outputConfig": { # Cloud repository for storing output. 966 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing 967 # dataset. If table_id is not set a new one will be generated 968 # for you with the following format: 969 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for 970 # generating the date details. 971 # 972 # For Inspect, each column in an existing output table must have the same 973 # name, type, and mode of a field in the `Finding` object. 974 # 975 # For Risk, an existing output table should be the output of a previous 976 # Risk analysis job run on the same source table, with the same privacy 977 # metric and quasi-identifiers. Risk jobs that analyze the same table but 978 # compute a different privacy metric, or use different sets of 979 # quasi-identifiers, cannot store their results in the same table. 980 # identified by its project_id, dataset_id, and table_name. Within a query 981 # a table is often referenced with a string in the format of: 982 # `<project_id>:<dataset_id>.<table_id>` or 983 # `<project_id>.<dataset_id>.<table_id>`. 984 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 985 # If omitted, project ID is inferred from the API call. 986 "tableId": "A String", # Name of the table. 987 "datasetId": "A String", # Dataset ID of the table. 988 }, 989 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only 990 # used for Inspect and must be unspecified for Risk jobs. Columns are derived 991 # from the `Finding` object. If appending to an existing table, any columns 992 # from the predefined schema that are missing will be added. No columns in 993 # the existing table will be deleted. 994 # 995 # If unspecified, then all available columns will be used for a new table or 996 # an (existing) table with no schema, and no changes will be made to an 997 # existing table that has a schema. 998 }, 999 }, 1000 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's 1001 # completion/failure. 1002 # completion/failure. 1003 }, 1004 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha). 1005 # Command Center (CSCC Alpha). 1006 # This action is only available for projects which are parts of 1007 # an organization and whitelisted for the alpha Cloud Security Command 1008 # Center. 1009 # The action will publish count of finding instances and their info types. 1010 # The summary of findings will be persisted in CSCC and are governed by CSCC 1011 # service-specific policy, see https://cloud.google.com/terms/service-terms 1012 # Only a single instance of this action can be specified. 1013 # Compatible with: Inspect 1014 }, 1015 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic. 1016 # message contains a single field, `DlpJobName`, which is equal to the 1017 # finished job's 1018 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). 1019 # Compatible with: Inspect, Risk 1020 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given 1021 # publishing access rights to the DLP API service account executing 1022 # the long running DlpJob sending the notifications. 1023 # Format is projects/{project}/topics/{topic}. 1024 }, 1025 }, 1026 ], 1027 }, 1028 }, 1029 "result": { # All result fields mentioned below are updated while the job is processing. # A summary of the outcome of this inspect job. 1030 "infoTypeStats": [ # Statistics of how many instances of each info type were found during 1031 # inspect job. 1032 { # Statistics regarding a specific InfoType. 1033 "count": "A String", # Number of findings for this infoType. 1034 "infoType": { # Type of information detected by the API. # The type of finding this stat is for. 1035 "name": "A String", # Name of the information type. Either a name of your choosing when 1036 # creating a CustomInfoType, or one of the names listed 1037 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 1038 # a built-in type. InfoType names should conform to the pattern 1039 # [a-zA-Z0-9_]{1,64}. 1040 }, 1041 }, 1042 ], 1043 "totalEstimatedBytes": "A String", # Estimate of the number of bytes to process. 1044 "processedBytes": "A String", # Total size in bytes that were processed. 1045 }, 1046 }, 1047 "riskDetails": { # Result of a risk analysis operation request. # Results from analyzing risk of a data source. 1048 "numericalStatsResult": { # Result of the numerical stats computation. 1049 "quantileValues": [ # List of 99 values that partition the set of field values into 100 equal 1050 # sized buckets. 1051 { # Set of primitive values supported by the system. 1052 # Note that for the purposes of inspection or transformation, the number 1053 # of bytes considered to comprise a 'Value' is based on its representation 1054 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1055 # 123456789, the number of bytes would be counted as 9, even though an 1056 # int64 only holds up to 8 bytes of data. 1057 "floatValue": 3.14, 1058 "timestampValue": "A String", 1059 "dayOfWeekValue": "A String", 1060 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1061 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1062 # types are google.type.Date and `google.protobuf.Timestamp`. 1063 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1064 # to allow the value "24:00:00" for scenarios like business closing time. 1065 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1066 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1067 # allow the value 60 if it allows leap-seconds. 1068 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1069 }, 1070 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1071 # and time zone are either specified elsewhere or are not significant. The date 1072 # is relative to the Proleptic Gregorian Calendar. This can represent: 1073 # 1074 # * A full date, with non-zero year, month and day values 1075 # * A month and day value, with a zero year, e.g. an anniversary 1076 # * A year on its own, with zero month and day values 1077 # * A year and month value, with a zero day, e.g. a credit card expiration date 1078 # 1079 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1080 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1081 # a year. 1082 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1083 # if specifying a year by itself or a year and month where the day is not 1084 # significant. 1085 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1086 # month and day. 1087 }, 1088 "stringValue": "A String", 1089 "booleanValue": True or False, 1090 "integerValue": "A String", 1091 }, 1092 ], 1093 "maxValue": { # Set of primitive values supported by the system. # Maximum value appearing in the column. 1094 # Note that for the purposes of inspection or transformation, the number 1095 # of bytes considered to comprise a 'Value' is based on its representation 1096 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1097 # 123456789, the number of bytes would be counted as 9, even though an 1098 # int64 only holds up to 8 bytes of data. 1099 "floatValue": 3.14, 1100 "timestampValue": "A String", 1101 "dayOfWeekValue": "A String", 1102 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1103 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1104 # types are google.type.Date and `google.protobuf.Timestamp`. 1105 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1106 # to allow the value "24:00:00" for scenarios like business closing time. 1107 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1108 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1109 # allow the value 60 if it allows leap-seconds. 1110 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1111 }, 1112 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1113 # and time zone are either specified elsewhere or are not significant. The date 1114 # is relative to the Proleptic Gregorian Calendar. This can represent: 1115 # 1116 # * A full date, with non-zero year, month and day values 1117 # * A month and day value, with a zero year, e.g. an anniversary 1118 # * A year on its own, with zero month and day values 1119 # * A year and month value, with a zero day, e.g. a credit card expiration date 1120 # 1121 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1122 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1123 # a year. 1124 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1125 # if specifying a year by itself or a year and month where the day is not 1126 # significant. 1127 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1128 # month and day. 1129 }, 1130 "stringValue": "A String", 1131 "booleanValue": True or False, 1132 "integerValue": "A String", 1133 }, 1134 "minValue": { # Set of primitive values supported by the system. # Minimum value appearing in the column. 1135 # Note that for the purposes of inspection or transformation, the number 1136 # of bytes considered to comprise a 'Value' is based on its representation 1137 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1138 # 123456789, the number of bytes would be counted as 9, even though an 1139 # int64 only holds up to 8 bytes of data. 1140 "floatValue": 3.14, 1141 "timestampValue": "A String", 1142 "dayOfWeekValue": "A String", 1143 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1144 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1145 # types are google.type.Date and `google.protobuf.Timestamp`. 1146 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1147 # to allow the value "24:00:00" for scenarios like business closing time. 1148 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1149 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1150 # allow the value 60 if it allows leap-seconds. 1151 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1152 }, 1153 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1154 # and time zone are either specified elsewhere or are not significant. The date 1155 # is relative to the Proleptic Gregorian Calendar. This can represent: 1156 # 1157 # * A full date, with non-zero year, month and day values 1158 # * A month and day value, with a zero year, e.g. an anniversary 1159 # * A year on its own, with zero month and day values 1160 # * A year and month value, with a zero day, e.g. a credit card expiration date 1161 # 1162 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1163 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1164 # a year. 1165 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1166 # if specifying a year by itself or a year and month where the day is not 1167 # significant. 1168 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1169 # month and day. 1170 }, 1171 "stringValue": "A String", 1172 "booleanValue": True or False, 1173 "integerValue": "A String", 1174 }, 1175 }, 1176 "kMapEstimationResult": { # Result of the reidentifiability analysis. Note that these results are an 1177 # estimation, not exact values. 1178 "kMapEstimationHistogram": [ # The intervals [min_anonymity, max_anonymity] do not overlap. If a value 1179 # doesn't correspond to any such interval, the associated frequency is 1180 # zero. For example, the following records: 1181 # {min_anonymity: 1, max_anonymity: 1, frequency: 17} 1182 # {min_anonymity: 2, max_anonymity: 3, frequency: 42} 1183 # {min_anonymity: 5, max_anonymity: 10, frequency: 99} 1184 # mean that there are no record with an estimated anonymity of 4, 5, or 1185 # larger than 10. 1186 { # A KMapEstimationHistogramBucket message with the following values: 1187 # min_anonymity: 3 1188 # max_anonymity: 5 1189 # frequency: 42 1190 # means that there are 42 records whose quasi-identifier values correspond 1191 # to 3, 4 or 5 people in the overlying population. An important particular 1192 # case is when min_anonymity = max_anonymity = 1: the frequency field then 1193 # corresponds to the number of uniquely identifiable records. 1194 "bucketValues": [ # Sample of quasi-identifier tuple values in this bucket. The total 1195 # number of classes returned per bucket is capped at 20. 1196 { # A tuple of values for the quasi-identifier columns. 1197 "estimatedAnonymity": "A String", # The estimated anonymity for these quasi-identifier values. 1198 "quasiIdsValues": [ # The quasi-identifier values. 1199 { # Set of primitive values supported by the system. 1200 # Note that for the purposes of inspection or transformation, the number 1201 # of bytes considered to comprise a 'Value' is based on its representation 1202 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1203 # 123456789, the number of bytes would be counted as 9, even though an 1204 # int64 only holds up to 8 bytes of data. 1205 "floatValue": 3.14, 1206 "timestampValue": "A String", 1207 "dayOfWeekValue": "A String", 1208 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1209 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1210 # types are google.type.Date and `google.protobuf.Timestamp`. 1211 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1212 # to allow the value "24:00:00" for scenarios like business closing time. 1213 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1214 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1215 # allow the value 60 if it allows leap-seconds. 1216 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1217 }, 1218 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1219 # and time zone are either specified elsewhere or are not significant. The date 1220 # is relative to the Proleptic Gregorian Calendar. This can represent: 1221 # 1222 # * A full date, with non-zero year, month and day values 1223 # * A month and day value, with a zero year, e.g. an anniversary 1224 # * A year on its own, with zero month and day values 1225 # * A year and month value, with a zero day, e.g. a credit card expiration date 1226 # 1227 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1228 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1229 # a year. 1230 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1231 # if specifying a year by itself or a year and month where the day is not 1232 # significant. 1233 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1234 # month and day. 1235 }, 1236 "stringValue": "A String", 1237 "booleanValue": True or False, 1238 "integerValue": "A String", 1239 }, 1240 ], 1241 }, 1242 ], 1243 "minAnonymity": "A String", # Always positive. 1244 "bucketValueCount": "A String", # Total number of distinct quasi-identifier tuple values in this bucket. 1245 "maxAnonymity": "A String", # Always greater than or equal to min_anonymity. 1246 "bucketSize": "A String", # Number of records within these anonymity bounds. 1247 }, 1248 ], 1249 }, 1250 "kAnonymityResult": { # Result of the k-anonymity computation. 1251 "equivalenceClassHistogramBuckets": [ # Histogram of k-anonymity equivalence classes. 1252 { 1253 "bucketValues": [ # Sample of equivalence classes in this bucket. The total number of 1254 # classes returned per bucket is capped at 20. 1255 { # The set of columns' values that share the same ldiversity value 1256 "quasiIdsValues": [ # Set of values defining the equivalence class. One value per 1257 # quasi-identifier column in the original KAnonymity metric message. 1258 # The order is always the same as the original request. 1259 { # Set of primitive values supported by the system. 1260 # Note that for the purposes of inspection or transformation, the number 1261 # of bytes considered to comprise a 'Value' is based on its representation 1262 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1263 # 123456789, the number of bytes would be counted as 9, even though an 1264 # int64 only holds up to 8 bytes of data. 1265 "floatValue": 3.14, 1266 "timestampValue": "A String", 1267 "dayOfWeekValue": "A String", 1268 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1269 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1270 # types are google.type.Date and `google.protobuf.Timestamp`. 1271 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1272 # to allow the value "24:00:00" for scenarios like business closing time. 1273 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1274 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1275 # allow the value 60 if it allows leap-seconds. 1276 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1277 }, 1278 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1279 # and time zone are either specified elsewhere or are not significant. The date 1280 # is relative to the Proleptic Gregorian Calendar. This can represent: 1281 # 1282 # * A full date, with non-zero year, month and day values 1283 # * A month and day value, with a zero year, e.g. an anniversary 1284 # * A year on its own, with zero month and day values 1285 # * A year and month value, with a zero day, e.g. a credit card expiration date 1286 # 1287 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1288 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1289 # a year. 1290 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1291 # if specifying a year by itself or a year and month where the day is not 1292 # significant. 1293 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1294 # month and day. 1295 }, 1296 "stringValue": "A String", 1297 "booleanValue": True or False, 1298 "integerValue": "A String", 1299 }, 1300 ], 1301 "equivalenceClassSize": "A String", # Size of the equivalence class, for example number of rows with the 1302 # above set of values. 1303 }, 1304 ], 1305 "bucketValueCount": "A String", # Total number of distinct equivalence classes in this bucket. 1306 "equivalenceClassSizeLowerBound": "A String", # Lower bound on the size of the equivalence classes in this bucket. 1307 "equivalenceClassSizeUpperBound": "A String", # Upper bound on the size of the equivalence classes in this bucket. 1308 "bucketSize": "A String", # Total number of equivalence classes in this bucket. 1309 }, 1310 ], 1311 }, 1312 "lDiversityResult": { # Result of the l-diversity computation. 1313 "sensitiveValueFrequencyHistogramBuckets": [ # Histogram of l-diversity equivalence class sensitive value frequencies. 1314 { 1315 "bucketValues": [ # Sample of equivalence classes in this bucket. The total number of 1316 # classes returned per bucket is capped at 20. 1317 { # The set of columns' values that share the same ldiversity value. 1318 "numDistinctSensitiveValues": "A String", # Number of distinct sensitive values in this equivalence class. 1319 "quasiIdsValues": [ # Quasi-identifier values defining the k-anonymity equivalence 1320 # class. The order is always the same as the original request. 1321 { # Set of primitive values supported by the system. 1322 # Note that for the purposes of inspection or transformation, the number 1323 # of bytes considered to comprise a 'Value' is based on its representation 1324 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1325 # 123456789, the number of bytes would be counted as 9, even though an 1326 # int64 only holds up to 8 bytes of data. 1327 "floatValue": 3.14, 1328 "timestampValue": "A String", 1329 "dayOfWeekValue": "A String", 1330 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1331 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1332 # types are google.type.Date and `google.protobuf.Timestamp`. 1333 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1334 # to allow the value "24:00:00" for scenarios like business closing time. 1335 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1336 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1337 # allow the value 60 if it allows leap-seconds. 1338 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1339 }, 1340 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1341 # and time zone are either specified elsewhere or are not significant. The date 1342 # is relative to the Proleptic Gregorian Calendar. This can represent: 1343 # 1344 # * A full date, with non-zero year, month and day values 1345 # * A month and day value, with a zero year, e.g. an anniversary 1346 # * A year on its own, with zero month and day values 1347 # * A year and month value, with a zero day, e.g. a credit card expiration date 1348 # 1349 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1350 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1351 # a year. 1352 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1353 # if specifying a year by itself or a year and month where the day is not 1354 # significant. 1355 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1356 # month and day. 1357 }, 1358 "stringValue": "A String", 1359 "booleanValue": True or False, 1360 "integerValue": "A String", 1361 }, 1362 ], 1363 "topSensitiveValues": [ # Estimated frequencies of top sensitive values. 1364 { # A value of a field, including its frequency. 1365 "count": "A String", # How many times the value is contained in the field. 1366 "value": { # Set of primitive values supported by the system. # A value contained in the field in question. 1367 # Note that for the purposes of inspection or transformation, the number 1368 # of bytes considered to comprise a 'Value' is based on its representation 1369 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1370 # 123456789, the number of bytes would be counted as 9, even though an 1371 # int64 only holds up to 8 bytes of data. 1372 "floatValue": 3.14, 1373 "timestampValue": "A String", 1374 "dayOfWeekValue": "A String", 1375 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1376 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1377 # types are google.type.Date and `google.protobuf.Timestamp`. 1378 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1379 # to allow the value "24:00:00" for scenarios like business closing time. 1380 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1381 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1382 # allow the value 60 if it allows leap-seconds. 1383 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1384 }, 1385 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1386 # and time zone are either specified elsewhere or are not significant. The date 1387 # is relative to the Proleptic Gregorian Calendar. This can represent: 1388 # 1389 # * A full date, with non-zero year, month and day values 1390 # * A month and day value, with a zero year, e.g. an anniversary 1391 # * A year on its own, with zero month and day values 1392 # * A year and month value, with a zero day, e.g. a credit card expiration date 1393 # 1394 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1395 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1396 # a year. 1397 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1398 # if specifying a year by itself or a year and month where the day is not 1399 # significant. 1400 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1401 # month and day. 1402 }, 1403 "stringValue": "A String", 1404 "booleanValue": True or False, 1405 "integerValue": "A String", 1406 }, 1407 }, 1408 ], 1409 "equivalenceClassSize": "A String", # Size of the k-anonymity equivalence class. 1410 }, 1411 ], 1412 "bucketValueCount": "A String", # Total number of distinct equivalence classes in this bucket. 1413 "bucketSize": "A String", # Total number of equivalence classes in this bucket. 1414 "sensitiveValueFrequencyUpperBound": "A String", # Upper bound on the sensitive value frequencies of the equivalence 1415 # classes in this bucket. 1416 "sensitiveValueFrequencyLowerBound": "A String", # Lower bound on the sensitive value frequencies of the equivalence 1417 # classes in this bucket. 1418 }, 1419 ], 1420 }, 1421 "requestedPrivacyMetric": { # Privacy metric to compute for reidentification risk analysis. # Privacy metric to compute. 1422 "numericalStatsConfig": { # Compute numerical stats over an individual column, including 1423 # min, max, and quantiles. 1424 "field": { # General identifier of a data field in a storage service. # Field to compute numerical stats on. Supported types are 1425 # integer, float, date, datetime, timestamp, time. 1426 "name": "A String", # Name describing the field. 1427 }, 1428 }, 1429 "kMapEstimationConfig": { # Reidentifiability metric. This corresponds to a risk model similar to what 1430 # is called "journalist risk" in the literature, except the attack dataset is 1431 # statistically modeled instead of being perfectly known. This can be done 1432 # using publicly available data (like the US Census), or using a custom 1433 # statistical model (indicated as one or several BigQuery tables), or by 1434 # extrapolating from the distribution of values in the input dataset. 1435 # A column with a semantic tag attached. 1436 "regionCode": "A String", # ISO 3166-1 alpha-2 region code to use in the statistical modeling. 1437 # Required if no column is tagged with a region-specific InfoType (like 1438 # US_ZIP_5) or a region code. 1439 "quasiIds": [ # Fields considered to be quasi-identifiers. No two columns can have the 1440 # same tag. [required] 1441 { 1442 "field": { # General identifier of a data field in a storage service. # Identifies the column. [required] 1443 "name": "A String", # Name describing the field. 1444 }, 1445 "customTag": "A String", # A column can be tagged with a custom tag. In this case, the user must 1446 # indicate an auxiliary table that contains statistical information on 1447 # the possible values of this column (below). 1448 "infoType": { # Type of information detected by the API. # A column can be tagged with a InfoType to use the relevant public 1449 # dataset as a statistical model of population, if available. We 1450 # currently support US ZIP codes, region codes, ages and genders. 1451 # To programmatically obtain the list of supported InfoTypes, use 1452 # ListInfoTypes with the supported_by=RISK_ANALYSIS filter. 1453 "name": "A String", # Name of the information type. Either a name of your choosing when 1454 # creating a CustomInfoType, or one of the names listed 1455 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 1456 # a built-in type. InfoType names should conform to the pattern 1457 # [a-zA-Z0-9_]{1,64}. 1458 }, 1459 "inferred": { # A generic empty message that you can re-use to avoid defining duplicated # If no semantic tag is indicated, we infer the statistical model from 1460 # the distribution of values in the input data 1461 # empty messages in your APIs. A typical example is to use it as the request 1462 # or the response type of an API method. For instance: 1463 # 1464 # service Foo { 1465 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 1466 # } 1467 # 1468 # The JSON representation for `Empty` is empty JSON object `{}`. 1469 }, 1470 }, 1471 ], 1472 "auxiliaryTables": [ # Several auxiliary tables can be used in the analysis. Each custom_tag 1473 # used to tag a quasi-identifiers column must appear in exactly one column 1474 # of one auxiliary table. 1475 { # An auxiliary table contains statistical information on the relative 1476 # frequency of different quasi-identifiers values. It has one or several 1477 # quasi-identifiers columns, and one column that indicates the relative 1478 # frequency of each quasi-identifier tuple. 1479 # If a tuple is present in the data but not in the auxiliary table, the 1480 # corresponding relative frequency is assumed to be zero (and thus, the 1481 # tuple is highly reidentifiable). 1482 "relativeFrequency": { # General identifier of a data field in a storage service. # The relative frequency column must contain a floating-point number 1483 # between 0 and 1 (inclusive). Null values are assumed to be zero. 1484 # [required] 1485 "name": "A String", # Name describing the field. 1486 }, 1487 "quasiIds": [ # Quasi-identifier columns. [required] 1488 { # A quasi-identifier column has a custom_tag, used to know which column 1489 # in the data corresponds to which column in the statistical model. 1490 "field": { # General identifier of a data field in a storage service. 1491 "name": "A String", # Name describing the field. 1492 }, 1493 "customTag": "A String", 1494 }, 1495 ], 1496 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Auxiliary table location. [required] 1497 # identified by its project_id, dataset_id, and table_name. Within a query 1498 # a table is often referenced with a string in the format of: 1499 # `<project_id>:<dataset_id>.<table_id>` or 1500 # `<project_id>.<dataset_id>.<table_id>`. 1501 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 1502 # If omitted, project ID is inferred from the API call. 1503 "tableId": "A String", # Name of the table. 1504 "datasetId": "A String", # Dataset ID of the table. 1505 }, 1506 }, 1507 ], 1508 }, 1509 "lDiversityConfig": { # l-diversity metric, used for analysis of reidentification risk. 1510 "sensitiveAttribute": { # General identifier of a data field in a storage service. # Sensitive field for computing the l-value. 1511 "name": "A String", # Name describing the field. 1512 }, 1513 "quasiIds": [ # Set of quasi-identifiers indicating how equivalence classes are 1514 # defined for the l-diversity computation. When multiple fields are 1515 # specified, they are considered a single composite key. 1516 { # General identifier of a data field in a storage service. 1517 "name": "A String", # Name describing the field. 1518 }, 1519 ], 1520 }, 1521 "deltaPresenceEstimationConfig": { # δ-presence metric, used to estimate how likely it is for an attacker to 1522 # figure out that one given individual appears in a de-identified dataset. 1523 # Similarly to the k-map metric, we cannot compute δ-presence exactly without 1524 # knowing the attack dataset, so we use a statistical model instead. 1525 "regionCode": "A String", # ISO 3166-1 alpha-2 region code to use in the statistical modeling. 