Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-api-python-client / 715bd7f9ca9a324a05ee05a6476af383e54930f9 / . / docs / dyn / dlp_v2.projects.jobTriggers.html
blob: 54445c2bfe4c1f10449f6f3d4fe4fa6c8e5d22fb [file] [log] [blame]
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700[diff] [blame^]1<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="dlp_v2.html">Cloud Data Loss Prevention (DLP) API</a> . <a href="dlp_v2.projects.html">projects</a> . <a href="dlp_v2.projects.jobTriggers.html">jobTriggers</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78 <code><a href="#activate">activate(name, body=None, x__xgafv=None)</a></code></p>
79<p class="firstline">Activate a job trigger. Causes the immediate execute of a trigger</p>
80<p class="toc_element">
81 <code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
82<p class="firstline">Creates a job trigger to run DLP actions such as scanning storage for</p>
83<p class="toc_element">
84 <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
85<p class="firstline">Deletes a job trigger.</p>
86<p class="toc_element">
87 <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
88<p class="firstline">Gets a job trigger.</p>
89<p class="toc_element">
90 <code><a href="#list">list(parent, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None, filter=None)</a></code></p>
91<p class="firstline">Lists job triggers.</p>
92<p class="toc_element">
93 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
94<p class="firstline">Retrieves the next page of results.</p>
95<p class="toc_element">
96 <code><a href="#patch">patch(name, body, x__xgafv=None)</a></code></p>
97<p class="firstline">Updates a job trigger.</p>
98<h3>Method Details</h3>
99<div class="method">
100 <code class="details" id="activate">activate(name, body=None, x__xgafv=None)</code>
101 <pre>Activate a job trigger. Causes the immediate execute of a trigger
102instead of waiting on the trigger event to occur.
103
104Args:
105 name: string, Resource name of the trigger to activate, for example
106`projects/dlp-test-project/jobTriggers/53234423`. (required)
107 body: object, The request body.
108 The object takes the form of:
109
110{ # Request message for ActivateJobTrigger.
111 }
112
113 x__xgafv: string, V1 error format.
114 Allowed values
115 1 - v1 error format
116 2 - v2 error format
117
118Returns:
119 An object of the form:
120
121 { # Combines all of the information about a DLP job.
122 "errors": [ # A stream of errors encountered running the job.
123 { # Details information about an error encountered during job execution or
124 # the results of an unsuccessful activation of the JobTrigger.
125 # Output only field.
126 "timestamps": [ # The times the error occurred.
127 "A String",
128 ],
129 "details": { # The `Status` type defines a logical error model that is suitable for
130 # different programming environments, including REST APIs and RPC APIs. It is
131 # used by [gRPC](https://github.com/grpc). Each `Status` message contains
132 # three pieces of data: error code, error message, and error details.
133 #
134 # You can find out more about this error model and how to work with it in the
135 # [API Design Guide](https://cloud.google.com/apis/design/errors).
136 "message": "A String", # A developer-facing error message, which should be in English. Any
137 # user-facing error message should be localized and sent in the
138 # google.rpc.Status.details field, or localized by the client.
139 "code": 42, # The status code, which should be an enum value of google.rpc.Code.
140 "details": [ # A list of messages that carry the error details. There is a common set of
141 # message types for APIs to use.
142 {
143 "a_key": "", # Properties of the object. Contains field @type with type URL.
144 },
145 ],
146 },
147 },
148 ],
149 "name": "A String", # The server-assigned name.
150 "inspectDetails": { # The results of an inspect DataSource job. # Results from inspecting a data source.
151 "requestedOptions": { # The configuration used for this job.
152 "snapshotInspectTemplate": { # The inspectTemplate contains a configuration (set of types of sensitive data # If run with an InspectTemplate, a snapshot of its state at the time of
153 # this run.
154 # to be detected) to be used anywhere you otherwise would normally specify
155 # InspectConfig. See https://cloud.google.com/dlp/docs/concepts-templates
156 # to learn more.
157 "updateTime": "A String", # The last update timestamp of a inspectTemplate, output only field.
158 "displayName": "A String", # Display name (max 256 chars).
159 "description": "A String", # Short description (max 256 chars).
160 "inspectConfig": { # Configuration description of the scanning process. # The core content of the template. Configuration of the scanning process.
161 # When used with redactContent only info_types and min_likelihood are currently
162 # used.
163 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
164 "limits": {
165 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
166 # When set within `InspectContentRequest`, the maximum returned is 2000
167 # regardless if this is set higher.
168 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
169 { # Max findings configuration per infoType, per content item or long
170 # running DlpJob.
171 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
172 # info_type should be provided. If InfoTypeLimit does not have an
173 # info_type, the DLP API applies the limit against all info_types that
174 # are found but not specified in another InfoTypeLimit.
175 "name": "A String", # Name of the information type. Either a name of your choosing when
176 # creating a CustomInfoType, or one of the names listed
177 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
178 # a built-in type. InfoType names should conform to the pattern
179 # [a-zA-Z0-9_]{1,64}.
180 },
181 "maxFindings": 42, # Max findings limit for the given infoType.
182 },
183 ],
184 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
185 # When set within `InspectDataSourceRequest`,
186 # the maximum returned is 2000 regardless if this is set higher.
187 # When set within `InspectContentRequest`, this field is ignored.
188 },
189 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
190 # POSSIBLE.
191 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
192 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
193 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
194 { # Custom information type provided by the user. Used to find domain-specific
195 # sensitive information configurable to the data in question.
196 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
197 "pattern": "A String", # Pattern defining the regular expression. Its syntax
198 # (https://github.com/google/re2/wiki/Syntax) can be found under the
199 # google/re2 repository on GitHub.
200 "groupIndexes": [ # The index of the submatch to extract as findings. When not
201 # specified, the entire match is returned. No more than 3 may be included.
202 42,
203 ],
204 },
205 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
206 # support reversing.
207 # such as
208 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
209 # These types of transformations are
210 # those that perform pseudonymization, thereby producing a "surrogate" as
211 # output. This should be used in conjunction with a field on the
212 # transformation such as `surrogate_info_type`. This CustomInfoType does
213 # not support the use of `detection_rules`.
214 },
215 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
216 # infoType, when the name matches one of existing infoTypes and that infoType
217 # is specified in `InspectContent.info_types` field. Specifying the latter
218 # adds findings to the one detected by the system. If built-in info type is
219 # not specified in `InspectContent.info_types` list then the name is treated
220 # as a custom info type.
221 "name": "A String", # Name of the information type. Either a name of your choosing when
222 # creating a CustomInfoType, or one of the names listed
223 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
224 # a built-in type. InfoType names should conform to the pattern
225 # [a-zA-Z0-9_]{1,64}.
226 },
227 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
228 # be used to match sensitive information specific to the data, such as a list
229 # of employee IDs or job titles.
230 #
231 # Dictionary words are case-insensitive and all characters other than letters
232 # and digits in the unicode [Basic Multilingual
233 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
234 # will be replaced with whitespace when scanning for matches, so the
235 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
236 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
237 # surrounding any match must be of a different type than the adjacent
238 # characters within the word, so letters must be next to non-letters and
239 # digits next to non-digits. For example, the dictionary word "jen" will
240 # match the first three letters of the text "jen123" but will return no
241 # matches for "jennifer".
242 #
243 # Dictionary words containing a large number of characters that are not
244 # letters or digits may result in unexpected findings because such characters
245 # are treated as whitespace. The
246 # [limits](https://cloud.google.com/dlp/limits) page contains details about
247 # the size limits of dictionaries. For dictionaries that do not fit within
248 # these constraints, consider using `LargeCustomDictionaryConfig` in the
249 # `StoredInfoType` API.
250 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
251 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
252 # at least one phrase and every phrase must contain at least 2 characters
253 # that are letters or digits. [required]
254 "A String",
255 ],
256 },
257 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
258 # is accepted.
259 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
260 # Example: gs://[BUCKET_NAME]/dictionary.txt
261 },
262 },
263 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
264 # `InspectDataSource`. Not currently supported in `InspectContent`.
265 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
266 # `organizations/433245324/storedInfoTypes/432452342` or
267 # `projects/project-id/storedInfoTypes/432452342`.
268 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
269 # inspection was created. Output-only field, populated by the system.
270 },
271 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
272 # Rules are applied in order that they are specified. Not supported for the
273 # `surrogate_type` CustomInfoType.
274 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
275 # `CustomInfoType` to alter behavior under certain circumstances, depending
276 # on the specific details of the rule. Not supported for the `surrogate_type`
277 # custom infoType.
278 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
279 # proximity of hotwords.
280 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
281 # The total length of the window cannot exceed 1000 characters. Note that
282 # the finding itself will be included in the window, so that hotwords may
283 # be used to match substrings of the finding itself. For example, the
284 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
285 # adjusted upwards if the area code is known to be the local area code of
286 # a company office using the hotword regex "\(xxx\)", where "xxx"
287 # is the area code in question.
288 # rule.
289 "windowAfter": 42, # Number of characters after the finding to consider.
290 "windowBefore": 42, # Number of characters before the finding to consider.
291 },
292 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
293 "pattern": "A String", # Pattern defining the regular expression. Its syntax
294 # (https://github.com/google/re2/wiki/Syntax) can be found under the
295 # google/re2 repository on GitHub.
296 "groupIndexes": [ # The index of the submatch to extract as findings. When not
297 # specified, the entire match is returned. No more than 3 may be included.
298 42,
299 ],
300 },
301 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
302 # part of a detection rule.
303 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
304 # levels. For example, if a finding would be `POSSIBLE` without the
305 # detection rule and `relative_likelihood` is 1, then it is upgraded to
306 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
307 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
308 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
309 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
310 # a final likelihood of `LIKELY`.
311 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
312 },
313 },
314 },
315 ],
316 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
317 # to be returned. It still can be used for rules matching.
318 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
319 # altered by a detection rule if the finding meets the criteria specified by
320 # the rule. Defaults to `VERY_LIKELY` if not specified.
321 },
322 ],
323 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
324 # included in the response; see Finding.quote.
325 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
326 # Exclusion rules, contained in the set are executed in the end, other
327 # rules are executed in the order they are specified for each info type.
328 { # Rule set for modifying a set of infoTypes to alter behavior under certain
329 # circumstances, depending on the specific details of the rules within the set.
330 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
331 { # A single inspection rule to be applied to infoTypes, specified in
332 # `InspectionRuleSet`.
333 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
334 # proximity of hotwords.
335 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
336 # The total length of the window cannot exceed 1000 characters. Note that
337 # the finding itself will be included in the window, so that hotwords may
338 # be used to match substrings of the finding itself. For example, the
339 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
340 # adjusted upwards if the area code is known to be the local area code of
341 # a company office using the hotword regex "\(xxx\)", where "xxx"
342 # is the area code in question.
343 # rule.
344 "windowAfter": 42, # Number of characters after the finding to consider.
345 "windowBefore": 42, # Number of characters before the finding to consider.
346 },
347 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
348 "pattern": "A String", # Pattern defining the regular expression. Its syntax
349 # (https://github.com/google/re2/wiki/Syntax) can be found under the
350 # google/re2 repository on GitHub.
351 "groupIndexes": [ # The index of the submatch to extract as findings. When not
352 # specified, the entire match is returned. No more than 3 may be included.
353 42,
354 ],
355 },
356 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
357 # part of a detection rule.
358 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
359 # levels. For example, if a finding would be `POSSIBLE` without the
360 # detection rule and `relative_likelihood` is 1, then it is upgraded to
361 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
362 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
363 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
364 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
365 # a final likelihood of `LIKELY`.
366 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
367 },
368 },
369 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
370 # `InspectionRuleSet` are removed from results.
371 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
372 "pattern": "A String", # Pattern defining the regular expression. Its syntax
373 # (https://github.com/google/re2/wiki/Syntax) can be found under the
374 # google/re2 repository on GitHub.
375 "groupIndexes": [ # The index of the submatch to extract as findings. When not
376 # specified, the entire match is returned. No more than 3 may be included.
377 42,
378 ],
379 },
380 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
381 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
382 # contained within with a finding of an infoType from this list. For
383 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
384 # `exclusion_rule` containing `exclude_info_types.info_types` with
385 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
386 # with EMAIL_ADDRESS finding.
387 # That leads to "555-222-2222@example.org" to generate only a single
388 # finding, namely email address.
389 { # Type of information detected by the API.
390 "name": "A String", # Name of the information type. Either a name of your choosing when
391 # creating a CustomInfoType, or one of the names listed
392 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
393 # a built-in type. InfoType names should conform to the pattern
394 # [a-zA-Z0-9_]{1,64}.
395 },
396 ],
397 },
398 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
399 # be used to match sensitive information specific to the data, such as a list
400 # of employee IDs or job titles.
401 #
402 # Dictionary words are case-insensitive and all characters other than letters
403 # and digits in the unicode [Basic Multilingual
404 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
405 # will be replaced with whitespace when scanning for matches, so the
406 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
407 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
408 # surrounding any match must be of a different type than the adjacent
409 # characters within the word, so letters must be next to non-letters and
410 # digits next to non-digits. For example, the dictionary word "jen" will
411 # match the first three letters of the text "jen123" but will return no
412 # matches for "jennifer".
413 #
414 # Dictionary words containing a large number of characters that are not
415 # letters or digits may result in unexpected findings because such characters
416 # are treated as whitespace. The
417 # [limits](https://cloud.google.com/dlp/limits) page contains details about
418 # the size limits of dictionaries. For dictionaries that do not fit within
419 # these constraints, consider using `LargeCustomDictionaryConfig` in the
420 # `StoredInfoType` API.
421 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
422 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
423 # at least one phrase and every phrase must contain at least 2 characters
424 # that are letters or digits. [required]
425 "A String",
426 ],
427 },
428 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
429 # is accepted.
430 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
431 # Example: gs://[BUCKET_NAME]/dictionary.txt
432 },
433 },
434 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
435 },
436 },
437 ],
438 "infoTypes": [ # List of infoTypes this rule set is applied to.
439 { # Type of information detected by the API.
440 "name": "A String", # Name of the information type. Either a name of your choosing when
441 # creating a CustomInfoType, or one of the names listed
442 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
443 # a built-in type. InfoType names should conform to the pattern
444 # [a-zA-Z0-9_]{1,64}.
445 },
446 ],
447 },
448 ],
449 "contentOptions": [ # List of options defining data content to scan.
450 # If empty, text, images, and other content will be included.
451 "A String",
452 ],
453 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
454 # InfoType values returned by ListInfoTypes or listed at
455 # https://cloud.google.com/dlp/docs/infotypes-reference.
456 #
457 # When no InfoTypes or CustomInfoTypes are specified in a request, the
458 # system may automatically choose what detectors to run. By default this may
459 # be all types, but may change over time as detectors are updated.
460 #
461 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
462 # but may change over time as new InfoTypes are added. If you need precise
463 # control and predictability as to what detectors are run you should specify
464 # specific InfoTypes listed in the reference.
465 { # Type of information detected by the API.
466 "name": "A String", # Name of the information type. Either a name of your choosing when
467 # creating a CustomInfoType, or one of the names listed
468 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
469 # a built-in type. InfoType names should conform to the pattern
470 # [a-zA-Z0-9_]{1,64}.
471 },
472 ],
473 },
474 "createTime": "A String", # The creation timestamp of a inspectTemplate, output only field.
475 "name": "A String", # The template name. Output only.
476 #
477 # The template will have one of the following formats:
478 # `projects/PROJECT_ID/inspectTemplates/TEMPLATE_ID` OR
479 # `organizations/ORGANIZATION_ID/inspectTemplates/TEMPLATE_ID`
480 },
481 "jobConfig": {
482 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan.
483 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification.
484 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always
485 # by project and namespace, however the namespace ID may be empty.
486 # A partition ID identifies a grouping of entities. The grouping is always
487 # by project and namespace, however the namespace ID may be empty.
488 #
489 # A partition ID contains several dimensions:
490 # project ID and namespace ID.
491 "projectId": "A String", # The ID of the project to which the entities belong.
492 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
493 },
494 "kind": { # A representation of a Datastore kind. # The kind to process.
495 "name": "A String", # The name of the kind.
496 },
497 },
498 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification.
499 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip
500 # inspection of entire columns which you know have no findings.
501 { # General identifier of a data field in a storage service.
502 "name": "A String", # Name describing the field.
503 },
504 ],
505 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the
506 # rest of the rows are omitted. If not set, or if set to 0, all rows will be
507 # scanned. Only one of rows_limit and rows_limit_percent can be specified.
508 # Cannot be used in conjunction with TimespanConfig.
509 "sampleMethod": "A String",
510 "identifyingFields": [ # References to fields uniquely identifying rows within the table.
511 # Nested fields in the format, like `person.birthdate.year`, are allowed.
512 { # General identifier of a data field in a storage service.
513 "name": "A String", # Name describing the field.
514 },
515 ],
516 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows
517 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
518 # 100 means no limit. Defaults to 0. Only one of rows_limit and
519 # rows_limit_percent can be specified. Cannot be used in conjunction with
520 # TimespanConfig.
521 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference.
522 # identified by its project_id, dataset_id, and table_name. Within a query
523 # a table is often referenced with a string in the format of:
524 # `<project_id>:<dataset_id>.<table_id>` or
525 # `<project_id>.<dataset_id>.<table_id>`.
526 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
527 # If omitted, project ID is inferred from the API call.
528 "tableId": "A String", # Name of the table.
529 "datasetId": "A String", # Dataset ID of the table.
530 },
531 },
532 "timespanConfig": { # Configuration of the timespan of the items to include in scanning.
533 # Currently only supported when inspecting Google Cloud Storage and BigQuery.
534 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items.
535 # Used for data sources like Datastore or BigQuery.
536 # If not specified for BigQuery, table last modification timestamp
537 # is checked against given time span.
538 # The valid data types of the timestamp field are:
539 # for BigQuery - timestamp, date, datetime;
540 # for Datastore - timestamp.
541 # Datastore entity will be scanned if the timestamp property does not exist
542 # or its value is empty or invalid.
543 "name": "A String", # Name describing the field.
544 },
545 "endTime": "A String", # Exclude files or rows newer than this value.
546 # If set to zero, no upper time limit is applied.
547 "startTime": "A String", # Exclude files or rows older than this value.
548 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out
549 # a valid start_time to avoid scanning files that have not been modified
550 # since the last time the JobTrigger executed. This will be based on the
551 # time of the execution of the last run of the JobTrigger.
552 },
553 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification.
554 # bucket.
555 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger
556 # than this value then the rest of the bytes are omitted. Only one
557 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
558 "sampleMethod": "A String",
559 "fileSet": { # Set of files to scan. # The set of one or more files to scan.
560 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format
561 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
562 #
563 # If the url ends in a trailing slash, the bucket or directory represented
564 # by the url will be scanned non-recursively (content in sub-directories
565 # will not be scanned). This means that `gs://mybucket/` is equivalent to
566 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
567 # `gs://mybucket/directory/*`.
568 #
569 # Exactly one of `url` or `regex_file_set` must be set.
570 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or
571 # `regex_file_set` must be set.
572 # expressions are used to allow fine-grained control over which files in the
573 # bucket to include.
574 #
575 # Included files are those that match at least one item in `include_regex` and
576 # do not match any items in `exclude_regex`. Note that a file that matches
577 # items from both lists will _not_ be included. For a match to occur, the
578 # entire file path (i.e., everything in the url after the bucket name) must
579 # match the regular expression.
580 #
581 # For example, given the input `{bucket_name: "mybucket", include_regex:
582 # ["directory1/.*"], exclude_regex:
583 # ["directory1/excluded.*"]}`:
584 #
585 # * `gs://mybucket/directory1/myfile` will be included
586 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
587 # across `/`)
588 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
589 # full path doesn't match any items in `include_regex`)
590 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
591 # matches an item in `exclude_regex`)
592 #
593 # If `include_regex` is left empty, it will match all files by default
594 # (this is equivalent to setting `include_regex: [".*"]`).
595 #
596 # Some other common use cases:
597 #
598 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
599 # files in `mybucket` except for .pdf files
600 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
601 # include all files directly under `gs://mybucket/directory/`, without matching
602 # across `/`
603 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in
604 # the bucket that match at least one of these regular expressions will be
605 # excluded from the scan.
606 #
607 # Regular expressions use RE2
608 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
609 # under the google/re2 repository on GitHub.
610 "A String",
611 ],
612 "bucketName": "A String", # The name of a Cloud Storage bucket. Required.
613 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in
614 # the bucket that match at least one of these regular expressions will be
615 # included in the set of files, except for those that also match an item in
616 # `exclude_regex`. Leaving this field empty will match all files by default
617 # (this is equivalent to including `.*` in the list).
618 #
619 # Regular expressions use RE2
620 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
621 # under the google/re2 repository on GitHub.
622 "A String",
623 ],
624 },
625 },
626 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The
627 # number of bytes scanned is rounded down. Must be between 0 and 100,
628 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
629 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
630 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet.
631 # Number of files scanned is rounded down. Must be between 0 and 100,
632 # inclusively. Both 0 and 100 means no limit. Defaults to 0.
633 "fileTypes": [ # List of file type groups to include in the scan.
634 # If empty, all files are scanned and available data format processors
635 # are applied. In addition, the binary content of the selected files
636 # is always scanned as well.
637 "A String",
638 ],
639 },
640 },
641 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for.
642 # When used with redactContent only info_types and min_likelihood are currently
643 # used.
644 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
645 "limits": {
646 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
647 # When set within `InspectContentRequest`, the maximum returned is 2000
648 # regardless if this is set higher.
649 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
650 { # Max findings configuration per infoType, per content item or long
651 # running DlpJob.
652 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
653 # info_type should be provided. If InfoTypeLimit does not have an
654 # info_type, the DLP API applies the limit against all info_types that
655 # are found but not specified in another InfoTypeLimit.
656 "name": "A String", # Name of the information type. Either a name of your choosing when
657 # creating a CustomInfoType, or one of the names listed
658 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
659 # a built-in type. InfoType names should conform to the pattern
660 # [a-zA-Z0-9_]{1,64}.
661 },
662 "maxFindings": 42, # Max findings limit for the given infoType.
663 },
664 ],
665 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
666 # When set within `InspectDataSourceRequest`,
667 # the maximum returned is 2000 regardless if this is set higher.
668 # When set within `InspectContentRequest`, this field is ignored.
669 },
670 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
671 # POSSIBLE.
672 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
673 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
674 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
675 { # Custom information type provided by the user. Used to find domain-specific
676 # sensitive information configurable to the data in question.
677 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
678 "pattern": "A String", # Pattern defining the regular expression. Its syntax
679 # (https://github.com/google/re2/wiki/Syntax) can be found under the
680 # google/re2 repository on GitHub.
681 "groupIndexes": [ # The index of the submatch to extract as findings. When not
682 # specified, the entire match is returned. No more than 3 may be included.
683 42,
684 ],
685 },
686 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
687 # support reversing.
688 # such as
689 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
690 # These types of transformations are
691 # those that perform pseudonymization, thereby producing a "surrogate" as
692 # output. This should be used in conjunction with a field on the
693 # transformation such as `surrogate_info_type`. This CustomInfoType does
694 # not support the use of `detection_rules`.
695 },
696 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
697 # infoType, when the name matches one of existing infoTypes and that infoType
698 # is specified in `InspectContent.info_types` field. Specifying the latter
699 # adds findings to the one detected by the system. If built-in info type is
700 # not specified in `InspectContent.info_types` list then the name is treated
701 # as a custom info type.
702 "name": "A String", # Name of the information type. Either a name of your choosing when
703 # creating a CustomInfoType, or one of the names listed
704 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
705 # a built-in type. InfoType names should conform to the pattern
706 # [a-zA-Z0-9_]{1,64}.
707 },
708 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
709 # be used to match sensitive information specific to the data, such as a list
710 # of employee IDs or job titles.