1526 # Required if no column is tagged with a region-specific InfoType (like 1527 # US_ZIP_5) or a region code. 1528 "quasiIds": [ # Fields considered to be quasi-identifiers. No two fields can have the 1529 # same tag. [required] 1530 { # A column with a semantic tag attached. 1531 "field": { # General identifier of a data field in a storage service. # Identifies the column. [required] 1532 "name": "A String", # Name describing the field. 1533 }, 1534 "customTag": "A String", # A column can be tagged with a custom tag. In this case, the user must 1535 # indicate an auxiliary table that contains statistical information on 1536 # the possible values of this column (below). 1537 "infoType": { # Type of information detected by the API. # A column can be tagged with a InfoType to use the relevant public 1538 # dataset as a statistical model of population, if available. We 1539 # currently support US ZIP codes, region codes, ages and genders. 1540 # To programmatically obtain the list of supported InfoTypes, use 1541 # ListInfoTypes with the supported_by=RISK_ANALYSIS filter. 1542 "name": "A String", # Name of the information type. Either a name of your choosing when 1543 # creating a CustomInfoType, or one of the names listed 1544 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 1545 # a built-in type. InfoType names should conform to the pattern 1546 # [a-zA-Z0-9_]{1,64}. 1547 }, 1548 "inferred": { # A generic empty message that you can re-use to avoid defining duplicated # If no semantic tag is indicated, we infer the statistical model from 1549 # the distribution of values in the input data 1550 # empty messages in your APIs. A typical example is to use it as the request 1551 # or the response type of an API method. For instance: 1552 # 1553 # service Foo { 1554 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 1555 # } 1556 # 1557 # The JSON representation for `Empty` is empty JSON object `{}`. 1558 }, 1559 }, 1560 ], 1561 "auxiliaryTables": [ # Several auxiliary tables can be used in the analysis. Each custom_tag 1562 # used to tag a quasi-identifiers field must appear in exactly one 1563 # field of one auxiliary table. 1564 { # An auxiliary table containing statistical information on the relative 1565 # frequency of different quasi-identifiers values. It has one or several 1566 # quasi-identifiers columns, and one column that indicates the relative 1567 # frequency of each quasi-identifier tuple. 1568 # If a tuple is present in the data but not in the auxiliary table, the 1569 # corresponding relative frequency is assumed to be zero (and thus, the 1570 # tuple is highly reidentifiable). 1571 "relativeFrequency": { # General identifier of a data field in a storage service. # The relative frequency column must contain a floating-point number 1572 # between 0 and 1 (inclusive). Null values are assumed to be zero. 1573 # [required] 1574 "name": "A String", # Name describing the field. 1575 }, 1576 "quasiIds": [ # Quasi-identifier columns. [required] 1577 { # A quasi-identifier column has a custom_tag, used to know which column 1578 # in the data corresponds to which column in the statistical model. 1579 "field": { # General identifier of a data field in a storage service. 1580 "name": "A String", # Name describing the field. 1581 }, 1582 "customTag": "A String", 1583 }, 1584 ], 1585 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Auxiliary table location. [required] 1586 # identified by its project_id, dataset_id, and table_name. Within a query 1587 # a table is often referenced with a string in the format of: 1588 # `<project_id>:<dataset_id>.<table_id>` or 1589 # `<project_id>.<dataset_id>.<table_id>`. 1590 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 1591 # If omitted, project ID is inferred from the API call. 1592 "tableId": "A String", # Name of the table. 1593 "datasetId": "A String", # Dataset ID of the table. 1594 }, 1595 }, 1596 ], 1597 }, 1598 "categoricalStatsConfig": { # Compute numerical stats over an individual column, including 1599 # number of distinct values and value count distribution. 1600 "field": { # General identifier of a data field in a storage service. # Field to compute categorical stats on. All column types are 1601 # supported except for arrays and structs. However, it may be more 1602 # informative to use NumericalStats when the field type is supported, 1603 # depending on the data. 1604 "name": "A String", # Name describing the field. 1605 }, 1606 }, 1607 "kAnonymityConfig": { # k-anonymity metric, used for analysis of reidentification risk. 1608 "entityId": { # An entity in a dataset is a field or set of fields that correspond to a # Optional message indicating that multiple rows might be associated to a 1609 # single individual. If the same entity_id is associated to multiple 1610 # quasi-identifier tuples over distinct rows, we consider the entire 1611 # collection of tuples as the composite quasi-identifier. This collection 1612 # is a multiset: the order in which the different tuples appear in the 1613 # dataset is ignored, but their frequency is taken into account. 1614 # 1615 # Important note: a maximum of 1000 rows can be associated to a single 1616 # entity ID. If more rows are associated with the same entity ID, some 1617 # might be ignored. 1618 # single person. For example, in medical records the `EntityId` might be a 1619 # patient identifier, or for financial records it might be an account 1620 # identifier. This message is used when generalizations or analysis must take 1621 # into account that multiple rows correspond to the same entity. 1622 "field": { # General identifier of a data field in a storage service. # Composite key indicating which field contains the entity identifier. 1623 "name": "A String", # Name describing the field. 1624 }, 1625 }, 1626 "quasiIds": [ # Set of fields to compute k-anonymity over. When multiple fields are 1627 # specified, they are considered a single composite key. Structs and 1628 # repeated data types are not supported; however, nested fields are 1629 # supported so long as they are not structs themselves or nested within 1630 # a repeated field. 1631 { # General identifier of a data field in a storage service. 1632 "name": "A String", # Name describing the field. 1633 }, 1634 ], 1635 }, 1636 }, 1637 "categoricalStatsResult": { # Result of the categorical stats computation. 1638 "valueFrequencyHistogramBuckets": [ # Histogram of value frequencies in the column. 1639 { 1640 "bucketValues": [ # Sample of value frequencies in this bucket. The total number of 1641 # values returned per bucket is capped at 20. 1642 { # A value of a field, including its frequency. 1643 "count": "A String", # How many times the value is contained in the field. 1644 "value": { # Set of primitive values supported by the system. # A value contained in the field in question. 1645 # Note that for the purposes of inspection or transformation, the number 1646 # of bytes considered to comprise a 'Value' is based on its representation 1647 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1648 # 123456789, the number of bytes would be counted as 9, even though an 1649 # int64 only holds up to 8 bytes of data. 1650 "floatValue": 3.14, 1651 "timestampValue": "A String", 1652 "dayOfWeekValue": "A String", 1653 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1654 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1655 # types are google.type.Date and `google.protobuf.Timestamp`. 1656 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1657 # to allow the value "24:00:00" for scenarios like business closing time. 1658 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1659 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1660 # allow the value 60 if it allows leap-seconds. 1661 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1662 }, 1663 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1664 # and time zone are either specified elsewhere or are not significant. The date 1665 # is relative to the Proleptic Gregorian Calendar. This can represent: 1666 # 1667 # * A full date, with non-zero year, month and day values 1668 # * A month and day value, with a zero year, e.g. an anniversary 1669 # * A year on its own, with zero month and day values 1670 # * A year and month value, with a zero day, e.g. a credit card expiration date 1671 # 1672 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1673 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1674 # a year. 1675 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1676 # if specifying a year by itself or a year and month where the day is not 1677 # significant. 1678 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1679 # month and day. 1680 }, 1681 "stringValue": "A String", 1682 "booleanValue": True or False, 1683 "integerValue": "A String", 1684 }, 1685 }, 1686 ], 1687 "bucketValueCount": "A String", # Total number of distinct values in this bucket. 1688 "valueFrequencyUpperBound": "A String", # Upper bound on the value frequency of the values in this bucket. 1689 "valueFrequencyLowerBound": "A String", # Lower bound on the value frequency of the values in this bucket. 1690 "bucketSize": "A String", # Total number of values in this bucket. 1691 }, 1692 ], 1693 }, 1694 "deltaPresenceEstimationResult": { # Result of the δ-presence computation. Note that these results are an 1695 # estimation, not exact values. 1696 "deltaPresenceEstimationHistogram": [ # The intervals [min_probability, max_probability) do not overlap. If a 1697 # value doesn't correspond to any such interval, the associated frequency 1698 # is zero. For example, the following records: 1699 # {min_probability: 0, max_probability: 0.1, frequency: 17} 1700 # {min_probability: 0.2, max_probability: 0.3, frequency: 42} 1701 # {min_probability: 0.3, max_probability: 0.4, frequency: 99} 1702 # mean that there are no record with an estimated probability in [0.1, 0.2) 1703 # nor larger or equal to 0.4. 1704 { # A DeltaPresenceEstimationHistogramBucket message with the following 1705 # values: 1706 # min_probability: 0.1 1707 # max_probability: 0.2 1708 # frequency: 42 1709 # means that there are 42 records for which δ is in [0.1, 0.2). An 1710 # important particular case is when min_probability = max_probability = 1: 1711 # then, every individual who shares this quasi-identifier combination is in 1712 # the dataset. 1713 "bucketValues": [ # Sample of quasi-identifier tuple values in this bucket. The total 1714 # number of classes returned per bucket is capped at 20. 1715 { # A tuple of values for the quasi-identifier columns. 1716 "quasiIdsValues": [ # The quasi-identifier values. 1717 { # Set of primitive values supported by the system. 1718 # Note that for the purposes of inspection or transformation, the number 1719 # of bytes considered to comprise a 'Value' is based on its representation 1720 # as a UTF-8 encoded string. For example, if 'integer_value' is set to 1721 # 123456789, the number of bytes would be counted as 9, even though an 1722 # int64 only holds up to 8 bytes of data. 1723 "floatValue": 3.14, 1724 "timestampValue": "A String", 1725 "dayOfWeekValue": "A String", 1726 "timeValue": { # Represents a time of day. The date and time zone are either not significant 1727 # or are specified elsewhere. An API may choose to allow leap seconds. Related 1728 # types are google.type.Date and `google.protobuf.Timestamp`. 1729 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose 1730 # to allow the value "24:00:00" for scenarios like business closing time. 1731 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. 1732 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may 1733 # allow the value 60 if it allows leap-seconds. 1734 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59. 1735 }, 1736 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day 1737 # and time zone are either specified elsewhere or are not significant. The date 1738 # is relative to the Proleptic Gregorian Calendar. This can represent: 1739 # 1740 # * A full date, with non-zero year, month and day values 1741 # * A month and day value, with a zero year, e.g. an anniversary 1742 # * A year on its own, with zero month and day values 1743 # * A year and month value, with a zero day, e.g. a credit card expiration date 1744 # 1745 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. 1746 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without 1747 # a year. 1748 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0 1749 # if specifying a year by itself or a year and month where the day is not 1750 # significant. 1751 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a 1752 # month and day. 1753 }, 1754 "stringValue": "A String", 1755 "booleanValue": True or False, 1756 "integerValue": "A String", 1757 }, 1758 ], 1759 "estimatedProbability": 3.14, # The estimated probability that a given individual sharing these 1760 # quasi-identifier values is in the dataset. This value, typically called 1761 # δ, is the ratio between the number of records in the dataset with these 1762 # quasi-identifier values, and the total number of individuals (inside 1763 # *and* outside the dataset) with these quasi-identifier values. 1764 # For example, if there are 15 individuals in the dataset who share the 1765 # same quasi-identifier values, and an estimated 100 people in the entire 1766 # population with these values, then δ is 0.15. 1767 }, 1768 ], 1769 "bucketValueCount": "A String", # Total number of distinct quasi-identifier tuple values in this bucket. 1770 "bucketSize": "A String", # Number of records within these probability bounds. 1771 "maxProbability": 3.14, # Always greater than or equal to min_probability. 1772 "minProbability": 3.14, # Between 0 and 1. 1773 }, 1774 ], 1775 }, 1776 "requestedSourceTable": { # Message defining the location of a BigQuery table. A table is uniquely # Input dataset to compute metrics over. 1777 # identified by its project_id, dataset_id, and table_name. Within a query 1778 # a table is often referenced with a string in the format of: 1779 # `<project_id>:<dataset_id>.<table_id>` or 1780 # `<project_id>.<dataset_id>.<table_id>`. 1781 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 1782 # If omitted, project ID is inferred from the API call. 1783 "tableId": "A String", # Name of the table. 1784 "datasetId": "A String", # Dataset ID of the table. 1785 }, 1786 }, 1787 "state": "A String", # State of a job. 1788 "jobTriggerName": "A String", # If created by a job trigger, the resource name of the trigger that 1789 # instantiated the job. 1790 "startTime": "A String", # Time when the job started. 1791 "endTime": "A String", # Time when the job finished. 1792 "type": "A String", # The type of job. 1793 "createTime": "A String", # Time when the job was created. 1794 }</pre> 1795</div> 1796 1797<div class="method"> 1798 <code class="details" id="create">create(parent, body, x__xgafv=None)</code> 1799 <pre>Creates a job trigger to run DLP actions such as scanning storage for 1800sensitive information on a set schedule. 1801See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. 1802 1803Args: 1804 parent: string, The parent resource name, for example projects/my-project-id. (required) 1805 body: object, The request body. (required) 1806 The object takes the form of: 1807 1808{ # Request message for CreateJobTrigger. 1809 "triggerId": "A String", # The trigger id can contain uppercase and lowercase letters, 1810 # numbers, and hyphens; that is, it must match the regular 1811 # expression: `[a-zA-Z\\d-_]+`. The maximum length is 100 1812 # characters. Can be empty to allow the system to generate one. 1813 "jobTrigger": { # Contains a configuration to make dlp api calls on a repeating basis. # The JobTrigger to create. 1814 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more. 1815 "status": "A String", # A status for this trigger. [required] 1816 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field. 1817 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated 1818 # errors may result in the JobTrigger automatically being paused. 1819 # Will return the last 100 errors. Whenever the JobTrigger is modified 1820 # this list will be cleared. Output only field. 1821 { # Details information about an error encountered during job execution or 1822 # the results of an unsuccessful activation of the JobTrigger. 1823 # Output only field. 1824 "timestamps": [ # The times the error occurred. 1825 "A String", 1826 ], 1827 "details": { # The `Status` type defines a logical error model that is suitable for 1828 # different programming environments, including REST APIs and RPC APIs. It is 1829 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 1830 # three pieces of data: error code, error message, and error details. 1831 # 1832 # You can find out more about this error model and how to work with it in the 1833 # [API Design Guide](https://cloud.google.com/apis/design/errors). 1834 "message": "A String", # A developer-facing error message, which should be in English. Any 1835 # user-facing error message should be localized and sent in the 1836 # google.rpc.Status.details field, or localized by the client. 1837 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 1838 "details": [ # A list of messages that carry the error details. There is a common set of 1839 # message types for APIs to use. 1840 { 1841 "a_key": "", # Properties of the object. Contains field @type with type URL. 1842 }, 1843 ], 1844 }, 1845 }, 1846 ], 1847 "displayName": "A String", # Display name (max 100 chars) 1848 "description": "A String", # User provided description (max 256 chars) 1849 "inspectJob": { 1850 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan. 1851 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification. 1852 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always 1853 # by project and namespace, however the namespace ID may be empty. 1854 # A partition ID identifies a grouping of entities. The grouping is always 1855 # by project and namespace, however the namespace ID may be empty. 1856 # 1857 # A partition ID contains several dimensions: 1858 # project ID and namespace ID. 1859 "projectId": "A String", # The ID of the project to which the entities belong. 1860 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong. 1861 }, 1862 "kind": { # A representation of a Datastore kind. # The kind to process. 1863 "name": "A String", # The name of the kind. 1864 }, 1865 }, 1866 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification. 1867 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip 1868 # inspection of entire columns which you know have no findings. 1869 { # General identifier of a data field in a storage service. 1870 "name": "A String", # Name describing the field. 1871 }, 1872 ], 1873 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the 1874 # rest of the rows are omitted. If not set, or if set to 0, all rows will be 1875 # scanned. Only one of rows_limit and rows_limit_percent can be specified. 1876 # Cannot be used in conjunction with TimespanConfig. 1877 "sampleMethod": "A String", 1878 "identifyingFields": [ # References to fields uniquely identifying rows within the table. 1879 # Nested fields in the format, like `person.birthdate.year`, are allowed. 1880 { # General identifier of a data field in a storage service. 1881 "name": "A String", # Name describing the field. 1882 }, 1883 ], 1884 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows 1885 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 1886 # 100 means no limit. Defaults to 0. Only one of rows_limit and 1887 # rows_limit_percent can be specified. Cannot be used in conjunction with 1888 # TimespanConfig. 1889 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference. 1890 # identified by its project_id, dataset_id, and table_name. Within a query 1891 # a table is often referenced with a string in the format of: 1892 # `<project_id>:<dataset_id>.<table_id>` or 1893 # `<project_id>.<dataset_id>.<table_id>`. 1894 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 1895 # If omitted, project ID is inferred from the API call. 1896 "tableId": "A String", # Name of the table. 1897 "datasetId": "A String", # Dataset ID of the table. 1898 }, 1899 }, 1900 "timespanConfig": { # Configuration of the timespan of the items to include in scanning. 1901 # Currently only supported when inspecting Google Cloud Storage and BigQuery. 1902 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items. 1903 # Used for data sources like Datastore or BigQuery. 1904 # If not specified for BigQuery, table last modification timestamp 1905 # is checked against given time span. 1906 # The valid data types of the timestamp field are: 1907 # for BigQuery - timestamp, date, datetime; 1908 # for Datastore - timestamp. 1909 # Datastore entity will be scanned if the timestamp property does not exist 1910 # or its value is empty or invalid. 1911 "name": "A String", # Name describing the field. 1912 }, 1913 "endTime": "A String", # Exclude files or rows newer than this value. 1914 # If set to zero, no upper time limit is applied. 1915 "startTime": "A String", # Exclude files or rows older than this value. 1916 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out 1917 # a valid start_time to avoid scanning files that have not been modified 1918 # since the last time the JobTrigger executed. This will be based on the 1919 # time of the execution of the last run of the JobTrigger. 1920 }, 1921 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification. 1922 # bucket. 1923 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger 1924 # than this value then the rest of the bytes are omitted. Only one 1925 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 1926 "sampleMethod": "A String", 1927 "fileSet": { # Set of files to scan. # The set of one or more files to scan. 1928 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format 1929 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed. 1930 # 1931 # If the url ends in a trailing slash, the bucket or directory represented 1932 # by the url will be scanned non-recursively (content in sub-directories 1933 # will not be scanned). This means that `gs://mybucket/` is equivalent to 1934 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to 1935 # `gs://mybucket/directory/*`. 1936 # 1937 # Exactly one of `url` or `regex_file_set` must be set. 1938 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or 1939 # `regex_file_set` must be set. 1940 # expressions are used to allow fine-grained control over which files in the 1941 # bucket to include. 1942 # 1943 # Included files are those that match at least one item in `include_regex` and 1944 # do not match any items in `exclude_regex`. Note that a file that matches 1945 # items from both lists will _not_ be included. For a match to occur, the 1946 # entire file path (i.e., everything in the url after the bucket name) must 1947 # match the regular expression. 1948 # 1949 # For example, given the input `{bucket_name: "mybucket", include_regex: 1950 # ["directory1/.*"], exclude_regex: 1951 # ["directory1/excluded.*"]}`: 1952 # 1953 # * `gs://mybucket/directory1/myfile` will be included 1954 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches 1955 # across `/`) 1956 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the 1957 # full path doesn't match any items in `include_regex`) 1958 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path 1959 # matches an item in `exclude_regex`) 1960 # 1961 # If `include_regex` is left empty, it will match all files by default 1962 # (this is equivalent to setting `include_regex: [".*"]`). 1963 # 1964 # Some other common use cases: 1965 # 1966 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all 1967 # files in `mybucket` except for .pdf files 1968 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will 1969 # include all files directly under `gs://mybucket/directory/`, without matching 1970 # across `/` 1971 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in 1972 # the bucket that match at least one of these regular expressions will be 1973 # excluded from the scan. 1974 # 1975 # Regular expressions use RE2 1976 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 1977 # under the google/re2 repository on GitHub. 1978 "A String", 1979 ], 1980 "bucketName": "A String", # The name of a Cloud Storage bucket. Required. 1981 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in 1982 # the bucket that match at least one of these regular expressions will be 1983 # included in the set of files, except for those that also match an item in 1984 # `exclude_regex`. Leaving this field empty will match all files by default 1985 # (this is equivalent to including `.*` in the list). 1986 # 1987 # Regular expressions use RE2 1988 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 1989 # under the google/re2 repository on GitHub. 1990 "A String", 1991 ], 1992 }, 1993 }, 1994 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The 1995 # number of bytes scanned is rounded down. Must be between 0 and 100, 1996 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one 1997 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 1998 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet. 1999 # Number of files scanned is rounded down. Must be between 0 and 100, 2000 # inclusively. Both 0 and 100 means no limit. Defaults to 0. 2001 "fileTypes": [ # List of file type groups to include in the scan. 2002 # If empty, all files are scanned and available data format processors 2003 # are applied. In addition, the binary content of the selected files 2004 # is always scanned as well. 2005 "A String", 2006 ], 2007 }, 2008 }, 2009 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for. 2010 # When used with redactContent only info_types and min_likelihood are currently 2011 # used. 2012 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 2013 "limits": { 2014 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 2015 # When set within `InspectContentRequest`, the maximum returned is 2000 2016 # regardless if this is set higher. 2017 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 2018 { # Max findings configuration per infoType, per content item or long 2019 # running DlpJob. 2020 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 2021 # info_type should be provided. If InfoTypeLimit does not have an 2022 # info_type, the DLP API applies the limit against all info_types that 2023 # are found but not specified in another InfoTypeLimit. 2024 "name": "A String", # Name of the information type. Either a name of your choosing when 2025 # creating a CustomInfoType, or one of the names listed 2026 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2027 # a built-in type. InfoType names should conform to the pattern 2028 # [a-zA-Z0-9_]{1,64}. 2029 }, 2030 "maxFindings": 42, # Max findings limit for the given infoType. 2031 }, 2032 ], 2033 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 2034 # When set within `InspectDataSourceRequest`, 2035 # the maximum returned is 2000 regardless if this is set higher. 2036 # When set within `InspectContentRequest`, this field is ignored. 2037 }, 2038 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 2039 # POSSIBLE. 2040 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 2041 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 2042 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 2043 { # Custom information type provided by the user. Used to find domain-specific 2044 # sensitive information configurable to the data in question. 2045 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 2046 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2047 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2048 # google/re2 repository on GitHub. 2049 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2050 # specified, the entire match is returned. No more than 3 may be included. 2051 42, 2052 ], 2053 }, 2054 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 2055 # support reversing. 2056 # such as 2057 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 2058 # These types of transformations are 2059 # those that perform pseudonymization, thereby producing a "surrogate" as 2060 # output. This should be used in conjunction with a field on the 2061 # transformation such as `surrogate_info_type`. This CustomInfoType does 2062 # not support the use of `detection_rules`. 2063 }, 2064 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 2065 # infoType, when the name matches one of existing infoTypes and that infoType 2066 # is specified in `InspectContent.info_types` field. Specifying the latter 2067 # adds findings to the one detected by the system. If built-in info type is 2068 # not specified in `InspectContent.info_types` list then the name is treated 2069 # as a custom info type. 2070 "name": "A String", # Name of the information type. Either a name of your choosing when 2071 # creating a CustomInfoType, or one of the names listed 2072 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2073 # a built-in type. InfoType names should conform to the pattern 2074 # [a-zA-Z0-9_]{1,64}. 2075 }, 2076 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 2077 # be used to match sensitive information specific to the data, such as a list 2078 # of employee IDs or job titles. 