711 #
712 # Dictionary words are case-insensitive and all characters other than letters
713 # and digits in the unicode [Basic Multilingual
714 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
715 # will be replaced with whitespace when scanning for matches, so the
716 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
717 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
718 # surrounding any match must be of a different type than the adjacent
719 # characters within the word, so letters must be next to non-letters and
720 # digits next to non-digits. For example, the dictionary word "jen" will
721 # match the first three letters of the text "jen123" but will return no
722 # matches for "jennifer".
723 #
724 # Dictionary words containing a large number of characters that are not
725 # letters or digits may result in unexpected findings because such characters
726 # are treated as whitespace. The
727 # [limits](https://cloud.google.com/dlp/limits) page contains details about
728 # the size limits of dictionaries. For dictionaries that do not fit within
729 # these constraints, consider using `LargeCustomDictionaryConfig` in the
730 # `StoredInfoType` API.
731 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
732 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
733 # at least one phrase and every phrase must contain at least 2 characters
734 # that are letters or digits. [required]
735 "A String",
736 ],
737 },
738 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
739 # is accepted.
740 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
741 # Example: gs://[BUCKET_NAME]/dictionary.txt
742 },
743 },
744 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
745 # `InspectDataSource`. Not currently supported in `InspectContent`.
746 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
747 # `organizations/433245324/storedInfoTypes/432452342` or
748 # `projects/project-id/storedInfoTypes/432452342`.
749 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
750 # inspection was created. Output-only field, populated by the system.
751 },
752 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
753 # Rules are applied in order that they are specified. Not supported for the
754 # `surrogate_type` CustomInfoType.
755 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
756 # `CustomInfoType` to alter behavior under certain circumstances, depending
757 # on the specific details of the rule. Not supported for the `surrogate_type`
758 # custom infoType.
759 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
760 # proximity of hotwords.
761 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
762 # The total length of the window cannot exceed 1000 characters. Note that
763 # the finding itself will be included in the window, so that hotwords may
764 # be used to match substrings of the finding itself. For example, the
765 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
766 # adjusted upwards if the area code is known to be the local area code of
767 # a company office using the hotword regex "\(xxx\)", where "xxx"
768 # is the area code in question.
769 # rule.
770 "windowAfter": 42, # Number of characters after the finding to consider.
771 "windowBefore": 42, # Number of characters before the finding to consider.
772 },
773 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
774 "pattern": "A String", # Pattern defining the regular expression. Its syntax
775 # (https://github.com/google/re2/wiki/Syntax) can be found under the
776 # google/re2 repository on GitHub.
777 "groupIndexes": [ # The index of the submatch to extract as findings. When not
778 # specified, the entire match is returned. No more than 3 may be included.
779 42,
780 ],
781 },
782 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
783 # part of a detection rule.
784 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
785 # levels. For example, if a finding would be `POSSIBLE` without the
786 # detection rule and `relative_likelihood` is 1, then it is upgraded to
787 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
788 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
789 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
790 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
791 # a final likelihood of `LIKELY`.
792 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
793 },
794 },
795 },
796 ],
797 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
798 # to be returned. It still can be used for rules matching.
799 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
800 # altered by a detection rule if the finding meets the criteria specified by
801 # the rule. Defaults to `VERY_LIKELY` if not specified.
802 },
803 ],
804 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
805 # included in the response; see Finding.quote.
806 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
807 # Exclusion rules, contained in the set are executed in the end, other
808 # rules are executed in the order they are specified for each info type.
809 { # Rule set for modifying a set of infoTypes to alter behavior under certain
810 # circumstances, depending on the specific details of the rules within the set.
811 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
812 { # A single inspection rule to be applied to infoTypes, specified in
813 # `InspectionRuleSet`.
814 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
815 # proximity of hotwords.
816 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
817 # The total length of the window cannot exceed 1000 characters. Note that
818 # the finding itself will be included in the window, so that hotwords may
819 # be used to match substrings of the finding itself. For example, the
820 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
821 # adjusted upwards if the area code is known to be the local area code of
822 # a company office using the hotword regex "\(xxx\)", where "xxx"
823 # is the area code in question.
824 # rule.
825 "windowAfter": 42, # Number of characters after the finding to consider.
826 "windowBefore": 42, # Number of characters before the finding to consider.
827 },
828 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
829 "pattern": "A String", # Pattern defining the regular expression. Its syntax
830 # (https://github.com/google/re2/wiki/Syntax) can be found under the
831 # google/re2 repository on GitHub.
832 "groupIndexes": [ # The index of the submatch to extract as findings. When not
833 # specified, the entire match is returned. No more than 3 may be included.
834 42,
835 ],
836 },
837 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
838 # part of a detection rule.
839 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
840 # levels. For example, if a finding would be `POSSIBLE` without the
841 # detection rule and `relative_likelihood` is 1, then it is upgraded to
842 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
843 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
844 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
845 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
846 # a final likelihood of `LIKELY`.
847 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
848 },
849 },
850 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
851 # `InspectionRuleSet` are removed from results.
852 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
853 "pattern": "A String", # Pattern defining the regular expression. Its syntax
854 # (https://github.com/google/re2/wiki/Syntax) can be found under the
855 # google/re2 repository on GitHub.
856 "groupIndexes": [ # The index of the submatch to extract as findings. When not
857 # specified, the entire match is returned. No more than 3 may be included.
858 42,
859 ],
860 },
861 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
862 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
863 # contained within with a finding of an infoType from this list. For
864 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
865 # `exclusion_rule` containing `exclude_info_types.info_types` with
866 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
867 # with EMAIL_ADDRESS finding.
868 # That leads to "555-222-2222@example.org" to generate only a single
869 # finding, namely email address.
870 { # Type of information detected by the API.
871 "name": "A String", # Name of the information type. Either a name of your choosing when
872 # creating a CustomInfoType, or one of the names listed
873 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
874 # a built-in type. InfoType names should conform to the pattern
875 # [a-zA-Z0-9_]{1,64}.
876 },
877 ],
878 },
879 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
880 # be used to match sensitive information specific to the data, such as a list
881 # of employee IDs or job titles.
882 #
883 # Dictionary words are case-insensitive and all characters other than letters
884 # and digits in the unicode [Basic Multilingual
885 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
886 # will be replaced with whitespace when scanning for matches, so the
887 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
888 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
889 # surrounding any match must be of a different type than the adjacent
890 # characters within the word, so letters must be next to non-letters and
891 # digits next to non-digits. For example, the dictionary word "jen" will
892 # match the first three letters of the text "jen123" but will return no
893 # matches for "jennifer".
894 #
895 # Dictionary words containing a large number of characters that are not
896 # letters or digits may result in unexpected findings because such characters
897 # are treated as whitespace. The
898 # [limits](https://cloud.google.com/dlp/limits) page contains details about
899 # the size limits of dictionaries. For dictionaries that do not fit within
900 # these constraints, consider using `LargeCustomDictionaryConfig` in the
901 # `StoredInfoType` API.
902 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
903 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
904 # at least one phrase and every phrase must contain at least 2 characters
905 # that are letters or digits. [required]
906 "A String",
907 ],
908 },
909 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
910 # is accepted.
911 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
912 # Example: gs://[BUCKET_NAME]/dictionary.txt
913 },
914 },
915 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
916 },
917 },
918 ],
919 "infoTypes": [ # List of infoTypes this rule set is applied to.
920 { # Type of information detected by the API.
921 "name": "A String", # Name of the information type. Either a name of your choosing when
922 # creating a CustomInfoType, or one of the names listed
923 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
924 # a built-in type. InfoType names should conform to the pattern
925 # [a-zA-Z0-9_]{1,64}.
926 },
927 ],
928 },
929 ],
930 "contentOptions": [ # List of options defining data content to scan.
931 # If empty, text, images, and other content will be included.
932 "A String",
933 ],
934 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
935 # InfoType values returned by ListInfoTypes or listed at
936 # https://cloud.google.com/dlp/docs/infotypes-reference.
937 #
938 # When no InfoTypes or CustomInfoTypes are specified in a request, the
939 # system may automatically choose what detectors to run. By default this may
940 # be all types, but may change over time as detectors are updated.
941 #
942 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
943 # but may change over time as new InfoTypes are added. If you need precise
944 # control and predictability as to what detectors are run you should specify
945 # specific InfoTypes listed in the reference.
946 { # Type of information detected by the API.
947 "name": "A String", # Name of the information type. Either a name of your choosing when
948 # creating a CustomInfoType, or one of the names listed
949 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
950 # a built-in type. InfoType names should conform to the pattern
951 # [a-zA-Z0-9_]{1,64}.
952 },
953 ],
954 },
955 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig.
956 # `inspect_config` will be merged into the values persisted as part of the
957 # template.
958 "actions": [ # Actions to execute at the completion of the job.
959 { # A task to execute on the completion of a job.
960 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
961 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location.
962 # OutputStorageConfig. Only a single instance of this action can be
963 # specified.
964 # Compatible with: Inspect, Risk
965 "outputConfig": { # Cloud repository for storing output.
966 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing
967 # dataset. If table_id is not set a new one will be generated
968 # for you with the following format:
969 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
970 # generating the date details.
971 #
972 # For Inspect, each column in an existing output table must have the same
973 # name, type, and mode of a field in the `Finding` object.
974 #
975 # For Risk, an existing output table should be the output of a previous
976 # Risk analysis job run on the same source table, with the same privacy
977 # metric and quasi-identifiers. Risk jobs that analyze the same table but
978 # compute a different privacy metric, or use different sets of
979 # quasi-identifiers, cannot store their results in the same table.
980 # identified by its project_id, dataset_id, and table_name. Within a query
981 # a table is often referenced with a string in the format of:
982 # `<project_id>:<dataset_id>.<table_id>` or
983 # `<project_id>.<dataset_id>.<table_id>`.
984 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
985 # If omitted, project ID is inferred from the API call.
986 "tableId": "A String", # Name of the table.
987 "datasetId": "A String", # Dataset ID of the table.
988 },
989 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only
990 # used for Inspect and must be unspecified for Risk jobs. Columns are derived
991 # from the `Finding` object. If appending to an existing table, any columns
992 # from the predefined schema that are missing will be added. No columns in
993 # the existing table will be deleted.
994 #
995 # If unspecified, then all available columns will be used for a new table or
996 # an (existing) table with no schema, and no changes will be made to an
997 # existing table that has a schema.
998 },
999 },
1000 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's
1001 # completion/failure.
1002 # completion/failure.
1003 },
1004 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha).
1005 # Command Center (CSCC Alpha).
1006 # This action is only available for projects which are parts of
1007 # an organization and whitelisted for the alpha Cloud Security Command
1008 # Center.
1009 # The action will publish count of finding instances and their info types.
1010 # The summary of findings will be persisted in CSCC and are governed by CSCC
1011 # service-specific policy, see https://cloud.google.com/terms/service-terms
1012 # Only a single instance of this action can be specified.
1013 # Compatible with: Inspect
1014 },
1015 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic.
1016 # message contains a single field, `DlpJobName`, which is equal to the
1017 # finished job's
1018 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
1019 # Compatible with: Inspect, Risk
1020 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given
1021 # publishing access rights to the DLP API service account executing
1022 # the long running DlpJob sending the notifications.
1023 # Format is projects/{project}/topics/{topic}.
1024 },
1025 },
1026 ],
1027 },
1028 },
1029 "result": { # All result fields mentioned below are updated while the job is processing. # A summary of the outcome of this inspect job.
1030 "infoTypeStats": [ # Statistics of how many instances of each info type were found during
1031 # inspect job.
1032 { # Statistics regarding a specific InfoType.
1033 "count": "A String", # Number of findings for this infoType.
1034 "infoType": { # Type of information detected by the API. # The type of finding this stat is for.
1035 "name": "A String", # Name of the information type. Either a name of your choosing when
1036 # creating a CustomInfoType, or one of the names listed
1037 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
1038 # a built-in type. InfoType names should conform to the pattern
1039 # [a-zA-Z0-9_]{1,64}.
1040 },
1041 },
1042 ],
1043 "totalEstimatedBytes": "A String", # Estimate of the number of bytes to process.
1044 "processedBytes": "A String", # Total size in bytes that were processed.
1045 },
1046 },
1047 "riskDetails": { # Result of a risk analysis operation request. # Results from analyzing risk of a data source.
1048 "numericalStatsResult": { # Result of the numerical stats computation.
1049 "quantileValues": [ # List of 99 values that partition the set of field values into 100 equal
1050 # sized buckets.
1051 { # Set of primitive values supported by the system.
1052 # Note that for the purposes of inspection or transformation, the number
1053 # of bytes considered to comprise a 'Value' is based on its representation
1054 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1055 # 123456789, the number of bytes would be counted as 9, even though an
1056 # int64 only holds up to 8 bytes of data.
1057 "floatValue": 3.14,
1058 "timestampValue": "A String",
1059 "dayOfWeekValue": "A String",
1060 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1061 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1062 # types are google.type.Date and `google.protobuf.Timestamp`.
1063 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1064 # to allow the value "24:00:00" for scenarios like business closing time.
1065 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1066 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1067 # allow the value 60 if it allows leap-seconds.
1068 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1069 },
1070 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1071 # and time zone are either specified elsewhere or are not significant. The date
1072 # is relative to the Proleptic Gregorian Calendar. This can represent:
1073 #
1074 # * A full date, with non-zero year, month and day values
1075 # * A month and day value, with a zero year, e.g. an anniversary
1076 # * A year on its own, with zero month and day values
1077 # * A year and month value, with a zero day, e.g. a credit card expiration date
1078 #
1079 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1080 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1081 # a year.
1082 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1083 # if specifying a year by itself or a year and month where the day is not
1084 # significant.
1085 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1086 # month and day.
1087 },
1088 "stringValue": "A String",
1089 "booleanValue": True or False,
1090 "integerValue": "A String",
1091 },
1092 ],
1093 "maxValue": { # Set of primitive values supported by the system. # Maximum value appearing in the column.
1094 # Note that for the purposes of inspection or transformation, the number
1095 # of bytes considered to comprise a 'Value' is based on its representation
1096 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1097 # 123456789, the number of bytes would be counted as 9, even though an
1098 # int64 only holds up to 8 bytes of data.
1099 "floatValue": 3.14,
1100 "timestampValue": "A String",
1101 "dayOfWeekValue": "A String",
1102 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1103 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1104 # types are google.type.Date and `google.protobuf.Timestamp`.
1105 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1106 # to allow the value "24:00:00" for scenarios like business closing time.
1107 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1108 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1109 # allow the value 60 if it allows leap-seconds.
1110 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1111 },
1112 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1113 # and time zone are either specified elsewhere or are not significant. The date
1114 # is relative to the Proleptic Gregorian Calendar. This can represent:
1115 #
1116 # * A full date, with non-zero year, month and day values
1117 # * A month and day value, with a zero year, e.g. an anniversary
1118 # * A year on its own, with zero month and day values
1119 # * A year and month value, with a zero day, e.g. a credit card expiration date
1120 #
1121 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1122 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1123 # a year.
1124 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1125 # if specifying a year by itself or a year and month where the day is not
1126 # significant.
1127 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1128 # month and day.
1129 },
1130 "stringValue": "A String",
1131 "booleanValue": True or False,
1132 "integerValue": "A String",
1133 },
1134 "minValue": { # Set of primitive values supported by the system. # Minimum value appearing in the column.
1135 # Note that for the purposes of inspection or transformation, the number
1136 # of bytes considered to comprise a 'Value' is based on its representation
1137 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1138 # 123456789, the number of bytes would be counted as 9, even though an
1139 # int64 only holds up to 8 bytes of data.
1140 "floatValue": 3.14,
1141 "timestampValue": "A String",
1142 "dayOfWeekValue": "A String",
1143 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1144 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1145 # types are google.type.Date and `google.protobuf.Timestamp`.
1146 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1147 # to allow the value "24:00:00" for scenarios like business closing time.
1148 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1149 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1150 # allow the value 60 if it allows leap-seconds.
1151 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1152 },
1153 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1154 # and time zone are either specified elsewhere or are not significant. The date
1155 # is relative to the Proleptic Gregorian Calendar. This can represent:
1156 #
1157 # * A full date, with non-zero year, month and day values
1158 # * A month and day value, with a zero year, e.g. an anniversary
1159 # * A year on its own, with zero month and day values
1160 # * A year and month value, with a zero day, e.g. a credit card expiration date
1161 #
1162 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1163 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1164 # a year.
1165 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1166 # if specifying a year by itself or a year and month where the day is not
1167 # significant.
1168 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1169 # month and day.
1170 },
1171 "stringValue": "A String",
1172 "booleanValue": True or False,
1173 "integerValue": "A String",
1174 },
1175 },
1176 "kMapEstimationResult": { # Result of the reidentifiability analysis. Note that these results are an
1177 # estimation, not exact values.
1178 "kMapEstimationHistogram": [ # The intervals [min_anonymity, max_anonymity] do not overlap. If a value
1179 # doesn't correspond to any such interval, the associated frequency is
1180 # zero. For example, the following records:
1181 # {min_anonymity: 1, max_anonymity: 1, frequency: 17}
1182 # {min_anonymity: 2, max_anonymity: 3, frequency: 42}
1183 # {min_anonymity: 5, max_anonymity: 10, frequency: 99}
1184 # mean that there are no record with an estimated anonymity of 4, 5, or
1185 # larger than 10.
1186 { # A KMapEstimationHistogramBucket message with the following values:
1187 # min_anonymity: 3
1188 # max_anonymity: 5
1189 # frequency: 42
1190 # means that there are 42 records whose quasi-identifier values correspond
1191 # to 3, 4 or 5 people in the overlying population. An important particular
1192 # case is when min_anonymity = max_anonymity = 1: the frequency field then
1193 # corresponds to the number of uniquely identifiable records.
1194 "bucketValues": [ # Sample of quasi-identifier tuple values in this bucket. The total
1195 # number of classes returned per bucket is capped at 20.
1196 { # A tuple of values for the quasi-identifier columns.
1197 "estimatedAnonymity": "A String", # The estimated anonymity for these quasi-identifier values.
1198 "quasiIdsValues": [ # The quasi-identifier values.
1199 { # Set of primitive values supported by the system.
1200 # Note that for the purposes of inspection or transformation, the number
1201 # of bytes considered to comprise a 'Value' is based on its representation
1202 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1203 # 123456789, the number of bytes would be counted as 9, even though an
1204 # int64 only holds up to 8 bytes of data.
1205 "floatValue": 3.14,
1206 "timestampValue": "A String",
1207 "dayOfWeekValue": "A String",
1208 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1209 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1210 # types are google.type.Date and `google.protobuf.Timestamp`.
1211 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1212 # to allow the value "24:00:00" for scenarios like business closing time.
1213 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1214 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1215 # allow the value 60 if it allows leap-seconds.
1216 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1217 },
1218 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1219 # and time zone are either specified elsewhere or are not significant. The date
1220 # is relative to the Proleptic Gregorian Calendar. This can represent:
1221 #
1222 # * A full date, with non-zero year, month and day values
1223 # * A month and day value, with a zero year, e.g. an anniversary
1224 # * A year on its own, with zero month and day values
1225 # * A year and month value, with a zero day, e.g. a credit card expiration date
1226 #
1227 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1228 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1229 # a year.
1230 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1231 # if specifying a year by itself or a year and month where the day is not
1232 # significant.
1233 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1234 # month and day.
1235 },
1236 "stringValue": "A String",
1237 "booleanValue": True or False,
1238 "integerValue": "A String",
1239 },
1240 ],
1241 },
1242 ],
1243 "minAnonymity": "A String", # Always positive.
1244 "bucketValueCount": "A String", # Total number of distinct quasi-identifier tuple values in this bucket.
1245 "maxAnonymity": "A String", # Always greater than or equal to min_anonymity.
1246 "bucketSize": "A String", # Number of records within these anonymity bounds.
1247 },
1248 ],
1249 },
1250 "kAnonymityResult": { # Result of the k-anonymity computation.
1251 "equivalenceClassHistogramBuckets": [ # Histogram of k-anonymity equivalence classes.
1252 {
1253 "bucketValues": [ # Sample of equivalence classes in this bucket. The total number of
1254 # classes returned per bucket is capped at 20.
1255 { # The set of columns' values that share the same ldiversity value
1256 "quasiIdsValues": [ # Set of values defining the equivalence class. One value per
1257 # quasi-identifier column in the original KAnonymity metric message.
1258 # The order is always the same as the original request.
1259 { # Set of primitive values supported by the system.
1260 # Note that for the purposes of inspection or transformation, the number
1261 # of bytes considered to comprise a 'Value' is based on its representation
1262 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1263 # 123456789, the number of bytes would be counted as 9, even though an
1264 # int64 only holds up to 8 bytes of data.
1265 "floatValue": 3.14,
1266 "timestampValue": "A String",
1267 "dayOfWeekValue": "A String",
1268 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1269 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1270 # types are google.type.Date and `google.protobuf.Timestamp`.
1271 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1272 # to allow the value "24:00:00" for scenarios like business closing time.
1273 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1274 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1275 # allow the value 60 if it allows leap-seconds.
1276 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1277 },
1278 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1279 # and time zone are either specified elsewhere or are not significant. The date
1280 # is relative to the Proleptic Gregorian Calendar. This can represent:
1281 #
1282 # * A full date, with non-zero year, month and day values
1283 # * A month and day value, with a zero year, e.g. an anniversary
1284 # * A year on its own, with zero month and day values
1285 # * A year and month value, with a zero day, e.g. a credit card expiration date
1286 #
1287 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1288 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1289 # a year.
1290 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1291 # if specifying a year by itself or a year and month where the day is not
1292 # significant.
1293 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1294 # month and day.
1295 },
1296 "stringValue": "A String",
1297 "booleanValue": True or False,
1298 "integerValue": "A String",
1299 },
1300 ],
1301 "equivalenceClassSize": "A String", # Size of the equivalence class, for example number of rows with the
1302 # above set of values.
1303 },
1304 ],
1305 "bucketValueCount": "A String", # Total number of distinct equivalence classes in this bucket.
1306 "equivalenceClassSizeLowerBound": "A String", # Lower bound on the size of the equivalence classes in this bucket.
1307 "equivalenceClassSizeUpperBound": "A String", # Upper bound on the size of the equivalence classes in this bucket.
1308 "bucketSize": "A String", # Total number of equivalence classes in this bucket.
1309 },
1310 ],
1311 },
1312 "lDiversityResult": { # Result of the l-diversity computation.
1313 "sensitiveValueFrequencyHistogramBuckets": [ # Histogram of l-diversity equivalence class sensitive value frequencies.
1314 {
1315 "bucketValues": [ # Sample of equivalence classes in this bucket. The total number of
1316 # classes returned per bucket is capped at 20.
1317 { # The set of columns' values that share the same ldiversity value.
1318 "numDistinctSensitiveValues": "A String", # Number of distinct sensitive values in this equivalence class.
1319 "quasiIdsValues": [ # Quasi-identifier values defining the k-anonymity equivalence
1320 # class. The order is always the same as the original request.
1321 { # Set of primitive values supported by the system.
1322 # Note that for the purposes of inspection or transformation, the number
1323 # of bytes considered to comprise a 'Value' is based on its representation
1324 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1325 # 123456789, the number of bytes would be counted as 9, even though an
1326 # int64 only holds up to 8 bytes of data.
1327 "floatValue": 3.14,
1328 "timestampValue": "A String",
1329 "dayOfWeekValue": "A String",
1330 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1331 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1332 # types are google.type.Date and `google.protobuf.Timestamp`.
1333 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1334 # to allow the value "24:00:00" for scenarios like business closing time.
1335 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1336 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1337 # allow the value 60 if it allows leap-seconds.
1338 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1339 },
1340 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1341 # and time zone are either specified elsewhere or are not significant. The date
1342 # is relative to the Proleptic Gregorian Calendar. This can represent:
1343 #
1344 # * A full date, with non-zero year, month and day values
1345 # * A month and day value, with a zero year, e.g. an anniversary
1346 # * A year on its own, with zero month and day values
1347 # * A year and month value, with a zero day, e.g. a credit card expiration date
1348 #
1349 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1350 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1351 # a year.
1352 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1353 # if specifying a year by itself or a year and month where the day is not
1354 # significant.
1355 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1356 # month and day.
1357 },
1358 "stringValue": "A String",
1359 "booleanValue": True or False,
1360 "integerValue": "A String",
1361 },
1362 ],
1363 "topSensitiveValues": [ # Estimated frequencies of top sensitive values.
1364 { # A value of a field, including its frequency.
1365 "count": "A String", # How many times the value is contained in the field.
1366 "value": { # Set of primitive values supported by the system. # A value contained in the field in question.
1367 # Note that for the purposes of inspection or transformation, the number
1368 # of bytes considered to comprise a 'Value' is based on its representation
1369 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1370 # 123456789, the number of bytes would be counted as 9, even though an
1371 # int64 only holds up to 8 bytes of data.
1372 "floatValue": 3.14,
1373 "timestampValue": "A String",
1374 "dayOfWeekValue": "A String",
1375 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1376 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1377 # types are google.type.Date and `google.protobuf.Timestamp`.
1378 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1379 # to allow the value "24:00:00" for scenarios like business closing time.
1380 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1381 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1382 # allow the value 60 if it allows leap-seconds.
1383 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1384 },
1385 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1386 # and time zone are either specified elsewhere or are not significant. The date
1387 # is relative to the Proleptic Gregorian Calendar. This can represent:
1388 #
1389 # * A full date, with non-zero year, month and day values
1390 # * A month and day value, with a zero year, e.g. an anniversary
1391 # * A year on its own, with zero month and day values
1392 # * A year and month value, with a zero day, e.g. a credit card expiration date
1393 #
1394 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1395 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1396 # a year.
1397 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1398 # if specifying a year by itself or a year and month where the day is not
1399 # significant.
1400 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1401 # month and day.
1402 },
1403 "stringValue": "A String",
1404 "booleanValue": True or False,
1405 "integerValue": "A String",
1406 },
1407 },
1408 ],
1409 "equivalenceClassSize": "A String", # Size of the k-anonymity equivalence class.
1410 },
1411 ],
1412 "bucketValueCount": "A String", # Total number of distinct equivalence classes in this bucket.
1413 "bucketSize": "A String", # Total number of equivalence classes in this bucket.
1414 "sensitiveValueFrequencyUpperBound": "A String", # Upper bound on the sensitive value frequencies of the equivalence
1415 # classes in this bucket.
1416 "sensitiveValueFrequencyLowerBound": "A String", # Lower bound on the sensitive value frequencies of the equivalence
1417 # classes in this bucket.
1418 },
1419 ],
1420 },
1421 "requestedPrivacyMetric": { # Privacy metric to compute for reidentification risk analysis. # Privacy metric to compute.
1422 "numericalStatsConfig": { # Compute numerical stats over an individual column, including
1423 # min, max, and quantiles.
1424 "field": { # General identifier of a data field in a storage service. # Field to compute numerical stats on. Supported types are
1425 # integer, float, date, datetime, timestamp, time.
1426 "name": "A String", # Name describing the field.
1427 },
1428 },
1429 "kMapEstimationConfig": { # Reidentifiability metric. This corresponds to a risk model similar to what
1430 # is called "journalist risk" in the literature, except the attack dataset is
1431 # statistically modeled instead of being perfectly known. This can be done
1432 # using publicly available data (like the US Census), or using a custom
1433 # statistical model (indicated as one or several BigQuery tables), or by
1434 # extrapolating from the distribution of values in the input dataset.
1435 # A column with a semantic tag attached.
1436 "regionCode": "A String", # ISO 3166-1 alpha-2 region code to use in the statistical modeling.
1437 # Required if no column is tagged with a region-specific InfoType (like
1438 # US_ZIP_5) or a region code.
1439 "quasiIds": [ # Fields considered to be quasi-identifiers. No two columns can have the
1440 # same tag. [required]
1441 {
1442 "field": { # General identifier of a data field in a storage service. # Identifies the column. [required]
1443 "name": "A String", # Name describing the field.
1444 },
1445 "customTag": "A String", # A column can be tagged with a custom tag. In this case, the user must
1446 # indicate an auxiliary table that contains statistical information on
1447 # the possible values of this column (below).
1448 "infoType": { # Type of information detected by the API. # A column can be tagged with a InfoType to use the relevant public
1449 # dataset as a statistical model of population, if available. We
1450 # currently support US ZIP codes, region codes, ages and genders.
1451 # To programmatically obtain the list of supported InfoTypes, use
1452 # ListInfoTypes with the supported_by=RISK_ANALYSIS filter.
1453 "name": "A String", # Name of the information type. Either a name of your choosing when
1454 # creating a CustomInfoType, or one of the names listed
1455 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
1456 # a built-in type. InfoType names should conform to the pattern
1457 # [a-zA-Z0-9_]{1,64}.
1458 },
1459 "inferred": { # A generic empty message that you can re-use to avoid defining duplicated # If no semantic tag is indicated, we infer the statistical model from
1460 # the distribution of values in the input data
1461 # empty messages in your APIs. A typical example is to use it as the request
1462 # or the response type of an API method. For instance:
1463 #
1464 # service Foo {
1465 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
1466 # }
1467 #
1468 # The JSON representation for `Empty` is empty JSON object `{}`.
1469 },
1470 },
1471 ],
1472 "auxiliaryTables": [ # Several auxiliary tables can be used in the analysis. Each custom_tag
1473 # used to tag a quasi-identifiers column must appear in exactly one column
1474 # of one auxiliary table.
1475 { # An auxiliary table contains statistical information on the relative
1476 # frequency of different quasi-identifiers values. It has one or several
1477 # quasi-identifiers columns, and one column that indicates the relative
1478 # frequency of each quasi-identifier tuple.
1479 # If a tuple is present in the data but not in the auxiliary table, the
1480 # corresponding relative frequency is assumed to be zero (and thus, the
1481 # tuple is highly reidentifiable).
1482 "relativeFrequency": { # General identifier of a data field in a storage service. # The relative frequency column must contain a floating-point number
1483 # between 0 and 1 (inclusive). Null values are assumed to be zero.
1484 # [required]
1485 "name": "A String", # Name describing the field.
1486 },
1487 "quasiIds": [ # Quasi-identifier columns. [required]
1488 { # A quasi-identifier column has a custom_tag, used to know which column
1489 # in the data corresponds to which column in the statistical model.
1490 "field": { # General identifier of a data field in a storage service.
1491 "name": "A String", # Name describing the field.
1492 },
1493 "customTag": "A String",
1494 },
1495 ],
1496 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Auxiliary table location. [required]
1497 # identified by its project_id, dataset_id, and table_name. Within a query
1498 # a table is often referenced with a string in the format of:
1499 # `<project_id>:<dataset_id>.<table_id>` or
1500 # `<project_id>.<dataset_id>.<table_id>`.
1501 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
1502 # If omitted, project ID is inferred from the API call.
1503 "tableId": "A String", # Name of the table.
1504 "datasetId": "A String", # Dataset ID of the table.
1505 },
1506 },
1507 ],
1508 },
1509 "lDiversityConfig": { # l-diversity metric, used for analysis of reidentification risk.
1510 "sensitiveAttribute": { # General identifier of a data field in a storage service. # Sensitive field for computing the l-value.
1511 "name": "A String", # Name describing the field.
1512 },
1513 "quasiIds": [ # Set of quasi-identifiers indicating how equivalence classes are
1514 # defined for the l-diversity computation. When multiple fields are
1515 # specified, they are considered a single composite key.
1516 { # General identifier of a data field in a storage service.
1517 "name": "A String", # Name describing the field.
1518 },
1519 ],
1520 },
1521 "deltaPresenceEstimationConfig": { # δ-presence metric, used to estimate how likely it is for an attacker to
1522 # figure out that one given individual appears in a de-identified dataset.
1523 # Similarly to the k-map metric, we cannot compute δ-presence exactly without
1524 # knowing the attack dataset, so we use a statistical model instead.
1525 "regionCode": "A String", # ISO 3166-1 alpha-2 region code to use in the statistical modeling.
1526 # Required if no column is tagged with a region-specific InfoType (like
1527 # US_ZIP_5) or a region code.
1528 "quasiIds": [ # Fields considered to be quasi-identifiers. No two fields can have the
1529 # same tag. [required]
1530 { # A column with a semantic tag attached.
1531 "field": { # General identifier of a data field in a storage service. # Identifies the column. [required]
1532 "name": "A String", # Name describing the field.
1533 },
1534 "customTag": "A String", # A column can be tagged with a custom tag. In this case, the user must
1535 # indicate an auxiliary table that contains statistical information on
1536 # the possible values of this column (below).
1537 "infoType": { # Type of information detected by the API. # A column can be tagged with a InfoType to use the relevant public
1538 # dataset as a statistical model of population, if available. We
1539 # currently support US ZIP codes, region codes, ages and genders.
1540 # To programmatically obtain the list of supported InfoTypes, use
1541 # ListInfoTypes with the supported_by=RISK_ANALYSIS filter.
1542 "name": "A String", # Name of the information type. Either a name of your choosing when
1543 # creating a CustomInfoType, or one of the names listed
1544 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
1545 # a built-in type. InfoType names should conform to the pattern
1546 # [a-zA-Z0-9_]{1,64}.
1547 },
1548 "inferred": { # A generic empty message that you can re-use to avoid defining duplicated # If no semantic tag is indicated, we infer the statistical model from
1549 # the distribution of values in the input data
1550 # empty messages in your APIs. A typical example is to use it as the request
1551 # or the response type of an API method. For instance:
1552 #
1553 # service Foo {
1554 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
1555 # }
1556 #
1557 # The JSON representation for `Empty` is empty JSON object `{}`.
1558 },
1559 },
1560 ],
1561 "auxiliaryTables": [ # Several auxiliary tables can be used in the analysis. Each custom_tag
1562 # used to tag a quasi-identifiers field must appear in exactly one
1563 # field of one auxiliary table.
1564 { # An auxiliary table containing statistical information on the relative
1565 # frequency of different quasi-identifiers values. It has one or several
1566 # quasi-identifiers columns, and one column that indicates the relative
1567 # frequency of each quasi-identifier tuple.
1568 # If a tuple is present in the data but not in the auxiliary table, the
1569 # corresponding relative frequency is assumed to be zero (and thus, the
1570 # tuple is highly reidentifiable).
1571 "relativeFrequency": { # General identifier of a data field in a storage service. # The relative frequency column must contain a floating-point number
1572 # between 0 and 1 (inclusive). Null values are assumed to be zero.
1573 # [required]
1574 "name": "A String", # Name describing the field.
1575 },
1576 "quasiIds": [ # Quasi-identifier columns. [required]
1577 { # A quasi-identifier column has a custom_tag, used to know which column
1578 # in the data corresponds to which column in the statistical model.
1579 "field": { # General identifier of a data field in a storage service.
1580 "name": "A String", # Name describing the field.
1581 },
1582 "customTag": "A String",
1583 },
1584 ],
1585 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Auxiliary table location. [required]
1586 # identified by its project_id, dataset_id, and table_name. Within a query
1587 # a table is often referenced with a string in the format of:
1588 # `<project_id>:<dataset_id>.<table_id>` or
1589 # `<project_id>.<dataset_id>.<table_id>`.
1590 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
1591 # If omitted, project ID is inferred from the API call.
1592 "tableId": "A String", # Name of the table.
1593 "datasetId": "A String", # Dataset ID of the table.
1594 },
1595 },
1596 ],
1597 },
1598 "categoricalStatsConfig": { # Compute numerical stats over an individual column, including
1599 # number of distinct values and value count distribution.
1600 "field": { # General identifier of a data field in a storage service. # Field to compute categorical stats on. All column types are
1601 # supported except for arrays and structs. However, it may be more
1602 # informative to use NumericalStats when the field type is supported,
1603 # depending on the data.
1604 "name": "A String", # Name describing the field.
1605 },
1606 },
1607 "kAnonymityConfig": { # k-anonymity metric, used for analysis of reidentification risk.
1608 "entityId": { # An entity in a dataset is a field or set of fields that correspond to a # Optional message indicating that multiple rows might be associated to a
1609 # single individual. If the same entity_id is associated to multiple
1610 # quasi-identifier tuples over distinct rows, we consider the entire
1611 # collection of tuples as the composite quasi-identifier. This collection
1612 # is a multiset: the order in which the different tuples appear in the
1613 # dataset is ignored, but their frequency is taken into account.
1614 #
1615 # Important note: a maximum of 1000 rows can be associated to a single
1616 # entity ID. If more rows are associated with the same entity ID, some
1617 # might be ignored.
1618 # single person. For example, in medical records the `EntityId` might be a
1619 # patient identifier, or for financial records it might be an account
1620 # identifier. This message is used when generalizations or analysis must take
1621 # into account that multiple rows correspond to the same entity.
1622 "field": { # General identifier of a data field in a storage service. # Composite key indicating which field contains the entity identifier.
1623 "name": "A String", # Name describing the field.
1624 },
1625 },
1626 "quasiIds": [ # Set of fields to compute k-anonymity over. When multiple fields are
1627 # specified, they are considered a single composite key. Structs and
1628 # repeated data types are not supported; however, nested fields are
1629 # supported so long as they are not structs themselves or nested within
1630 # a repeated field.
1631 { # General identifier of a data field in a storage service.
1632 "name": "A String", # Name describing the field.
1633 },
1634 ],
1635 },
1636 },
1637 "categoricalStatsResult": { # Result of the categorical stats computation.
1638 "valueFrequencyHistogramBuckets": [ # Histogram of value frequencies in the column.
1639 {
1640 "bucketValues": [ # Sample of value frequencies in this bucket. The total number of
1641 # values returned per bucket is capped at 20.
1642 { # A value of a field, including its frequency.
1643 "count": "A String", # How many times the value is contained in the field.
1644 "value": { # Set of primitive values supported by the system. # A value contained in the field in question.
1645 # Note that for the purposes of inspection or transformation, the number
1646 # of bytes considered to comprise a 'Value' is based on its representation
1647 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1648 # 123456789, the number of bytes would be counted as 9, even though an
1649 # int64 only holds up to 8 bytes of data.
1650 "floatValue": 3.14,
1651 "timestampValue": "A String",
1652 "dayOfWeekValue": "A String",
1653 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1654 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1655 # types are google.type.Date and `google.protobuf.Timestamp`.
1656 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1657 # to allow the value "24:00:00" for scenarios like business closing time.
1658 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1659 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1660 # allow the value 60 if it allows leap-seconds.
1661 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1662 },
1663 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1664 # and time zone are either specified elsewhere or are not significant. The date
1665 # is relative to the Proleptic Gregorian Calendar. This can represent:
1666 #
1667 # * A full date, with non-zero year, month and day values
1668 # * A month and day value, with a zero year, e.g. an anniversary
1669 # * A year on its own, with zero month and day values
1670 # * A year and month value, with a zero day, e.g. a credit card expiration date
1671 #
1672 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1673 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1674 # a year.
1675 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1676 # if specifying a year by itself or a year and month where the day is not
1677 # significant.
1678 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1679 # month and day.
1680 },
1681 "stringValue": "A String",
1682 "booleanValue": True or False,
1683 "integerValue": "A String",
1684 },
1685 },
1686 ],
1687 "bucketValueCount": "A String", # Total number of distinct values in this bucket.
1688 "valueFrequencyUpperBound": "A String", # Upper bound on the value frequency of the values in this bucket.
1689 "valueFrequencyLowerBound": "A String", # Lower bound on the value frequency of the values in this bucket.
1690 "bucketSize": "A String", # Total number of values in this bucket.
1691 },
1692 ],
1693 },
1694 "deltaPresenceEstimationResult": { # Result of the δ-presence computation. Note that these results are an
1695 # estimation, not exact values.
1696 "deltaPresenceEstimationHistogram": [ # The intervals [min_probability, max_probability) do not overlap. If a
1697 # value doesn't correspond to any such interval, the associated frequency
1698 # is zero. For example, the following records:
1699 # {min_probability: 0, max_probability: 0.1, frequency: 17}
1700 # {min_probability: 0.2, max_probability: 0.3, frequency: 42}
1701 # {min_probability: 0.3, max_probability: 0.4, frequency: 99}
1702 # mean that there are no record with an estimated probability in [0.1, 0.2)
1703 # nor larger or equal to 0.4.
1704 { # A DeltaPresenceEstimationHistogramBucket message with the following
1705 # values:
1706 # min_probability: 0.1
1707 # max_probability: 0.2
1708 # frequency: 42
1709 # means that there are 42 records for which δ is in [0.1, 0.2). An
1710 # important particular case is when min_probability = max_probability = 1:
1711 # then, every individual who shares this quasi-identifier combination is in
1712 # the dataset.
1713 "bucketValues": [ # Sample of quasi-identifier tuple values in this bucket. The total
1714 # number of classes returned per bucket is capped at 20.
1715 { # A tuple of values for the quasi-identifier columns.
1716 "quasiIdsValues": [ # The quasi-identifier values.
1717 { # Set of primitive values supported by the system.
1718 # Note that for the purposes of inspection or transformation, the number
1719 # of bytes considered to comprise a 'Value' is based on its representation
1720 # as a UTF-8 encoded string. For example, if 'integer_value' is set to
1721 # 123456789, the number of bytes would be counted as 9, even though an
1722 # int64 only holds up to 8 bytes of data.
1723 "floatValue": 3.14,
1724 "timestampValue": "A String",
1725 "dayOfWeekValue": "A String",
1726 "timeValue": { # Represents a time of day. The date and time zone are either not significant
1727 # or are specified elsewhere. An API may choose to allow leap seconds. Related
1728 # types are google.type.Date and `google.protobuf.Timestamp`.
1729 "hours": 42, # Hours of day in 24 hour format. Should be from 0 to 23. An API may choose
1730 # to allow the value "24:00:00" for scenarios like business closing time.
1731 "nanos": 42, # Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.
1732 "seconds": 42, # Seconds of minutes of the time. Must normally be from 0 to 59. An API may
1733 # allow the value 60 if it allows leap-seconds.
1734 "minutes": 42, # Minutes of hour of day. Must be from 0 to 59.
1735 },
1736 "dateValue": { # Represents a whole or partial calendar date, e.g. a birthday. The time of day
1737 # and time zone are either specified elsewhere or are not significant. The date
1738 # is relative to the Proleptic Gregorian Calendar. This can represent:
1739 #
1740 # * A full date, with non-zero year, month and day values
1741 # * A month and day value, with a zero year, e.g. an anniversary
1742 # * A year on its own, with zero month and day values
1743 # * A year and month value, with a zero day, e.g. a credit card expiration date
1744 #
1745 # Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`.
1746 "year": 42, # Year of date. Must be from 1 to 9999, or 0 if specifying a date without
1747 # a year.
1748 "day": 42, # Day of month. Must be from 1 to 31 and valid for the year and month, or 0
1749 # if specifying a year by itself or a year and month where the day is not
1750 # significant.
1751 "month": 42, # Month of year. Must be from 1 to 12, or 0 if specifying a year without a
1752 # month and day.
1753 },
1754 "stringValue": "A String",
1755 "booleanValue": True or False,
1756 "integerValue": "A String",
1757 },
1758 ],
1759 "estimatedProbability": 3.14, # The estimated probability that a given individual sharing these
1760 # quasi-identifier values is in the dataset. This value, typically called
1761 # δ, is the ratio between the number of records in the dataset with these
1762 # quasi-identifier values, and the total number of individuals (inside
1763 # *and* outside the dataset) with these quasi-identifier values.
1764 # For example, if there are 15 individuals in the dataset who share the
1765 # same quasi-identifier values, and an estimated 100 people in the entire
1766 # population with these values, then δ is 0.15.
1767 },
1768 ],
1769 "bucketValueCount": "A String", # Total number of distinct quasi-identifier tuple values in this bucket.
1770 "bucketSize": "A String", # Number of records within these probability bounds.
1771 "maxProbability": 3.14, # Always greater than or equal to min_probability.
1772 "minProbability": 3.14, # Between 0 and 1.
1773 },
1774 ],
1775 },
1776 "requestedSourceTable": { # Message defining the location of a BigQuery table. A table is uniquely # Input dataset to compute metrics over.
1777 # identified by its project_id, dataset_id, and table_name. Within a query
1778 # a table is often referenced with a string in the format of:
1779 # `<project_id>:<dataset_id>.<table_id>` or
1780 # `<project_id>.<dataset_id>.<table_id>`.
1781 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
1782 # If omitted, project ID is inferred from the API call.
1783 "tableId": "A String", # Name of the table.
1784 "datasetId": "A String", # Dataset ID of the table.
1785 },
1786 },
1787 "state": "A String", # State of a job.
1788 "jobTriggerName": "A String", # If created by a job trigger, the resource name of the trigger that
1789 # instantiated the job.
1790 "startTime": "A String", # Time when the job started.
1791 "endTime": "A String", # Time when the job finished.
1792 "type": "A String", # The type of job.
1793 "createTime": "A String", # Time when the job was created.
1794 }</pre>
1795</div>
1796
1797<div class="method">
1798 <code class="details" id="create">create(parent, body, x__xgafv=None)</code>
1799 <pre>Creates a job trigger to run DLP actions such as scanning storage for
1800sensitive information on a set schedule.
1801See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
1802
1803Args:
1804 parent: string, The parent resource name, for example projects/my-project-id. (required)
1805 body: object, The request body. (required)
1806 The object takes the form of:
1807
1808{ # Request message for CreateJobTrigger.
1809 "triggerId": "A String", # The trigger id can contain uppercase and lowercase letters,
1810 # numbers, and hyphens; that is, it must match the regular
1811 # expression: `[a-zA-Z\\d-_]+`. The maximum length is 100
1812 # characters. Can be empty to allow the system to generate one.
1813 "jobTrigger": { # Contains a configuration to make dlp api calls on a repeating basis. # The JobTrigger to create.
1814 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
1815 "status": "A String", # A status for this trigger. [required]
1816 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field.
1817 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated
1818 # errors may result in the JobTrigger automatically being paused.
1819 # Will return the last 100 errors. Whenever the JobTrigger is modified
1820 # this list will be cleared. Output only field.
1821 { # Details information about an error encountered during job execution or
1822 # the results of an unsuccessful activation of the JobTrigger.
1823 # Output only field.
1824 "timestamps": [ # The times the error occurred.
1825 "A String",
1826 ],
1827 "details": { # The `Status` type defines a logical error model that is suitable for
1828 # different programming environments, including REST APIs and RPC APIs. It is
1829 # used by [gRPC](https://github.com/grpc). Each `Status` message contains
1830 # three pieces of data: error code, error message, and error details.
1831 #
1832 # You can find out more about this error model and how to work with it in the
1833 # [API Design Guide](https://cloud.google.com/apis/design/errors).
1834 "message": "A String", # A developer-facing error message, which should be in English. Any
1835 # user-facing error message should be localized and sent in the
1836 # google.rpc.Status.details field, or localized by the client.
1837 "code": 42, # The status code, which should be an enum value of google.rpc.Code.
1838 "details": [ # A list of messages that carry the error details. There is a common set of
1839 # message types for APIs to use.
1840 {
1841 "a_key": "", # Properties of the object. Contains field @type with type URL.
1842 },
1843 ],
1844 },
1845 },
1846 ],
1847 "displayName": "A String", # Display name (max 100 chars)
1848 "description": "A String", # User provided description (max 256 chars)
1849 "inspectJob": {
1850 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan.
1851 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification.
1852 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always
1853 # by project and namespace, however the namespace ID may be empty.
1854 # A partition ID identifies a grouping of entities. The grouping is always
1855 # by project and namespace, however the namespace ID may be empty.
1856 #
1857 # A partition ID contains several dimensions:
1858 # project ID and namespace ID.
1859 "projectId": "A String", # The ID of the project to which the entities belong.
1860 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
1861 },
1862 "kind": { # A representation of a Datastore kind. # The kind to process.
1863 "name": "A String", # The name of the kind.
1864 },
1865 },
1866 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification.
1867 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip
1868 # inspection of entire columns which you know have no findings.
1869 { # General identifier of a data field in a storage service.
1870 "name": "A String", # Name describing the field.