2079 # 2080 # Dictionary words are case-insensitive and all characters other than letters 2081 # and digits in the unicode [Basic Multilingual 2082 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 2083 # will be replaced with whitespace when scanning for matches, so the 2084 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 2085 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 2086 # surrounding any match must be of a different type than the adjacent 2087 # characters within the word, so letters must be next to non-letters and 2088 # digits next to non-digits. For example, the dictionary word "jen" will 2089 # match the first three letters of the text "jen123" but will return no 2090 # matches for "jennifer". 2091 # 2092 # Dictionary words containing a large number of characters that are not 2093 # letters or digits may result in unexpected findings because such characters 2094 # are treated as whitespace. The 2095 # [limits](https://cloud.google.com/dlp/limits) page contains details about 2096 # the size limits of dictionaries. For dictionaries that do not fit within 2097 # these constraints, consider using `LargeCustomDictionaryConfig` in the 2098 # `StoredInfoType` API. 2099 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 2100 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 2101 # at least one phrase and every phrase must contain at least 2 characters 2102 # that are letters or digits. [required] 2103 "A String", 2104 ], 2105 }, 2106 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 2107 # is accepted. 2108 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 2109 # Example: gs://[BUCKET_NAME]/dictionary.txt 2110 }, 2111 }, 2112 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 2113 # `InspectDataSource`. Not currently supported in `InspectContent`. 2114 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 2115 # `organizations/433245324/storedInfoTypes/432452342` or 2116 # `projects/project-id/storedInfoTypes/432452342`. 2117 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 2118 # inspection was created. Output-only field, populated by the system. 2119 }, 2120 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 2121 # Rules are applied in order that they are specified. Not supported for the 2122 # `surrogate_type` CustomInfoType. 2123 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 2124 # `CustomInfoType` to alter behavior under certain circumstances, depending 2125 # on the specific details of the rule. Not supported for the `surrogate_type` 2126 # custom infoType. 2127 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 2128 # proximity of hotwords. 2129 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 2130 # The total length of the window cannot exceed 1000 characters. Note that 2131 # the finding itself will be included in the window, so that hotwords may 2132 # be used to match substrings of the finding itself. For example, the 2133 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 2134 # adjusted upwards if the area code is known to be the local area code of 2135 # a company office using the hotword regex "\(xxx\)", where "xxx" 2136 # is the area code in question. 2137 # rule. 2138 "windowAfter": 42, # Number of characters after the finding to consider. 2139 "windowBefore": 42, # Number of characters before the finding to consider. 2140 }, 2141 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 2142 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2143 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2144 # google/re2 repository on GitHub. 2145 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2146 # specified, the entire match is returned. No more than 3 may be included. 2147 42, 2148 ], 2149 }, 2150 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 2151 # part of a detection rule. 2152 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 2153 # levels. For example, if a finding would be `POSSIBLE` without the 2154 # detection rule and `relative_likelihood` is 1, then it is upgraded to 2155 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 2156 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 2157 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 2158 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 2159 # a final likelihood of `LIKELY`. 2160 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 2161 }, 2162 }, 2163 }, 2164 ], 2165 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 2166 # to be returned. It still can be used for rules matching. 2167 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 2168 # altered by a detection rule if the finding meets the criteria specified by 2169 # the rule. Defaults to `VERY_LIKELY` if not specified. 2170 }, 2171 ], 2172 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 2173 # included in the response; see Finding.quote. 2174 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 2175 # Exclusion rules, contained in the set are executed in the end, other 2176 # rules are executed in the order they are specified for each info type. 2177 { # Rule set for modifying a set of infoTypes to alter behavior under certain 2178 # circumstances, depending on the specific details of the rules within the set. 2179 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 2180 { # A single inspection rule to be applied to infoTypes, specified in 2181 # `InspectionRuleSet`. 2182 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 2183 # proximity of hotwords. 2184 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 2185 # The total length of the window cannot exceed 1000 characters. Note that 2186 # the finding itself will be included in the window, so that hotwords may 2187 # be used to match substrings of the finding itself. For example, the 2188 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 2189 # adjusted upwards if the area code is known to be the local area code of 2190 # a company office using the hotword regex "\(xxx\)", where "xxx" 2191 # is the area code in question. 2192 # rule. 2193 "windowAfter": 42, # Number of characters after the finding to consider. 2194 "windowBefore": 42, # Number of characters before the finding to consider. 2195 }, 2196 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 2197 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2198 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2199 # google/re2 repository on GitHub. 2200 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2201 # specified, the entire match is returned. No more than 3 may be included. 2202 42, 2203 ], 2204 }, 2205 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 2206 # part of a detection rule. 2207 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 2208 # levels. For example, if a finding would be `POSSIBLE` without the 2209 # detection rule and `relative_likelihood` is 1, then it is upgraded to 2210 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 2211 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 2212 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 2213 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 2214 # a final likelihood of `LIKELY`. 2215 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 2216 }, 2217 }, 2218 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 2219 # `InspectionRuleSet` are removed from results. 2220 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 2221 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2222 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2223 # google/re2 repository on GitHub. 2224 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2225 # specified, the entire match is returned. No more than 3 may be included. 2226 42, 2227 ], 2228 }, 2229 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 2230 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 2231 # contained within with a finding of an infoType from this list. For 2232 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 2233 # `exclusion_rule` containing `exclude_info_types.info_types` with 2234 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 2235 # with EMAIL_ADDRESS finding. 2236 # That leads to "555-222-2222@example.org" to generate only a single 2237 # finding, namely email address. 2238 { # Type of information detected by the API. 2239 "name": "A String", # Name of the information type. Either a name of your choosing when 2240 # creating a CustomInfoType, or one of the names listed 2241 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2242 # a built-in type. InfoType names should conform to the pattern 2243 # [a-zA-Z0-9_]{1,64}. 2244 }, 2245 ], 2246 }, 2247 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 2248 # be used to match sensitive information specific to the data, such as a list 2249 # of employee IDs or job titles. 2250 # 2251 # Dictionary words are case-insensitive and all characters other than letters 2252 # and digits in the unicode [Basic Multilingual 2253 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 2254 # will be replaced with whitespace when scanning for matches, so the 2255 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 2256 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 2257 # surrounding any match must be of a different type than the adjacent 2258 # characters within the word, so letters must be next to non-letters and 2259 # digits next to non-digits. For example, the dictionary word "jen" will 2260 # match the first three letters of the text "jen123" but will return no 2261 # matches for "jennifer". 2262 # 2263 # Dictionary words containing a large number of characters that are not 2264 # letters or digits may result in unexpected findings because such characters 2265 # are treated as whitespace. The 2266 # [limits](https://cloud.google.com/dlp/limits) page contains details about 2267 # the size limits of dictionaries. For dictionaries that do not fit within 2268 # these constraints, consider using `LargeCustomDictionaryConfig` in the 2269 # `StoredInfoType` API. 2270 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 2271 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 2272 # at least one phrase and every phrase must contain at least 2 characters 2273 # that are letters or digits. [required] 2274 "A String", 2275 ], 2276 }, 2277 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 2278 # is accepted. 2279 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 2280 # Example: gs://[BUCKET_NAME]/dictionary.txt 2281 }, 2282 }, 2283 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 2284 }, 2285 }, 2286 ], 2287 "infoTypes": [ # List of infoTypes this rule set is applied to. 2288 { # Type of information detected by the API. 2289 "name": "A String", # Name of the information type. Either a name of your choosing when 2290 # creating a CustomInfoType, or one of the names listed 2291 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2292 # a built-in type. InfoType names should conform to the pattern 2293 # [a-zA-Z0-9_]{1,64}. 2294 }, 2295 ], 2296 }, 2297 ], 2298 "contentOptions": [ # List of options defining data content to scan. 2299 # If empty, text, images, and other content will be included. 2300 "A String", 2301 ], 2302 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 2303 # InfoType values returned by ListInfoTypes or listed at 2304 # https://cloud.google.com/dlp/docs/infotypes-reference. 2305 # 2306 # When no InfoTypes or CustomInfoTypes are specified in a request, the 2307 # system may automatically choose what detectors to run. By default this may 2308 # be all types, but may change over time as detectors are updated. 2309 # 2310 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 2311 # but may change over time as new InfoTypes are added. If you need precise 2312 # control and predictability as to what detectors are run you should specify 2313 # specific InfoTypes listed in the reference. 2314 { # Type of information detected by the API. 2315 "name": "A String", # Name of the information type. Either a name of your choosing when 2316 # creating a CustomInfoType, or one of the names listed 2317 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2318 # a built-in type. InfoType names should conform to the pattern 2319 # [a-zA-Z0-9_]{1,64}. 2320 }, 2321 ], 2322 }, 2323 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig. 2324 # `inspect_config` will be merged into the values persisted as part of the 2325 # template. 2326 "actions": [ # Actions to execute at the completion of the job. 2327 { # A task to execute on the completion of a job. 2328 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more. 2329 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location. 2330 # OutputStorageConfig. Only a single instance of this action can be 2331 # specified. 2332 # Compatible with: Inspect, Risk 2333 "outputConfig": { # Cloud repository for storing output. 2334 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing 2335 # dataset. If table_id is not set a new one will be generated 2336 # for you with the following format: 2337 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for 2338 # generating the date details. 2339 # 2340 # For Inspect, each column in an existing output table must have the same 2341 # name, type, and mode of a field in the `Finding` object. 2342 # 2343 # For Risk, an existing output table should be the output of a previous 2344 # Risk analysis job run on the same source table, with the same privacy 2345 # metric and quasi-identifiers. Risk jobs that analyze the same table but 2346 # compute a different privacy metric, or use different sets of 2347 # quasi-identifiers, cannot store their results in the same table. 2348 # identified by its project_id, dataset_id, and table_name. Within a query 2349 # a table is often referenced with a string in the format of: 2350 # `<project_id>:<dataset_id>.<table_id>` or 2351 # `<project_id>.<dataset_id>.<table_id>`. 2352 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 2353 # If omitted, project ID is inferred from the API call. 2354 "tableId": "A String", # Name of the table. 2355 "datasetId": "A String", # Dataset ID of the table. 2356 }, 2357 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only 2358 # used for Inspect and must be unspecified for Risk jobs. Columns are derived 2359 # from the `Finding` object. If appending to an existing table, any columns 2360 # from the predefined schema that are missing will be added. No columns in 2361 # the existing table will be deleted. 2362 # 2363 # If unspecified, then all available columns will be used for a new table or 2364 # an (existing) table with no schema, and no changes will be made to an 2365 # existing table that has a schema. 2366 }, 2367 }, 2368 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's 2369 # completion/failure. 2370 # completion/failure. 2371 }, 2372 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha). 2373 # Command Center (CSCC Alpha). 2374 # This action is only available for projects which are parts of 2375 # an organization and whitelisted for the alpha Cloud Security Command 2376 # Center. 2377 # The action will publish count of finding instances and their info types. 2378 # The summary of findings will be persisted in CSCC and are governed by CSCC 2379 # service-specific policy, see https://cloud.google.com/terms/service-terms 2380 # Only a single instance of this action can be specified. 2381 # Compatible with: Inspect 2382 }, 2383 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic. 2384 # message contains a single field, `DlpJobName`, which is equal to the 2385 # finished job's 2386 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). 2387 # Compatible with: Inspect, Risk 2388 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given 2389 # publishing access rights to the DLP API service account executing 2390 # the long running DlpJob sending the notifications. 2391 # Format is projects/{project}/topics/{topic}. 2392 }, 2393 }, 2394 ], 2395 }, 2396 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list 2397 # needs to trigger for a job to be started. The list may contain only 2398 # a single Schedule trigger and must have at least one object. 2399 { # What event needs to occur for a new job to be started. 2400 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time. 2401 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For 2402 # example: every day (86400 seconds). 2403 # 2404 # A scheduled start time will be skipped if the previous 2405 # execution has not ended when its scheduled time occurs. 2406 # 2407 # This value must be set to a time duration greater than or equal 2408 # to 1 day and can be no longer than 60 days. 2409 }, 2410 }, 2411 ], 2412 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field. 2413 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field. 2414 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the 2415 # triggeredJob is created, for example 2416 # `projects/dlp-test-project/triggeredJobs/53234423`. 2417 }, 2418 } 2419 2420 x__xgafv: string, V1 error format. 2421 Allowed values 2422 1 - v1 error format 2423 2 - v2 error format 2424 2425Returns: 2426 An object of the form: 2427 2428 { # Contains a configuration to make dlp api calls on a repeating basis. 2429 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more. 2430 "status": "A String", # A status for this trigger. [required] 2431 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field. 2432 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated 2433 # errors may result in the JobTrigger automatically being paused. 2434 # Will return the last 100 errors. Whenever the JobTrigger is modified 2435 # this list will be cleared. Output only field. 2436 { # Details information about an error encountered during job execution or 2437 # the results of an unsuccessful activation of the JobTrigger. 2438 # Output only field. 2439 "timestamps": [ # The times the error occurred. 2440 "A String", 2441 ], 2442 "details": { # The `Status` type defines a logical error model that is suitable for 2443 # different programming environments, including REST APIs and RPC APIs. It is 2444 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 2445 # three pieces of data: error code, error message, and error details. 2446 # 2447 # You can find out more about this error model and how to work with it in the 2448 # [API Design Guide](https://cloud.google.com/apis/design/errors). 2449 "message": "A String", # A developer-facing error message, which should be in English. Any 2450 # user-facing error message should be localized and sent in the 2451 # google.rpc.Status.details field, or localized by the client. 2452 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 2453 "details": [ # A list of messages that carry the error details. There is a common set of 2454 # message types for APIs to use. 2455 { 2456 "a_key": "", # Properties of the object. Contains field @type with type URL. 2457 }, 2458 ], 2459 }, 2460 }, 2461 ], 2462 "displayName": "A String", # Display name (max 100 chars) 2463 "description": "A String", # User provided description (max 256 chars) 2464 "inspectJob": { 2465 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan. 2466 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification. 2467 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always 2468 # by project and namespace, however the namespace ID may be empty. 2469 # A partition ID identifies a grouping of entities. The grouping is always 2470 # by project and namespace, however the namespace ID may be empty. 2471 # 2472 # A partition ID contains several dimensions: 2473 # project ID and namespace ID. 2474 "projectId": "A String", # The ID of the project to which the entities belong. 2475 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong. 2476 }, 2477 "kind": { # A representation of a Datastore kind. # The kind to process. 2478 "name": "A String", # The name of the kind. 2479 }, 2480 }, 2481 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification. 2482 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip 2483 # inspection of entire columns which you know have no findings. 2484 { # General identifier of a data field in a storage service. 2485 "name": "A String", # Name describing the field. 2486 }, 2487 ], 2488 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the 2489 # rest of the rows are omitted. If not set, or if set to 0, all rows will be 2490 # scanned. Only one of rows_limit and rows_limit_percent can be specified. 2491 # Cannot be used in conjunction with TimespanConfig. 2492 "sampleMethod": "A String", 2493 "identifyingFields": [ # References to fields uniquely identifying rows within the table. 2494 # Nested fields in the format, like `person.birthdate.year`, are allowed. 2495 { # General identifier of a data field in a storage service. 2496 "name": "A String", # Name describing the field. 2497 }, 2498 ], 2499 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows 2500 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 2501 # 100 means no limit. Defaults to 0. Only one of rows_limit and 2502 # rows_limit_percent can be specified. Cannot be used in conjunction with 2503 # TimespanConfig. 2504 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference. 2505 # identified by its project_id, dataset_id, and table_name. Within a query 2506 # a table is often referenced with a string in the format of: 2507 # `<project_id>:<dataset_id>.<table_id>` or 2508 # `<project_id>.<dataset_id>.<table_id>`. 2509 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 2510 # If omitted, project ID is inferred from the API call. 2511 "tableId": "A String", # Name of the table. 2512 "datasetId": "A String", # Dataset ID of the table. 2513 }, 2514 }, 2515 "timespanConfig": { # Configuration of the timespan of the items to include in scanning. 2516 # Currently only supported when inspecting Google Cloud Storage and BigQuery. 2517 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items. 2518 # Used for data sources like Datastore or BigQuery. 2519 # If not specified for BigQuery, table last modification timestamp 2520 # is checked against given time span. 2521 # The valid data types of the timestamp field are: 2522 # for BigQuery - timestamp, date, datetime; 2523 # for Datastore - timestamp. 2524 # Datastore entity will be scanned if the timestamp property does not exist 2525 # or its value is empty or invalid. 2526 "name": "A String", # Name describing the field. 2527 }, 2528 "endTime": "A String", # Exclude files or rows newer than this value. 2529 # If set to zero, no upper time limit is applied. 2530 "startTime": "A String", # Exclude files or rows older than this value. 2531 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out 2532 # a valid start_time to avoid scanning files that have not been modified 2533 # since the last time the JobTrigger executed. This will be based on the 2534 # time of the execution of the last run of the JobTrigger. 2535 }, 2536 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification. 2537 # bucket. 2538 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger 2539 # than this value then the rest of the bytes are omitted. Only one 2540 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 2541 "sampleMethod": "A String", 2542 "fileSet": { # Set of files to scan. # The set of one or more files to scan. 2543 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format 2544 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed. 2545 # 2546 # If the url ends in a trailing slash, the bucket or directory represented 2547 # by the url will be scanned non-recursively (content in sub-directories 2548 # will not be scanned). This means that `gs://mybucket/` is equivalent to 2549 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to 2550 # `gs://mybucket/directory/*`. 2551 # 2552 # Exactly one of `url` or `regex_file_set` must be set. 2553 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or 2554 # `regex_file_set` must be set. 2555 # expressions are used to allow fine-grained control over which files in the 2556 # bucket to include. 2557 # 2558 # Included files are those that match at least one item in `include_regex` and 2559 # do not match any items in `exclude_regex`. Note that a file that matches 2560 # items from both lists will _not_ be included. For a match to occur, the 2561 # entire file path (i.e., everything in the url after the bucket name) must 2562 # match the regular expression. 2563 # 2564 # For example, given the input `{bucket_name: "mybucket", include_regex: 2565 # ["directory1/.*"], exclude_regex: 2566 # ["directory1/excluded.*"]}`: 2567 # 2568 # * `gs://mybucket/directory1/myfile` will be included 2569 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches 2570 # across `/`) 2571 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the 2572 # full path doesn't match any items in `include_regex`) 2573 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path 2574 # matches an item in `exclude_regex`) 2575 # 2576 # If `include_regex` is left empty, it will match all files by default 2577 # (this is equivalent to setting `include_regex: [".*"]`). 2578 # 2579 # Some other common use cases: 2580 # 2581 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all 2582 # files in `mybucket` except for .pdf files 2583 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will 2584 # include all files directly under `gs://mybucket/directory/`, without matching 2585 # across `/` 2586 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in 2587 # the bucket that match at least one of these regular expressions will be 2588 # excluded from the scan. 2589 # 2590 # Regular expressions use RE2 2591 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 2592 # under the google/re2 repository on GitHub. 2593 "A String", 2594 ], 2595 "bucketName": "A String", # The name of a Cloud Storage bucket. Required. 2596 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in 2597 # the bucket that match at least one of these regular expressions will be 2598 # included in the set of files, except for those that also match an item in 2599 # `exclude_regex`. Leaving this field empty will match all files by default 2600 # (this is equivalent to including `.*` in the list). 2601 # 2602 # Regular expressions use RE2 2603 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 2604 # under the google/re2 repository on GitHub. 2605 "A String", 2606 ], 2607 }, 2608 }, 2609 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The 2610 # number of bytes scanned is rounded down. Must be between 0 and 100, 2611 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one 2612 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 2613 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet. 2614 # Number of files scanned is rounded down. Must be between 0 and 100, 2615 # inclusively. Both 0 and 100 means no limit. Defaults to 0. 2616 "fileTypes": [ # List of file type groups to include in the scan. 2617 # If empty, all files are scanned and available data format processors 2618 # are applied. In addition, the binary content of the selected files 2619 # is always scanned as well. 2620 "A String", 2621 ], 2622 }, 2623 }, 2624 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for. 2625 # When used with redactContent only info_types and min_likelihood are currently 2626 # used. 2627 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 2628 "limits": { 2629 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 2630 # When set within `InspectContentRequest`, the maximum returned is 2000 2631 # regardless if this is set higher. 2632 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 2633 { # Max findings configuration per infoType, per content item or long 2634 # running DlpJob. 2635 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 2636 # info_type should be provided. If InfoTypeLimit does not have an 2637 # info_type, the DLP API applies the limit against all info_types that 2638 # are found but not specified in another InfoTypeLimit. 2639 "name": "A String", # Name of the information type. Either a name of your choosing when 2640 # creating a CustomInfoType, or one of the names listed 2641 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2642 # a built-in type. InfoType names should conform to the pattern 2643 # [a-zA-Z0-9_]{1,64}. 2644 }, 2645 "maxFindings": 42, # Max findings limit for the given infoType. 2646 }, 2647 ], 2648 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 2649 # When set within `InspectDataSourceRequest`, 2650 # the maximum returned is 2000 regardless if this is set higher. 2651 # When set within `InspectContentRequest`, this field is ignored. 2652 }, 2653 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 2654 # POSSIBLE. 2655 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 2656 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 2657 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 2658 { # Custom information type provided by the user. Used to find domain-specific 2659 # sensitive information configurable to the data in question. 2660 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 2661 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2662 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2663 # google/re2 repository on GitHub. 2664 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2665 # specified, the entire match is returned. No more than 3 may be included. 2666 42, 2667 ], 2668 }, 2669 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 2670 # support reversing. 2671 # such as 2672 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 2673 # These types of transformations are 2674 # those that perform pseudonymization, thereby producing a "surrogate" as 2675 # output. This should be used in conjunction with a field on the 2676 # transformation such as `surrogate_info_type`. This CustomInfoType does 2677 # not support the use of `detection_rules`. 