1871 },
1872 ],
1873 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the
1874 # rest of the rows are omitted. If not set, or if set to 0, all rows will be
1875 # scanned. Only one of rows_limit and rows_limit_percent can be specified.
1876 # Cannot be used in conjunction with TimespanConfig.
1877 "sampleMethod": "A String",
1878 "identifyingFields": [ # References to fields uniquely identifying rows within the table.
1879 # Nested fields in the format, like `person.birthdate.year`, are allowed.
1880 { # General identifier of a data field in a storage service.
1881 "name": "A String", # Name describing the field.
1882 },
1883 ],
1884 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows
1885 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
1886 # 100 means no limit. Defaults to 0. Only one of rows_limit and
1887 # rows_limit_percent can be specified. Cannot be used in conjunction with
1888 # TimespanConfig.
1889 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference.
1890 # identified by its project_id, dataset_id, and table_name. Within a query
1891 # a table is often referenced with a string in the format of:
1892 # `<project_id>:<dataset_id>.<table_id>` or
1893 # `<project_id>.<dataset_id>.<table_id>`.
1894 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
1895 # If omitted, project ID is inferred from the API call.
1896 "tableId": "A String", # Name of the table.
1897 "datasetId": "A String", # Dataset ID of the table.
1898 },
1899 },
1900 "timespanConfig": { # Configuration of the timespan of the items to include in scanning.
1901 # Currently only supported when inspecting Google Cloud Storage and BigQuery.
1902 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items.
1903 # Used for data sources like Datastore or BigQuery.
1904 # If not specified for BigQuery, table last modification timestamp
1905 # is checked against given time span.
1906 # The valid data types of the timestamp field are:
1907 # for BigQuery - timestamp, date, datetime;
1908 # for Datastore - timestamp.
1909 # Datastore entity will be scanned if the timestamp property does not exist
1910 # or its value is empty or invalid.
1911 "name": "A String", # Name describing the field.
1912 },
1913 "endTime": "A String", # Exclude files or rows newer than this value.
1914 # If set to zero, no upper time limit is applied.
1915 "startTime": "A String", # Exclude files or rows older than this value.
1916 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out
1917 # a valid start_time to avoid scanning files that have not been modified
1918 # since the last time the JobTrigger executed. This will be based on the
1919 # time of the execution of the last run of the JobTrigger.
1920 },
1921 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification.
1922 # bucket.
1923 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger
1924 # than this value then the rest of the bytes are omitted. Only one
1925 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
1926 "sampleMethod": "A String",
1927 "fileSet": { # Set of files to scan. # The set of one or more files to scan.
1928 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format
1929 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
1930 #
1931 # If the url ends in a trailing slash, the bucket or directory represented
1932 # by the url will be scanned non-recursively (content in sub-directories
1933 # will not be scanned). This means that `gs://mybucket/` is equivalent to
1934 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
1935 # `gs://mybucket/directory/*`.
1936 #
1937 # Exactly one of `url` or `regex_file_set` must be set.
1938 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or
1939 # `regex_file_set` must be set.
1940 # expressions are used to allow fine-grained control over which files in the
1941 # bucket to include.
1942 #
1943 # Included files are those that match at least one item in `include_regex` and
1944 # do not match any items in `exclude_regex`. Note that a file that matches
1945 # items from both lists will _not_ be included. For a match to occur, the
1946 # entire file path (i.e., everything in the url after the bucket name) must
1947 # match the regular expression.
1948 #
1949 # For example, given the input `{bucket_name: "mybucket", include_regex:
1950 # ["directory1/.*"], exclude_regex:
1951 # ["directory1/excluded.*"]}`:
1952 #
1953 # * `gs://mybucket/directory1/myfile` will be included
1954 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
1955 # across `/`)
1956 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
1957 # full path doesn't match any items in `include_regex`)
1958 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
1959 # matches an item in `exclude_regex`)
1960 #
1961 # If `include_regex` is left empty, it will match all files by default
1962 # (this is equivalent to setting `include_regex: [".*"]`).
1963 #
1964 # Some other common use cases:
1965 #
1966 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
1967 # files in `mybucket` except for .pdf files
1968 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
1969 # include all files directly under `gs://mybucket/directory/`, without matching
1970 # across `/`
1971 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in
1972 # the bucket that match at least one of these regular expressions will be
1973 # excluded from the scan.
1974 #
1975 # Regular expressions use RE2
1976 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
1977 # under the google/re2 repository on GitHub.
1978 "A String",
1979 ],
1980 "bucketName": "A String", # The name of a Cloud Storage bucket. Required.
1981 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in
1982 # the bucket that match at least one of these regular expressions will be
1983 # included in the set of files, except for those that also match an item in
1984 # `exclude_regex`. Leaving this field empty will match all files by default
1985 # (this is equivalent to including `.*` in the list).
1986 #
1987 # Regular expressions use RE2
1988 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
1989 # under the google/re2 repository on GitHub.
1990 "A String",
1991 ],
1992 },
1993 },
1994 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The
1995 # number of bytes scanned is rounded down. Must be between 0 and 100,
1996 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
1997 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
1998 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet.
1999 # Number of files scanned is rounded down. Must be between 0 and 100,
2000 # inclusively. Both 0 and 100 means no limit. Defaults to 0.
2001 "fileTypes": [ # List of file type groups to include in the scan.
2002 # If empty, all files are scanned and available data format processors
2003 # are applied. In addition, the binary content of the selected files
2004 # is always scanned as well.
2005 "A String",
2006 ],
2007 },
2008 },
2009 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for.
2010 # When used with redactContent only info_types and min_likelihood are currently
2011 # used.
2012 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
2013 "limits": {
2014 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
2015 # When set within `InspectContentRequest`, the maximum returned is 2000
2016 # regardless if this is set higher.
2017 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
2018 { # Max findings configuration per infoType, per content item or long
2019 # running DlpJob.
2020 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
2021 # info_type should be provided. If InfoTypeLimit does not have an
2022 # info_type, the DLP API applies the limit against all info_types that
2023 # are found but not specified in another InfoTypeLimit.
2024 "name": "A String", # Name of the information type. Either a name of your choosing when
2025 # creating a CustomInfoType, or one of the names listed
2026 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2027 # a built-in type. InfoType names should conform to the pattern
2028 # [a-zA-Z0-9_]{1,64}.
2029 },
2030 "maxFindings": 42, # Max findings limit for the given infoType.
2031 },
2032 ],
2033 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
2034 # When set within `InspectDataSourceRequest`,
2035 # the maximum returned is 2000 regardless if this is set higher.
2036 # When set within `InspectContentRequest`, this field is ignored.
2037 },
2038 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
2039 # POSSIBLE.
2040 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
2041 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
2042 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
2043 { # Custom information type provided by the user. Used to find domain-specific
2044 # sensitive information configurable to the data in question.
2045 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
2046 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2047 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2048 # google/re2 repository on GitHub.
2049 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2050 # specified, the entire match is returned. No more than 3 may be included.
2051 42,
2052 ],
2053 },
2054 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
2055 # support reversing.
2056 # such as
2057 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
2058 # These types of transformations are
2059 # those that perform pseudonymization, thereby producing a "surrogate" as
2060 # output. This should be used in conjunction with a field on the
2061 # transformation such as `surrogate_info_type`. This CustomInfoType does
2062 # not support the use of `detection_rules`.
2063 },
2064 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
2065 # infoType, when the name matches one of existing infoTypes and that infoType
2066 # is specified in `InspectContent.info_types` field. Specifying the latter
2067 # adds findings to the one detected by the system. If built-in info type is
2068 # not specified in `InspectContent.info_types` list then the name is treated
2069 # as a custom info type.
2070 "name": "A String", # Name of the information type. Either a name of your choosing when
2071 # creating a CustomInfoType, or one of the names listed
2072 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2073 # a built-in type. InfoType names should conform to the pattern
2074 # [a-zA-Z0-9_]{1,64}.
2075 },
2076 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
2077 # be used to match sensitive information specific to the data, such as a list
2078 # of employee IDs or job titles.
2079 #
2080 # Dictionary words are case-insensitive and all characters other than letters
2081 # and digits in the unicode [Basic Multilingual
2082 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
2083 # will be replaced with whitespace when scanning for matches, so the
2084 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
2085 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
2086 # surrounding any match must be of a different type than the adjacent
2087 # characters within the word, so letters must be next to non-letters and
2088 # digits next to non-digits. For example, the dictionary word "jen" will
2089 # match the first three letters of the text "jen123" but will return no
2090 # matches for "jennifer".
2091 #
2092 # Dictionary words containing a large number of characters that are not
2093 # letters or digits may result in unexpected findings because such characters
2094 # are treated as whitespace. The
2095 # [limits](https://cloud.google.com/dlp/limits) page contains details about
2096 # the size limits of dictionaries. For dictionaries that do not fit within
2097 # these constraints, consider using `LargeCustomDictionaryConfig` in the
2098 # `StoredInfoType` API.
2099 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
2100 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
2101 # at least one phrase and every phrase must contain at least 2 characters
2102 # that are letters or digits. [required]
2103 "A String",
2104 ],
2105 },
2106 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
2107 # is accepted.
2108 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
2109 # Example: gs://[BUCKET_NAME]/dictionary.txt
2110 },
2111 },
2112 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
2113 # `InspectDataSource`. Not currently supported in `InspectContent`.
2114 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
2115 # `organizations/433245324/storedInfoTypes/432452342` or
2116 # `projects/project-id/storedInfoTypes/432452342`.
2117 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
2118 # inspection was created. Output-only field, populated by the system.
2119 },
2120 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
2121 # Rules are applied in order that they are specified. Not supported for the
2122 # `surrogate_type` CustomInfoType.
2123 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
2124 # `CustomInfoType` to alter behavior under certain circumstances, depending
2125 # on the specific details of the rule. Not supported for the `surrogate_type`
2126 # custom infoType.
2127 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
2128 # proximity of hotwords.
2129 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
2130 # The total length of the window cannot exceed 1000 characters. Note that
2131 # the finding itself will be included in the window, so that hotwords may
2132 # be used to match substrings of the finding itself. For example, the
2133 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
2134 # adjusted upwards if the area code is known to be the local area code of
2135 # a company office using the hotword regex "\(xxx\)", where "xxx"
2136 # is the area code in question.
2137 # rule.
2138 "windowAfter": 42, # Number of characters after the finding to consider.
2139 "windowBefore": 42, # Number of characters before the finding to consider.
2140 },
2141 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
2142 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2143 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2144 # google/re2 repository on GitHub.
2145 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2146 # specified, the entire match is returned. No more than 3 may be included.
2147 42,
2148 ],
2149 },
2150 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
2151 # part of a detection rule.
2152 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
2153 # levels. For example, if a finding would be `POSSIBLE` without the
2154 # detection rule and `relative_likelihood` is 1, then it is upgraded to
2155 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
2156 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
2157 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
2158 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
2159 # a final likelihood of `LIKELY`.
2160 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
2161 },
2162 },
2163 },
2164 ],
2165 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
2166 # to be returned. It still can be used for rules matching.
2167 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
2168 # altered by a detection rule if the finding meets the criteria specified by
2169 # the rule. Defaults to `VERY_LIKELY` if not specified.
2170 },
2171 ],
2172 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
2173 # included in the response; see Finding.quote.
2174 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
2175 # Exclusion rules, contained in the set are executed in the end, other
2176 # rules are executed in the order they are specified for each info type.
2177 { # Rule set for modifying a set of infoTypes to alter behavior under certain
2178 # circumstances, depending on the specific details of the rules within the set.
2179 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
2180 { # A single inspection rule to be applied to infoTypes, specified in
2181 # `InspectionRuleSet`.
2182 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
2183 # proximity of hotwords.
2184 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
2185 # The total length of the window cannot exceed 1000 characters. Note that
2186 # the finding itself will be included in the window, so that hotwords may
2187 # be used to match substrings of the finding itself. For example, the
2188 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
2189 # adjusted upwards if the area code is known to be the local area code of
2190 # a company office using the hotword regex "\(xxx\)", where "xxx"
2191 # is the area code in question.
2192 # rule.
2193 "windowAfter": 42, # Number of characters after the finding to consider.
2194 "windowBefore": 42, # Number of characters before the finding to consider.
2195 },
2196 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
2197 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2198 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2199 # google/re2 repository on GitHub.
2200 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2201 # specified, the entire match is returned. No more than 3 may be included.
2202 42,
2203 ],
2204 },
2205 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
2206 # part of a detection rule.
2207 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
2208 # levels. For example, if a finding would be `POSSIBLE` without the
2209 # detection rule and `relative_likelihood` is 1, then it is upgraded to
2210 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
2211 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
2212 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
2213 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
2214 # a final likelihood of `LIKELY`.
2215 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
2216 },
2217 },
2218 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
2219 # `InspectionRuleSet` are removed from results.
2220 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
2221 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2222 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2223 # google/re2 repository on GitHub.
2224 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2225 # specified, the entire match is returned. No more than 3 may be included.
2226 42,
2227 ],
2228 },
2229 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
2230 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
2231 # contained within with a finding of an infoType from this list. For
2232 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
2233 # `exclusion_rule` containing `exclude_info_types.info_types` with
2234 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
2235 # with EMAIL_ADDRESS finding.
2236 # That leads to "555-222-2222@example.org" to generate only a single
2237 # finding, namely email address.
2238 { # Type of information detected by the API.
2239 "name": "A String", # Name of the information type. Either a name of your choosing when
2240 # creating a CustomInfoType, or one of the names listed
2241 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2242 # a built-in type. InfoType names should conform to the pattern
2243 # [a-zA-Z0-9_]{1,64}.
2244 },
2245 ],
2246 },
2247 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
2248 # be used to match sensitive information specific to the data, such as a list
2249 # of employee IDs or job titles.
2250 #
2251 # Dictionary words are case-insensitive and all characters other than letters
2252 # and digits in the unicode [Basic Multilingual
2253 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
2254 # will be replaced with whitespace when scanning for matches, so the
2255 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
2256 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
2257 # surrounding any match must be of a different type than the adjacent
2258 # characters within the word, so letters must be next to non-letters and
2259 # digits next to non-digits. For example, the dictionary word "jen" will
2260 # match the first three letters of the text "jen123" but will return no
2261 # matches for "jennifer".
2262 #
2263 # Dictionary words containing a large number of characters that are not
2264 # letters or digits may result in unexpected findings because such characters
2265 # are treated as whitespace. The
2266 # [limits](https://cloud.google.com/dlp/limits) page contains details about
2267 # the size limits of dictionaries. For dictionaries that do not fit within
2268 # these constraints, consider using `LargeCustomDictionaryConfig` in the
2269 # `StoredInfoType` API.
2270 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
2271 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
2272 # at least one phrase and every phrase must contain at least 2 characters
2273 # that are letters or digits. [required]
2274 "A String",
2275 ],
2276 },
2277 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
2278 # is accepted.
2279 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
2280 # Example: gs://[BUCKET_NAME]/dictionary.txt
2281 },
2282 },
2283 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
2284 },
2285 },
2286 ],
2287 "infoTypes": [ # List of infoTypes this rule set is applied to.
2288 { # Type of information detected by the API.
2289 "name": "A String", # Name of the information type. Either a name of your choosing when
2290 # creating a CustomInfoType, or one of the names listed
2291 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2292 # a built-in type. InfoType names should conform to the pattern
2293 # [a-zA-Z0-9_]{1,64}.
2294 },
2295 ],
2296 },
2297 ],
2298 "contentOptions": [ # List of options defining data content to scan.
2299 # If empty, text, images, and other content will be included.
2300 "A String",
2301 ],
2302 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
2303 # InfoType values returned by ListInfoTypes or listed at
2304 # https://cloud.google.com/dlp/docs/infotypes-reference.
2305 #
2306 # When no InfoTypes or CustomInfoTypes are specified in a request, the
2307 # system may automatically choose what detectors to run. By default this may
2308 # be all types, but may change over time as detectors are updated.
2309 #
2310 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
2311 # but may change over time as new InfoTypes are added. If you need precise
2312 # control and predictability as to what detectors are run you should specify
2313 # specific InfoTypes listed in the reference.
2314 { # Type of information detected by the API.
2315 "name": "A String", # Name of the information type. Either a name of your choosing when
2316 # creating a CustomInfoType, or one of the names listed
2317 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2318 # a built-in type. InfoType names should conform to the pattern
2319 # [a-zA-Z0-9_]{1,64}.
2320 },
2321 ],
2322 },
2323 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig.
2324 # `inspect_config` will be merged into the values persisted as part of the
2325 # template.
2326 "actions": [ # Actions to execute at the completion of the job.
2327 { # A task to execute on the completion of a job.
2328 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
2329 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location.
2330 # OutputStorageConfig. Only a single instance of this action can be
2331 # specified.
2332 # Compatible with: Inspect, Risk
2333 "outputConfig": { # Cloud repository for storing output.
2334 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing
2335 # dataset. If table_id is not set a new one will be generated
2336 # for you with the following format:
2337 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
2338 # generating the date details.
2339 #
2340 # For Inspect, each column in an existing output table must have the same
2341 # name, type, and mode of a field in the `Finding` object.
2342 #
2343 # For Risk, an existing output table should be the output of a previous
2344 # Risk analysis job run on the same source table, with the same privacy
2345 # metric and quasi-identifiers. Risk jobs that analyze the same table but
2346 # compute a different privacy metric, or use different sets of
2347 # quasi-identifiers, cannot store their results in the same table.
2348 # identified by its project_id, dataset_id, and table_name. Within a query
2349 # a table is often referenced with a string in the format of:
2350 # `<project_id>:<dataset_id>.<table_id>` or
2351 # `<project_id>.<dataset_id>.<table_id>`.
2352 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
2353 # If omitted, project ID is inferred from the API call.
2354 "tableId": "A String", # Name of the table.
2355 "datasetId": "A String", # Dataset ID of the table.
2356 },
2357 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only
2358 # used for Inspect and must be unspecified for Risk jobs. Columns are derived
2359 # from the `Finding` object. If appending to an existing table, any columns
2360 # from the predefined schema that are missing will be added. No columns in
2361 # the existing table will be deleted.
2362 #
2363 # If unspecified, then all available columns will be used for a new table or
2364 # an (existing) table with no schema, and no changes will be made to an
2365 # existing table that has a schema.
2366 },
2367 },
2368 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's
2369 # completion/failure.
2370 # completion/failure.
2371 },
2372 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha).
2373 # Command Center (CSCC Alpha).
2374 # This action is only available for projects which are parts of
2375 # an organization and whitelisted for the alpha Cloud Security Command
2376 # Center.
2377 # The action will publish count of finding instances and their info types.
2378 # The summary of findings will be persisted in CSCC and are governed by CSCC
2379 # service-specific policy, see https://cloud.google.com/terms/service-terms
2380 # Only a single instance of this action can be specified.
2381 # Compatible with: Inspect
2382 },
2383 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic.
2384 # message contains a single field, `DlpJobName`, which is equal to the
2385 # finished job's
2386 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
2387 # Compatible with: Inspect, Risk
2388 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given
2389 # publishing access rights to the DLP API service account executing
2390 # the long running DlpJob sending the notifications.
2391 # Format is projects/{project}/topics/{topic}.
2392 },
2393 },
2394 ],
2395 },
2396 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list
2397 # needs to trigger for a job to be started. The list may contain only
2398 # a single Schedule trigger and must have at least one object.
2399 { # What event needs to occur for a new job to be started.
2400 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time.
2401 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For
2402 # example: every day (86400 seconds).
2403 #
2404 # A scheduled start time will be skipped if the previous
2405 # execution has not ended when its scheduled time occurs.
2406 #
2407 # This value must be set to a time duration greater than or equal
2408 # to 1 day and can be no longer than 60 days.
2409 },
2410 },
2411 ],
2412 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field.
2413 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field.
2414 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the
2415 # triggeredJob is created, for example
2416 # `projects/dlp-test-project/triggeredJobs/53234423`.
2417 },
2418 }
2419
2420 x__xgafv: string, V1 error format.
2421 Allowed values
2422 1 - v1 error format
2423 2 - v2 error format
2424
2425Returns:
2426 An object of the form:
2427
2428 { # Contains a configuration to make dlp api calls on a repeating basis.
2429 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
2430 "status": "A String", # A status for this trigger. [required]
2431 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field.
2432 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated
2433 # errors may result in the JobTrigger automatically being paused.
2434 # Will return the last 100 errors. Whenever the JobTrigger is modified
2435 # this list will be cleared. Output only field.
2436 { # Details information about an error encountered during job execution or
2437 # the results of an unsuccessful activation of the JobTrigger.
2438 # Output only field.
2439 "timestamps": [ # The times the error occurred.
2440 "A String",
2441 ],
2442 "details": { # The `Status` type defines a logical error model that is suitable for
2443 # different programming environments, including REST APIs and RPC APIs. It is
2444 # used by [gRPC](https://github.com/grpc). Each `Status` message contains
2445 # three pieces of data: error code, error message, and error details.
2446 #
2447 # You can find out more about this error model and how to work with it in the
2448 # [API Design Guide](https://cloud.google.com/apis/design/errors).
2449 "message": "A String", # A developer-facing error message, which should be in English. Any
2450 # user-facing error message should be localized and sent in the
2451 # google.rpc.Status.details field, or localized by the client.
2452 "code": 42, # The status code, which should be an enum value of google.rpc.Code.
2453 "details": [ # A list of messages that carry the error details. There is a common set of
2454 # message types for APIs to use.
2455 {
2456 "a_key": "", # Properties of the object. Contains field @type with type URL.
2457 },
2458 ],
2459 },
2460 },
2461 ],
2462 "displayName": "A String", # Display name (max 100 chars)
2463 "description": "A String", # User provided description (max 256 chars)
2464 "inspectJob": {
2465 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan.
2466 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification.
2467 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always
2468 # by project and namespace, however the namespace ID may be empty.
2469 # A partition ID identifies a grouping of entities. The grouping is always
2470 # by project and namespace, however the namespace ID may be empty.
2471 #
2472 # A partition ID contains several dimensions:
2473 # project ID and namespace ID.
2474 "projectId": "A String", # The ID of the project to which the entities belong.
2475 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
2476 },
2477 "kind": { # A representation of a Datastore kind. # The kind to process.
2478 "name": "A String", # The name of the kind.
2479 },
2480 },
2481 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification.
2482 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip
2483 # inspection of entire columns which you know have no findings.
2484 { # General identifier of a data field in a storage service.
2485 "name": "A String", # Name describing the field.
2486 },
2487 ],
2488 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the
2489 # rest of the rows are omitted. If not set, or if set to 0, all rows will be
2490 # scanned. Only one of rows_limit and rows_limit_percent can be specified.
2491 # Cannot be used in conjunction with TimespanConfig.
2492 "sampleMethod": "A String",
2493 "identifyingFields": [ # References to fields uniquely identifying rows within the table.
2494 # Nested fields in the format, like `person.birthdate.year`, are allowed.
2495 { # General identifier of a data field in a storage service.
2496 "name": "A String", # Name describing the field.
2497 },
2498 ],
2499 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows
2500 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
2501 # 100 means no limit. Defaults to 0. Only one of rows_limit and
2502 # rows_limit_percent can be specified. Cannot be used in conjunction with
2503 # TimespanConfig.
2504 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference.
2505 # identified by its project_id, dataset_id, and table_name. Within a query
2506 # a table is often referenced with a string in the format of:
2507 # `<project_id>:<dataset_id>.<table_id>` or
2508 # `<project_id>.<dataset_id>.<table_id>`.
2509 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
2510 # If omitted, project ID is inferred from the API call.
2511 "tableId": "A String", # Name of the table.
2512 "datasetId": "A String", # Dataset ID of the table.
2513 },
2514 },
2515 "timespanConfig": { # Configuration of the timespan of the items to include in scanning.
2516 # Currently only supported when inspecting Google Cloud Storage and BigQuery.
2517 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items.
2518 # Used for data sources like Datastore or BigQuery.
2519 # If not specified for BigQuery, table last modification timestamp
2520 # is checked against given time span.
2521 # The valid data types of the timestamp field are:
2522 # for BigQuery - timestamp, date, datetime;
2523 # for Datastore - timestamp.
2524 # Datastore entity will be scanned if the timestamp property does not exist
2525 # or its value is empty or invalid.
2526 "name": "A String", # Name describing the field.
2527 },
2528 "endTime": "A String", # Exclude files or rows newer than this value.
2529 # If set to zero, no upper time limit is applied.
2530 "startTime": "A String", # Exclude files or rows older than this value.
2531 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out
2532 # a valid start_time to avoid scanning files that have not been modified
2533 # since the last time the JobTrigger executed. This will be based on the
2534 # time of the execution of the last run of the JobTrigger.
2535 },
2536 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification.
2537 # bucket.
2538 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger
2539 # than this value then the rest of the bytes are omitted. Only one
2540 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
2541 "sampleMethod": "A String",
2542 "fileSet": { # Set of files to scan. # The set of one or more files to scan.
2543 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format
2544 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
2545 #
2546 # If the url ends in a trailing slash, the bucket or directory represented
2547 # by the url will be scanned non-recursively (content in sub-directories
2548 # will not be scanned). This means that `gs://mybucket/` is equivalent to
2549 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
2550 # `gs://mybucket/directory/*`.
2551 #
2552 # Exactly one of `url` or `regex_file_set` must be set.
2553 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or
2554 # `regex_file_set` must be set.
2555 # expressions are used to allow fine-grained control over which files in the
2556 # bucket to include.
2557 #
2558 # Included files are those that match at least one item in `include_regex` and
2559 # do not match any items in `exclude_regex`. Note that a file that matches
2560 # items from both lists will _not_ be included. For a match to occur, the
2561 # entire file path (i.e., everything in the url after the bucket name) must
2562 # match the regular expression.
2563 #
2564 # For example, given the input `{bucket_name: "mybucket", include_regex:
2565 # ["directory1/.*"], exclude_regex:
2566 # ["directory1/excluded.*"]}`:
2567 #
2568 # * `gs://mybucket/directory1/myfile` will be included
2569 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
2570 # across `/`)
2571 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
2572 # full path doesn't match any items in `include_regex`)
2573 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
2574 # matches an item in `exclude_regex`)
2575 #
2576 # If `include_regex` is left empty, it will match all files by default
2577 # (this is equivalent to setting `include_regex: [".*"]`).
2578 #
2579 # Some other common use cases:
2580 #
2581 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
2582 # files in `mybucket` except for .pdf files
2583 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
2584 # include all files directly under `gs://mybucket/directory/`, without matching
2585 # across `/`
2586 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in
2587 # the bucket that match at least one of these regular expressions will be
2588 # excluded from the scan.
2589 #
2590 # Regular expressions use RE2
2591 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
2592 # under the google/re2 repository on GitHub.
2593 "A String",
2594 ],
2595 "bucketName": "A String", # The name of a Cloud Storage bucket. Required.
2596 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in
2597 # the bucket that match at least one of these regular expressions will be
2598 # included in the set of files, except for those that also match an item in
2599 # `exclude_regex`. Leaving this field empty will match all files by default
2600 # (this is equivalent to including `.*` in the list).
2601 #
2602 # Regular expressions use RE2
2603 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
2604 # under the google/re2 repository on GitHub.
2605 "A String",
2606 ],
2607 },
2608 },
2609 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The
2610 # number of bytes scanned is rounded down. Must be between 0 and 100,
2611 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
2612 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
2613 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet.
2614 # Number of files scanned is rounded down. Must be between 0 and 100,
2615 # inclusively. Both 0 and 100 means no limit. Defaults to 0.
2616 "fileTypes": [ # List of file type groups to include in the scan.
2617 # If empty, all files are scanned and available data format processors
2618 # are applied. In addition, the binary content of the selected files
2619 # is always scanned as well.
2620 "A String",
2621 ],
2622 },
2623 },
2624 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for.
2625 # When used with redactContent only info_types and min_likelihood are currently
2626 # used.
2627 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
2628 "limits": {
2629 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
2630 # When set within `InspectContentRequest`, the maximum returned is 2000
2631 # regardless if this is set higher.
2632 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
2633 { # Max findings configuration per infoType, per content item or long
2634 # running DlpJob.
2635 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
2636 # info_type should be provided. If InfoTypeLimit does not have an
2637 # info_type, the DLP API applies the limit against all info_types that
2638 # are found but not specified in another InfoTypeLimit.
2639 "name": "A String", # Name of the information type. Either a name of your choosing when
2640 # creating a CustomInfoType, or one of the names listed
2641 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2642 # a built-in type. InfoType names should conform to the pattern
2643 # [a-zA-Z0-9_]{1,64}.
2644 },
2645 "maxFindings": 42, # Max findings limit for the given infoType.
2646 },
2647 ],
2648 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
2649 # When set within `InspectDataSourceRequest`,
2650 # the maximum returned is 2000 regardless if this is set higher.
2651 # When set within `InspectContentRequest`, this field is ignored.
2652 },
2653 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
2654 # POSSIBLE.
2655 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
2656 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
2657 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
2658 { # Custom information type provided by the user. Used to find domain-specific
2659 # sensitive information configurable to the data in question.
2660 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
2661 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2662 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2663 # google/re2 repository on GitHub.
2664 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2665 # specified, the entire match is returned. No more than 3 may be included.
2666 42,
2667 ],
2668 },
2669 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
2670 # support reversing.
2671 # such as
2672 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
2673 # These types of transformations are
2674 # those that perform pseudonymization, thereby producing a "surrogate" as
2675 # output. This should be used in conjunction with a field on the
2676 # transformation such as `surrogate_info_type`. This CustomInfoType does
2677 # not support the use of `detection_rules`.
2678 },
2679 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
2680 # infoType, when the name matches one of existing infoTypes and that infoType
2681 # is specified in `InspectContent.info_types` field. Specifying the latter
2682 # adds findings to the one detected by the system. If built-in info type is
2683 # not specified in `InspectContent.info_types` list then the name is treated
2684 # as a custom info type.
2685 "name": "A String", # Name of the information type. Either a name of your choosing when
2686 # creating a CustomInfoType, or one of the names listed
2687 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2688 # a built-in type. InfoType names should conform to the pattern
2689 # [a-zA-Z0-9_]{1,64}.
2690 },
2691 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
2692 # be used to match sensitive information specific to the data, such as a list
2693 # of employee IDs or job titles.
2694 #
2695 # Dictionary words are case-insensitive and all characters other than letters
2696 # and digits in the unicode [Basic Multilingual
2697 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
2698 # will be replaced with whitespace when scanning for matches, so the
2699 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
2700 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
2701 # surrounding any match must be of a different type than the adjacent
2702 # characters within the word, so letters must be next to non-letters and
2703 # digits next to non-digits. For example, the dictionary word "jen" will
2704 # match the first three letters of the text "jen123" but will return no
2705 # matches for "jennifer".
2706 #
2707 # Dictionary words containing a large number of characters that are not
2708 # letters or digits may result in unexpected findings because such characters
2709 # are treated as whitespace. The
2710 # [limits](https://cloud.google.com/dlp/limits) page contains details about
2711 # the size limits of dictionaries. For dictionaries that do not fit within
2712 # these constraints, consider using `LargeCustomDictionaryConfig` in the
2713 # `StoredInfoType` API.
2714 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
2715 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
2716 # at least one phrase and every phrase must contain at least 2 characters
2717 # that are letters or digits. [required]
2718 "A String",
2719 ],
2720 },
2721 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
2722 # is accepted.
2723 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
2724 # Example: gs://[BUCKET_NAME]/dictionary.txt
2725 },
2726 },
2727 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
2728 # `InspectDataSource`. Not currently supported in `InspectContent`.
2729 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
2730 # `organizations/433245324/storedInfoTypes/432452342` or
2731 # `projects/project-id/storedInfoTypes/432452342`.
2732 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
2733 # inspection was created. Output-only field, populated by the system.
2734 },
2735 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
2736 # Rules are applied in order that they are specified. Not supported for the
2737 # `surrogate_type` CustomInfoType.
2738 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
2739 # `CustomInfoType` to alter behavior under certain circumstances, depending
2740 # on the specific details of the rule. Not supported for the `surrogate_type`
2741 # custom infoType.
2742 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
2743 # proximity of hotwords.
2744 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
2745 # The total length of the window cannot exceed 1000 characters. Note that
2746 # the finding itself will be included in the window, so that hotwords may
2747 # be used to match substrings of the finding itself. For example, the
2748 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
2749 # adjusted upwards if the area code is known to be the local area code of
2750 # a company office using the hotword regex "\(xxx\)", where "xxx"
2751 # is the area code in question.
2752 # rule.
2753 "windowAfter": 42, # Number of characters after the finding to consider.
2754 "windowBefore": 42, # Number of characters before the finding to consider.
2755 },
2756 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
2757 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2758 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2759 # google/re2 repository on GitHub.
2760 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2761 # specified, the entire match is returned. No more than 3 may be included.
2762 42,
2763 ],
2764 },
2765 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
2766 # part of a detection rule.
2767 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
2768 # levels. For example, if a finding would be `POSSIBLE` without the
2769 # detection rule and `relative_likelihood` is 1, then it is upgraded to
2770 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
2771 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
2772 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
2773 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
2774 # a final likelihood of `LIKELY`.
2775 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
2776 },
2777 },
2778 },
2779 ],
2780 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
2781 # to be returned. It still can be used for rules matching.
2782 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
2783 # altered by a detection rule if the finding meets the criteria specified by
2784 # the rule. Defaults to `VERY_LIKELY` if not specified.
2785 },
2786 ],
2787 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
2788 # included in the response; see Finding.quote.
2789 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
2790 # Exclusion rules, contained in the set are executed in the end, other
2791 # rules are executed in the order they are specified for each info type.
2792 { # Rule set for modifying a set of infoTypes to alter behavior under certain
2793 # circumstances, depending on the specific details of the rules within the set.
2794 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
2795 { # A single inspection rule to be applied to infoTypes, specified in
2796 # `InspectionRuleSet`.
2797 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
2798 # proximity of hotwords.
2799 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
2800 # The total length of the window cannot exceed 1000 characters. Note that
2801 # the finding itself will be included in the window, so that hotwords may
2802 # be used to match substrings of the finding itself. For example, the
2803 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
2804 # adjusted upwards if the area code is known to be the local area code of
2805 # a company office using the hotword regex "\(xxx\)", where "xxx"
2806 # is the area code in question.
2807 # rule.
2808 "windowAfter": 42, # Number of characters after the finding to consider.
2809 "windowBefore": 42, # Number of characters before the finding to consider.
2810 },
2811 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
2812 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2813 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2814 # google/re2 repository on GitHub.
2815 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2816 # specified, the entire match is returned. No more than 3 may be included.
2817 42,
2818 ],
2819 },
2820 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
2821 # part of a detection rule.
2822 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
2823 # levels. For example, if a finding would be `POSSIBLE` without the
2824 # detection rule and `relative_likelihood` is 1, then it is upgraded to
2825 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
2826 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
2827 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
2828 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
2829 # a final likelihood of `LIKELY`.
2830 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
2831 },
2832 },
2833 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
2834 # `InspectionRuleSet` are removed from results.
2835 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
2836 "pattern": "A String", # Pattern defining the regular expression. Its syntax
2837 # (https://github.com/google/re2/wiki/Syntax) can be found under the
2838 # google/re2 repository on GitHub.
2839 "groupIndexes": [ # The index of the submatch to extract as findings. When not
2840 # specified, the entire match is returned. No more than 3 may be included.
2841 42,
2842 ],
2843 },
2844 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
2845 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
2846 # contained within with a finding of an infoType from this list. For
2847 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
2848 # `exclusion_rule` containing `exclude_info_types.info_types` with
2849 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
2850 # with EMAIL_ADDRESS finding.
2851 # That leads to "555-222-2222@example.org" to generate only a single
2852 # finding, namely email address.
2853 { # Type of information detected by the API.
2854 "name": "A String", # Name of the information type. Either a name of your choosing when
2855 # creating a CustomInfoType, or one of the names listed
2856 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2857 # a built-in type. InfoType names should conform to the pattern
2858 # [a-zA-Z0-9_]{1,64}.
2859 },
2860 ],
2861 },
2862 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
2863 # be used to match sensitive information specific to the data, such as a list
2864 # of employee IDs or job titles.
2865 #
2866 # Dictionary words are case-insensitive and all characters other than letters
2867 # and digits in the unicode [Basic Multilingual
2868 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
2869 # will be replaced with whitespace when scanning for matches, so the
2870 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
2871 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
2872 # surrounding any match must be of a different type than the adjacent
2873 # characters within the word, so letters must be next to non-letters and
2874 # digits next to non-digits. For example, the dictionary word "jen" will
2875 # match the first three letters of the text "jen123" but will return no
2876 # matches for "jennifer".
2877 #
2878 # Dictionary words containing a large number of characters that are not
2879 # letters or digits may result in unexpected findings because such characters
2880 # are treated as whitespace. The
2881 # [limits](https://cloud.google.com/dlp/limits) page contains details about
2882 # the size limits of dictionaries. For dictionaries that do not fit within
2883 # these constraints, consider using `LargeCustomDictionaryConfig` in the
2884 # `StoredInfoType` API.
2885 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
2886 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
2887 # at least one phrase and every phrase must contain at least 2 characters
2888 # that are letters or digits. [required]
2889 "A String",
2890 ],
2891 },
2892 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
2893 # is accepted.
2894 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
2895 # Example: gs://[BUCKET_NAME]/dictionary.txt
2896 },
2897 },
2898 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
2899 },
2900 },
2901 ],
2902 "infoTypes": [ # List of infoTypes this rule set is applied to.
2903 { # Type of information detected by the API.
2904 "name": "A String", # Name of the information type. Either a name of your choosing when
2905 # creating a CustomInfoType, or one of the names listed
2906 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2907 # a built-in type. InfoType names should conform to the pattern
2908 # [a-zA-Z0-9_]{1,64}.
2909 },
2910 ],
2911 },
2912 ],
2913 "contentOptions": [ # List of options defining data content to scan.
2914 # If empty, text, images, and other content will be included.
2915 "A String",
2916 ],
2917 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
2918 # InfoType values returned by ListInfoTypes or listed at
2919 # https://cloud.google.com/dlp/docs/infotypes-reference.
2920 #
2921 # When no InfoTypes or CustomInfoTypes are specified in a request, the
2922 # system may automatically choose what detectors to run. By default this may
2923 # be all types, but may change over time as detectors are updated.
2924 #
2925 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
2926 # but may change over time as new InfoTypes are added. If you need precise
2927 # control and predictability as to what detectors are run you should specify
2928 # specific InfoTypes listed in the reference.
2929 { # Type of information detected by the API.
2930 "name": "A String", # Name of the information type. Either a name of your choosing when
2931 # creating a CustomInfoType, or one of the names listed
2932 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
2933 # a built-in type. InfoType names should conform to the pattern
2934 # [a-zA-Z0-9_]{1,64}.
2935 },
2936 ],
2937 },
2938 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig.
2939 # `inspect_config` will be merged into the values persisted as part of the
2940 # template.
2941 "actions": [ # Actions to execute at the completion of the job.
2942 { # A task to execute on the completion of a job.
2943 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
2944 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location.
2945 # OutputStorageConfig. Only a single instance of this action can be
2946 # specified.
2947 # Compatible with: Inspect, Risk
2948 "outputConfig": { # Cloud repository for storing output.
2949 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing
2950 # dataset. If table_id is not set a new one will be generated
2951 # for you with the following format:
2952 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
2953 # generating the date details.
2954 #
2955 # For Inspect, each column in an existing output table must have the same
2956 # name, type, and mode of a field in the `Finding` object.
2957 #
2958 # For Risk, an existing output table should be the output of a previous
2959 # Risk analysis job run on the same source table, with the same privacy
2960 # metric and quasi-identifiers. Risk jobs that analyze the same table but
2961 # compute a different privacy metric, or use different sets of
2962 # quasi-identifiers, cannot store their results in the same table.
2963 # identified by its project_id, dataset_id, and table_name. Within a query
2964 # a table is often referenced with a string in the format of:
2965 # `<project_id>:<dataset_id>.<table_id>` or
2966 # `<project_id>.<dataset_id>.<table_id>`.
2967 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
2968 # If omitted, project ID is inferred from the API call.
2969 "tableId": "A String", # Name of the table.
2970 "datasetId": "A String", # Dataset ID of the table.
2971 },
2972 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only
2973 # used for Inspect and must be unspecified for Risk jobs. Columns are derived
2974 # from the `Finding` object. If appending to an existing table, any columns
2975 # from the predefined schema that are missing will be added. No columns in
2976 # the existing table will be deleted.
2977 #
2978 # If unspecified, then all available columns will be used for a new table or
2979 # an (existing) table with no schema, and no changes will be made to an
2980 # existing table that has a schema.
2981 },
2982 },
2983 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's
2984 # completion/failure.
2985 # completion/failure.
2986 },
2987 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha).
2988 # Command Center (CSCC Alpha).
2989 # This action is only available for projects which are parts of
2990 # an organization and whitelisted for the alpha Cloud Security Command
2991 # Center.
2992 # The action will publish count of finding instances and their info types.
2993 # The summary of findings will be persisted in CSCC and are governed by CSCC
2994 # service-specific policy, see https://cloud.google.com/terms/service-terms
2995 # Only a single instance of this action can be specified.
2996 # Compatible with: Inspect
2997 },
2998 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic.
2999 # message contains a single field, `DlpJobName`, which is equal to the
3000 # finished job's
3001 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
3002 # Compatible with: Inspect, Risk
3003 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given
3004 # publishing access rights to the DLP API service account executing
3005 # the long running DlpJob sending the notifications.
3006 # Format is projects/{project}/topics/{topic}.
3007 },
3008 },
3009 ],
3010 },
3011 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list
3012 # needs to trigger for a job to be started. The list may contain only
3013 # a single Schedule trigger and must have at least one object.
3014 { # What event needs to occur for a new job to be started.
3015 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time.
3016 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For
3017 # example: every day (86400 seconds).
3018 #
3019 # A scheduled start time will be skipped if the previous
3020 # execution has not ended when its scheduled time occurs.
3021 #
3022 # This value must be set to a time duration greater than or equal
3023 # to 1 day and can be no longer than 60 days.
3024 },
3025 },
3026 ],
3027 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field.
3028 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field.
3029 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the
3030 # triggeredJob is created, for example
3031 # `projects/dlp-test-project/triggeredJobs/53234423`.
3032 }</pre>
3033</div>
3034
3035<div class="method">
3036 <code class="details" id="delete">delete(name, x__xgafv=None)</code>
3037 <pre>Deletes a job trigger.
3038See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
3039
3040Args:
3041 name: string, Resource name of the project and the triggeredJob, for example
3042`projects/dlp-test-project/jobTriggers/53234423`. (required)
3043 x__xgafv: string, V1 error format.
3044 Allowed values
3045 1 - v1 error format
3046 2 - v2 error format
3047
3048Returns:
3049 An object of the form:
3050
3051 { # A generic empty message that you can re-use to avoid defining duplicated
3052 # empty messages in your APIs. A typical example is to use it as the request
3053 # or the response type of an API method. For instance:
3054 #
3055 # service Foo {
3056 # rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
3057 # }
3058 #
3059 # The JSON representation for `Empty` is empty JSON object `{}`.
3060 }</pre>
3061</div>
3062
3063<div class="method">
3064 <code class="details" id="get">get(name, x__xgafv=None)</code>
3065 <pre>Gets a job trigger.
3066See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
3067
3068Args:
3069 name: string, Resource name of the project and the triggeredJob, for example
3070`projects/dlp-test-project/jobTriggers/53234423`. (required)
3071 x__xgafv: string, V1 error format.
3072 Allowed values
3073 1 - v1 error format
3074 2 - v2 error format
3075
3076Returns:
3077 An object of the form:
3078
3079 { # Contains a configuration to make dlp api calls on a repeating basis.
3080 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
3081 "status": "A String", # A status for this trigger. [required]
3082 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field.
3083 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated
3084 # errors may result in the JobTrigger automatically being paused.
3085 # Will return the last 100 errors. Whenever the JobTrigger is modified
3086 # this list will be cleared. Output only field.
3087 { # Details information about an error encountered during job execution or
3088 # the results of an unsuccessful activation of the JobTrigger.
3089 # Output only field.
3090 "timestamps": [ # The times the error occurred.
3091 "A String",
3092 ],
3093 "details": { # The `Status` type defines a logical error model that is suitable for
3094 # different programming environments, including REST APIs and RPC APIs. It is
3095 # used by [gRPC](https://github.com/grpc). Each `Status` message contains
3096 # three pieces of data: error code, error message, and error details.
3097 #
3098 # You can find out more about this error model and how to work with it in the
3099 # [API Design Guide](https://cloud.google.com/apis/design/errors).
3100 "message": "A String", # A developer-facing error message, which should be in English. Any
3101 # user-facing error message should be localized and sent in the
3102 # google.rpc.Status.details field, or localized by the client.
3103 "code": 42, # The status code, which should be an enum value of google.rpc.Code.
3104 "details": [ # A list of messages that carry the error details. There is a common set of
3105 # message types for APIs to use.
3106 {
3107 "a_key": "", # Properties of the object. Contains field @type with type URL.
3108 },
3109 ],
3110 },
3111 },
3112 ],
3113 "displayName": "A String", # Display name (max 100 chars)
3114 "description": "A String", # User provided description (max 256 chars)
3115 "inspectJob": {
3116 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan.
3117 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification.
3118 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always
3119 # by project and namespace, however the namespace ID may be empty.
3120 # A partition ID identifies a grouping of entities. The grouping is always
3121 # by project and namespace, however the namespace ID may be empty.
3122 #
3123 # A partition ID contains several dimensions:
3124 # project ID and namespace ID.
3125 "projectId": "A String", # The ID of the project to which the entities belong.
3126 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
3127 },
3128 "kind": { # A representation of a Datastore kind. # The kind to process.
3129 "name": "A String", # The name of the kind.
3130 },
3131 },
3132 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification.
3133 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip
3134 # inspection of entire columns which you know have no findings.
3135 { # General identifier of a data field in a storage service.
3136 "name": "A String", # Name describing the field.
3137 },
3138 ],
3139 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the
3140 # rest of the rows are omitted. If not set, or if set to 0, all rows will be
3141 # scanned. Only one of rows_limit and rows_limit_percent can be specified.
3142 # Cannot be used in conjunction with TimespanConfig.
3143 "sampleMethod": "A String",
3144 "identifyingFields": [ # References to fields uniquely identifying rows within the table.
3145 # Nested fields in the format, like `person.birthdate.year`, are allowed.
3146 { # General identifier of a data field in a storage service.
3147 "name": "A String", # Name describing the field.
3148 },
3149 ],
3150 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows
3151 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
3152 # 100 means no limit. Defaults to 0. Only one of rows_limit and
3153 # rows_limit_percent can be specified. Cannot be used in conjunction with
3154 # TimespanConfig.
3155 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference.
3156 # identified by its project_id, dataset_id, and table_name. Within a query
3157 # a table is often referenced with a string in the format of:
3158 # `<project_id>:<dataset_id>.<table_id>` or
3159 # `<project_id>.<dataset_id>.<table_id>`.
3160 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
3161 # If omitted, project ID is inferred from the API call.
3162 "tableId": "A String", # Name of the table.
3163 "datasetId": "A String", # Dataset ID of the table.
3164 },
3165 },
3166 "timespanConfig": { # Configuration of the timespan of the items to include in scanning.
3167 # Currently only supported when inspecting Google Cloud Storage and BigQuery.
3168 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items.
3169 # Used for data sources like Datastore or BigQuery.
3170 # If not specified for BigQuery, table last modification timestamp
3171 # is checked against given time span.
3172 # The valid data types of the timestamp field are:
3173 # for BigQuery - timestamp, date, datetime;
3174 # for Datastore - timestamp.
3175 # Datastore entity will be scanned if the timestamp property does not exist
3176 # or its value is empty or invalid.