2678 }, 2679 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 2680 # infoType, when the name matches one of existing infoTypes and that infoType 2681 # is specified in `InspectContent.info_types` field. Specifying the latter 2682 # adds findings to the one detected by the system. If built-in info type is 2683 # not specified in `InspectContent.info_types` list then the name is treated 2684 # as a custom info type. 2685 "name": "A String", # Name of the information type. Either a name of your choosing when 2686 # creating a CustomInfoType, or one of the names listed 2687 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2688 # a built-in type. InfoType names should conform to the pattern 2689 # [a-zA-Z0-9_]{1,64}. 2690 }, 2691 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 2692 # be used to match sensitive information specific to the data, such as a list 2693 # of employee IDs or job titles. 2694 # 2695 # Dictionary words are case-insensitive and all characters other than letters 2696 # and digits in the unicode [Basic Multilingual 2697 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 2698 # will be replaced with whitespace when scanning for matches, so the 2699 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 2700 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 2701 # surrounding any match must be of a different type than the adjacent 2702 # characters within the word, so letters must be next to non-letters and 2703 # digits next to non-digits. For example, the dictionary word "jen" will 2704 # match the first three letters of the text "jen123" but will return no 2705 # matches for "jennifer". 2706 # 2707 # Dictionary words containing a large number of characters that are not 2708 # letters or digits may result in unexpected findings because such characters 2709 # are treated as whitespace. The 2710 # [limits](https://cloud.google.com/dlp/limits) page contains details about 2711 # the size limits of dictionaries. For dictionaries that do not fit within 2712 # these constraints, consider using `LargeCustomDictionaryConfig` in the 2713 # `StoredInfoType` API. 2714 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 2715 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 2716 # at least one phrase and every phrase must contain at least 2 characters 2717 # that are letters or digits. [required] 2718 "A String", 2719 ], 2720 }, 2721 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 2722 # is accepted. 2723 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 2724 # Example: gs://[BUCKET_NAME]/dictionary.txt 2725 }, 2726 }, 2727 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 2728 # `InspectDataSource`. Not currently supported in `InspectContent`. 2729 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 2730 # `organizations/433245324/storedInfoTypes/432452342` or 2731 # `projects/project-id/storedInfoTypes/432452342`. 2732 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 2733 # inspection was created. Output-only field, populated by the system. 2734 }, 2735 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 2736 # Rules are applied in order that they are specified. Not supported for the 2737 # `surrogate_type` CustomInfoType. 2738 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 2739 # `CustomInfoType` to alter behavior under certain circumstances, depending 2740 # on the specific details of the rule. Not supported for the `surrogate_type` 2741 # custom infoType. 2742 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 2743 # proximity of hotwords. 2744 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 2745 # The total length of the window cannot exceed 1000 characters. Note that 2746 # the finding itself will be included in the window, so that hotwords may 2747 # be used to match substrings of the finding itself. For example, the 2748 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 2749 # adjusted upwards if the area code is known to be the local area code of 2750 # a company office using the hotword regex "\(xxx\)", where "xxx" 2751 # is the area code in question. 2752 # rule. 2753 "windowAfter": 42, # Number of characters after the finding to consider. 2754 "windowBefore": 42, # Number of characters before the finding to consider. 2755 }, 2756 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 2757 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2758 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2759 # google/re2 repository on GitHub. 2760 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2761 # specified, the entire match is returned. No more than 3 may be included. 2762 42, 2763 ], 2764 }, 2765 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 2766 # part of a detection rule. 2767 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 2768 # levels. For example, if a finding would be `POSSIBLE` without the 2769 # detection rule and `relative_likelihood` is 1, then it is upgraded to 2770 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 2771 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 2772 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 2773 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 2774 # a final likelihood of `LIKELY`. 2775 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 2776 }, 2777 }, 2778 }, 2779 ], 2780 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 2781 # to be returned. It still can be used for rules matching. 2782 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 2783 # altered by a detection rule if the finding meets the criteria specified by 2784 # the rule. Defaults to `VERY_LIKELY` if not specified. 2785 }, 2786 ], 2787 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 2788 # included in the response; see Finding.quote. 2789 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 2790 # Exclusion rules, contained in the set are executed in the end, other 2791 # rules are executed in the order they are specified for each info type. 2792 { # Rule set for modifying a set of infoTypes to alter behavior under certain 2793 # circumstances, depending on the specific details of the rules within the set. 2794 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 2795 { # A single inspection rule to be applied to infoTypes, specified in 2796 # `InspectionRuleSet`. 2797 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 2798 # proximity of hotwords. 2799 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 2800 # The total length of the window cannot exceed 1000 characters. Note that 2801 # the finding itself will be included in the window, so that hotwords may 2802 # be used to match substrings of the finding itself. For example, the 2803 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 2804 # adjusted upwards if the area code is known to be the local area code of 2805 # a company office using the hotword regex "\(xxx\)", where "xxx" 2806 # is the area code in question. 2807 # rule. 2808 "windowAfter": 42, # Number of characters after the finding to consider. 2809 "windowBefore": 42, # Number of characters before the finding to consider. 2810 }, 2811 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 2812 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2813 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2814 # google/re2 repository on GitHub. 2815 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2816 # specified, the entire match is returned. No more than 3 may be included. 2817 42, 2818 ], 2819 }, 2820 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 2821 # part of a detection rule. 2822 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 2823 # levels. For example, if a finding would be `POSSIBLE` without the 2824 # detection rule and `relative_likelihood` is 1, then it is upgraded to 2825 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 2826 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 2827 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 2828 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 2829 # a final likelihood of `LIKELY`. 2830 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 2831 }, 2832 }, 2833 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 2834 # `InspectionRuleSet` are removed from results. 2835 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 2836 "pattern": "A String", # Pattern defining the regular expression. Its syntax 2837 # (https://github.com/google/re2/wiki/Syntax) can be found under the 2838 # google/re2 repository on GitHub. 2839 "groupIndexes": [ # The index of the submatch to extract as findings. When not 2840 # specified, the entire match is returned. No more than 3 may be included. 2841 42, 2842 ], 2843 }, 2844 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 2845 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 2846 # contained within with a finding of an infoType from this list. For 2847 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 2848 # `exclusion_rule` containing `exclude_info_types.info_types` with 2849 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 2850 # with EMAIL_ADDRESS finding. 2851 # That leads to "555-222-2222@example.org" to generate only a single 2852 # finding, namely email address. 2853 { # Type of information detected by the API. 2854 "name": "A String", # Name of the information type. Either a name of your choosing when 2855 # creating a CustomInfoType, or one of the names listed 2856 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2857 # a built-in type. InfoType names should conform to the pattern 2858 # [a-zA-Z0-9_]{1,64}. 2859 }, 2860 ], 2861 }, 2862 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 2863 # be used to match sensitive information specific to the data, such as a list 2864 # of employee IDs or job titles. 2865 # 2866 # Dictionary words are case-insensitive and all characters other than letters 2867 # and digits in the unicode [Basic Multilingual 2868 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 2869 # will be replaced with whitespace when scanning for matches, so the 2870 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 2871 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 2872 # surrounding any match must be of a different type than the adjacent 2873 # characters within the word, so letters must be next to non-letters and 2874 # digits next to non-digits. For example, the dictionary word "jen" will 2875 # match the first three letters of the text "jen123" but will return no 2876 # matches for "jennifer". 2877 # 2878 # Dictionary words containing a large number of characters that are not 2879 # letters or digits may result in unexpected findings because such characters 2880 # are treated as whitespace. The 2881 # [limits](https://cloud.google.com/dlp/limits) page contains details about 2882 # the size limits of dictionaries. For dictionaries that do not fit within 2883 # these constraints, consider using `LargeCustomDictionaryConfig` in the 2884 # `StoredInfoType` API. 2885 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 2886 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 2887 # at least one phrase and every phrase must contain at least 2 characters 2888 # that are letters or digits. [required] 2889 "A String", 2890 ], 2891 }, 2892 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 2893 # is accepted. 2894 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 2895 # Example: gs://[BUCKET_NAME]/dictionary.txt 2896 }, 2897 }, 2898 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 2899 }, 2900 }, 2901 ], 2902 "infoTypes": [ # List of infoTypes this rule set is applied to. 2903 { # Type of information detected by the API. 2904 "name": "A String", # Name of the information type. Either a name of your choosing when 2905 # creating a CustomInfoType, or one of the names listed 2906 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2907 # a built-in type. InfoType names should conform to the pattern 2908 # [a-zA-Z0-9_]{1,64}. 2909 }, 2910 ], 2911 }, 2912 ], 2913 "contentOptions": [ # List of options defining data content to scan. 2914 # If empty, text, images, and other content will be included. 2915 "A String", 2916 ], 2917 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 2918 # InfoType values returned by ListInfoTypes or listed at 2919 # https://cloud.google.com/dlp/docs/infotypes-reference. 2920 # 2921 # When no InfoTypes or CustomInfoTypes are specified in a request, the 2922 # system may automatically choose what detectors to run. By default this may 2923 # be all types, but may change over time as detectors are updated. 2924 # 2925 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 2926 # but may change over time as new InfoTypes are added. If you need precise 2927 # control and predictability as to what detectors are run you should specify 2928 # specific InfoTypes listed in the reference. 2929 { # Type of information detected by the API. 2930 "name": "A String", # Name of the information type. Either a name of your choosing when 2931 # creating a CustomInfoType, or one of the names listed 2932 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 2933 # a built-in type. InfoType names should conform to the pattern 2934 # [a-zA-Z0-9_]{1,64}. 2935 }, 2936 ], 2937 }, 2938 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig. 2939 # `inspect_config` will be merged into the values persisted as part of the 2940 # template. 2941 "actions": [ # Actions to execute at the completion of the job. 2942 { # A task to execute on the completion of a job. 2943 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more. 2944 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location. 2945 # OutputStorageConfig. Only a single instance of this action can be 2946 # specified. 2947 # Compatible with: Inspect, Risk 2948 "outputConfig": { # Cloud repository for storing output. 2949 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing 2950 # dataset. If table_id is not set a new one will be generated 2951 # for you with the following format: 2952 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for 2953 # generating the date details. 2954 # 2955 # For Inspect, each column in an existing output table must have the same 2956 # name, type, and mode of a field in the `Finding` object. 2957 # 2958 # For Risk, an existing output table should be the output of a previous 2959 # Risk analysis job run on the same source table, with the same privacy 2960 # metric and quasi-identifiers. Risk jobs that analyze the same table but 2961 # compute a different privacy metric, or use different sets of 2962 # quasi-identifiers, cannot store their results in the same table. 2963 # identified by its project_id, dataset_id, and table_name. Within a query 2964 # a table is often referenced with a string in the format of: 2965 # `<project_id>:<dataset_id>.<table_id>` or 2966 # `<project_id>.<dataset_id>.<table_id>`. 2967 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 2968 # If omitted, project ID is inferred from the API call. 2969 "tableId": "A String", # Name of the table. 2970 "datasetId": "A String", # Dataset ID of the table. 2971 }, 2972 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only 2973 # used for Inspect and must be unspecified for Risk jobs. Columns are derived 2974 # from the `Finding` object. If appending to an existing table, any columns 2975 # from the predefined schema that are missing will be added. No columns in 2976 # the existing table will be deleted. 2977 # 2978 # If unspecified, then all available columns will be used for a new table or 2979 # an (existing) table with no schema, and no changes will be made to an 2980 # existing table that has a schema. 2981 }, 2982 }, 2983 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's 2984 # completion/failure. 2985 # completion/failure. 2986 }, 2987 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha). 2988 # Command Center (CSCC Alpha). 2989 # This action is only available for projects which are parts of 2990 # an organization and whitelisted for the alpha Cloud Security Command 2991 # Center. 2992 # The action will publish count of finding instances and their info types. 2993 # The summary of findings will be persisted in CSCC and are governed by CSCC 2994 # service-specific policy, see https://cloud.google.com/terms/service-terms 2995 # Only a single instance of this action can be specified. 2996 # Compatible with: Inspect 2997 }, 2998 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic. 2999 # message contains a single field, `DlpJobName`, which is equal to the 3000 # finished job's 3001 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). 3002 # Compatible with: Inspect, Risk 3003 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given 3004 # publishing access rights to the DLP API service account executing 3005 # the long running DlpJob sending the notifications. 3006 # Format is projects/{project}/topics/{topic}. 3007 }, 3008 }, 3009 ], 3010 }, 3011 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list 3012 # needs to trigger for a job to be started. The list may contain only 3013 # a single Schedule trigger and must have at least one object. 3014 { # What event needs to occur for a new job to be started. 3015 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time. 3016 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For 3017 # example: every day (86400 seconds). 3018 # 3019 # A scheduled start time will be skipped if the previous 3020 # execution has not ended when its scheduled time occurs. 3021 # 3022 # This value must be set to a time duration greater than or equal 3023 # to 1 day and can be no longer than 60 days. 3024 }, 3025 }, 3026 ], 3027 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field. 3028 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field. 3029 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the 3030 # triggeredJob is created, for example 3031 # `projects/dlp-test-project/triggeredJobs/53234423`. 3032 }</pre> 3033</div> 3034 3035<div class="method"> 3036 <code class="details" id="delete">delete(name, x__xgafv=None)</code> 3037 <pre>Deletes a job trigger. 3038See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. 3039 3040Args: 3041 name: string, Resource name of the project and the triggeredJob, for example 3042`projects/dlp-test-project/jobTriggers/53234423`. (required) 3043 x__xgafv: string, V1 error format. 3044 Allowed values 3045 1 - v1 error format 3046 2 - v2 error format 3047 3048Returns: 3049 An object of the form: 3050 3051 { # A generic empty message that you can re-use to avoid defining duplicated 3052 # empty messages in your APIs. A typical example is to use it as the request 3053 # or the response type of an API method. For instance: 3054 # 3055 # service Foo { 3056 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); 3057 # } 3058 # 3059 # The JSON representation for `Empty` is empty JSON object `{}`. 3060 }</pre> 3061</div> 3062 3063<div class="method"> 3064 <code class="details" id="get">get(name, x__xgafv=None)</code> 3065 <pre>Gets a job trigger. 3066See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. 3067 3068Args: 3069 name: string, Resource name of the project and the triggeredJob, for example 3070`projects/dlp-test-project/jobTriggers/53234423`. (required) 3071 x__xgafv: string, V1 error format. 3072 Allowed values 3073 1 - v1 error format 3074 2 - v2 error format 3075 3076Returns: 3077 An object of the form: 3078 3079 { # Contains a configuration to make dlp api calls on a repeating basis. 3080 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more. 3081 "status": "A String", # A status for this trigger. [required] 3082 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field. 3083 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated 3084 # errors may result in the JobTrigger automatically being paused. 3085 # Will return the last 100 errors. Whenever the JobTrigger is modified 3086 # this list will be cleared. Output only field. 3087 { # Details information about an error encountered during job execution or 3088 # the results of an unsuccessful activation of the JobTrigger. 3089 # Output only field. 3090 "timestamps": [ # The times the error occurred. 3091 "A String", 3092 ], 3093 "details": { # The `Status` type defines a logical error model that is suitable for 3094 # different programming environments, including REST APIs and RPC APIs. It is 3095 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 3096 # three pieces of data: error code, error message, and error details. 3097 # 3098 # You can find out more about this error model and how to work with it in the 3099 # [API Design Guide](https://cloud.google.com/apis/design/errors). 3100 "message": "A String", # A developer-facing error message, which should be in English. Any 3101 # user-facing error message should be localized and sent in the 3102 # google.rpc.Status.details field, or localized by the client. 3103 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 3104 "details": [ # A list of messages that carry the error details. There is a common set of 3105 # message types for APIs to use. 3106 { 3107 "a_key": "", # Properties of the object. Contains field @type with type URL. 3108 }, 3109 ], 3110 }, 3111 }, 3112 ], 3113 "displayName": "A String", # Display name (max 100 chars) 3114 "description": "A String", # User provided description (max 256 chars) 3115 "inspectJob": { 3116 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan. 3117 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification. 3118 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always 3119 # by project and namespace, however the namespace ID may be empty. 3120 # A partition ID identifies a grouping of entities. The grouping is always 3121 # by project and namespace, however the namespace ID may be empty. 3122 # 3123 # A partition ID contains several dimensions: 3124 # project ID and namespace ID. 3125 "projectId": "A String", # The ID of the project to which the entities belong. 3126 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong. 3127 }, 3128 "kind": { # A representation of a Datastore kind. # The kind to process. 3129 "name": "A String", # The name of the kind. 3130 }, 3131 }, 3132 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification. 3133 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip 3134 # inspection of entire columns which you know have no findings. 3135 { # General identifier of a data field in a storage service. 3136 "name": "A String", # Name describing the field. 3137 }, 3138 ], 3139 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the 3140 # rest of the rows are omitted. If not set, or if set to 0, all rows will be 3141 # scanned. Only one of rows_limit and rows_limit_percent can be specified. 3142 # Cannot be used in conjunction with TimespanConfig. 3143 "sampleMethod": "A String", 3144 "identifyingFields": [ # References to fields uniquely identifying rows within the table. 3145 # Nested fields in the format, like `person.birthdate.year`, are allowed. 3146 { # General identifier of a data field in a storage service. 3147 "name": "A String", # Name describing the field. 3148 }, 3149 ], 3150 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows 3151 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 3152 # 100 means no limit. Defaults to 0. Only one of rows_limit and 3153 # rows_limit_percent can be specified. Cannot be used in conjunction with 3154 # TimespanConfig. 3155 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference. 3156 # identified by its project_id, dataset_id, and table_name. Within a query 3157 # a table is often referenced with a string in the format of: 3158 # `<project_id>:<dataset_id>.<table_id>` or 3159 # `<project_id>.<dataset_id>.<table_id>`. 3160 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 3161 # If omitted, project ID is inferred from the API call. 3162 "tableId": "A String", # Name of the table. 3163 "datasetId": "A String", # Dataset ID of the table. 3164 }, 3165 }, 3166 "timespanConfig": { # Configuration of the timespan of the items to include in scanning. 3167 # Currently only supported when inspecting Google Cloud Storage and BigQuery. 3168 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items. 3169 # Used for data sources like Datastore or BigQuery. 3170 # If not specified for BigQuery, table last modification timestamp 3171 # is checked against given time span. 3172 # The valid data types of the timestamp field are: 3173 # for BigQuery - timestamp, date, datetime; 3174 # for Datastore - timestamp. 3175 # Datastore entity will be scanned if the timestamp property does not exist 3176 # or its value is empty or invalid. 3177 "name": "A String", # Name describing the field. 3178 }, 3179 "endTime": "A String", # Exclude files or rows newer than this value. 3180 # If set to zero, no upper time limit is applied. 3181 "startTime": "A String", # Exclude files or rows older than this value. 3182 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out 3183 # a valid start_time to avoid scanning files that have not been modified 3184 # since the last time the JobTrigger executed. This will be based on the 3185 # time of the execution of the last run of the JobTrigger. 3186 }, 3187 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification. 3188 # bucket. 3189 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger 3190 # than this value then the rest of the bytes are omitted. Only one 3191 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 3192 "sampleMethod": "A String", 3193 "fileSet": { # Set of files to scan. # The set of one or more files to scan. 3194 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format 3195 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed. 3196 # 3197 # If the url ends in a trailing slash, the bucket or directory represented 3198 # by the url will be scanned non-recursively (content in sub-directories 3199 # will not be scanned). This means that `gs://mybucket/` is equivalent to 3200 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to 3201 # `gs://mybucket/directory/*`. 3202 # 3203 # Exactly one of `url` or `regex_file_set` must be set. 3204 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or 3205 # `regex_file_set` must be set. 3206 # expressions are used to allow fine-grained control over which files in the 3207 # bucket to include. 3208 # 3209 # Included files are those that match at least one item in `include_regex` and 3210 # do not match any items in `exclude_regex`. Note that a file that matches 3211 # items from both lists will _not_ be included. For a match to occur, the 3212 # entire file path (i.e., everything in the url after the bucket name) must 3213 # match the regular expression. 3214 # 3215 # For example, given the input `{bucket_name: "mybucket", include_regex: 3216 # ["directory1/.*"], exclude_regex: 3217 # ["directory1/excluded.*"]}`: 3218 # 3219 # * `gs://mybucket/directory1/myfile` will be included 3220 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches 3221 # across `/`) 3222 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the 3223 # full path doesn't match any items in `include_regex`) 3224 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path 3225 # matches an item in `exclude_regex`) 3226 # 3227 # If `include_regex` is left empty, it will match all files by default 3228 # (this is equivalent to setting `include_regex: [".*"]`). 3229 # 3230 # Some other common use cases: 3231 # 3232 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all 3233 # files in `mybucket` except for .pdf files 3234 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will 3235 # include all files directly under `gs://mybucket/directory/`, without matching 3236 # across `/` 3237 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in 3238 # the bucket that match at least one of these regular expressions will be 3239 # excluded from the scan. 3240 # 3241 # Regular expressions use RE2 3242 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 3243 # under the google/re2 repository on GitHub. 3244 "A String", 3245 ], 3246 "bucketName": "A String", # The name of a Cloud Storage bucket. Required. 3247 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in 3248 # the bucket that match at least one of these regular expressions will be 3249 # included in the set of files, except for those that also match an item in 3250 # `exclude_regex`. Leaving this field empty will match all files by default 3251 # (this is equivalent to including `.*` in the list). 3252 # 3253 # Regular expressions use RE2 3254 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 3255 # under the google/re2 repository on GitHub. 3256 "A String", 3257 ], 3258 }, 3259 }, 3260 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The 3261 # number of bytes scanned is rounded down. Must be between 0 and 100, 3262 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one 3263 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 3264 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet. 3265 # Number of files scanned is rounded down. Must be between 0 and 100, 3266 # inclusively. Both 0 and 100 means no limit. Defaults to 0. 3267 "fileTypes": [ # List of file type groups to include in the scan. 3268 # If empty, all files are scanned and available data format processors 3269 # are applied. In addition, the binary content of the selected files 3270 # is always scanned as well. 3271 "A String", 3272 ], 3273 }, 3274 }, 3275 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for. 3276 # When used with redactContent only info_types and min_likelihood are currently 3277 # used. 3278 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 3279 "limits": { 3280 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 3281 # When set within `InspectContentRequest`, the maximum returned is 2000 3282 # regardless if this is set higher. 3283 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 3284 { # Max findings configuration per infoType, per content item or long 3285 # running DlpJob. 3286 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 3287 # info_type should be provided. If InfoTypeLimit does not have an 3288 # info_type, the DLP API applies the limit against all info_types that 3289 # are found but not specified in another InfoTypeLimit. 3290 "name": "A String", # Name of the information type. Either a name of your choosing when 3291 # creating a CustomInfoType, or one of the names listed 3292 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 3293 # a built-in type. InfoType names should conform to the pattern 3294 # [a-zA-Z0-9_]{1,64}. 3295 }, 3296 "maxFindings": 42, # Max findings limit for the given infoType. 3297 }, 3298 ], 3299 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 3300 # When set within `InspectDataSourceRequest`, 3301 # the maximum returned is 2000 regardless if this is set higher. 3302 # When set within `InspectContentRequest`, this field is ignored. 3303 }, 3304 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 3305 # POSSIBLE. 3306 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 3307 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 3308 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 3309 { # Custom information type provided by the user. Used to find domain-specific 3310 # sensitive information configurable to the data in question. 3311 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 3312 "pattern": "A String", # Pattern defining the regular expression. Its syntax 3313 # (https://github.com/google/re2/wiki/Syntax) can be found under the 3314 # google/re2 repository on GitHub. 3315 "groupIndexes": [ # The index of the submatch to extract as findings. When not 3316 # specified, the entire match is returned. No more than 3 may be included. 3317 42, 3318 ], 3319 }, 3320 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 3321 # support reversing. 3322 # such as 3323 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 3324 # These types of transformations are 3325 # those that perform pseudonymization, thereby producing a "surrogate" as 3326 # output. This should be used in conjunction with a field on the 3327 # transformation such as `surrogate_info_type`. This CustomInfoType does 3328 # not support the use of `detection_rules`. 3329 }, 3330 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 3331 # infoType, when the name matches one of existing infoTypes and that infoType 3332 # is specified in `InspectContent.info_types` field. Specifying the latter 3333 # adds findings to the one detected by the system. If built-in info type is 3334 # not specified in `InspectContent.info_types` list then the name is treated 3335 # as a custom info type. 3336 "name": "A String", # Name of the information type. Either a name of your choosing when 3337 # creating a CustomInfoType, or one of the names listed 3338 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 3339 # a built-in type. InfoType names should conform to the pattern 3340 # [a-zA-Z0-9_]{1,64}. 3341 }, 3342 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 3343 # be used to match sensitive information specific to the data, such as a list 3344 # of employee IDs or job titles. 3345 # 3346 # Dictionary words are case-insensitive and all characters other than letters 3347 # and digits in the unicode [Basic Multilingual 3348 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 3349 # will be replaced with whitespace when scanning for matches, so the 3350 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 3351 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 3352 # surrounding any match must be of a different type than the adjacent 3353 # characters within the word, so letters must be next to non-letters and 3354 # digits next to non-digits. For example, the dictionary word "jen" will 3355 # match the first three letters of the text "jen123" but will return no 3356 # matches for "jennifer". 3357 # 3358 # Dictionary words containing a large number of characters that are not 3359 # letters or digits may result in unexpected findings because such characters 3360 # are treated as whitespace. The 3361 # [limits](https://cloud.google.com/dlp/limits) page contains details about 3362 # the size limits of dictionaries. For dictionaries that do not fit within 3363 # these constraints, consider using `LargeCustomDictionaryConfig` in the 3364 # `StoredInfoType` API. 3365 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 3366 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 3367 # at least one phrase and every phrase must contain at least 2 characters 3368 # that are letters or digits. [required] 3369 "A String", 3370 ], 3371 }, 3372 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 3373 # is accepted. 3374 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 3375 # Example: gs://[BUCKET_NAME]/dictionary.txt 3376 }, 3377 }, 3378 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 3379 # `InspectDataSource`. Not currently supported in `InspectContent`. 3380 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 3381 # `organizations/433245324/storedInfoTypes/432452342` or 3382 # `projects/project-id/storedInfoTypes/432452342`. 3383 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 3384 # inspection was created. Output-only field, populated by the system. 3385 }, 3386 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 3387 # Rules are applied in order that they are specified. Not supported for the 3388 # `surrogate_type` CustomInfoType. 3389 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 3390 # `CustomInfoType` to alter behavior under certain circumstances, depending 3391 # on the specific details of the rule. Not supported for the `surrogate_type` 3392 # custom infoType. 3393 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 3394 # proximity of hotwords. 3395 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 3396 # The total length of the window cannot exceed 1000 characters. Note that 3397 # the finding itself will be included in the window, so that hotwords may 3398 # be used to match substrings of the finding itself. For example, the 3399 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 3400 # adjusted upwards if the area code is known to be the local area code of 3401 # a company office using the hotword regex "\(xxx\)", where "xxx" 3402 # is the area code in question. 3403 # rule. 3404 "windowAfter": 42, # Number of characters after the finding to consider. 3405 "windowBefore": 42, # Number of characters before the finding to consider. 3406 }, 3407 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 3408 "pattern": "A String", # Pattern defining the regular expression. Its syntax 3409 # (https://github.com/google/re2/wiki/Syntax) can be found under the 3410 # google/re2 repository on GitHub. 3411 "groupIndexes": [ # The index of the submatch to extract as findings. When not 3412 # specified, the entire match is returned. No more than 3 may be included. 3413 42, 3414 ], 3415 }, 3416 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 3417 # part of a detection rule. 3418 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 3419 # levels. For example, if a finding would be `POSSIBLE` without the 3420 # detection rule and `relative_likelihood` is 1, then it is upgraded to 3421 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 3422 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 3423 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 3424 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 3425 # a final likelihood of `LIKELY`. 3426 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 3427 }, 3428 }, 3429 }, 3430 ], 3431 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 3432 # to be returned. It still can be used for rules matching. 3433 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 3434 # altered by a detection rule if the finding meets the criteria specified by 3435 # the rule. Defaults to `VERY_LIKELY` if not specified. 3436 }, 3437 ], 3438 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 3439 # included in the response; see Finding.quote. 3440 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 3441 # Exclusion rules, contained in the set are executed in the end, other 3442 # rules are executed in the order they are specified for each info type. 3443 { # Rule set for modifying a set of infoTypes to alter behavior under certain 3444 # circumstances, depending on the specific details of the rules within the set. 3445 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 3446 { # A single inspection rule to be applied to infoTypes, specified in 3447 # `InspectionRuleSet`. 3448 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 3449 # proximity of hotwords. 3450 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 3451 # The total length of the window cannot exceed 1000 characters. Note that 3452 # the finding itself will be included in the window, so that hotwords may 3453 # be used to match substrings of the finding itself. For example, the 3454 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 3455 # adjusted upwards if the area code is known to be the local area code of 3456 # a company office using the hotword regex "\(xxx\)", where "xxx" 3457 # is the area code in question. 3458 # rule. 3459 "windowAfter": 42, # Number of characters after the finding to consider. 3460 "windowBefore": 42, # Number of characters before the finding to consider. 3461 }, 3462 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 3463 "pattern": "A String", # Pattern defining the regular expression. Its syntax 3464 # (https://github.com/google/re2/wiki/Syntax) can be found under the 3465 # google/re2 repository on GitHub. 3466 "groupIndexes": [ # The index of the submatch to extract as findings. When not 3467 # specified, the entire match is returned. No more than 3 may be included. 3468 42, 3469 ], 3470 }, 3471 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 3472 # part of a detection rule. 3473 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 3474 # levels. For example, if a finding would be `POSSIBLE` without the 3475 # detection rule and `relative_likelihood` is 1, then it is upgraded to 3476 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 3477 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 3478 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 3479 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 3480 # a final likelihood of `LIKELY`. 3481 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 3482 }, 3483 }, 3484 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 3485 # `InspectionRuleSet` are removed from results. 3486 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 3487 "pattern": "A String", # Pattern defining the regular expression. Its syntax 3488 # (https://github.com/google/re2/wiki/Syntax) can be found under the 3489 # google/re2 repository on GitHub. 3490 "groupIndexes": [ # The index of the submatch to extract as findings. When not 3491 # specified, the entire match is returned. No more than 3 may be included. 3492 42, 3493 ], 3494 }, 3495 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 3496 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 3497 # contained within with a finding of an infoType from this list. For 3498 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 3499 # `exclusion_rule` containing `exclude_info_types.info_types` with 3500 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 3501 # with EMAIL_ADDRESS finding. 3502 # That leads to "555-222-2222@example.org" to generate only a single 3503 # finding, namely email address. 3504 { # Type of information detected by the API. 3505 "name": "A String", # Name of the information type. Either a name of your choosing when 3506 # creating a CustomInfoType, or one of the names listed 3507 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 3508 # a built-in type. InfoType names should conform to the pattern 3509 # [a-zA-Z0-9_]{1,64}. 3510 }, 3511 ], 3512 }, 3513 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 3514 # be used to match sensitive information specific to the data, such as a list 3515 # of employee IDs or job titles. 3516 # 3517 # Dictionary words are case-insensitive and all characters other than letters 3518 # and digits in the unicode [Basic Multilingual 3519 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 3520 # will be replaced with whitespace when scanning for matches, so the 3521 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 3522 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 3523 # surrounding any match must be of a different type than the adjacent 3524 # characters within the word, so letters must be next to non-letters and 3525 # digits next to non-digits. For example, the dictionary word "jen" will 3526 # match the first three letters of the text "jen123" but will return no 3527 # matches for "jennifer". 3528 # 3529 # Dictionary words containing a large number of characters that are not 3530 # letters or digits may result in unexpected findings because such characters 3531 # are treated as whitespace. The 3532 # [limits](https://cloud.google.com/dlp/limits) page contains details about 3533 # the size limits of dictionaries. For dictionaries that do not fit within 3534 # these constraints, consider using `LargeCustomDictionaryConfig` in the 3535 # `StoredInfoType` API. 3536 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 3537 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 3538 # at least one phrase and every phrase must contain at least 2 characters 3539 # that are letters or digits. [required] 3540 "A String", 3541 ], 3542 }, 3543 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 3544 # is accepted. 3545 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 3546 # Example: gs://[BUCKET_NAME]/dictionary.txt 3547 }, 3548 }, 3549 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 3550 }, 3551 }, 3552 ], 3553 "infoTypes": [ # List of infoTypes this rule set is applied to. 3554 { # Type of information detected by the API. 3555 "name": "A String", # Name of the information type. Either a name of your choosing when 3556 # creating a CustomInfoType, or one of the names listed 3557 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 3558 # a built-in type. InfoType names should conform to the pattern 3559 # [a-zA-Z0-9_]{1,64}. 3560 }, 3561 ], 3562 }, 3563 ], 3564 "contentOptions": [ # List of options defining data content to scan. 3565 # If empty, text, images, and other content will be included. 3566 "A String", 3567 ], 3568 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 3569 # InfoType values returned by ListInfoTypes or listed at 3570 # https://cloud.google.com/dlp/docs/infotypes-reference. 3571 # 3572 # When no InfoTypes or CustomInfoTypes are specified in a request, the 3573 # system may automatically choose what detectors to run. By default this may 3574 # be all types, but may change over time as detectors are updated. 3575 # 3576 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 3577 # but may change over time as new InfoTypes are added. If you need precise 3578 # control and predictability as to what detectors are run you should specify 3579 # specific InfoTypes listed in the reference. 3580 { # Type of information detected by the API. 3581 "name": "A String", # Name of the information type. Either a name of your choosing when 3582 # creating a CustomInfoType, or one of the names listed 3583 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 3584 # a built-in type. InfoType names should conform to the pattern 3585 # [a-zA-Z0-9_]{1,64}. 3586 }, 3587 ], 3588 }, 3589 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig. 3590 # `inspect_config` will be merged into the values persisted as part of the 3591 # template. 3592 "actions": [ # Actions to execute at the completion of the job. 3593 { # A task to execute on the completion of a job. 3594 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more. 3595 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location. 3596 # OutputStorageConfig. Only a single instance of this action can be 3597 # specified. 3598 # Compatible with: Inspect, Risk 3599 "outputConfig": { # Cloud repository for storing output. 3600 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing 3601 # dataset. If table_id is not set a new one will be generated 3602 # for you with the following format: 3603 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for 3604 # generating the date details. 3605 # 3606 # For Inspect, each column in an existing output table must have the same 3607 # name, type, and mode of a field in the `Finding` object. 3608 # 3609 # For Risk, an existing output table should be the output of a previous 3610 # Risk analysis job run on the same source table, with the same privacy 3611 # metric and quasi-identifiers. Risk jobs that analyze the same table but 3612 # compute a different privacy metric, or use different sets of 3613 # quasi-identifiers, cannot store their results in the same table. 3614 # identified by its project_id, dataset_id, and table_name. Within a query 3615 # a table is often referenced with a string in the format of: 3616 # `<project_id>:<dataset_id>.<table_id>` or 3617 # `<project_id>.<dataset_id>.<table_id>`. 3618 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 3619 # If omitted, project ID is inferred from the API call. 3620 "tableId": "A String", # Name of the table. 3621 "datasetId": "A String", # Dataset ID of the table. 3622 }, 3623 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only 3624 # used for Inspect and must be unspecified for Risk jobs. Columns are derived 3625 # from the `Finding` object. If appending to an existing table, any columns 3626 # from the predefined schema that are missing will be added. No columns in 3627 # the existing table will be deleted. 3628 # 3629 # If unspecified, then all available columns will be used for a new table or 3630 # an (existing) table with no schema, and no changes will be made to an 3631 # existing table that has a schema. 3632 }, 3633 }, 3634 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's 3635 # completion/failure. 3636 # completion/failure. 3637 }, 3638 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha). 3639 # Command Center (CSCC Alpha). 3640 # This action is only available for projects which are parts of 3641 # an organization and whitelisted for the alpha Cloud Security Command 3642 # Center. 3643 # The action will publish count of finding instances and their info types. 3644 # The summary of findings will be persisted in CSCC and are governed by CSCC 3645 # service-specific policy, see https://cloud.google.com/terms/service-terms 3646 # Only a single instance of this action can be specified. 3647 # Compatible with: Inspect 3648 }, 3649 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic. 3650 # message contains a single field, `DlpJobName`, which is equal to the 3651 # finished job's 3652 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). 3653 # Compatible with: Inspect, Risk 3654 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given 3655 # publishing access rights to the DLP API service account executing 3656 # the long running DlpJob sending the notifications. 3657 # Format is projects/{project}/topics/{topic}. 3658 }, 3659 }, 3660 ], 3661 }, 3662 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list 3663 # needs to trigger for a job to be started. The list may contain only 3664 # a single Schedule trigger and must have at least one object. 3665 { # What event needs to occur for a new job to be started. 3666 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time. 3667 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For 3668 # example: every day (86400 seconds). 3669 # 3670 # A scheduled start time will be skipped if the previous 3671 # execution has not ended when its scheduled time occurs. 3672 # 3673 # This value must be set to a time duration greater than or equal 3674 # to 1 day and can be no longer than 60 days. 3675 }, 3676 }, 3677 ], 3678 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field. 3679 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field. 3680 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the 3681 # triggeredJob is created, for example 3682 # `projects/dlp-test-project/triggeredJobs/53234423`. 3683 }</pre> 3684</div> 3685 3686<div class="method"> 3687 <code class="details" id="list">list(parent, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None, filter=None)</code> 3688 <pre>Lists job triggers. 3689See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. 3690 3691Args: 3692 parent: string, The parent resource name, for example `projects/my-project-id`. (required) 3693 orderBy: string, Optional comma separated list of triggeredJob fields to order by, 3694followed by `asc` or `desc` postfix. This list is case-insensitive, 3695default sorting order is ascending, redundant space characters are 3696insignificant. 3697 3698Example: `name asc,update_time, create_time desc` 3699 3700Supported fields are: 3701 3702- `create_time`: corresponds to time the JobTrigger was created. 3703- `update_time`: corresponds to time the JobTrigger was last updated. 3704- `last_run_time`: corresponds to the last time the JobTrigger ran. 3705- `name`: corresponds to JobTrigger's name. 3706- `display_name`: corresponds to JobTrigger's display name. 3707- `status`: corresponds to JobTrigger's status. 3708 pageSize: integer, Optional size of the page, can be limited by a server. 3709 pageToken: string, Optional page token to continue retrieval. Comes from previous call 3710to ListJobTriggers. `order_by` field must not 3711change for subsequent calls. 3712 x__xgafv: string, V1 error format. 3713 Allowed values 3714 1 - v1 error format 3715 2 - v2 error format 3716 filter: string, Optional. Allows filtering. 3717 3718Supported syntax: 3719 3720* Filter expressions are made up of one or more restrictions. 3721* Restrictions can be combined by `AND` or `OR` logical operators. A 3722sequence of restrictions implicitly uses `AND`. 3723* A restriction has the form of `<field> <operator> <value>`. 3724* Supported fields/values for inspect jobs: 3725 - `status` - HEALTHY|PAUSED|CANCELLED 3726 - `inspected_storage` - DATASTORE|CLOUD_STORAGE|BIGQUERY 3727 - 'last_run_time` - RFC 3339 formatted timestamp, surrounded by 3728 quotation marks. Nanoseconds are ignored. 3729 - 'error_count' - Number of errors that have occurred while running. 3730* The operator must be `=` or `!=` for status and inspected_storage. 3731 3732Examples: 3733 3734* inspected_storage = cloud_storage AND status = HEALTHY 3735* inspected_storage = cloud_storage OR inspected_storage = bigquery 3736* inspected_storage = cloud_storage AND (state = PAUSED OR state = HEALTHY) 3737* last_run_time > \"2017-12-12T00:00:00+00:00\" 3738 3739The length of this field should be no more than 500 characters. 3740 3741Returns: 3742 An object of the form: 3743 3744 { # Response message for ListJobTriggers. 3745 "nextPageToken": "A String", # If the next page is available then the next page token to be used 3746 # in following ListJobTriggers request. 3747 "jobTriggers": [ # List of triggeredJobs, up to page_size in ListJobTriggersRequest. 3748 { # Contains a configuration to make dlp api calls on a repeating basis. 3749 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more. 3750 "status": "A String", # A status for this trigger. [required] 3751 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field. 3752 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated 3753 # errors may result in the JobTrigger automatically being paused. 3754 # Will return the last 100 errors. Whenever the JobTrigger is modified 3755 # this list will be cleared. Output only field. 3756 { # Details information about an error encountered during job execution or 3757 # the results of an unsuccessful activation of the JobTrigger. 3758 # Output only field. 3759 "timestamps": [ # The times the error occurred. 3760 "A String", 3761 ], 3762 "details": { # The `Status` type defines a logical error model that is suitable for 3763 # different programming environments, including REST APIs and RPC APIs. It is 3764 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 3765 # three pieces of data: error code, error message, and error details. 3766 # 3767 # You can find out more about this error model and how to work with it in the 3768 # [API Design Guide](https://cloud.google.com/apis/design/errors). 3769 "message": "A String", # A developer-facing error message, which should be in English. Any 3770 # user-facing error message should be localized and sent in the 3771 # google.rpc.Status.details field, or localized by the client. 3772 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 3773 "details": [ # A list of messages that carry the error details. There is a common set of 3774 # message types for APIs to use. 3775 { 3776 "a_key": "", # Properties of the object. Contains field @type with type URL. 3777 }, 3778 ], 3779 }, 3780 }, 3781 ], 3782 "displayName": "A String", # Display name (max 100 chars) 3783 "description": "A String", # User provided description (max 256 chars) 3784 "inspectJob": { 3785 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan. 3786 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification. 3787 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always 3788 # by project and namespace, however the namespace ID may be empty. 3789 # A partition ID identifies a grouping of entities. The grouping is always 3790 # by project and namespace, however the namespace ID may be empty. 3791 # 3792 # A partition ID contains several dimensions: 3793 # project ID and namespace ID. 3794 "projectId": "A String", # The ID of the project to which the entities belong. 3795 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong. 3796 }, 3797 "kind": { # A representation of a Datastore kind. # The kind to process. 3798 "name": "A String", # The name of the kind. 3799 }, 3800 }, 3801 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification. 3802 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip 3803 # inspection of entire columns which you know have no findings. 3804 { # General identifier of a data field in a storage service. 3805 "name": "A String", # Name describing the field. 3806 }, 3807 ], 3808 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the 3809 # rest of the rows are omitted. If not set, or if set to 0, all rows will be 3810 # scanned. Only one of rows_limit and rows_limit_percent can be specified. 3811 # Cannot be used in conjunction with TimespanConfig. 3812 "sampleMethod": "A String", 3813 "identifyingFields": [ # References to fields uniquely identifying rows within the table. 3814 # Nested fields in the format, like `person.birthdate.year`, are allowed. 3815 { # General identifier of a data field in a storage service. 3816 "name": "A String", # Name describing the field. 3817 }, 3818 ], 3819 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows 3820 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 3821 # 100 means no limit. Defaults to 0. Only one of rows_limit and 3822 # rows_limit_percent can be specified. Cannot be used in conjunction with 3823 # TimespanConfig. 3824 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference. 3825 # identified by its project_id, dataset_id, and table_name. Within a query 3826 # a table is often referenced with a string in the format of: 3827 # `<project_id>:<dataset_id>.<table_id>` or 3828 # `<project_id>.<dataset_id>.<table_id>`. 3829 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 3830 # If omitted, project ID is inferred from the API call. 3831 "tableId": "A String", # Name of the table. 3832 "datasetId": "A String", # Dataset ID of the table. 3833 }, 3834 }, 3835 "timespanConfig": { # Configuration of the timespan of the items to include in scanning. 3836 # Currently only supported when inspecting Google Cloud Storage and BigQuery. 3837 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items. 3838 # Used for data sources like Datastore or BigQuery. 3839 # If not specified for BigQuery, table last modification timestamp 3840 # is checked against given time span. 3841 # The valid data types of the timestamp field are: 3842 # for BigQuery - timestamp, date, datetime; 3843 # for Datastore - timestamp. 3844 # Datastore entity will be scanned if the timestamp property does not exist 3845 # or its value is empty or invalid. 3846 "name": "A String", # Name describing the field. 3847 }, 3848 "endTime": "A String", # Exclude files or rows newer than this value. 3849 # If set to zero, no upper time limit is applied. 3850 "startTime": "A String", # Exclude files or rows older than this value. 3851 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out 3852 # a valid start_time to avoid scanning files that have not been modified 3853 # since the last time the JobTrigger executed. This will be based on the 3854 # time of the execution of the last run of the JobTrigger. 