3177 "name": "A String", # Name describing the field.
3178 },
3179 "endTime": "A String", # Exclude files or rows newer than this value.
3180 # If set to zero, no upper time limit is applied.
3181 "startTime": "A String", # Exclude files or rows older than this value.
3182 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out
3183 # a valid start_time to avoid scanning files that have not been modified
3184 # since the last time the JobTrigger executed. This will be based on the
3185 # time of the execution of the last run of the JobTrigger.
3186 },
3187 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification.
3188 # bucket.
3189 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger
3190 # than this value then the rest of the bytes are omitted. Only one
3191 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
3192 "sampleMethod": "A String",
3193 "fileSet": { # Set of files to scan. # The set of one or more files to scan.
3194 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format
3195 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
3196 #
3197 # If the url ends in a trailing slash, the bucket or directory represented
3198 # by the url will be scanned non-recursively (content in sub-directories
3199 # will not be scanned). This means that `gs://mybucket/` is equivalent to
3200 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
3201 # `gs://mybucket/directory/*`.
3202 #
3203 # Exactly one of `url` or `regex_file_set` must be set.
3204 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or
3205 # `regex_file_set` must be set.
3206 # expressions are used to allow fine-grained control over which files in the
3207 # bucket to include.
3208 #
3209 # Included files are those that match at least one item in `include_regex` and
3210 # do not match any items in `exclude_regex`. Note that a file that matches
3211 # items from both lists will _not_ be included. For a match to occur, the
3212 # entire file path (i.e., everything in the url after the bucket name) must
3213 # match the regular expression.
3214 #
3215 # For example, given the input `{bucket_name: "mybucket", include_regex:
3216 # ["directory1/.*"], exclude_regex:
3217 # ["directory1/excluded.*"]}`:
3218 #
3219 # * `gs://mybucket/directory1/myfile` will be included
3220 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
3221 # across `/`)
3222 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
3223 # full path doesn't match any items in `include_regex`)
3224 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
3225 # matches an item in `exclude_regex`)
3226 #
3227 # If `include_regex` is left empty, it will match all files by default
3228 # (this is equivalent to setting `include_regex: [".*"]`).
3229 #
3230 # Some other common use cases:
3231 #
3232 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
3233 # files in `mybucket` except for .pdf files
3234 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
3235 # include all files directly under `gs://mybucket/directory/`, without matching
3236 # across `/`
3237 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in
3238 # the bucket that match at least one of these regular expressions will be
3239 # excluded from the scan.
3240 #
3241 # Regular expressions use RE2
3242 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
3243 # under the google/re2 repository on GitHub.
3244 "A String",
3245 ],
3246 "bucketName": "A String", # The name of a Cloud Storage bucket. Required.
3247 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in
3248 # the bucket that match at least one of these regular expressions will be
3249 # included in the set of files, except for those that also match an item in
3250 # `exclude_regex`. Leaving this field empty will match all files by default
3251 # (this is equivalent to including `.*` in the list).
3252 #
3253 # Regular expressions use RE2
3254 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
3255 # under the google/re2 repository on GitHub.
3256 "A String",
3257 ],
3258 },
3259 },
3260 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The
3261 # number of bytes scanned is rounded down. Must be between 0 and 100,
3262 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
3263 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
3264 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet.
3265 # Number of files scanned is rounded down. Must be between 0 and 100,
3266 # inclusively. Both 0 and 100 means no limit. Defaults to 0.
3267 "fileTypes": [ # List of file type groups to include in the scan.
3268 # If empty, all files are scanned and available data format processors
3269 # are applied. In addition, the binary content of the selected files
3270 # is always scanned as well.
3271 "A String",
3272 ],
3273 },
3274 },
3275 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for.
3276 # When used with redactContent only info_types and min_likelihood are currently
3277 # used.
3278 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
3279 "limits": {
3280 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
3281 # When set within `InspectContentRequest`, the maximum returned is 2000
3282 # regardless if this is set higher.
3283 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
3284 { # Max findings configuration per infoType, per content item or long
3285 # running DlpJob.
3286 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
3287 # info_type should be provided. If InfoTypeLimit does not have an
3288 # info_type, the DLP API applies the limit against all info_types that
3289 # are found but not specified in another InfoTypeLimit.
3290 "name": "A String", # Name of the information type. Either a name of your choosing when
3291 # creating a CustomInfoType, or one of the names listed
3292 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
3293 # a built-in type. InfoType names should conform to the pattern
3294 # [a-zA-Z0-9_]{1,64}.
3295 },
3296 "maxFindings": 42, # Max findings limit for the given infoType.
3297 },
3298 ],
3299 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
3300 # When set within `InspectDataSourceRequest`,
3301 # the maximum returned is 2000 regardless if this is set higher.
3302 # When set within `InspectContentRequest`, this field is ignored.
3303 },
3304 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
3305 # POSSIBLE.
3306 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
3307 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
3308 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
3309 { # Custom information type provided by the user. Used to find domain-specific
3310 # sensitive information configurable to the data in question.
3311 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
3312 "pattern": "A String", # Pattern defining the regular expression. Its syntax
3313 # (https://github.com/google/re2/wiki/Syntax) can be found under the
3314 # google/re2 repository on GitHub.
3315 "groupIndexes": [ # The index of the submatch to extract as findings. When not
3316 # specified, the entire match is returned. No more than 3 may be included.
3317 42,
3318 ],
3319 },
3320 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
3321 # support reversing.
3322 # such as
3323 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
3324 # These types of transformations are
3325 # those that perform pseudonymization, thereby producing a "surrogate" as
3326 # output. This should be used in conjunction with a field on the
3327 # transformation such as `surrogate_info_type`. This CustomInfoType does
3328 # not support the use of `detection_rules`.
3329 },
3330 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
3331 # infoType, when the name matches one of existing infoTypes and that infoType
3332 # is specified in `InspectContent.info_types` field. Specifying the latter
3333 # adds findings to the one detected by the system. If built-in info type is
3334 # not specified in `InspectContent.info_types` list then the name is treated
3335 # as a custom info type.
3336 "name": "A String", # Name of the information type. Either a name of your choosing when
3337 # creating a CustomInfoType, or one of the names listed
3338 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
3339 # a built-in type. InfoType names should conform to the pattern
3340 # [a-zA-Z0-9_]{1,64}.
3341 },
3342 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
3343 # be used to match sensitive information specific to the data, such as a list
3344 # of employee IDs or job titles.
3345 #
3346 # Dictionary words are case-insensitive and all characters other than letters
3347 # and digits in the unicode [Basic Multilingual
3348 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
3349 # will be replaced with whitespace when scanning for matches, so the
3350 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
3351 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
3352 # surrounding any match must be of a different type than the adjacent
3353 # characters within the word, so letters must be next to non-letters and
3354 # digits next to non-digits. For example, the dictionary word "jen" will
3355 # match the first three letters of the text "jen123" but will return no
3356 # matches for "jennifer".
3357 #
3358 # Dictionary words containing a large number of characters that are not
3359 # letters or digits may result in unexpected findings because such characters
3360 # are treated as whitespace. The
3361 # [limits](https://cloud.google.com/dlp/limits) page contains details about
3362 # the size limits of dictionaries. For dictionaries that do not fit within
3363 # these constraints, consider using `LargeCustomDictionaryConfig` in the
3364 # `StoredInfoType` API.
3365 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
3366 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
3367 # at least one phrase and every phrase must contain at least 2 characters
3368 # that are letters or digits. [required]
3369 "A String",
3370 ],
3371 },
3372 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
3373 # is accepted.
3374 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
3375 # Example: gs://[BUCKET_NAME]/dictionary.txt
3376 },
3377 },
3378 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
3379 # `InspectDataSource`. Not currently supported in `InspectContent`.
3380 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
3381 # `organizations/433245324/storedInfoTypes/432452342` or
3382 # `projects/project-id/storedInfoTypes/432452342`.
3383 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
3384 # inspection was created. Output-only field, populated by the system.
3385 },
3386 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
3387 # Rules are applied in order that they are specified. Not supported for the
3388 # `surrogate_type` CustomInfoType.
3389 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
3390 # `CustomInfoType` to alter behavior under certain circumstances, depending
3391 # on the specific details of the rule. Not supported for the `surrogate_type`
3392 # custom infoType.
3393 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
3394 # proximity of hotwords.
3395 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
3396 # The total length of the window cannot exceed 1000 characters. Note that
3397 # the finding itself will be included in the window, so that hotwords may
3398 # be used to match substrings of the finding itself. For example, the
3399 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
3400 # adjusted upwards if the area code is known to be the local area code of
3401 # a company office using the hotword regex "\(xxx\)", where "xxx"
3402 # is the area code in question.
3403 # rule.
3404 "windowAfter": 42, # Number of characters after the finding to consider.
3405 "windowBefore": 42, # Number of characters before the finding to consider.
3406 },
3407 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
3408 "pattern": "A String", # Pattern defining the regular expression. Its syntax
3409 # (https://github.com/google/re2/wiki/Syntax) can be found under the
3410 # google/re2 repository on GitHub.
3411 "groupIndexes": [ # The index of the submatch to extract as findings. When not
3412 # specified, the entire match is returned. No more than 3 may be included.
3413 42,
3414 ],
3415 },
3416 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
3417 # part of a detection rule.
3418 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
3419 # levels. For example, if a finding would be `POSSIBLE` without the
3420 # detection rule and `relative_likelihood` is 1, then it is upgraded to
3421 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
3422 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
3423 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
3424 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
3425 # a final likelihood of `LIKELY`.
3426 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
3427 },
3428 },
3429 },
3430 ],
3431 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
3432 # to be returned. It still can be used for rules matching.
3433 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
3434 # altered by a detection rule if the finding meets the criteria specified by
3435 # the rule. Defaults to `VERY_LIKELY` if not specified.
3436 },
3437 ],
3438 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
3439 # included in the response; see Finding.quote.
3440 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
3441 # Exclusion rules, contained in the set are executed in the end, other
3442 # rules are executed in the order they are specified for each info type.
3443 { # Rule set for modifying a set of infoTypes to alter behavior under certain
3444 # circumstances, depending on the specific details of the rules within the set.
3445 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
3446 { # A single inspection rule to be applied to infoTypes, specified in
3447 # `InspectionRuleSet`.
3448 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
3449 # proximity of hotwords.
3450 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
3451 # The total length of the window cannot exceed 1000 characters. Note that
3452 # the finding itself will be included in the window, so that hotwords may
3453 # be used to match substrings of the finding itself. For example, the
3454 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
3455 # adjusted upwards if the area code is known to be the local area code of
3456 # a company office using the hotword regex "\(xxx\)", where "xxx"
3457 # is the area code in question.
3458 # rule.
3459 "windowAfter": 42, # Number of characters after the finding to consider.
3460 "windowBefore": 42, # Number of characters before the finding to consider.
3461 },
3462 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
3463 "pattern": "A String", # Pattern defining the regular expression. Its syntax
3464 # (https://github.com/google/re2/wiki/Syntax) can be found under the
3465 # google/re2 repository on GitHub.
3466 "groupIndexes": [ # The index of the submatch to extract as findings. When not
3467 # specified, the entire match is returned. No more than 3 may be included.
3468 42,
3469 ],
3470 },
3471 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
3472 # part of a detection rule.
3473 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
3474 # levels. For example, if a finding would be `POSSIBLE` without the
3475 # detection rule and `relative_likelihood` is 1, then it is upgraded to
3476 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
3477 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
3478 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
3479 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
3480 # a final likelihood of `LIKELY`.
3481 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
3482 },
3483 },
3484 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
3485 # `InspectionRuleSet` are removed from results.
3486 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
3487 "pattern": "A String", # Pattern defining the regular expression. Its syntax
3488 # (https://github.com/google/re2/wiki/Syntax) can be found under the
3489 # google/re2 repository on GitHub.
3490 "groupIndexes": [ # The index of the submatch to extract as findings. When not
3491 # specified, the entire match is returned. No more than 3 may be included.
3492 42,
3493 ],
3494 },
3495 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
3496 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
3497 # contained within with a finding of an infoType from this list. For
3498 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
3499 # `exclusion_rule` containing `exclude_info_types.info_types` with
3500 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
3501 # with EMAIL_ADDRESS finding.
3502 # That leads to "555-222-2222@example.org" to generate only a single
3503 # finding, namely email address.
3504 { # Type of information detected by the API.
3505 "name": "A String", # Name of the information type. Either a name of your choosing when
3506 # creating a CustomInfoType, or one of the names listed
3507 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
3508 # a built-in type. InfoType names should conform to the pattern
3509 # [a-zA-Z0-9_]{1,64}.
3510 },
3511 ],
3512 },
3513 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
3514 # be used to match sensitive information specific to the data, such as a list
3515 # of employee IDs or job titles.
3516 #
3517 # Dictionary words are case-insensitive and all characters other than letters
3518 # and digits in the unicode [Basic Multilingual
3519 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
3520 # will be replaced with whitespace when scanning for matches, so the
3521 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
3522 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
3523 # surrounding any match must be of a different type than the adjacent
3524 # characters within the word, so letters must be next to non-letters and
3525 # digits next to non-digits. For example, the dictionary word "jen" will
3526 # match the first three letters of the text "jen123" but will return no
3527 # matches for "jennifer".
3528 #
3529 # Dictionary words containing a large number of characters that are not
3530 # letters or digits may result in unexpected findings because such characters
3531 # are treated as whitespace. The
3532 # [limits](https://cloud.google.com/dlp/limits) page contains details about
3533 # the size limits of dictionaries. For dictionaries that do not fit within
3534 # these constraints, consider using `LargeCustomDictionaryConfig` in the
3535 # `StoredInfoType` API.
3536 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
3537 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
3538 # at least one phrase and every phrase must contain at least 2 characters
3539 # that are letters or digits. [required]
3540 "A String",
3541 ],
3542 },
3543 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
3544 # is accepted.
3545 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
3546 # Example: gs://[BUCKET_NAME]/dictionary.txt
3547 },
3548 },
3549 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
3550 },
3551 },
3552 ],
3553 "infoTypes": [ # List of infoTypes this rule set is applied to.
3554 { # Type of information detected by the API.
3555 "name": "A String", # Name of the information type. Either a name of your choosing when
3556 # creating a CustomInfoType, or one of the names listed
3557 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
3558 # a built-in type. InfoType names should conform to the pattern
3559 # [a-zA-Z0-9_]{1,64}.
3560 },
3561 ],
3562 },
3563 ],
3564 "contentOptions": [ # List of options defining data content to scan.
3565 # If empty, text, images, and other content will be included.
3566 "A String",
3567 ],
3568 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
3569 # InfoType values returned by ListInfoTypes or listed at
3570 # https://cloud.google.com/dlp/docs/infotypes-reference.
3571 #
3572 # When no InfoTypes or CustomInfoTypes are specified in a request, the
3573 # system may automatically choose what detectors to run. By default this may
3574 # be all types, but may change over time as detectors are updated.
3575 #
3576 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
3577 # but may change over time as new InfoTypes are added. If you need precise
3578 # control and predictability as to what detectors are run you should specify
3579 # specific InfoTypes listed in the reference.
3580 { # Type of information detected by the API.
3581 "name": "A String", # Name of the information type. Either a name of your choosing when
3582 # creating a CustomInfoType, or one of the names listed
3583 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
3584 # a built-in type. InfoType names should conform to the pattern
3585 # [a-zA-Z0-9_]{1,64}.
3586 },
3587 ],
3588 },
3589 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig.
3590 # `inspect_config` will be merged into the values persisted as part of the
3591 # template.
3592 "actions": [ # Actions to execute at the completion of the job.
3593 { # A task to execute on the completion of a job.
3594 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
3595 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location.
3596 # OutputStorageConfig. Only a single instance of this action can be
3597 # specified.
3598 # Compatible with: Inspect, Risk
3599 "outputConfig": { # Cloud repository for storing output.
3600 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing
3601 # dataset. If table_id is not set a new one will be generated
3602 # for you with the following format:
3603 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
3604 # generating the date details.
3605 #
3606 # For Inspect, each column in an existing output table must have the same
3607 # name, type, and mode of a field in the `Finding` object.
3608 #
3609 # For Risk, an existing output table should be the output of a previous
3610 # Risk analysis job run on the same source table, with the same privacy
3611 # metric and quasi-identifiers. Risk jobs that analyze the same table but
3612 # compute a different privacy metric, or use different sets of
3613 # quasi-identifiers, cannot store their results in the same table.
3614 # identified by its project_id, dataset_id, and table_name. Within a query
3615 # a table is often referenced with a string in the format of:
3616 # `<project_id>:<dataset_id>.<table_id>` or
3617 # `<project_id>.<dataset_id>.<table_id>`.
3618 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
3619 # If omitted, project ID is inferred from the API call.
3620 "tableId": "A String", # Name of the table.
3621 "datasetId": "A String", # Dataset ID of the table.
3622 },
3623 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only
3624 # used for Inspect and must be unspecified for Risk jobs. Columns are derived
3625 # from the `Finding` object. If appending to an existing table, any columns
3626 # from the predefined schema that are missing will be added. No columns in
3627 # the existing table will be deleted.
3628 #
3629 # If unspecified, then all available columns will be used for a new table or
3630 # an (existing) table with no schema, and no changes will be made to an
3631 # existing table that has a schema.
3632 },
3633 },
3634 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's
3635 # completion/failure.
3636 # completion/failure.
3637 },
3638 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha).
3639 # Command Center (CSCC Alpha).
3640 # This action is only available for projects which are parts of
3641 # an organization and whitelisted for the alpha Cloud Security Command
3642 # Center.
3643 # The action will publish count of finding instances and their info types.
3644 # The summary of findings will be persisted in CSCC and are governed by CSCC
3645 # service-specific policy, see https://cloud.google.com/terms/service-terms
3646 # Only a single instance of this action can be specified.
3647 # Compatible with: Inspect
3648 },
3649 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic.
3650 # message contains a single field, `DlpJobName`, which is equal to the
3651 # finished job's
3652 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
3653 # Compatible with: Inspect, Risk
3654 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given
3655 # publishing access rights to the DLP API service account executing
3656 # the long running DlpJob sending the notifications.
3657 # Format is projects/{project}/topics/{topic}.
3658 },
3659 },
3660 ],
3661 },
3662 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list
3663 # needs to trigger for a job to be started. The list may contain only
3664 # a single Schedule trigger and must have at least one object.
3665 { # What event needs to occur for a new job to be started.
3666 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time.
3667 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For
3668 # example: every day (86400 seconds).
3669 #
3670 # A scheduled start time will be skipped if the previous
3671 # execution has not ended when its scheduled time occurs.
3672 #
3673 # This value must be set to a time duration greater than or equal
3674 # to 1 day and can be no longer than 60 days.
3675 },
3676 },
3677 ],
3678 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field.
3679 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field.
3680 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the
3681 # triggeredJob is created, for example
3682 # `projects/dlp-test-project/triggeredJobs/53234423`.
3683 }</pre>
3684</div>
3685
3686<div class="method">
3687 <code class="details" id="list">list(parent, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None, filter=None)</code>
3688 <pre>Lists job triggers.
3689See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
3690
3691Args:
3692 parent: string, The parent resource name, for example `projects/my-project-id`. (required)
3693 orderBy: string, Optional comma separated list of triggeredJob fields to order by,
3694followed by `asc` or `desc` postfix. This list is case-insensitive,
3695default sorting order is ascending, redundant space characters are
3696insignificant.
3697
3698Example: `name asc,update_time, create_time desc`
3699
3700Supported fields are:
3701
3702- `create_time`: corresponds to time the JobTrigger was created.
3703- `update_time`: corresponds to time the JobTrigger was last updated.
3704- `last_run_time`: corresponds to the last time the JobTrigger ran.
3705- `name`: corresponds to JobTrigger's name.
3706- `display_name`: corresponds to JobTrigger's display name.
3707- `status`: corresponds to JobTrigger's status.
3708 pageSize: integer, Optional size of the page, can be limited by a server.
3709 pageToken: string, Optional page token to continue retrieval. Comes from previous call
3710to ListJobTriggers. `order_by` field must not
3711change for subsequent calls.
3712 x__xgafv: string, V1 error format.
3713 Allowed values
3714 1 - v1 error format
3715 2 - v2 error format
3716 filter: string, Optional. Allows filtering.
3717
3718Supported syntax:
3719
3720* Filter expressions are made up of one or more restrictions.
3721* Restrictions can be combined by `AND` or `OR` logical operators. A
3722sequence of restrictions implicitly uses `AND`.
3723* A restriction has the form of `<field> <operator> <value>`.
3724* Supported fields/values for inspect jobs:
3725 - `status` - HEALTHY|PAUSED|CANCELLED
3726 - `inspected_storage` - DATASTORE|CLOUD_STORAGE|BIGQUERY
3727 - 'last_run_time` - RFC 3339 formatted timestamp, surrounded by
3728 quotation marks. Nanoseconds are ignored.
3729 - 'error_count' - Number of errors that have occurred while running.
3730* The operator must be `=` or `!=` for status and inspected_storage.
3731
3732Examples:
3733
3734* inspected_storage = cloud_storage AND status = HEALTHY
3735* inspected_storage = cloud_storage OR inspected_storage = bigquery
3736* inspected_storage = cloud_storage AND (state = PAUSED OR state = HEALTHY)
3737* last_run_time > \"2017-12-12T00:00:00+00:00\"
3738
3739The length of this field should be no more than 500 characters.
3740
3741Returns:
3742 An object of the form:
3743
3744 { # Response message for ListJobTriggers.
3745 "nextPageToken": "A String", # If the next page is available then the next page token to be used
3746 # in following ListJobTriggers request.
3747 "jobTriggers": [ # List of triggeredJobs, up to page_size in ListJobTriggersRequest.
3748 { # Contains a configuration to make dlp api calls on a repeating basis.
3749 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
3750 "status": "A String", # A status for this trigger. [required]
3751 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field.
3752 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated
3753 # errors may result in the JobTrigger automatically being paused.
3754 # Will return the last 100 errors. Whenever the JobTrigger is modified
3755 # this list will be cleared. Output only field.
3756 { # Details information about an error encountered during job execution or
3757 # the results of an unsuccessful activation of the JobTrigger.
3758 # Output only field.
3759 "timestamps": [ # The times the error occurred.
3760 "A String",
3761 ],
3762 "details": { # The `Status` type defines a logical error model that is suitable for
3763 # different programming environments, including REST APIs and RPC APIs. It is
3764 # used by [gRPC](https://github.com/grpc). Each `Status` message contains
3765 # three pieces of data: error code, error message, and error details.
3766 #
3767 # You can find out more about this error model and how to work with it in the
3768 # [API Design Guide](https://cloud.google.com/apis/design/errors).
3769 "message": "A String", # A developer-facing error message, which should be in English. Any
3770 # user-facing error message should be localized and sent in the
3771 # google.rpc.Status.details field, or localized by the client.
3772 "code": 42, # The status code, which should be an enum value of google.rpc.Code.
3773 "details": [ # A list of messages that carry the error details. There is a common set of
3774 # message types for APIs to use.
3775 {
3776 "a_key": "", # Properties of the object. Contains field @type with type URL.
3777 },
3778 ],
3779 },
3780 },
3781 ],
3782 "displayName": "A String", # Display name (max 100 chars)
3783 "description": "A String", # User provided description (max 256 chars)
3784 "inspectJob": {
3785 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan.
3786 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification.
3787 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always
3788 # by project and namespace, however the namespace ID may be empty.
3789 # A partition ID identifies a grouping of entities. The grouping is always
3790 # by project and namespace, however the namespace ID may be empty.
3791 #
3792 # A partition ID contains several dimensions:
3793 # project ID and namespace ID.
3794 "projectId": "A String", # The ID of the project to which the entities belong.
3795 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
3796 },
3797 "kind": { # A representation of a Datastore kind. # The kind to process.
3798 "name": "A String", # The name of the kind.
3799 },
3800 },
3801 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification.
3802 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip
3803 # inspection of entire columns which you know have no findings.
3804 { # General identifier of a data field in a storage service.