3855 }, 3856 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification. 3857 # bucket. 3858 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger 3859 # than this value then the rest of the bytes are omitted. Only one 3860 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 3861 "sampleMethod": "A String", 3862 "fileSet": { # Set of files to scan. # The set of one or more files to scan. 3863 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format 3864 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed. 3865 # 3866 # If the url ends in a trailing slash, the bucket or directory represented 3867 # by the url will be scanned non-recursively (content in sub-directories 3868 # will not be scanned). This means that `gs://mybucket/` is equivalent to 3869 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to 3870 # `gs://mybucket/directory/*`. 3871 # 3872 # Exactly one of `url` or `regex_file_set` must be set. 3873 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or 3874 # `regex_file_set` must be set. 3875 # expressions are used to allow fine-grained control over which files in the 3876 # bucket to include. 3877 # 3878 # Included files are those that match at least one item in `include_regex` and 3879 # do not match any items in `exclude_regex`. Note that a file that matches 3880 # items from both lists will _not_ be included. For a match to occur, the 3881 # entire file path (i.e., everything in the url after the bucket name) must 3882 # match the regular expression. 3883 # 3884 # For example, given the input `{bucket_name: "mybucket", include_regex: 3885 # ["directory1/.*"], exclude_regex: 3886 # ["directory1/excluded.*"]}`: 3887 # 3888 # * `gs://mybucket/directory1/myfile` will be included 3889 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches 3890 # across `/`) 3891 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the 3892 # full path doesn't match any items in `include_regex`) 3893 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path 3894 # matches an item in `exclude_regex`) 3895 # 3896 # If `include_regex` is left empty, it will match all files by default 3897 # (this is equivalent to setting `include_regex: [".*"]`). 3898 # 3899 # Some other common use cases: 3900 # 3901 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all 3902 # files in `mybucket` except for .pdf files 3903 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will 3904 # include all files directly under `gs://mybucket/directory/`, without matching 3905 # across `/` 3906 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in 3907 # the bucket that match at least one of these regular expressions will be 3908 # excluded from the scan. 3909 # 3910 # Regular expressions use RE2 3911 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 3912 # under the google/re2 repository on GitHub. 3913 "A String", 3914 ], 3915 "bucketName": "A String", # The name of a Cloud Storage bucket. Required. 3916 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in 3917 # the bucket that match at least one of these regular expressions will be 3918 # included in the set of files, except for those that also match an item in 3919 # `exclude_regex`. Leaving this field empty will match all files by default 3920 # (this is equivalent to including `.*` in the list). 3921 # 3922 # Regular expressions use RE2 3923 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 3924 # under the google/re2 repository on GitHub. 3925 "A String", 3926 ], 3927 }, 3928 }, 3929 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The 3930 # number of bytes scanned is rounded down. Must be between 0 and 100, 3931 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one 3932 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 3933 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet. 3934 # Number of files scanned is rounded down. Must be between 0 and 100, 3935 # inclusively. Both 0 and 100 means no limit. Defaults to 0. 3936 "fileTypes": [ # List of file type groups to include in the scan. 3937 # If empty, all files are scanned and available data format processors 3938 # are applied. In addition, the binary content of the selected files 3939 # is always scanned as well. 3940 "A String", 3941 ], 3942 }, 3943 }, 3944 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for. 3945 # When used with redactContent only info_types and min_likelihood are currently 3946 # used. 3947 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 3948 "limits": { 3949 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 3950 # When set within `InspectContentRequest`, the maximum returned is 2000 3951 # regardless if this is set higher. 3952 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 3953 { # Max findings configuration per infoType, per content item or long 3954 # running DlpJob. 3955 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 3956 # info_type should be provided. If InfoTypeLimit does not have an 3957 # info_type, the DLP API applies the limit against all info_types that 3958 # are found but not specified in another InfoTypeLimit. 3959 "name": "A String", # Name of the information type. Either a name of your choosing when 3960 # creating a CustomInfoType, or one of the names listed 3961 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 3962 # a built-in type. InfoType names should conform to the pattern 3963 # [a-zA-Z0-9_]{1,64}. 3964 }, 3965 "maxFindings": 42, # Max findings limit for the given infoType. 3966 }, 3967 ], 3968 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 3969 # When set within `InspectDataSourceRequest`, 3970 # the maximum returned is 2000 regardless if this is set higher. 3971 # When set within `InspectContentRequest`, this field is ignored. 3972 }, 3973 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 3974 # POSSIBLE. 3975 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 3976 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 3977 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 3978 { # Custom information type provided by the user. Used to find domain-specific 3979 # sensitive information configurable to the data in question. 3980 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 3981 "pattern": "A String", # Pattern defining the regular expression. Its syntax 3982 # (https://github.com/google/re2/wiki/Syntax) can be found under the 3983 # google/re2 repository on GitHub. 3984 "groupIndexes": [ # The index of the submatch to extract as findings. When not 3985 # specified, the entire match is returned. No more than 3 may be included. 3986 42, 3987 ], 3988 }, 3989 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 3990 # support reversing. 3991 # such as 3992 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 3993 # These types of transformations are 3994 # those that perform pseudonymization, thereby producing a "surrogate" as 3995 # output. This should be used in conjunction with a field on the 3996 # transformation such as `surrogate_info_type`. This CustomInfoType does 3997 # not support the use of `detection_rules`. 3998 }, 3999 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 4000 # infoType, when the name matches one of existing infoTypes and that infoType 4001 # is specified in `InspectContent.info_types` field. Specifying the latter 4002 # adds findings to the one detected by the system. If built-in info type is 4003 # not specified in `InspectContent.info_types` list then the name is treated 4004 # as a custom info type. 4005 "name": "A String", # Name of the information type. Either a name of your choosing when 4006 # creating a CustomInfoType, or one of the names listed 4007 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4008 # a built-in type. InfoType names should conform to the pattern 4009 # [a-zA-Z0-9_]{1,64}. 4010 }, 4011 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 4012 # be used to match sensitive information specific to the data, such as a list 4013 # of employee IDs or job titles. 4014 # 4015 # Dictionary words are case-insensitive and all characters other than letters 4016 # and digits in the unicode [Basic Multilingual 4017 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 4018 # will be replaced with whitespace when scanning for matches, so the 4019 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 4020 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 4021 # surrounding any match must be of a different type than the adjacent 4022 # characters within the word, so letters must be next to non-letters and 4023 # digits next to non-digits. For example, the dictionary word "jen" will 4024 # match the first three letters of the text "jen123" but will return no 4025 # matches for "jennifer". 4026 # 4027 # Dictionary words containing a large number of characters that are not 4028 # letters or digits may result in unexpected findings because such characters 4029 # are treated as whitespace. The 4030 # [limits](https://cloud.google.com/dlp/limits) page contains details about 4031 # the size limits of dictionaries. For dictionaries that do not fit within 4032 # these constraints, consider using `LargeCustomDictionaryConfig` in the 4033 # `StoredInfoType` API. 4034 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 4035 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 4036 # at least one phrase and every phrase must contain at least 2 characters 4037 # that are letters or digits. [required] 4038 "A String", 4039 ], 4040 }, 4041 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 4042 # is accepted. 4043 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 4044 # Example: gs://[BUCKET_NAME]/dictionary.txt 4045 }, 4046 }, 4047 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 4048 # `InspectDataSource`. Not currently supported in `InspectContent`. 4049 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 4050 # `organizations/433245324/storedInfoTypes/432452342` or 4051 # `projects/project-id/storedInfoTypes/432452342`. 4052 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 4053 # inspection was created. Output-only field, populated by the system. 4054 }, 4055 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 4056 # Rules are applied in order that they are specified. Not supported for the 4057 # `surrogate_type` CustomInfoType. 4058 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 4059 # `CustomInfoType` to alter behavior under certain circumstances, depending 4060 # on the specific details of the rule. Not supported for the `surrogate_type` 4061 # custom infoType. 4062 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 4063 # proximity of hotwords. 4064 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 4065 # The total length of the window cannot exceed 1000 characters. Note that 4066 # the finding itself will be included in the window, so that hotwords may 4067 # be used to match substrings of the finding itself. For example, the 4068 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 4069 # adjusted upwards if the area code is known to be the local area code of 4070 # a company office using the hotword regex "\(xxx\)", where "xxx" 4071 # is the area code in question. 4072 # rule. 4073 "windowAfter": 42, # Number of characters after the finding to consider. 4074 "windowBefore": 42, # Number of characters before the finding to consider. 4075 }, 4076 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 4077 "pattern": "A String", # Pattern defining the regular expression. Its syntax 4078 # (https://github.com/google/re2/wiki/Syntax) can be found under the 4079 # google/re2 repository on GitHub. 4080 "groupIndexes": [ # The index of the submatch to extract as findings. When not 4081 # specified, the entire match is returned. No more than 3 may be included. 4082 42, 4083 ], 4084 }, 4085 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 4086 # part of a detection rule. 4087 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 4088 # levels. For example, if a finding would be `POSSIBLE` without the 4089 # detection rule and `relative_likelihood` is 1, then it is upgraded to 4090 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 4091 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 4092 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 4093 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 4094 # a final likelihood of `LIKELY`. 4095 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 4096 }, 4097 }, 4098 }, 4099 ], 4100 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 4101 # to be returned. It still can be used for rules matching. 4102 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 4103 # altered by a detection rule if the finding meets the criteria specified by 4104 # the rule. Defaults to `VERY_LIKELY` if not specified. 4105 }, 4106 ], 4107 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 4108 # included in the response; see Finding.quote. 4109 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 4110 # Exclusion rules, contained in the set are executed in the end, other 4111 # rules are executed in the order they are specified for each info type. 4112 { # Rule set for modifying a set of infoTypes to alter behavior under certain 4113 # circumstances, depending on the specific details of the rules within the set. 4114 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 4115 { # A single inspection rule to be applied to infoTypes, specified in 4116 # `InspectionRuleSet`. 4117 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 4118 # proximity of hotwords. 4119 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 4120 # The total length of the window cannot exceed 1000 characters. Note that 4121 # the finding itself will be included in the window, so that hotwords may 4122 # be used to match substrings of the finding itself. For example, the 4123 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 4124 # adjusted upwards if the area code is known to be the local area code of 4125 # a company office using the hotword regex "\(xxx\)", where "xxx" 4126 # is the area code in question. 4127 # rule. 4128 "windowAfter": 42, # Number of characters after the finding to consider. 4129 "windowBefore": 42, # Number of characters before the finding to consider. 4130 }, 4131 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 4132 "pattern": "A String", # Pattern defining the regular expression. Its syntax 4133 # (https://github.com/google/re2/wiki/Syntax) can be found under the 4134 # google/re2 repository on GitHub. 4135 "groupIndexes": [ # The index of the submatch to extract as findings. When not 4136 # specified, the entire match is returned. No more than 3 may be included. 4137 42, 4138 ], 4139 }, 4140 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 4141 # part of a detection rule. 4142 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 4143 # levels. For example, if a finding would be `POSSIBLE` without the 4144 # detection rule and `relative_likelihood` is 1, then it is upgraded to 4145 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 4146 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 4147 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 4148 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 4149 # a final likelihood of `LIKELY`. 4150 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 4151 }, 4152 }, 4153 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 4154 # `InspectionRuleSet` are removed from results. 4155 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 4156 "pattern": "A String", # Pattern defining the regular expression. Its syntax 4157 # (https://github.com/google/re2/wiki/Syntax) can be found under the 4158 # google/re2 repository on GitHub. 4159 "groupIndexes": [ # The index of the submatch to extract as findings. When not 4160 # specified, the entire match is returned. No more than 3 may be included. 4161 42, 4162 ], 4163 }, 4164 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 4165 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 4166 # contained within with a finding of an infoType from this list. For 4167 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 4168 # `exclusion_rule` containing `exclude_info_types.info_types` with 4169 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 4170 # with EMAIL_ADDRESS finding. 4171 # That leads to "555-222-2222@example.org" to generate only a single 4172 # finding, namely email address. 4173 { # Type of information detected by the API. 4174 "name": "A String", # Name of the information type. Either a name of your choosing when 4175 # creating a CustomInfoType, or one of the names listed 4176 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4177 # a built-in type. InfoType names should conform to the pattern 4178 # [a-zA-Z0-9_]{1,64}. 4179 }, 4180 ], 4181 }, 4182 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 4183 # be used to match sensitive information specific to the data, such as a list 4184 # of employee IDs or job titles. 4185 # 4186 # Dictionary words are case-insensitive and all characters other than letters 4187 # and digits in the unicode [Basic Multilingual 4188 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 4189 # will be replaced with whitespace when scanning for matches, so the 4190 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 4191 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 4192 # surrounding any match must be of a different type than the adjacent 4193 # characters within the word, so letters must be next to non-letters and 4194 # digits next to non-digits. For example, the dictionary word "jen" will 4195 # match the first three letters of the text "jen123" but will return no 4196 # matches for "jennifer". 4197 # 4198 # Dictionary words containing a large number of characters that are not 4199 # letters or digits may result in unexpected findings because such characters 4200 # are treated as whitespace. The 4201 # [limits](https://cloud.google.com/dlp/limits) page contains details about 4202 # the size limits of dictionaries. For dictionaries that do not fit within 4203 # these constraints, consider using `LargeCustomDictionaryConfig` in the 4204 # `StoredInfoType` API. 4205 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 4206 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 4207 # at least one phrase and every phrase must contain at least 2 characters 4208 # that are letters or digits. [required] 4209 "A String", 4210 ], 4211 }, 4212 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 4213 # is accepted. 4214 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 4215 # Example: gs://[BUCKET_NAME]/dictionary.txt 4216 }, 4217 }, 4218 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 4219 }, 4220 }, 4221 ], 4222 "infoTypes": [ # List of infoTypes this rule set is applied to. 4223 { # Type of information detected by the API. 4224 "name": "A String", # Name of the information type. Either a name of your choosing when 4225 # creating a CustomInfoType, or one of the names listed 4226 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4227 # a built-in type. InfoType names should conform to the pattern 4228 # [a-zA-Z0-9_]{1,64}. 4229 }, 4230 ], 4231 }, 4232 ], 4233 "contentOptions": [ # List of options defining data content to scan. 4234 # If empty, text, images, and other content will be included. 4235 "A String", 4236 ], 4237 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 4238 # InfoType values returned by ListInfoTypes or listed at 4239 # https://cloud.google.com/dlp/docs/infotypes-reference. 4240 # 4241 # When no InfoTypes or CustomInfoTypes are specified in a request, the 4242 # system may automatically choose what detectors to run. By default this may 4243 # be all types, but may change over time as detectors are updated. 4244 # 4245 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 4246 # but may change over time as new InfoTypes are added. If you need precise 4247 # control and predictability as to what detectors are run you should specify 4248 # specific InfoTypes listed in the reference. 4249 { # Type of information detected by the API. 4250 "name": "A String", # Name of the information type. Either a name of your choosing when 4251 # creating a CustomInfoType, or one of the names listed 4252 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4253 # a built-in type. InfoType names should conform to the pattern 4254 # [a-zA-Z0-9_]{1,64}. 4255 }, 4256 ], 4257 }, 4258 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig. 4259 # `inspect_config` will be merged into the values persisted as part of the 4260 # template. 4261 "actions": [ # Actions to execute at the completion of the job. 4262 { # A task to execute on the completion of a job. 4263 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more. 4264 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location. 4265 # OutputStorageConfig. Only a single instance of this action can be 4266 # specified. 4267 # Compatible with: Inspect, Risk 4268 "outputConfig": { # Cloud repository for storing output. 4269 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing 4270 # dataset. If table_id is not set a new one will be generated 4271 # for you with the following format: 4272 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for 4273 # generating the date details. 4274 # 4275 # For Inspect, each column in an existing output table must have the same 4276 # name, type, and mode of a field in the `Finding` object. 4277 # 4278 # For Risk, an existing output table should be the output of a previous 4279 # Risk analysis job run on the same source table, with the same privacy 4280 # metric and quasi-identifiers. Risk jobs that analyze the same table but 4281 # compute a different privacy metric, or use different sets of 4282 # quasi-identifiers, cannot store their results in the same table. 4283 # identified by its project_id, dataset_id, and table_name. Within a query 4284 # a table is often referenced with a string in the format of: 4285 # `<project_id>:<dataset_id>.<table_id>` or 4286 # `<project_id>.<dataset_id>.<table_id>`. 4287 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 4288 # If omitted, project ID is inferred from the API call. 4289 "tableId": "A String", # Name of the table. 4290 "datasetId": "A String", # Dataset ID of the table. 4291 }, 4292 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only 4293 # used for Inspect and must be unspecified for Risk jobs. Columns are derived 4294 # from the `Finding` object. If appending to an existing table, any columns 4295 # from the predefined schema that are missing will be added. No columns in 4296 # the existing table will be deleted. 4297 # 4298 # If unspecified, then all available columns will be used for a new table or 4299 # an (existing) table with no schema, and no changes will be made to an 4300 # existing table that has a schema. 4301 }, 4302 }, 4303 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's 4304 # completion/failure. 4305 # completion/failure. 4306 }, 4307 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha). 4308 # Command Center (CSCC Alpha). 4309 # This action is only available for projects which are parts of 4310 # an organization and whitelisted for the alpha Cloud Security Command 4311 # Center. 4312 # The action will publish count of finding instances and their info types. 4313 # The summary of findings will be persisted in CSCC and are governed by CSCC 4314 # service-specific policy, see https://cloud.google.com/terms/service-terms 4315 # Only a single instance of this action can be specified. 4316 # Compatible with: Inspect 4317 }, 4318 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic. 4319 # message contains a single field, `DlpJobName`, which is equal to the 4320 # finished job's 4321 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). 4322 # Compatible with: Inspect, Risk 4323 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given 4324 # publishing access rights to the DLP API service account executing 4325 # the long running DlpJob sending the notifications. 4326 # Format is projects/{project}/topics/{topic}. 4327 }, 4328 }, 4329 ], 4330 }, 4331 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list 4332 # needs to trigger for a job to be started. The list may contain only 4333 # a single Schedule trigger and must have at least one object. 4334 { # What event needs to occur for a new job to be started. 4335 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time. 4336 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For 4337 # example: every day (86400 seconds). 4338 # 4339 # A scheduled start time will be skipped if the previous 4340 # execution has not ended when its scheduled time occurs. 4341 # 4342 # This value must be set to a time duration greater than or equal 4343 # to 1 day and can be no longer than 60 days. 4344 }, 4345 }, 4346 ], 4347 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field. 4348 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field. 4349 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the 4350 # triggeredJob is created, for example 4351 # `projects/dlp-test-project/triggeredJobs/53234423`. 4352 }, 4353 ], 4354 }</pre> 4355</div> 4356 4357<div class="method"> 4358 <code class="details" id="list_next">list_next(previous_request, previous_response)</code> 4359 <pre>Retrieves the next page of results. 4360 4361Args: 4362 previous_request: The request for the previous page. (required) 4363 previous_response: The response from the request for the previous page. (required) 4364 4365Returns: 4366 A request object that you can call 'execute()' on to request the next 4367 page. Returns None if there are no more items in the collection. 4368 </pre> 4369</div> 4370 4371<div class="method"> 4372 <code class="details" id="patch">patch(name, body, x__xgafv=None)</code> 4373 <pre>Updates a job trigger. 4374See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more. 4375 4376Args: 4377 name: string, Resource name of the project and the triggeredJob, for example 4378`projects/dlp-test-project/jobTriggers/53234423`. (required) 4379 body: object, The request body. (required) 4380 The object takes the form of: 4381 4382{ # Request message for UpdateJobTrigger. 4383 "jobTrigger": { # Contains a configuration to make dlp api calls on a repeating basis. # New JobTrigger value. 4384 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more. 4385 "status": "A String", # A status for this trigger. [required] 4386 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field. 4387 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated 4388 # errors may result in the JobTrigger automatically being paused. 4389 # Will return the last 100 errors. Whenever the JobTrigger is modified 4390 # this list will be cleared. Output only field. 4391 { # Details information about an error encountered during job execution or 4392 # the results of an unsuccessful activation of the JobTrigger. 4393 # Output only field. 4394 "timestamps": [ # The times the error occurred. 4395 "A String", 4396 ], 4397 "details": { # The `Status` type defines a logical error model that is suitable for 4398 # different programming environments, including REST APIs and RPC APIs. It is 4399 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 4400 # three pieces of data: error code, error message, and error details. 4401 # 4402 # You can find out more about this error model and how to work with it in the 4403 # [API Design Guide](https://cloud.google.com/apis/design/errors). 4404 "message": "A String", # A developer-facing error message, which should be in English. Any 4405 # user-facing error message should be localized and sent in the 4406 # google.rpc.Status.details field, or localized by the client. 4407 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 4408 "details": [ # A list of messages that carry the error details. There is a common set of 4409 # message types for APIs to use. 4410 { 4411 "a_key": "", # Properties of the object. Contains field @type with type URL. 4412 }, 4413 ], 4414 }, 4415 }, 4416 ], 4417 "displayName": "A String", # Display name (max 100 chars) 4418 "description": "A String", # User provided description (max 256 chars) 4419 "inspectJob": { 4420 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan. 4421 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification. 4422 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always 4423 # by project and namespace, however the namespace ID may be empty. 4424 # A partition ID identifies a grouping of entities. The grouping is always 4425 # by project and namespace, however the namespace ID may be empty. 4426 # 4427 # A partition ID contains several dimensions: 4428 # project ID and namespace ID. 4429 "projectId": "A String", # The ID of the project to which the entities belong. 4430 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong. 4431 }, 4432 "kind": { # A representation of a Datastore kind. # The kind to process. 4433 "name": "A String", # The name of the kind. 4434 }, 4435 }, 4436 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification. 4437 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip 4438 # inspection of entire columns which you know have no findings. 4439 { # General identifier of a data field in a storage service. 4440 "name": "A String", # Name describing the field. 4441 }, 4442 ], 4443 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the 4444 # rest of the rows are omitted. If not set, or if set to 0, all rows will be 4445 # scanned. Only one of rows_limit and rows_limit_percent can be specified. 4446 # Cannot be used in conjunction with TimespanConfig. 4447 "sampleMethod": "A String", 4448 "identifyingFields": [ # References to fields uniquely identifying rows within the table. 4449 # Nested fields in the format, like `person.birthdate.year`, are allowed. 4450 { # General identifier of a data field in a storage service. 4451 "name": "A String", # Name describing the field. 4452 }, 4453 ], 4454 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows 4455 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 4456 # 100 means no limit. Defaults to 0. Only one of rows_limit and 4457 # rows_limit_percent can be specified. Cannot be used in conjunction with 4458 # TimespanConfig. 4459 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference. 4460 # identified by its project_id, dataset_id, and table_name. Within a query 4461 # a table is often referenced with a string in the format of: 4462 # `<project_id>:<dataset_id>.<table_id>` or 4463 # `<project_id>.<dataset_id>.<table_id>`. 4464 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 4465 # If omitted, project ID is inferred from the API call. 4466 "tableId": "A String", # Name of the table. 4467 "datasetId": "A String", # Dataset ID of the table. 4468 }, 4469 }, 4470 "timespanConfig": { # Configuration of the timespan of the items to include in scanning. 4471 # Currently only supported when inspecting Google Cloud Storage and BigQuery. 4472 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items. 4473 # Used for data sources like Datastore or BigQuery. 4474 # If not specified for BigQuery, table last modification timestamp 4475 # is checked against given time span. 4476 # The valid data types of the timestamp field are: 4477 # for BigQuery - timestamp, date, datetime; 4478 # for Datastore - timestamp. 4479 # Datastore entity will be scanned if the timestamp property does not exist 4480 # or its value is empty or invalid. 4481 "name": "A String", # Name describing the field. 4482 }, 4483 "endTime": "A String", # Exclude files or rows newer than this value. 4484 # If set to zero, no upper time limit is applied. 4485 "startTime": "A String", # Exclude files or rows older than this value. 4486 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out 4487 # a valid start_time to avoid scanning files that have not been modified 4488 # since the last time the JobTrigger executed. This will be based on the 4489 # time of the execution of the last run of the JobTrigger. 4490 }, 4491 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification. 4492 # bucket. 4493 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger 4494 # than this value then the rest of the bytes are omitted. Only one 4495 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 4496 "sampleMethod": "A String", 4497 "fileSet": { # Set of files to scan. # The set of one or more files to scan. 4498 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format 4499 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed. 4500 # 4501 # If the url ends in a trailing slash, the bucket or directory represented 4502 # by the url will be scanned non-recursively (content in sub-directories 4503 # will not be scanned). This means that `gs://mybucket/` is equivalent to 4504 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to 4505 # `gs://mybucket/directory/*`. 4506 # 4507 # Exactly one of `url` or `regex_file_set` must be set. 4508 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or 4509 # `regex_file_set` must be set. 4510 # expressions are used to allow fine-grained control over which files in the 4511 # bucket to include. 4512 # 4513 # Included files are those that match at least one item in `include_regex` and 4514 # do not match any items in `exclude_regex`. Note that a file that matches 4515 # items from both lists will _not_ be included. For a match to occur, the 4516 # entire file path (i.e., everything in the url after the bucket name) must 4517 # match the regular expression. 4518 # 4519 # For example, given the input `{bucket_name: "mybucket", include_regex: 4520 # ["directory1/.*"], exclude_regex: 4521 # ["directory1/excluded.*"]}`: 4522 # 4523 # * `gs://mybucket/directory1/myfile` will be included 4524 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches 4525 # across `/`) 4526 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the 4527 # full path doesn't match any items in `include_regex`) 4528 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path 4529 # matches an item in `exclude_regex`) 4530 # 4531 # If `include_regex` is left empty, it will match all files by default 4532 # (this is equivalent to setting `include_regex: [".*"]`). 4533 # 4534 # Some other common use cases: 4535 # 4536 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all 4537 # files in `mybucket` except for .pdf files 4538 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will 4539 # include all files directly under `gs://mybucket/directory/`, without matching 4540 # across `/` 4541 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in 4542 # the bucket that match at least one of these regular expressions will be 4543 # excluded from the scan. 4544 # 4545 # Regular expressions use RE2 4546 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 4547 # under the google/re2 repository on GitHub. 4548 "A String", 4549 ], 4550 "bucketName": "A String", # The name of a Cloud Storage bucket. Required. 4551 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in 4552 # the bucket that match at least one of these regular expressions will be 4553 # included in the set of files, except for those that also match an item in 4554 # `exclude_regex`. Leaving this field empty will match all files by default 4555 # (this is equivalent to including `.*` in the list). 4556 # 4557 # Regular expressions use RE2 4558 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 4559 # under the google/re2 repository on GitHub. 4560 "A String", 4561 ], 4562 }, 4563 }, 4564 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The 4565 # number of bytes scanned is rounded down. Must be between 0 and 100, 4566 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one 4567 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 4568 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet. 4569 # Number of files scanned is rounded down. Must be between 0 and 100, 4570 # inclusively. Both 0 and 100 means no limit. Defaults to 0. 4571 "fileTypes": [ # List of file type groups to include in the scan. 4572 # If empty, all files are scanned and available data format processors 4573 # are applied. In addition, the binary content of the selected files 4574 # is always scanned as well. 4575 "A String", 4576 ], 4577 }, 4578 }, 4579 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for. 4580 # When used with redactContent only info_types and min_likelihood are currently 4581 # used. 4582 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 4583 "limits": { 4584 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 4585 # When set within `InspectContentRequest`, the maximum returned is 2000 4586 # regardless if this is set higher. 4587 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 4588 { # Max findings configuration per infoType, per content item or long 4589 # running DlpJob. 4590 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 4591 # info_type should be provided. If InfoTypeLimit does not have an 4592 # info_type, the DLP API applies the limit against all info_types that 4593 # are found but not specified in another InfoTypeLimit. 4594 "name": "A String", # Name of the information type. Either a name of your choosing when 4595 # creating a CustomInfoType, or one of the names listed 4596 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4597 # a built-in type. InfoType names should conform to the pattern 4598 # [a-zA-Z0-9_]{1,64}. 4599 }, 4600 "maxFindings": 42, # Max findings limit for the given infoType. 4601 }, 4602 ], 4603 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 4604 # When set within `InspectDataSourceRequest`, 4605 # the maximum returned is 2000 regardless if this is set higher. 4606 # When set within `InspectContentRequest`, this field is ignored. 4607 }, 4608 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 4609 # POSSIBLE. 4610 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 4611 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 4612 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 4613 { # Custom information type provided by the user. Used to find domain-specific 4614 # sensitive information configurable to the data in question. 4615 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 4616 "pattern": "A String", # Pattern defining the regular expression. Its syntax 4617 # (https://github.com/google/re2/wiki/Syntax) can be found under the 4618 # google/re2 repository on GitHub. 4619 "groupIndexes": [ # The index of the submatch to extract as findings. When not 4620 # specified, the entire match is returned. No more than 3 may be included. 4621 42, 4622 ], 4623 }, 4624 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 4625 # support reversing. 4626 # such as 4627 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 4628 # These types of transformations are 4629 # those that perform pseudonymization, thereby producing a "surrogate" as 4630 # output. This should be used in conjunction with a field on the 4631 # transformation such as `surrogate_info_type`. This CustomInfoType does 4632 # not support the use of `detection_rules`. 4633 }, 4634 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 4635 # infoType, when the name matches one of existing infoTypes and that infoType 4636 # is specified in `InspectContent.info_types` field. Specifying the latter 4637 # adds findings to the one detected by the system. If built-in info type is 4638 # not specified in `InspectContent.info_types` list then the name is treated 4639 # as a custom info type. 4640 "name": "A String", # Name of the information type. Either a name of your choosing when 4641 # creating a CustomInfoType, or one of the names listed 4642 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4643 # a built-in type. InfoType names should conform to the pattern 4644 # [a-zA-Z0-9_]{1,64}. 4645 }, 4646 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 4647 # be used to match sensitive information specific to the data, such as a list 4648 # of employee IDs or job titles. 4649 # 4650 # Dictionary words are case-insensitive and all characters other than letters 4651 # and digits in the unicode [Basic Multilingual 4652 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 4653 # will be replaced with whitespace when scanning for matches, so the 4654 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 4655 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 4656 # surrounding any match must be of a different type than the adjacent 4657 # characters within the word, so letters must be next to non-letters and 4658 # digits next to non-digits. For example, the dictionary word "jen" will 4659 # match the first three letters of the text "jen123" but will return no 4660 # matches for "jennifer". 4661 # 4662 # Dictionary words containing a large number of characters that are not 4663 # letters or digits may result in unexpected findings because such characters 4664 # are treated as whitespace. The 4665 # [limits](https://cloud.google.com/dlp/limits) page contains details about 4666 # the size limits of dictionaries. For dictionaries that do not fit within 4667 # these constraints, consider using `LargeCustomDictionaryConfig` in the 4668 # `StoredInfoType` API. 4669 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 4670 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 4671 # at least one phrase and every phrase must contain at least 2 characters 4672 # that are letters or digits. [required] 4673 "A String", 4674 ], 4675 }, 4676 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 4677 # is accepted. 4678 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 4679 # Example: gs://[BUCKET_NAME]/dictionary.txt 4680 }, 4681 }, 4682 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 4683 # `InspectDataSource`. Not currently supported in `InspectContent`. 4684 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 4685 # `organizations/433245324/storedInfoTypes/432452342` or 4686 # `projects/project-id/storedInfoTypes/432452342`. 4687 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 4688 # inspection was created. Output-only field, populated by the system. 4689 }, 4690 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 4691 # Rules are applied in order that they are specified. Not supported for the 4692 # `surrogate_type` CustomInfoType. 4693 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 4694 # `CustomInfoType` to alter behavior under certain circumstances, depending 4695 # on the specific details of the rule. Not supported for the `surrogate_type` 4696 # custom infoType. 4697 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 4698 # proximity of hotwords. 4699 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 4700 # The total length of the window cannot exceed 1000 characters. Note that 4701 # the finding itself will be included in the window, so that hotwords may 4702 # be used to match substrings of the finding itself. For example, the 4703 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 4704 # adjusted upwards if the area code is known to be the local area code of 4705 # a company office using the hotword regex "\(xxx\)", where "xxx" 4706 # is the area code in question. 4707 # rule. 4708 "windowAfter": 42, # Number of characters after the finding to consider. 4709 "windowBefore": 42, # Number of characters before the finding to consider. 4710 }, 4711 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 4712 "pattern": "A String", # Pattern defining the regular expression. Its syntax 4713 # (https://github.com/google/re2/wiki/Syntax) can be found under the 4714 # google/re2 repository on GitHub. 4715 "groupIndexes": [ # The index of the submatch to extract as findings. When not 4716 # specified, the entire match is returned. No more than 3 may be included. 4717 42, 4718 ], 4719 }, 4720 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 4721 # part of a detection rule. 4722 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 4723 # levels. For example, if a finding would be `POSSIBLE` without the 4724 # detection rule and `relative_likelihood` is 1, then it is upgraded to 4725 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 4726 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 4727 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 4728 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 4729 # a final likelihood of `LIKELY`. 4730 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 4731 }, 4732 }, 4733 }, 4734 ], 4735 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 4736 # to be returned. It still can be used for rules matching. 4737 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 4738 # altered by a detection rule if the finding meets the criteria specified by 4739 # the rule. Defaults to `VERY_LIKELY` if not specified. 4740 }, 4741 ], 4742 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 4743 # included in the response; see Finding.quote. 4744 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 4745 # Exclusion rules, contained in the set are executed in the end, other 4746 # rules are executed in the order they are specified for each info type. 4747 { # Rule set for modifying a set of infoTypes to alter behavior under certain 4748 # circumstances, depending on the specific details of the rules within the set. 4749 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 4750 { # A single inspection rule to be applied to infoTypes, specified in 4751 # `InspectionRuleSet`. 4752 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 4753 # proximity of hotwords. 4754 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 4755 # The total length of the window cannot exceed 1000 characters. Note that 4756 # the finding itself will be included in the window, so that hotwords may 4757 # be used to match substrings of the finding itself. For example, the 4758 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 4759 # adjusted upwards if the area code is known to be the local area code of 4760 # a company office using the hotword regex "\(xxx\)", where "xxx" 4761 # is the area code in question. 4762 # rule. 4763 "windowAfter": 42, # Number of characters after the finding to consider. 4764 "windowBefore": 42, # Number of characters before the finding to consider. 4765 }, 4766 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 4767 "pattern": "A String", # Pattern defining the regular expression. Its syntax 4768 # (https://github.com/google/re2/wiki/Syntax) can be found under the 4769 # google/re2 repository on GitHub. 4770 "groupIndexes": [ # The index of the submatch to extract as findings. When not 4771 # specified, the entire match is returned. No more than 3 may be included. 4772 42, 4773 ], 4774 }, 4775 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 4776 # part of a detection rule. 4777 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 4778 # levels. For example, if a finding would be `POSSIBLE` without the 4779 # detection rule and `relative_likelihood` is 1, then it is upgraded to 4780 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 4781 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 4782 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 4783 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 4784 # a final likelihood of `LIKELY`. 4785 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 4786 }, 4787 }, 4788 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 4789 # `InspectionRuleSet` are removed from results. 4790 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 4791 "pattern": "A String", # Pattern defining the regular expression. Its syntax 4792 # (https://github.com/google/re2/wiki/Syntax) can be found under the 4793 # google/re2 repository on GitHub. 4794 "groupIndexes": [ # The index of the submatch to extract as findings. When not 4795 # specified, the entire match is returned. No more than 3 may be included. 4796 42, 4797 ], 4798 }, 4799 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 4800 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 4801 # contained within with a finding of an infoType from this list. For 4802 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 4803 # `exclusion_rule` containing `exclude_info_types.info_types` with 4804 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 4805 # with EMAIL_ADDRESS finding. 4806 # That leads to "555-222-2222@example.org" to generate only a single 4807 # finding, namely email address. 4808 { # Type of information detected by the API. 4809 "name": "A String", # Name of the information type. Either a name of your choosing when 4810 # creating a CustomInfoType, or one of the names listed 4811 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4812 # a built-in type. InfoType names should conform to the pattern 4813 # [a-zA-Z0-9_]{1,64}. 4814 }, 4815 ], 4816 }, 4817 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 4818 # be used to match sensitive information specific to the data, such as a list 4819 # of employee IDs or job titles. 4820 # 4821 # Dictionary words are case-insensitive and all characters other than letters 4822 # and digits in the unicode [Basic Multilingual 4823 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 4824 # will be replaced with whitespace when scanning for matches, so the 4825 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 4826 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 4827 # surrounding any match must be of a different type than the adjacent 4828 # characters within the word, so letters must be next to non-letters and 4829 # digits next to non-digits. For example, the dictionary word "jen" will 4830 # match the first three letters of the text "jen123" but will return no 4831 # matches for "jennifer". 4832 # 4833 # Dictionary words containing a large number of characters that are not 4834 # letters or digits may result in unexpected findings because such characters 4835 # are treated as whitespace. The 4836 # [limits](https://cloud.google.com/dlp/limits) page contains details about 4837 # the size limits of dictionaries. For dictionaries that do not fit within 4838 # these constraints, consider using `LargeCustomDictionaryConfig` in the 4839 # `StoredInfoType` API. 4840 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 4841 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 4842 # at least one phrase and every phrase must contain at least 2 characters 4843 # that are letters or digits. [required] 4844 "A String", 4845 ], 4846 }, 4847 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 4848 # is accepted. 4849 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 4850 # Example: gs://[BUCKET_NAME]/dictionary.txt 4851 }, 4852 }, 4853 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 4854 }, 4855 }, 4856 ], 4857 "infoTypes": [ # List of infoTypes this rule set is applied to. 4858 { # Type of information detected by the API. 4859 "name": "A String", # Name of the information type. Either a name of your choosing when 4860 # creating a CustomInfoType, or one of the names listed 4861 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4862 # a built-in type. InfoType names should conform to the pattern 4863 # [a-zA-Z0-9_]{1,64}. 4864 }, 4865 ], 4866 }, 4867 ], 4868 "contentOptions": [ # List of options defining data content to scan. 4869 # If empty, text, images, and other content will be included. 4870 "A String", 4871 ], 4872 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 4873 # InfoType values returned by ListInfoTypes or listed at 4874 # https://cloud.google.com/dlp/docs/infotypes-reference. 4875 # 4876 # When no InfoTypes or CustomInfoTypes are specified in a request, the 4877 # system may automatically choose what detectors to run. By default this may 4878 # be all types, but may change over time as detectors are updated. 4879 # 4880 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 4881 # but may change over time as new InfoTypes are added. If you need precise 4882 # control and predictability as to what detectors are run you should specify 4883 # specific InfoTypes listed in the reference. 4884 { # Type of information detected by the API. 4885 "name": "A String", # Name of the information type. Either a name of your choosing when 4886 # creating a CustomInfoType, or one of the names listed 4887 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 4888 # a built-in type. InfoType names should conform to the pattern 4889 # [a-zA-Z0-9_]{1,64}. 4890 }, 4891 ], 4892 }, 4893 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig. 4894 # `inspect_config` will be merged into the values persisted as part of the 4895 # template. 4896 "actions": [ # Actions to execute at the completion of the job. 4897 { # A task to execute on the completion of a job. 4898 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more. 4899 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location. 4900 # OutputStorageConfig. Only a single instance of this action can be 4901 # specified. 4902 # Compatible with: Inspect, Risk 4903 "outputConfig": { # Cloud repository for storing output. 4904 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing 4905 # dataset. If table_id is not set a new one will be generated 4906 # for you with the following format: 4907 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for 4908 # generating the date details. 4909 # 4910 # For Inspect, each column in an existing output table must have the same 4911 # name, type, and mode of a field in the `Finding` object. 4912 # 4913 # For Risk, an existing output table should be the output of a previous 4914 # Risk analysis job run on the same source table, with the same privacy 4915 # metric and quasi-identifiers. Risk jobs that analyze the same table but 4916 # compute a different privacy metric, or use different sets of 4917 # quasi-identifiers, cannot store their results in the same table. 4918 # identified by its project_id, dataset_id, and table_name. Within a query 4919 # a table is often referenced with a string in the format of: 4920 # `<project_id>:<dataset_id>.<table_id>` or 4921 # `<project_id>.<dataset_id>.<table_id>`. 4922 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 4923 # If omitted, project ID is inferred from the API call. 4924 "tableId": "A String", # Name of the table. 4925 "datasetId": "A String", # Dataset ID of the table. 4926 }, 4927 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only 4928 # used for Inspect and must be unspecified for Risk jobs. Columns are derived 4929 # from the `Finding` object. If appending to an existing table, any columns 4930 # from the predefined schema that are missing will be added. No columns in 4931 # the existing table will be deleted. 4932 # 4933 # If unspecified, then all available columns will be used for a new table or 4934 # an (existing) table with no schema, and no changes will be made to an 4935 # existing table that has a schema. 4936 }, 4937 }, 4938 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's 4939 # completion/failure. 4940 # completion/failure. 4941 }, 4942 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha). 4943 # Command Center (CSCC Alpha). 4944 # This action is only available for projects which are parts of 4945 # an organization and whitelisted for the alpha Cloud Security Command 4946 # Center. 4947 # The action will publish count of finding instances and their info types. 4948 # The summary of findings will be persisted in CSCC and are governed by CSCC 4949 # service-specific policy, see https://cloud.google.com/terms/service-terms 4950 # Only a single instance of this action can be specified. 4951 # Compatible with: Inspect 4952 }, 4953 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic. 4954 # message contains a single field, `DlpJobName`, which is equal to the 4955 # finished job's 4956 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). 4957 # Compatible with: Inspect, Risk 4958 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given 4959 # publishing access rights to the DLP API service account executing 4960 # the long running DlpJob sending the notifications. 4961 # Format is projects/{project}/topics/{topic}. 4962 }, 4963 }, 4964 ], 4965 }, 4966 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list 4967 # needs to trigger for a job to be started. The list may contain only 4968 # a single Schedule trigger and must have at least one object. 4969 { # What event needs to occur for a new job to be started. 4970 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time. 4971 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For 4972 # example: every day (86400 seconds). 4973 # 4974 # A scheduled start time will be skipped if the previous 4975 # execution has not ended when its scheduled time occurs. 4976 # 4977 # This value must be set to a time duration greater than or equal 4978 # to 1 day and can be no longer than 60 days. 4979 }, 4980 }, 4981 ], 4982 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field. 4983 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field. 4984 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the 4985 # triggeredJob is created, for example 4986 # `projects/dlp-test-project/triggeredJobs/53234423`. 4987 }, 4988 "updateMask": "A String", # Mask to control which fields get updated. 4989 } 4990 4991 x__xgafv: string, V1 error format. 4992 Allowed values 4993 1 - v1 error format 4994 2 - v2 error format 4995 4996Returns: 4997 An object of the form: 4998 4999 { # Contains a configuration to make dlp api calls on a repeating basis. 5000 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more. 5001 "status": "A String", # A status for this trigger. [required] 5002 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field. 5003 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated 5004 # errors may result in the JobTrigger automatically being paused. 5005 # Will return the last 100 errors. Whenever the JobTrigger is modified 5006 # this list will be cleared. Output only field. 5007 { # Details information about an error encountered during job execution or 5008 # the results of an unsuccessful activation of the JobTrigger. 5009 # Output only field. 5010 "timestamps": [ # The times the error occurred. 5011 "A String", 5012 ], 5013 "details": { # The `Status` type defines a logical error model that is suitable for 5014 # different programming environments, including REST APIs and RPC APIs. It is 5015 # used by [gRPC](https://github.com/grpc). Each `Status` message contains 5016 # three pieces of data: error code, error message, and error details. 5017 # 5018 # You can find out more about this error model and how to work with it in the 5019 # [API Design Guide](https://cloud.google.com/apis/design/errors). 5020 "message": "A String", # A developer-facing error message, which should be in English. Any 5021 # user-facing error message should be localized and sent in the 5022 # google.rpc.Status.details field, or localized by the client. 