3805 "name": "A String", # Name describing the field.
3806 },
3807 ],
3808 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the
3809 # rest of the rows are omitted. If not set, or if set to 0, all rows will be
3810 # scanned. Only one of rows_limit and rows_limit_percent can be specified.
3811 # Cannot be used in conjunction with TimespanConfig.
3812 "sampleMethod": "A String",
3813 "identifyingFields": [ # References to fields uniquely identifying rows within the table.
3814 # Nested fields in the format, like `person.birthdate.year`, are allowed.
3815 { # General identifier of a data field in a storage service.
3816 "name": "A String", # Name describing the field.
3817 },
3818 ],
3819 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows
3820 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
3821 # 100 means no limit. Defaults to 0. Only one of rows_limit and
3822 # rows_limit_percent can be specified. Cannot be used in conjunction with
3823 # TimespanConfig.
3824 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference.
3825 # identified by its project_id, dataset_id, and table_name. Within a query
3826 # a table is often referenced with a string in the format of:
3827 # `<project_id>:<dataset_id>.<table_id>` or
3828 # `<project_id>.<dataset_id>.<table_id>`.
3829 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
3830 # If omitted, project ID is inferred from the API call.
3831 "tableId": "A String", # Name of the table.
3832 "datasetId": "A String", # Dataset ID of the table.
3833 },
3834 },
3835 "timespanConfig": { # Configuration of the timespan of the items to include in scanning.
3836 # Currently only supported when inspecting Google Cloud Storage and BigQuery.
3837 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items.
3838 # Used for data sources like Datastore or BigQuery.
3839 # If not specified for BigQuery, table last modification timestamp
3840 # is checked against given time span.
3841 # The valid data types of the timestamp field are:
3842 # for BigQuery - timestamp, date, datetime;
3843 # for Datastore - timestamp.
3844 # Datastore entity will be scanned if the timestamp property does not exist
3845 # or its value is empty or invalid.
3846 "name": "A String", # Name describing the field.
3847 },
3848 "endTime": "A String", # Exclude files or rows newer than this value.
3849 # If set to zero, no upper time limit is applied.
3850 "startTime": "A String", # Exclude files or rows older than this value.
3851 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out
3852 # a valid start_time to avoid scanning files that have not been modified
3853 # since the last time the JobTrigger executed. This will be based on the
3854 # time of the execution of the last run of the JobTrigger.
3855 },
3856 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification.
3857 # bucket.
3858 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger
3859 # than this value then the rest of the bytes are omitted. Only one
3860 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
3861 "sampleMethod": "A String",
3862 "fileSet": { # Set of files to scan. # The set of one or more files to scan.
3863 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format
3864 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
3865 #
3866 # If the url ends in a trailing slash, the bucket or directory represented
3867 # by the url will be scanned non-recursively (content in sub-directories
3868 # will not be scanned). This means that `gs://mybucket/` is equivalent to
3869 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
3870 # `gs://mybucket/directory/*`.
3871 #
3872 # Exactly one of `url` or `regex_file_set` must be set.
3873 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or
3874 # `regex_file_set` must be set.
3875 # expressions are used to allow fine-grained control over which files in the
3876 # bucket to include.
3877 #
3878 # Included files are those that match at least one item in `include_regex` and
3879 # do not match any items in `exclude_regex`. Note that a file that matches
3880 # items from both lists will _not_ be included. For a match to occur, the
3881 # entire file path (i.e., everything in the url after the bucket name) must
3882 # match the regular expression.
3883 #
3884 # For example, given the input `{bucket_name: "mybucket", include_regex:
3885 # ["directory1/.*"], exclude_regex:
3886 # ["directory1/excluded.*"]}`:
3887 #
3888 # * `gs://mybucket/directory1/myfile` will be included
3889 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
3890 # across `/`)
3891 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
3892 # full path doesn't match any items in `include_regex`)
3893 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
3894 # matches an item in `exclude_regex`)
3895 #
3896 # If `include_regex` is left empty, it will match all files by default
3897 # (this is equivalent to setting `include_regex: [".*"]`).
3898 #
3899 # Some other common use cases:
3900 #
3901 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
3902 # files in `mybucket` except for .pdf files
3903 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
3904 # include all files directly under `gs://mybucket/directory/`, without matching
3905 # across `/`
3906 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in
3907 # the bucket that match at least one of these regular expressions will be
3908 # excluded from the scan.
3909 #
3910 # Regular expressions use RE2
3911 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
3912 # under the google/re2 repository on GitHub.
3913 "A String",
3914 ],
3915 "bucketName": "A String", # The name of a Cloud Storage bucket. Required.
3916 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in
3917 # the bucket that match at least one of these regular expressions will be
3918 # included in the set of files, except for those that also match an item in
3919 # `exclude_regex`. Leaving this field empty will match all files by default
3920 # (this is equivalent to including `.*` in the list).
3921 #
3922 # Regular expressions use RE2
3923 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
3924 # under the google/re2 repository on GitHub.
3925 "A String",
3926 ],
3927 },
3928 },
3929 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The
3930 # number of bytes scanned is rounded down. Must be between 0 and 100,
3931 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
3932 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
3933 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet.
3934 # Number of files scanned is rounded down. Must be between 0 and 100,
3935 # inclusively. Both 0 and 100 means no limit. Defaults to 0.
3936 "fileTypes": [ # List of file type groups to include in the scan.
3937 # If empty, all files are scanned and available data format processors
3938 # are applied. In addition, the binary content of the selected files
3939 # is always scanned as well.
3940 "A String",
3941 ],
3942 },
3943 },
3944 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for.
3945 # When used with redactContent only info_types and min_likelihood are currently
3946 # used.
3947 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
3948 "limits": {
3949 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
3950 # When set within `InspectContentRequest`, the maximum returned is 2000
3951 # regardless if this is set higher.
3952 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
3953 { # Max findings configuration per infoType, per content item or long
3954 # running DlpJob.
3955 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
3956 # info_type should be provided. If InfoTypeLimit does not have an
3957 # info_type, the DLP API applies the limit against all info_types that
3958 # are found but not specified in another InfoTypeLimit.
3959 "name": "A String", # Name of the information type. Either a name of your choosing when
3960 # creating a CustomInfoType, or one of the names listed
3961 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
3962 # a built-in type. InfoType names should conform to the pattern
3963 # [a-zA-Z0-9_]{1,64}.
3964 },
3965 "maxFindings": 42, # Max findings limit for the given infoType.
3966 },
3967 ],
3968 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
3969 # When set within `InspectDataSourceRequest`,
3970 # the maximum returned is 2000 regardless if this is set higher.
3971 # When set within `InspectContentRequest`, this field is ignored.
3972 },
3973 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
3974 # POSSIBLE.
3975 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
3976 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
3977 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
3978 { # Custom information type provided by the user. Used to find domain-specific
3979 # sensitive information configurable to the data in question.
3980 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
3981 "pattern": "A String", # Pattern defining the regular expression. Its syntax
3982 # (https://github.com/google/re2/wiki/Syntax) can be found under the
3983 # google/re2 repository on GitHub.
3984 "groupIndexes": [ # The index of the submatch to extract as findings. When not
3985 # specified, the entire match is returned. No more than 3 may be included.
3986 42,
3987 ],
3988 },
3989 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
3990 # support reversing.
3991 # such as
3992 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
3993 # These types of transformations are
3994 # those that perform pseudonymization, thereby producing a "surrogate" as
3995 # output. This should be used in conjunction with a field on the
3996 # transformation such as `surrogate_info_type`. This CustomInfoType does
3997 # not support the use of `detection_rules`.
3998 },
3999 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
4000 # infoType, when the name matches one of existing infoTypes and that infoType
4001 # is specified in `InspectContent.info_types` field. Specifying the latter
4002 # adds findings to the one detected by the system. If built-in info type is
4003 # not specified in `InspectContent.info_types` list then the name is treated
4004 # as a custom info type.
4005 "name": "A String", # Name of the information type. Either a name of your choosing when
4006 # creating a CustomInfoType, or one of the names listed
4007 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4008 # a built-in type. InfoType names should conform to the pattern
4009 # [a-zA-Z0-9_]{1,64}.
4010 },
4011 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
4012 # be used to match sensitive information specific to the data, such as a list
4013 # of employee IDs or job titles.
4014 #
4015 # Dictionary words are case-insensitive and all characters other than letters
4016 # and digits in the unicode [Basic Multilingual
4017 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
4018 # will be replaced with whitespace when scanning for matches, so the
4019 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
4020 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
4021 # surrounding any match must be of a different type than the adjacent
4022 # characters within the word, so letters must be next to non-letters and
4023 # digits next to non-digits. For example, the dictionary word "jen" will
4024 # match the first three letters of the text "jen123" but will return no
4025 # matches for "jennifer".
4026 #
4027 # Dictionary words containing a large number of characters that are not
4028 # letters or digits may result in unexpected findings because such characters
4029 # are treated as whitespace. The
4030 # [limits](https://cloud.google.com/dlp/limits) page contains details about
4031 # the size limits of dictionaries. For dictionaries that do not fit within
4032 # these constraints, consider using `LargeCustomDictionaryConfig` in the
4033 # `StoredInfoType` API.
4034 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
4035 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
4036 # at least one phrase and every phrase must contain at least 2 characters
4037 # that are letters or digits. [required]
4038 "A String",
4039 ],
4040 },
4041 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
4042 # is accepted.
4043 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
4044 # Example: gs://[BUCKET_NAME]/dictionary.txt
4045 },
4046 },
4047 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
4048 # `InspectDataSource`. Not currently supported in `InspectContent`.
4049 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
4050 # `organizations/433245324/storedInfoTypes/432452342` or
4051 # `projects/project-id/storedInfoTypes/432452342`.
4052 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
4053 # inspection was created. Output-only field, populated by the system.
4054 },
4055 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
4056 # Rules are applied in order that they are specified. Not supported for the
4057 # `surrogate_type` CustomInfoType.
4058 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
4059 # `CustomInfoType` to alter behavior under certain circumstances, depending
4060 # on the specific details of the rule. Not supported for the `surrogate_type`
4061 # custom infoType.
4062 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
4063 # proximity of hotwords.
4064 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
4065 # The total length of the window cannot exceed 1000 characters. Note that
4066 # the finding itself will be included in the window, so that hotwords may
4067 # be used to match substrings of the finding itself. For example, the
4068 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
4069 # adjusted upwards if the area code is known to be the local area code of
4070 # a company office using the hotword regex "\(xxx\)", where "xxx"
4071 # is the area code in question.
4072 # rule.
4073 "windowAfter": 42, # Number of characters after the finding to consider.
4074 "windowBefore": 42, # Number of characters before the finding to consider.
4075 },
4076 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
4077 "pattern": "A String", # Pattern defining the regular expression. Its syntax
4078 # (https://github.com/google/re2/wiki/Syntax) can be found under the
4079 # google/re2 repository on GitHub.
4080 "groupIndexes": [ # The index of the submatch to extract as findings. When not
4081 # specified, the entire match is returned. No more than 3 may be included.
4082 42,
4083 ],
4084 },
4085 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
4086 # part of a detection rule.
4087 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
4088 # levels. For example, if a finding would be `POSSIBLE` without the
4089 # detection rule and `relative_likelihood` is 1, then it is upgraded to
4090 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
4091 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
4092 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
4093 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
4094 # a final likelihood of `LIKELY`.
4095 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
4096 },
4097 },
4098 },
4099 ],
4100 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
4101 # to be returned. It still can be used for rules matching.
4102 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
4103 # altered by a detection rule if the finding meets the criteria specified by
4104 # the rule. Defaults to `VERY_LIKELY` if not specified.
4105 },
4106 ],
4107 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
4108 # included in the response; see Finding.quote.
4109 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
4110 # Exclusion rules, contained in the set are executed in the end, other
4111 # rules are executed in the order they are specified for each info type.
4112 { # Rule set for modifying a set of infoTypes to alter behavior under certain
4113 # circumstances, depending on the specific details of the rules within the set.
4114 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
4115 { # A single inspection rule to be applied to infoTypes, specified in
4116 # `InspectionRuleSet`.
4117 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
4118 # proximity of hotwords.
4119 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
4120 # The total length of the window cannot exceed 1000 characters. Note that
4121 # the finding itself will be included in the window, so that hotwords may
4122 # be used to match substrings of the finding itself. For example, the
4123 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
4124 # adjusted upwards if the area code is known to be the local area code of
4125 # a company office using the hotword regex "\(xxx\)", where "xxx"
4126 # is the area code in question.
4127 # rule.
4128 "windowAfter": 42, # Number of characters after the finding to consider.
4129 "windowBefore": 42, # Number of characters before the finding to consider.
4130 },
4131 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
4132 "pattern": "A String", # Pattern defining the regular expression. Its syntax
4133 # (https://github.com/google/re2/wiki/Syntax) can be found under the
4134 # google/re2 repository on GitHub.
4135 "groupIndexes": [ # The index of the submatch to extract as findings. When not
4136 # specified, the entire match is returned. No more than 3 may be included.
4137 42,
4138 ],
4139 },
4140 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
4141 # part of a detection rule.
4142 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
4143 # levels. For example, if a finding would be `POSSIBLE` without the
4144 # detection rule and `relative_likelihood` is 1, then it is upgraded to
4145 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
4146 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
4147 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
4148 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
4149 # a final likelihood of `LIKELY`.
4150 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
4151 },
4152 },
4153 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
4154 # `InspectionRuleSet` are removed from results.
4155 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
4156 "pattern": "A String", # Pattern defining the regular expression. Its syntax
4157 # (https://github.com/google/re2/wiki/Syntax) can be found under the
4158 # google/re2 repository on GitHub.
4159 "groupIndexes": [ # The index of the submatch to extract as findings. When not
4160 # specified, the entire match is returned. No more than 3 may be included.
4161 42,
4162 ],
4163 },
4164 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
4165 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
4166 # contained within with a finding of an infoType from this list. For
4167 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
4168 # `exclusion_rule` containing `exclude_info_types.info_types` with
4169 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
4170 # with EMAIL_ADDRESS finding.
4171 # That leads to "555-222-2222@example.org" to generate only a single
4172 # finding, namely email address.
4173 { # Type of information detected by the API.
4174 "name": "A String", # Name of the information type. Either a name of your choosing when
4175 # creating a CustomInfoType, or one of the names listed
4176 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4177 # a built-in type. InfoType names should conform to the pattern
4178 # [a-zA-Z0-9_]{1,64}.
4179 },
4180 ],
4181 },
4182 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
4183 # be used to match sensitive information specific to the data, such as a list
4184 # of employee IDs or job titles.
4185 #
4186 # Dictionary words are case-insensitive and all characters other than letters
4187 # and digits in the unicode [Basic Multilingual
4188 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
4189 # will be replaced with whitespace when scanning for matches, so the
4190 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
4191 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
4192 # surrounding any match must be of a different type than the adjacent
4193 # characters within the word, so letters must be next to non-letters and
4194 # digits next to non-digits. For example, the dictionary word "jen" will
4195 # match the first three letters of the text "jen123" but will return no
4196 # matches for "jennifer".
4197 #
4198 # Dictionary words containing a large number of characters that are not
4199 # letters or digits may result in unexpected findings because such characters
4200 # are treated as whitespace. The
4201 # [limits](https://cloud.google.com/dlp/limits) page contains details about
4202 # the size limits of dictionaries. For dictionaries that do not fit within
4203 # these constraints, consider using `LargeCustomDictionaryConfig` in the
4204 # `StoredInfoType` API.
4205 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
4206 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
4207 # at least one phrase and every phrase must contain at least 2 characters
4208 # that are letters or digits. [required]
4209 "A String",
4210 ],
4211 },
4212 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
4213 # is accepted.
4214 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
4215 # Example: gs://[BUCKET_NAME]/dictionary.txt
4216 },
4217 },
4218 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
4219 },
4220 },
4221 ],
4222 "infoTypes": [ # List of infoTypes this rule set is applied to.
4223 { # Type of information detected by the API.
4224 "name": "A String", # Name of the information type. Either a name of your choosing when
4225 # creating a CustomInfoType, or one of the names listed
4226 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4227 # a built-in type. InfoType names should conform to the pattern
4228 # [a-zA-Z0-9_]{1,64}.
4229 },
4230 ],
4231 },
4232 ],
4233 "contentOptions": [ # List of options defining data content to scan.
4234 # If empty, text, images, and other content will be included.
4235 "A String",
4236 ],
4237 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
4238 # InfoType values returned by ListInfoTypes or listed at
4239 # https://cloud.google.com/dlp/docs/infotypes-reference.
4240 #
4241 # When no InfoTypes or CustomInfoTypes are specified in a request, the
4242 # system may automatically choose what detectors to run. By default this may
4243 # be all types, but may change over time as detectors are updated.
4244 #
4245 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
4246 # but may change over time as new InfoTypes are added. If you need precise
4247 # control and predictability as to what detectors are run you should specify
4248 # specific InfoTypes listed in the reference.
4249 { # Type of information detected by the API.
4250 "name": "A String", # Name of the information type. Either a name of your choosing when
4251 # creating a CustomInfoType, or one of the names listed
4252 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4253 # a built-in type. InfoType names should conform to the pattern
4254 # [a-zA-Z0-9_]{1,64}.
4255 },
4256 ],
4257 },
4258 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig.
4259 # `inspect_config` will be merged into the values persisted as part of the
4260 # template.
4261 "actions": [ # Actions to execute at the completion of the job.
4262 { # A task to execute on the completion of a job.
4263 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
4264 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location.
4265 # OutputStorageConfig. Only a single instance of this action can be
4266 # specified.
4267 # Compatible with: Inspect, Risk
4268 "outputConfig": { # Cloud repository for storing output.
4269 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing
4270 # dataset. If table_id is not set a new one will be generated
4271 # for you with the following format:
4272 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
4273 # generating the date details.
4274 #
4275 # For Inspect, each column in an existing output table must have the same
4276 # name, type, and mode of a field in the `Finding` object.
4277 #
4278 # For Risk, an existing output table should be the output of a previous
4279 # Risk analysis job run on the same source table, with the same privacy
4280 # metric and quasi-identifiers. Risk jobs that analyze the same table but
4281 # compute a different privacy metric, or use different sets of
4282 # quasi-identifiers, cannot store their results in the same table.
4283 # identified by its project_id, dataset_id, and table_name. Within a query
4284 # a table is often referenced with a string in the format of:
4285 # `<project_id>:<dataset_id>.<table_id>` or
4286 # `<project_id>.<dataset_id>.<table_id>`.
4287 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
4288 # If omitted, project ID is inferred from the API call.
4289 "tableId": "A String", # Name of the table.
4290 "datasetId": "A String", # Dataset ID of the table.
4291 },
4292 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only
4293 # used for Inspect and must be unspecified for Risk jobs. Columns are derived
4294 # from the `Finding` object. If appending to an existing table, any columns
4295 # from the predefined schema that are missing will be added. No columns in
4296 # the existing table will be deleted.
4297 #
4298 # If unspecified, then all available columns will be used for a new table or
4299 # an (existing) table with no schema, and no changes will be made to an
4300 # existing table that has a schema.
4301 },
4302 },
4303 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's
4304 # completion/failure.
4305 # completion/failure.
4306 },
4307 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha).
4308 # Command Center (CSCC Alpha).
4309 # This action is only available for projects which are parts of
4310 # an organization and whitelisted for the alpha Cloud Security Command
4311 # Center.
4312 # The action will publish count of finding instances and their info types.
4313 # The summary of findings will be persisted in CSCC and are governed by CSCC
4314 # service-specific policy, see https://cloud.google.com/terms/service-terms
4315 # Only a single instance of this action can be specified.
4316 # Compatible with: Inspect
4317 },
4318 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic.
4319 # message contains a single field, `DlpJobName`, which is equal to the
4320 # finished job's
4321 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
4322 # Compatible with: Inspect, Risk
4323 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given
4324 # publishing access rights to the DLP API service account executing
4325 # the long running DlpJob sending the notifications.
4326 # Format is projects/{project}/topics/{topic}.
4327 },
4328 },
4329 ],
4330 },
4331 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list
4332 # needs to trigger for a job to be started. The list may contain only
4333 # a single Schedule trigger and must have at least one object.
4334 { # What event needs to occur for a new job to be started.
4335 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time.
4336 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For
4337 # example: every day (86400 seconds).
4338 #
4339 # A scheduled start time will be skipped if the previous
4340 # execution has not ended when its scheduled time occurs.
4341 #
4342 # This value must be set to a time duration greater than or equal
4343 # to 1 day and can be no longer than 60 days.
4344 },
4345 },
4346 ],
4347 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field.
4348 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field.
4349 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the
4350 # triggeredJob is created, for example
4351 # `projects/dlp-test-project/triggeredJobs/53234423`.
4352 },
4353 ],
4354 }</pre>
4355</div>
4356
4357<div class="method">
4358 <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
4359 <pre>Retrieves the next page of results.
4360
4361Args:
4362 previous_request: The request for the previous page. (required)
4363 previous_response: The response from the request for the previous page. (required)
4364
4365Returns:
4366 A request object that you can call 'execute()' on to request the next
4367 page. Returns None if there are no more items in the collection.
4368 </pre>
4369</div>
4370
4371<div class="method">
4372 <code class="details" id="patch">patch(name, body, x__xgafv=None)</code>
4373 <pre>Updates a job trigger.
4374See https://cloud.google.com/dlp/docs/creating-job-triggers to learn more.
4375
4376Args:
4377 name: string, Resource name of the project and the triggeredJob, for example
4378`projects/dlp-test-project/jobTriggers/53234423`. (required)
4379 body: object, The request body. (required)
4380 The object takes the form of:
4381
4382{ # Request message for UpdateJobTrigger.
4383 "jobTrigger": { # Contains a configuration to make dlp api calls on a repeating basis. # New JobTrigger value.
4384 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
4385 "status": "A String", # A status for this trigger. [required]
4386 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field.
4387 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated
4388 # errors may result in the JobTrigger automatically being paused.
4389 # Will return the last 100 errors. Whenever the JobTrigger is modified
4390 # this list will be cleared. Output only field.
4391 { # Details information about an error encountered during job execution or
4392 # the results of an unsuccessful activation of the JobTrigger.
4393 # Output only field.
4394 "timestamps": [ # The times the error occurred.
4395 "A String",
4396 ],
4397 "details": { # The `Status` type defines a logical error model that is suitable for
4398 # different programming environments, including REST APIs and RPC APIs. It is
4399 # used by [gRPC](https://github.com/grpc). Each `Status` message contains
4400 # three pieces of data: error code, error message, and error details.
4401 #
4402 # You can find out more about this error model and how to work with it in the
4403 # [API Design Guide](https://cloud.google.com/apis/design/errors).
4404 "message": "A String", # A developer-facing error message, which should be in English. Any
4405 # user-facing error message should be localized and sent in the
4406 # google.rpc.Status.details field, or localized by the client.
4407 "code": 42, # The status code, which should be an enum value of google.rpc.Code.
4408 "details": [ # A list of messages that carry the error details. There is a common set of
4409 # message types for APIs to use.
4410 {
4411 "a_key": "", # Properties of the object. Contains field @type with type URL.
4412 },
4413 ],
4414 },
4415 },
4416 ],
4417 "displayName": "A String", # Display name (max 100 chars)
4418 "description": "A String", # User provided description (max 256 chars)
4419 "inspectJob": {
4420 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan.
4421 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification.
4422 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always
4423 # by project and namespace, however the namespace ID may be empty.
4424 # A partition ID identifies a grouping of entities. The grouping is always
4425 # by project and namespace, however the namespace ID may be empty.
4426 #
4427 # A partition ID contains several dimensions:
4428 # project ID and namespace ID.
4429 "projectId": "A String", # The ID of the project to which the entities belong.
4430 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
4431 },
4432 "kind": { # A representation of a Datastore kind. # The kind to process.
4433 "name": "A String", # The name of the kind.
4434 },
4435 },
4436 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification.
4437 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip
4438 # inspection of entire columns which you know have no findings.
4439 { # General identifier of a data field in a storage service.