5023 "code": 42, # The status code, which should be an enum value of google.rpc.Code. 5024 "details": [ # A list of messages that carry the error details. There is a common set of 5025 # message types for APIs to use. 5026 { 5027 "a_key": "", # Properties of the object. Contains field @type with type URL. 5028 }, 5029 ], 5030 }, 5031 }, 5032 ], 5033 "displayName": "A String", # Display name (max 100 chars) 5034 "description": "A String", # User provided description (max 256 chars) 5035 "inspectJob": { 5036 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan. 5037 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification. 5038 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always 5039 # by project and namespace, however the namespace ID may be empty. 5040 # A partition ID identifies a grouping of entities. The grouping is always 5041 # by project and namespace, however the namespace ID may be empty. 5042 # 5043 # A partition ID contains several dimensions: 5044 # project ID and namespace ID. 5045 "projectId": "A String", # The ID of the project to which the entities belong. 5046 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong. 5047 }, 5048 "kind": { # A representation of a Datastore kind. # The kind to process. 5049 "name": "A String", # The name of the kind. 5050 }, 5051 }, 5052 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification. 5053 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip 5054 # inspection of entire columns which you know have no findings. 5055 { # General identifier of a data field in a storage service. 5056 "name": "A String", # Name describing the field. 5057 }, 5058 ], 5059 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the 5060 # rest of the rows are omitted. If not set, or if set to 0, all rows will be 5061 # scanned. Only one of rows_limit and rows_limit_percent can be specified. 5062 # Cannot be used in conjunction with TimespanConfig. 5063 "sampleMethod": "A String", 5064 "identifyingFields": [ # References to fields uniquely identifying rows within the table. 5065 # Nested fields in the format, like `person.birthdate.year`, are allowed. 5066 { # General identifier of a data field in a storage service. 5067 "name": "A String", # Name describing the field. 5068 }, 5069 ], 5070 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows 5071 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 5072 # 100 means no limit. Defaults to 0. Only one of rows_limit and 5073 # rows_limit_percent can be specified. Cannot be used in conjunction with 5074 # TimespanConfig. 5075 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference. 5076 # identified by its project_id, dataset_id, and table_name. Within a query 5077 # a table is often referenced with a string in the format of: 5078 # `<project_id>:<dataset_id>.<table_id>` or 5079 # `<project_id>.<dataset_id>.<table_id>`. 5080 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 5081 # If omitted, project ID is inferred from the API call. 5082 "tableId": "A String", # Name of the table. 5083 "datasetId": "A String", # Dataset ID of the table. 5084 }, 5085 }, 5086 "timespanConfig": { # Configuration of the timespan of the items to include in scanning. 5087 # Currently only supported when inspecting Google Cloud Storage and BigQuery. 5088 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items. 5089 # Used for data sources like Datastore or BigQuery. 5090 # If not specified for BigQuery, table last modification timestamp 5091 # is checked against given time span. 5092 # The valid data types of the timestamp field are: 5093 # for BigQuery - timestamp, date, datetime; 5094 # for Datastore - timestamp. 5095 # Datastore entity will be scanned if the timestamp property does not exist 5096 # or its value is empty or invalid. 5097 "name": "A String", # Name describing the field. 5098 }, 5099 "endTime": "A String", # Exclude files or rows newer than this value. 5100 # If set to zero, no upper time limit is applied. 5101 "startTime": "A String", # Exclude files or rows older than this value. 5102 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out 5103 # a valid start_time to avoid scanning files that have not been modified 5104 # since the last time the JobTrigger executed. This will be based on the 5105 # time of the execution of the last run of the JobTrigger. 5106 }, 5107 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification. 5108 # bucket. 5109 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger 5110 # than this value then the rest of the bytes are omitted. Only one 5111 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 5112 "sampleMethod": "A String", 5113 "fileSet": { # Set of files to scan. # The set of one or more files to scan. 5114 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format 5115 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed. 5116 # 5117 # If the url ends in a trailing slash, the bucket or directory represented 5118 # by the url will be scanned non-recursively (content in sub-directories 5119 # will not be scanned). This means that `gs://mybucket/` is equivalent to 5120 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to 5121 # `gs://mybucket/directory/*`. 5122 # 5123 # Exactly one of `url` or `regex_file_set` must be set. 5124 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or 5125 # `regex_file_set` must be set. 5126 # expressions are used to allow fine-grained control over which files in the 5127 # bucket to include. 5128 # 5129 # Included files are those that match at least one item in `include_regex` and 5130 # do not match any items in `exclude_regex`. Note that a file that matches 5131 # items from both lists will _not_ be included. For a match to occur, the 5132 # entire file path (i.e., everything in the url after the bucket name) must 5133 # match the regular expression. 5134 # 5135 # For example, given the input `{bucket_name: "mybucket", include_regex: 5136 # ["directory1/.*"], exclude_regex: 5137 # ["directory1/excluded.*"]}`: 5138 # 5139 # * `gs://mybucket/directory1/myfile` will be included 5140 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches 5141 # across `/`) 5142 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the 5143 # full path doesn't match any items in `include_regex`) 5144 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path 5145 # matches an item in `exclude_regex`) 5146 # 5147 # If `include_regex` is left empty, it will match all files by default 5148 # (this is equivalent to setting `include_regex: [".*"]`). 5149 # 5150 # Some other common use cases: 5151 # 5152 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all 5153 # files in `mybucket` except for .pdf files 5154 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will 5155 # include all files directly under `gs://mybucket/directory/`, without matching 5156 # across `/` 5157 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in 5158 # the bucket that match at least one of these regular expressions will be 5159 # excluded from the scan. 5160 # 5161 # Regular expressions use RE2 5162 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 5163 # under the google/re2 repository on GitHub. 5164 "A String", 5165 ], 5166 "bucketName": "A String", # The name of a Cloud Storage bucket. Required. 5167 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in 5168 # the bucket that match at least one of these regular expressions will be 5169 # included in the set of files, except for those that also match an item in 5170 # `exclude_regex`. Leaving this field empty will match all files by default 5171 # (this is equivalent to including `.*` in the list). 5172 # 5173 # Regular expressions use RE2 5174 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found 5175 # under the google/re2 repository on GitHub. 5176 "A String", 5177 ], 5178 }, 5179 }, 5180 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The 5181 # number of bytes scanned is rounded down. Must be between 0 and 100, 5182 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one 5183 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. 5184 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet. 5185 # Number of files scanned is rounded down. Must be between 0 and 100, 5186 # inclusively. Both 0 and 100 means no limit. Defaults to 0. 5187 "fileTypes": [ # List of file type groups to include in the scan. 5188 # If empty, all files are scanned and available data format processors 5189 # are applied. In addition, the binary content of the selected files 5190 # is always scanned as well. 5191 "A String", 5192 ], 5193 }, 5194 }, 5195 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for. 5196 # When used with redactContent only info_types and min_likelihood are currently 5197 # used. 5198 "excludeInfoTypes": True or False, # When true, excludes type information of the findings. 5199 "limits": { 5200 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job. 5201 # When set within `InspectContentRequest`, the maximum returned is 2000 5202 # regardless if this is set higher. 5203 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes. 5204 { # Max findings configuration per infoType, per content item or long 5205 # running DlpJob. 5206 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per 5207 # info_type should be provided. If InfoTypeLimit does not have an 5208 # info_type, the DLP API applies the limit against all info_types that 5209 # are found but not specified in another InfoTypeLimit. 5210 "name": "A String", # Name of the information type. Either a name of your choosing when 5211 # creating a CustomInfoType, or one of the names listed 5212 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 5213 # a built-in type. InfoType names should conform to the pattern 5214 # [a-zA-Z0-9_]{1,64}. 5215 }, 5216 "maxFindings": 42, # Max findings limit for the given infoType. 5217 }, 5218 ], 5219 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned. 5220 # When set within `InspectDataSourceRequest`, 5221 # the maximum returned is 2000 regardless if this is set higher. 5222 # When set within `InspectContentRequest`, this field is ignored. 5223 }, 5224 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is 5225 # POSSIBLE. 5226 # See https://cloud.google.com/dlp/docs/likelihood to learn more. 5227 "customInfoTypes": [ # CustomInfoTypes provided by the user. See 5228 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. 5229 { # Custom information type provided by the user. Used to find domain-specific 5230 # sensitive information configurable to the data in question. 5231 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType. 5232 "pattern": "A String", # Pattern defining the regular expression. Its syntax 5233 # (https://github.com/google/re2/wiki/Syntax) can be found under the 5234 # google/re2 repository on GitHub. 5235 "groupIndexes": [ # The index of the submatch to extract as findings. When not 5236 # specified, the entire match is returned. No more than 3 may be included. 5237 42, 5238 ], 5239 }, 5240 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that 5241 # support reversing. 5242 # such as 5243 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). 5244 # These types of transformations are 5245 # those that perform pseudonymization, thereby producing a "surrogate" as 5246 # output. This should be used in conjunction with a field on the 5247 # transformation such as `surrogate_info_type`. This CustomInfoType does 5248 # not support the use of `detection_rules`. 5249 }, 5250 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in 5251 # infoType, when the name matches one of existing infoTypes and that infoType 5252 # is specified in `InspectContent.info_types` field. Specifying the latter 5253 # adds findings to the one detected by the system. If built-in info type is 5254 # not specified in `InspectContent.info_types` list then the name is treated 5255 # as a custom info type. 5256 "name": "A String", # Name of the information type. Either a name of your choosing when 5257 # creating a CustomInfoType, or one of the names listed 5258 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 5259 # a built-in type. InfoType names should conform to the pattern 5260 # [a-zA-Z0-9_]{1,64}. 5261 }, 5262 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType. 5263 # be used to match sensitive information specific to the data, such as a list 5264 # of employee IDs or job titles. 5265 # 5266 # Dictionary words are case-insensitive and all characters other than letters 5267 # and digits in the unicode [Basic Multilingual 5268 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 5269 # will be replaced with whitespace when scanning for matches, so the 5270 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 5271 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 5272 # surrounding any match must be of a different type than the adjacent 5273 # characters within the word, so letters must be next to non-letters and 5274 # digits next to non-digits. For example, the dictionary word "jen" will 5275 # match the first three letters of the text "jen123" but will return no 5276 # matches for "jennifer". 5277 # 5278 # Dictionary words containing a large number of characters that are not 5279 # letters or digits may result in unexpected findings because such characters 5280 # are treated as whitespace. The 5281 # [limits](https://cloud.google.com/dlp/limits) page contains details about 5282 # the size limits of dictionaries. For dictionaries that do not fit within 5283 # these constraints, consider using `LargeCustomDictionaryConfig` in the 5284 # `StoredInfoType` API. 5285 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 5286 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 5287 # at least one phrase and every phrase must contain at least 2 characters 5288 # that are letters or digits. [required] 5289 "A String", 5290 ], 5291 }, 5292 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 5293 # is accepted. 5294 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 5295 # Example: gs://[BUCKET_NAME]/dictionary.txt 5296 }, 5297 }, 5298 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in 5299 # `InspectDataSource`. Not currently supported in `InspectContent`. 5300 "name": "A String", # Resource name of the requested `StoredInfoType`, for example 5301 # `organizations/433245324/storedInfoTypes/432452342` or 5302 # `projects/project-id/storedInfoTypes/432452342`. 5303 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for 5304 # inspection was created. Output-only field, populated by the system. 5305 }, 5306 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType. 5307 # Rules are applied in order that they are specified. Not supported for the 5308 # `surrogate_type` CustomInfoType. 5309 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a 5310 # `CustomInfoType` to alter behavior under certain circumstances, depending 5311 # on the specific details of the rule. Not supported for the `surrogate_type` 5312 # custom infoType. 5313 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 5314 # proximity of hotwords. 5315 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 5316 # The total length of the window cannot exceed 1000 characters. Note that 5317 # the finding itself will be included in the window, so that hotwords may 5318 # be used to match substrings of the finding itself. For example, the 5319 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 5320 # adjusted upwards if the area code is known to be the local area code of 5321 # a company office using the hotword regex "\(xxx\)", where "xxx" 5322 # is the area code in question. 5323 # rule. 5324 "windowAfter": 42, # Number of characters after the finding to consider. 5325 "windowBefore": 42, # Number of characters before the finding to consider. 5326 }, 5327 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 5328 "pattern": "A String", # Pattern defining the regular expression. Its syntax 5329 # (https://github.com/google/re2/wiki/Syntax) can be found under the 5330 # google/re2 repository on GitHub. 5331 "groupIndexes": [ # The index of the submatch to extract as findings. When not 5332 # specified, the entire match is returned. No more than 3 may be included. 5333 42, 5334 ], 5335 }, 5336 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 5337 # part of a detection rule. 5338 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 5339 # levels. For example, if a finding would be `POSSIBLE` without the 5340 # detection rule and `relative_likelihood` is 1, then it is upgraded to 5341 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 5342 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 5343 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 5344 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 5345 # a final likelihood of `LIKELY`. 5346 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 5347 }, 5348 }, 5349 }, 5350 ], 5351 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding 5352 # to be returned. It still can be used for rules matching. 5353 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be 5354 # altered by a detection rule if the finding meets the criteria specified by 5355 # the rule. Defaults to `VERY_LIKELY` if not specified. 5356 }, 5357 ], 5358 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is 5359 # included in the response; see Finding.quote. 5360 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig. 5361 # Exclusion rules, contained in the set are executed in the end, other 5362 # rules are executed in the order they are specified for each info type. 5363 { # Rule set for modifying a set of infoTypes to alter behavior under certain 5364 # circumstances, depending on the specific details of the rules within the set. 5365 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order. 5366 { # A single inspection rule to be applied to infoTypes, specified in 5367 # `InspectionRuleSet`. 5368 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule. 5369 # proximity of hotwords. 5370 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside. 5371 # The total length of the window cannot exceed 1000 characters. Note that 5372 # the finding itself will be included in the window, so that hotwords may 5373 # be used to match substrings of the finding itself. For example, the 5374 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be 5375 # adjusted upwards if the area code is known to be the local area code of 5376 # a company office using the hotword regex "\(xxx\)", where "xxx" 5377 # is the area code in question. 5378 # rule. 5379 "windowAfter": 42, # Number of characters after the finding to consider. 5380 "windowBefore": 42, # Number of characters before the finding to consider. 5381 }, 5382 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword. 5383 "pattern": "A String", # Pattern defining the regular expression. Its syntax 5384 # (https://github.com/google/re2/wiki/Syntax) can be found under the 5385 # google/re2 repository on GitHub. 5386 "groupIndexes": [ # The index of the submatch to extract as findings. When not 5387 # specified, the entire match is returned. No more than 3 may be included. 5388 42, 5389 ], 5390 }, 5391 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings. 5392 # part of a detection rule. 5393 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of 5394 # levels. For example, if a finding would be `POSSIBLE` without the 5395 # detection rule and `relative_likelihood` is 1, then it is upgraded to 5396 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. 5397 # Likelihood may never drop below `VERY_UNLIKELY` or exceed 5398 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an 5399 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in 5400 # a final likelihood of `LIKELY`. 5401 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value. 5402 }, 5403 }, 5404 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule. 5405 # `InspectionRuleSet` are removed from results. 5406 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule. 5407 "pattern": "A String", # Pattern defining the regular expression. Its syntax 5408 # (https://github.com/google/re2/wiki/Syntax) can be found under the 5409 # google/re2 repository on GitHub. 5410 "groupIndexes": [ # The index of the submatch to extract as findings. When not 5411 # specified, the entire match is returned. No more than 3 may be included. 5412 42, 5413 ], 5414 }, 5415 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule. 5416 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or 5417 # contained within with a finding of an infoType from this list. For 5418 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and 5419 # `exclusion_rule` containing `exclude_info_types.info_types` with 5420 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap 5421 # with EMAIL_ADDRESS finding. 5422 # That leads to "555-222-2222@example.org" to generate only a single 5423 # finding, namely email address. 5424 { # Type of information detected by the API. 5425 "name": "A String", # Name of the information type. Either a name of your choosing when 5426 # creating a CustomInfoType, or one of the names listed 5427 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 5428 # a built-in type. InfoType names should conform to the pattern 5429 # [a-zA-Z0-9_]{1,64}. 5430 }, 5431 ], 5432 }, 5433 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule. 5434 # be used to match sensitive information specific to the data, such as a list 5435 # of employee IDs or job titles. 5436 # 5437 # Dictionary words are case-insensitive and all characters other than letters 5438 # and digits in the unicode [Basic Multilingual 5439 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) 5440 # will be replaced with whitespace when scanning for matches, so the 5441 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson", 5442 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters 5443 # surrounding any match must be of a different type than the adjacent 5444 # characters within the word, so letters must be next to non-letters and 5445 # digits next to non-digits. For example, the dictionary word "jen" will 5446 # match the first three letters of the text "jen123" but will return no 5447 # matches for "jennifer". 5448 # 5449 # Dictionary words containing a large number of characters that are not 5450 # letters or digits may result in unexpected findings because such characters 5451 # are treated as whitespace. The 5452 # [limits](https://cloud.google.com/dlp/limits) page contains details about 5453 # the size limits of dictionaries. For dictionaries that do not fit within 5454 # these constraints, consider using `LargeCustomDictionaryConfig` in the 5455 # `StoredInfoType` API. 5456 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for. 5457 "words": [ # Words or phrases defining the dictionary. The dictionary must contain 5458 # at least one phrase and every phrase must contain at least 2 characters 5459 # that are letters or digits. [required] 5460 "A String", 5461 ], 5462 }, 5463 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file 5464 # is accepted. 5465 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage. 5466 # Example: gs://[BUCKET_NAME]/dictionary.txt 5467 }, 5468 }, 5469 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details. 5470 }, 5471 }, 5472 ], 5473 "infoTypes": [ # List of infoTypes this rule set is applied to. 5474 { # Type of information detected by the API. 5475 "name": "A String", # Name of the information type. Either a name of your choosing when 5476 # creating a CustomInfoType, or one of the names listed 5477 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 5478 # a built-in type. InfoType names should conform to the pattern 5479 # [a-zA-Z0-9_]{1,64}. 5480 }, 5481 ], 5482 }, 5483 ], 5484 "contentOptions": [ # List of options defining data content to scan. 5485 # If empty, text, images, and other content will be included. 5486 "A String", 5487 ], 5488 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to 5489 # InfoType values returned by ListInfoTypes or listed at 5490 # https://cloud.google.com/dlp/docs/infotypes-reference. 5491 # 5492 # When no InfoTypes or CustomInfoTypes are specified in a request, the 5493 # system may automatically choose what detectors to run. By default this may 5494 # be all types, but may change over time as detectors are updated. 5495 # 5496 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors, 5497 # but may change over time as new InfoTypes are added. If you need precise 5498 # control and predictability as to what detectors are run you should specify 5499 # specific InfoTypes listed in the reference. 5500 { # Type of information detected by the API. 5501 "name": "A String", # Name of the information type. Either a name of your choosing when 5502 # creating a CustomInfoType, or one of the names listed 5503 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying 5504 # a built-in type. InfoType names should conform to the pattern 5505 # [a-zA-Z0-9_]{1,64}. 5506 }, 5507 ], 5508 }, 5509 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig. 5510 # `inspect_config` will be merged into the values persisted as part of the 5511 # template. 5512 "actions": [ # Actions to execute at the completion of the job. 5513 { # A task to execute on the completion of a job. 5514 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more. 5515 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location. 5516 # OutputStorageConfig. Only a single instance of this action can be 5517 # specified. 5518 # Compatible with: Inspect, Risk 5519 "outputConfig": { # Cloud repository for storing output. 5520 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing 5521 # dataset. If table_id is not set a new one will be generated 5522 # for you with the following format: 5523 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for 5524 # generating the date details. 5525 # 5526 # For Inspect, each column in an existing output table must have the same 5527 # name, type, and mode of a field in the `Finding` object. 5528 # 5529 # For Risk, an existing output table should be the output of a previous 5530 # Risk analysis job run on the same source table, with the same privacy 5531 # metric and quasi-identifiers. Risk jobs that analyze the same table but 5532 # compute a different privacy metric, or use different sets of 5533 # quasi-identifiers, cannot store their results in the same table. 5534 # identified by its project_id, dataset_id, and table_name. Within a query 5535 # a table is often referenced with a string in the format of: 5536 # `<project_id>:<dataset_id>.<table_id>` or 5537 # `<project_id>.<dataset_id>.<table_id>`. 5538 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table. 5539 # If omitted, project ID is inferred from the API call. 5540 "tableId": "A String", # Name of the table. 5541 "datasetId": "A String", # Dataset ID of the table. 5542 }, 5543 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only 5544 # used for Inspect and must be unspecified for Risk jobs. Columns are derived 5545 # from the `Finding` object. If appending to an existing table, any columns 5546 # from the predefined schema that are missing will be added. No columns in 5547 # the existing table will be deleted. 5548 # 5549 # If unspecified, then all available columns will be used for a new table or 5550 # an (existing) table with no schema, and no changes will be made to an 5551 # existing table that has a schema. 5552 }, 5553 }, 5554 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's 5555 # completion/failure. 5556 # completion/failure. 5557 }, 5558 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha). 5559 # Command Center (CSCC Alpha). 5560 # This action is only available for projects which are parts of 5561 # an organization and whitelisted for the alpha Cloud Security Command 5562 # Center. 5563 # The action will publish count of finding instances and their info types. 5564 # The summary of findings will be persisted in CSCC and are governed by CSCC 5565 # service-specific policy, see https://cloud.google.com/terms/service-terms 5566 # Only a single instance of this action can be specified. 5567 # Compatible with: Inspect 5568 }, 5569 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic. 5570 # message contains a single field, `DlpJobName`, which is equal to the 5571 # finished job's 5572 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). 5573 # Compatible with: Inspect, Risk 5574 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given 5575 # publishing access rights to the DLP API service account executing 5576 # the long running DlpJob sending the notifications. 5577 # Format is projects/{project}/topics/{topic}. 5578 }, 5579 }, 5580 ], 5581 }, 5582 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list 5583 # needs to trigger for a job to be started. The list may contain only 5584 # a single Schedule trigger and must have at least one object. 5585 { # What event needs to occur for a new job to be started. 5586 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time. 5587 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For 5588 # example: every day (86400 seconds). 5589 # 5590 # A scheduled start time will be skipped if the previous 5591 # execution has not ended when its scheduled time occurs. 5592 # 5593 # This value must be set to a time duration greater than or equal 5594 # to 1 day and can be no longer than 60 days. 5595 }, 5596 }, 5597 ], 5598 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field. 5599 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field. 5600 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the 5601 # triggeredJob is created, for example 5602 # `projects/dlp-test-project/triggeredJobs/53234423`. 5603 }</pre> 5604</div> 5605 5606</body></html>