4440 "name": "A String", # Name describing the field.
4441 },
4442 ],
4443 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the
4444 # rest of the rows are omitted. If not set, or if set to 0, all rows will be
4445 # scanned. Only one of rows_limit and rows_limit_percent can be specified.
4446 # Cannot be used in conjunction with TimespanConfig.
4447 "sampleMethod": "A String",
4448 "identifyingFields": [ # References to fields uniquely identifying rows within the table.
4449 # Nested fields in the format, like `person.birthdate.year`, are allowed.
4450 { # General identifier of a data field in a storage service.
4451 "name": "A String", # Name describing the field.
4452 },
4453 ],
4454 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows
4455 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
4456 # 100 means no limit. Defaults to 0. Only one of rows_limit and
4457 # rows_limit_percent can be specified. Cannot be used in conjunction with
4458 # TimespanConfig.
4459 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference.
4460 # identified by its project_id, dataset_id, and table_name. Within a query
4461 # a table is often referenced with a string in the format of:
4462 # `<project_id>:<dataset_id>.<table_id>` or
4463 # `<project_id>.<dataset_id>.<table_id>`.
4464 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
4465 # If omitted, project ID is inferred from the API call.
4466 "tableId": "A String", # Name of the table.
4467 "datasetId": "A String", # Dataset ID of the table.
4468 },
4469 },
4470 "timespanConfig": { # Configuration of the timespan of the items to include in scanning.
4471 # Currently only supported when inspecting Google Cloud Storage and BigQuery.
4472 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items.
4473 # Used for data sources like Datastore or BigQuery.
4474 # If not specified for BigQuery, table last modification timestamp
4475 # is checked against given time span.
4476 # The valid data types of the timestamp field are:
4477 # for BigQuery - timestamp, date, datetime;
4478 # for Datastore - timestamp.
4479 # Datastore entity will be scanned if the timestamp property does not exist
4480 # or its value is empty or invalid.
4481 "name": "A String", # Name describing the field.
4482 },
4483 "endTime": "A String", # Exclude files or rows newer than this value.
4484 # If set to zero, no upper time limit is applied.
4485 "startTime": "A String", # Exclude files or rows older than this value.
4486 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out
4487 # a valid start_time to avoid scanning files that have not been modified
4488 # since the last time the JobTrigger executed. This will be based on the
4489 # time of the execution of the last run of the JobTrigger.
4490 },
4491 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification.
4492 # bucket.
4493 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger
4494 # than this value then the rest of the bytes are omitted. Only one
4495 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
4496 "sampleMethod": "A String",
4497 "fileSet": { # Set of files to scan. # The set of one or more files to scan.
4498 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format
4499 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
4500 #
4501 # If the url ends in a trailing slash, the bucket or directory represented
4502 # by the url will be scanned non-recursively (content in sub-directories
4503 # will not be scanned). This means that `gs://mybucket/` is equivalent to
4504 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
4505 # `gs://mybucket/directory/*`.
4506 #
4507 # Exactly one of `url` or `regex_file_set` must be set.
4508 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or
4509 # `regex_file_set` must be set.
4510 # expressions are used to allow fine-grained control over which files in the
4511 # bucket to include.
4512 #
4513 # Included files are those that match at least one item in `include_regex` and
4514 # do not match any items in `exclude_regex`. Note that a file that matches
4515 # items from both lists will _not_ be included. For a match to occur, the
4516 # entire file path (i.e., everything in the url after the bucket name) must
4517 # match the regular expression.
4518 #
4519 # For example, given the input `{bucket_name: "mybucket", include_regex:
4520 # ["directory1/.*"], exclude_regex:
4521 # ["directory1/excluded.*"]}`:
4522 #
4523 # * `gs://mybucket/directory1/myfile` will be included
4524 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
4525 # across `/`)
4526 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
4527 # full path doesn't match any items in `include_regex`)
4528 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
4529 # matches an item in `exclude_regex`)
4530 #
4531 # If `include_regex` is left empty, it will match all files by default
4532 # (this is equivalent to setting `include_regex: [".*"]`).
4533 #
4534 # Some other common use cases:
4535 #
4536 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
4537 # files in `mybucket` except for .pdf files
4538 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
4539 # include all files directly under `gs://mybucket/directory/`, without matching
4540 # across `/`
4541 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in
4542 # the bucket that match at least one of these regular expressions will be
4543 # excluded from the scan.
4544 #
4545 # Regular expressions use RE2
4546 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
4547 # under the google/re2 repository on GitHub.
4548 "A String",
4549 ],
4550 "bucketName": "A String", # The name of a Cloud Storage bucket. Required.
4551 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in
4552 # the bucket that match at least one of these regular expressions will be
4553 # included in the set of files, except for those that also match an item in
4554 # `exclude_regex`. Leaving this field empty will match all files by default
4555 # (this is equivalent to including `.*` in the list).
4556 #
4557 # Regular expressions use RE2
4558 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
4559 # under the google/re2 repository on GitHub.
4560 "A String",
4561 ],
4562 },
4563 },
4564 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The
4565 # number of bytes scanned is rounded down. Must be between 0 and 100,
4566 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
4567 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
4568 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet.
4569 # Number of files scanned is rounded down. Must be between 0 and 100,
4570 # inclusively. Both 0 and 100 means no limit. Defaults to 0.
4571 "fileTypes": [ # List of file type groups to include in the scan.
4572 # If empty, all files are scanned and available data format processors
4573 # are applied. In addition, the binary content of the selected files
4574 # is always scanned as well.
4575 "A String",
4576 ],
4577 },
4578 },
4579 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for.
4580 # When used with redactContent only info_types and min_likelihood are currently
4581 # used.
4582 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
4583 "limits": {
4584 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
4585 # When set within `InspectContentRequest`, the maximum returned is 2000
4586 # regardless if this is set higher.
4587 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
4588 { # Max findings configuration per infoType, per content item or long
4589 # running DlpJob.
4590 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
4591 # info_type should be provided. If InfoTypeLimit does not have an
4592 # info_type, the DLP API applies the limit against all info_types that
4593 # are found but not specified in another InfoTypeLimit.
4594 "name": "A String", # Name of the information type. Either a name of your choosing when
4595 # creating a CustomInfoType, or one of the names listed
4596 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4597 # a built-in type. InfoType names should conform to the pattern
4598 # [a-zA-Z0-9_]{1,64}.
4599 },
4600 "maxFindings": 42, # Max findings limit for the given infoType.
4601 },
4602 ],
4603 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
4604 # When set within `InspectDataSourceRequest`,
4605 # the maximum returned is 2000 regardless if this is set higher.
4606 # When set within `InspectContentRequest`, this field is ignored.
4607 },
4608 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
4609 # POSSIBLE.
4610 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
4611 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
4612 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
4613 { # Custom information type provided by the user. Used to find domain-specific
4614 # sensitive information configurable to the data in question.
4615 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
4616 "pattern": "A String", # Pattern defining the regular expression. Its syntax
4617 # (https://github.com/google/re2/wiki/Syntax) can be found under the
4618 # google/re2 repository on GitHub.
4619 "groupIndexes": [ # The index of the submatch to extract as findings. When not
4620 # specified, the entire match is returned. No more than 3 may be included.
4621 42,
4622 ],
4623 },
4624 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
4625 # support reversing.
4626 # such as
4627 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
4628 # These types of transformations are
4629 # those that perform pseudonymization, thereby producing a "surrogate" as
4630 # output. This should be used in conjunction with a field on the
4631 # transformation such as `surrogate_info_type`. This CustomInfoType does
4632 # not support the use of `detection_rules`.
4633 },
4634 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
4635 # infoType, when the name matches one of existing infoTypes and that infoType
4636 # is specified in `InspectContent.info_types` field. Specifying the latter
4637 # adds findings to the one detected by the system. If built-in info type is
4638 # not specified in `InspectContent.info_types` list then the name is treated
4639 # as a custom info type.
4640 "name": "A String", # Name of the information type. Either a name of your choosing when
4641 # creating a CustomInfoType, or one of the names listed
4642 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4643 # a built-in type. InfoType names should conform to the pattern
4644 # [a-zA-Z0-9_]{1,64}.
4645 },
4646 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
4647 # be used to match sensitive information specific to the data, such as a list
4648 # of employee IDs or job titles.
4649 #
4650 # Dictionary words are case-insensitive and all characters other than letters
4651 # and digits in the unicode [Basic Multilingual
4652 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
4653 # will be replaced with whitespace when scanning for matches, so the
4654 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
4655 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
4656 # surrounding any match must be of a different type than the adjacent
4657 # characters within the word, so letters must be next to non-letters and
4658 # digits next to non-digits. For example, the dictionary word "jen" will
4659 # match the first three letters of the text "jen123" but will return no
4660 # matches for "jennifer".
4661 #
4662 # Dictionary words containing a large number of characters that are not
4663 # letters or digits may result in unexpected findings because such characters
4664 # are treated as whitespace. The
4665 # [limits](https://cloud.google.com/dlp/limits) page contains details about
4666 # the size limits of dictionaries. For dictionaries that do not fit within
4667 # these constraints, consider using `LargeCustomDictionaryConfig` in the
4668 # `StoredInfoType` API.
4669 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
4670 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
4671 # at least one phrase and every phrase must contain at least 2 characters
4672 # that are letters or digits. [required]
4673 "A String",
4674 ],
4675 },
4676 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
4677 # is accepted.
4678 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
4679 # Example: gs://[BUCKET_NAME]/dictionary.txt
4680 },
4681 },
4682 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
4683 # `InspectDataSource`. Not currently supported in `InspectContent`.
4684 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
4685 # `organizations/433245324/storedInfoTypes/432452342` or
4686 # `projects/project-id/storedInfoTypes/432452342`.
4687 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
4688 # inspection was created. Output-only field, populated by the system.
4689 },
4690 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
4691 # Rules are applied in order that they are specified. Not supported for the
4692 # `surrogate_type` CustomInfoType.
4693 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
4694 # `CustomInfoType` to alter behavior under certain circumstances, depending
4695 # on the specific details of the rule. Not supported for the `surrogate_type`
4696 # custom infoType.
4697 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
4698 # proximity of hotwords.
4699 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
4700 # The total length of the window cannot exceed 1000 characters. Note that
4701 # the finding itself will be included in the window, so that hotwords may
4702 # be used to match substrings of the finding itself. For example, the
4703 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
4704 # adjusted upwards if the area code is known to be the local area code of
4705 # a company office using the hotword regex "\(xxx\)", where "xxx"
4706 # is the area code in question.
4707 # rule.
4708 "windowAfter": 42, # Number of characters after the finding to consider.
4709 "windowBefore": 42, # Number of characters before the finding to consider.
4710 },
4711 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
4712 "pattern": "A String", # Pattern defining the regular expression. Its syntax
4713 # (https://github.com/google/re2/wiki/Syntax) can be found under the
4714 # google/re2 repository on GitHub.
4715 "groupIndexes": [ # The index of the submatch to extract as findings. When not
4716 # specified, the entire match is returned. No more than 3 may be included.
4717 42,
4718 ],
4719 },
4720 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
4721 # part of a detection rule.
4722 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
4723 # levels. For example, if a finding would be `POSSIBLE` without the
4724 # detection rule and `relative_likelihood` is 1, then it is upgraded to
4725 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
4726 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
4727 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
4728 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
4729 # a final likelihood of `LIKELY`.
4730 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
4731 },
4732 },
4733 },
4734 ],
4735 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
4736 # to be returned. It still can be used for rules matching.
4737 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
4738 # altered by a detection rule if the finding meets the criteria specified by
4739 # the rule. Defaults to `VERY_LIKELY` if not specified.
4740 },
4741 ],
4742 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
4743 # included in the response; see Finding.quote.
4744 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
4745 # Exclusion rules, contained in the set are executed in the end, other
4746 # rules are executed in the order they are specified for each info type.
4747 { # Rule set for modifying a set of infoTypes to alter behavior under certain
4748 # circumstances, depending on the specific details of the rules within the set.
4749 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
4750 { # A single inspection rule to be applied to infoTypes, specified in
4751 # `InspectionRuleSet`.
4752 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
4753 # proximity of hotwords.
4754 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
4755 # The total length of the window cannot exceed 1000 characters. Note that
4756 # the finding itself will be included in the window, so that hotwords may
4757 # be used to match substrings of the finding itself. For example, the
4758 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
4759 # adjusted upwards if the area code is known to be the local area code of
4760 # a company office using the hotword regex "\(xxx\)", where "xxx"
4761 # is the area code in question.
4762 # rule.
4763 "windowAfter": 42, # Number of characters after the finding to consider.
4764 "windowBefore": 42, # Number of characters before the finding to consider.
4765 },
4766 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
4767 "pattern": "A String", # Pattern defining the regular expression. Its syntax
4768 # (https://github.com/google/re2/wiki/Syntax) can be found under the
4769 # google/re2 repository on GitHub.
4770 "groupIndexes": [ # The index of the submatch to extract as findings. When not
4771 # specified, the entire match is returned. No more than 3 may be included.
4772 42,
4773 ],
4774 },
4775 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
4776 # part of a detection rule.
4777 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
4778 # levels. For example, if a finding would be `POSSIBLE` without the
4779 # detection rule and `relative_likelihood` is 1, then it is upgraded to
4780 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
4781 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
4782 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
4783 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
4784 # a final likelihood of `LIKELY`.
4785 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
4786 },
4787 },
4788 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
4789 # `InspectionRuleSet` are removed from results.
4790 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
4791 "pattern": "A String", # Pattern defining the regular expression. Its syntax
4792 # (https://github.com/google/re2/wiki/Syntax) can be found under the
4793 # google/re2 repository on GitHub.
4794 "groupIndexes": [ # The index of the submatch to extract as findings. When not
4795 # specified, the entire match is returned. No more than 3 may be included.
4796 42,
4797 ],
4798 },
4799 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
4800 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
4801 # contained within with a finding of an infoType from this list. For
4802 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
4803 # `exclusion_rule` containing `exclude_info_types.info_types` with
4804 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
4805 # with EMAIL_ADDRESS finding.
4806 # That leads to "555-222-2222@example.org" to generate only a single
4807 # finding, namely email address.
4808 { # Type of information detected by the API.
4809 "name": "A String", # Name of the information type. Either a name of your choosing when
4810 # creating a CustomInfoType, or one of the names listed
4811 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4812 # a built-in type. InfoType names should conform to the pattern
4813 # [a-zA-Z0-9_]{1,64}.
4814 },
4815 ],
4816 },
4817 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
4818 # be used to match sensitive information specific to the data, such as a list
4819 # of employee IDs or job titles.
4820 #
4821 # Dictionary words are case-insensitive and all characters other than letters
4822 # and digits in the unicode [Basic Multilingual
4823 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
4824 # will be replaced with whitespace when scanning for matches, so the
4825 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
4826 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
4827 # surrounding any match must be of a different type than the adjacent
4828 # characters within the word, so letters must be next to non-letters and
4829 # digits next to non-digits. For example, the dictionary word "jen" will
4830 # match the first three letters of the text "jen123" but will return no
4831 # matches for "jennifer".
4832 #
4833 # Dictionary words containing a large number of characters that are not
4834 # letters or digits may result in unexpected findings because such characters
4835 # are treated as whitespace. The
4836 # [limits](https://cloud.google.com/dlp/limits) page contains details about
4837 # the size limits of dictionaries. For dictionaries that do not fit within
4838 # these constraints, consider using `LargeCustomDictionaryConfig` in the
4839 # `StoredInfoType` API.
4840 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
4841 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
4842 # at least one phrase and every phrase must contain at least 2 characters
4843 # that are letters or digits. [required]
4844 "A String",
4845 ],
4846 },
4847 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
4848 # is accepted.
4849 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
4850 # Example: gs://[BUCKET_NAME]/dictionary.txt
4851 },
4852 },
4853 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
4854 },
4855 },
4856 ],
4857 "infoTypes": [ # List of infoTypes this rule set is applied to.
4858 { # Type of information detected by the API.
4859 "name": "A String", # Name of the information type. Either a name of your choosing when
4860 # creating a CustomInfoType, or one of the names listed
4861 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4862 # a built-in type. InfoType names should conform to the pattern
4863 # [a-zA-Z0-9_]{1,64}.
4864 },
4865 ],
4866 },
4867 ],
4868 "contentOptions": [ # List of options defining data content to scan.
4869 # If empty, text, images, and other content will be included.
4870 "A String",
4871 ],
4872 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
4873 # InfoType values returned by ListInfoTypes or listed at
4874 # https://cloud.google.com/dlp/docs/infotypes-reference.
4875 #
4876 # When no InfoTypes or CustomInfoTypes are specified in a request, the
4877 # system may automatically choose what detectors to run. By default this may
4878 # be all types, but may change over time as detectors are updated.
4879 #
4880 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
4881 # but may change over time as new InfoTypes are added. If you need precise
4882 # control and predictability as to what detectors are run you should specify
4883 # specific InfoTypes listed in the reference.
4884 { # Type of information detected by the API.
4885 "name": "A String", # Name of the information type. Either a name of your choosing when
4886 # creating a CustomInfoType, or one of the names listed
4887 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
4888 # a built-in type. InfoType names should conform to the pattern
4889 # [a-zA-Z0-9_]{1,64}.
4890 },
4891 ],
4892 },
4893 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig.
4894 # `inspect_config` will be merged into the values persisted as part of the
4895 # template.
4896 "actions": [ # Actions to execute at the completion of the job.
4897 { # A task to execute on the completion of a job.
4898 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
4899 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location.
4900 # OutputStorageConfig. Only a single instance of this action can be
4901 # specified.
4902 # Compatible with: Inspect, Risk
4903 "outputConfig": { # Cloud repository for storing output.
4904 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing
4905 # dataset. If table_id is not set a new one will be generated
4906 # for you with the following format:
4907 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
4908 # generating the date details.
4909 #
4910 # For Inspect, each column in an existing output table must have the same
4911 # name, type, and mode of a field in the `Finding` object.
4912 #
4913 # For Risk, an existing output table should be the output of a previous
4914 # Risk analysis job run on the same source table, with the same privacy
4915 # metric and quasi-identifiers. Risk jobs that analyze the same table but
4916 # compute a different privacy metric, or use different sets of
4917 # quasi-identifiers, cannot store their results in the same table.
4918 # identified by its project_id, dataset_id, and table_name. Within a query
4919 # a table is often referenced with a string in the format of:
4920 # `<project_id>:<dataset_id>.<table_id>` or
4921 # `<project_id>.<dataset_id>.<table_id>`.
4922 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
4923 # If omitted, project ID is inferred from the API call.
4924 "tableId": "A String", # Name of the table.
4925 "datasetId": "A String", # Dataset ID of the table.
4926 },
4927 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only
4928 # used for Inspect and must be unspecified for Risk jobs. Columns are derived
4929 # from the `Finding` object. If appending to an existing table, any columns
4930 # from the predefined schema that are missing will be added. No columns in
4931 # the existing table will be deleted.
4932 #
4933 # If unspecified, then all available columns will be used for a new table or
4934 # an (existing) table with no schema, and no changes will be made to an
4935 # existing table that has a schema.
4936 },
4937 },
4938 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's
4939 # completion/failure.
4940 # completion/failure.
4941 },
4942 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha).
4943 # Command Center (CSCC Alpha).
4944 # This action is only available for projects which are parts of
4945 # an organization and whitelisted for the alpha Cloud Security Command
4946 # Center.
4947 # The action will publish count of finding instances and their info types.
4948 # The summary of findings will be persisted in CSCC and are governed by CSCC
4949 # service-specific policy, see https://cloud.google.com/terms/service-terms
4950 # Only a single instance of this action can be specified.
4951 # Compatible with: Inspect
4952 },
4953 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic.
4954 # message contains a single field, `DlpJobName`, which is equal to the
4955 # finished job's
4956 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
4957 # Compatible with: Inspect, Risk
4958 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given
4959 # publishing access rights to the DLP API service account executing
4960 # the long running DlpJob sending the notifications.
4961 # Format is projects/{project}/topics/{topic}.
4962 },
4963 },
4964 ],
4965 },
4966 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list
4967 # needs to trigger for a job to be started. The list may contain only
4968 # a single Schedule trigger and must have at least one object.
4969 { # What event needs to occur for a new job to be started.
4970 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time.
4971 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For
4972 # example: every day (86400 seconds).
4973 #
4974 # A scheduled start time will be skipped if the previous
4975 # execution has not ended when its scheduled time occurs.
4976 #
4977 # This value must be set to a time duration greater than or equal
4978 # to 1 day and can be no longer than 60 days.
4979 },
4980 },
4981 ],
4982 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field.
4983 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field.
4984 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the
4985 # triggeredJob is created, for example
4986 # `projects/dlp-test-project/triggeredJobs/53234423`.
4987 },
4988 "updateMask": "A String", # Mask to control which fields get updated.
4989 }
4990
4991 x__xgafv: string, V1 error format.
4992 Allowed values
4993 1 - v1 error format
4994 2 - v2 error format
4995
4996Returns:
4997 An object of the form:
4998
4999 { # Contains a configuration to make dlp api calls on a repeating basis.
5000 # See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.
5001 "status": "A String", # A status for this trigger. [required]
5002 "updateTime": "A String", # The last update timestamp of a triggeredJob, output only field.
5003 "errors": [ # A stream of errors encountered when the trigger was activated. Repeated
5004 # errors may result in the JobTrigger automatically being paused.
5005 # Will return the last 100 errors. Whenever the JobTrigger is modified
5006 # this list will be cleared. Output only field.
5007 { # Details information about an error encountered during job execution or
5008 # the results of an unsuccessful activation of the JobTrigger.
5009 # Output only field.
5010 "timestamps": [ # The times the error occurred.
5011 "A String",
5012 ],
5013 "details": { # The `Status` type defines a logical error model that is suitable for
5014 # different programming environments, including REST APIs and RPC APIs. It is
5015 # used by [gRPC](https://github.com/grpc). Each `Status` message contains
5016 # three pieces of data: error code, error message, and error details.
5017 #
5018 # You can find out more about this error model and how to work with it in the
5019 # [API Design Guide](https://cloud.google.com/apis/design/errors).
5020 "message": "A String", # A developer-facing error message, which should be in English. Any
5021 # user-facing error message should be localized and sent in the
5022 # google.rpc.Status.details field, or localized by the client.
5023 "code": 42, # The status code, which should be an enum value of google.rpc.Code.
5024 "details": [ # A list of messages that carry the error details. There is a common set of
5025 # message types for APIs to use.
5026 {
5027 "a_key": "", # Properties of the object. Contains field @type with type URL.
5028 },
5029 ],
5030 },
5031 },
5032 ],
5033 "displayName": "A String", # Display name (max 100 chars)
5034 "description": "A String", # User provided description (max 256 chars)
5035 "inspectJob": {
5036 "storageConfig": { # Shared message indicating Cloud storage type. # The data to scan.
5037 "datastoreOptions": { # Options defining a data set within Google Cloud Datastore. # Google Cloud Datastore options specification.
5038 "partitionId": { # Datastore partition ID. # A partition ID identifies a grouping of entities. The grouping is always
5039 # by project and namespace, however the namespace ID may be empty.
5040 # A partition ID identifies a grouping of entities. The grouping is always
5041 # by project and namespace, however the namespace ID may be empty.
5042 #
5043 # A partition ID contains several dimensions:
5044 # project ID and namespace ID.
5045 "projectId": "A String", # The ID of the project to which the entities belong.
5046 "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
5047 },
5048 "kind": { # A representation of a Datastore kind. # The kind to process.
5049 "name": "A String", # The name of the kind.
5050 },
5051 },
5052 "bigQueryOptions": { # Options defining BigQuery table and row identifiers. # BigQuery options specification.
5053 "excludedFields": [ # References to fields excluded from scanning. This allows you to skip
5054 # inspection of entire columns which you know have no findings.
5055 { # General identifier of a data field in a storage service.
5056 "name": "A String", # Name describing the field.
5057 },
5058 ],
5059 "rowsLimit": "A String", # Max number of rows to scan. If the table has more rows than this value, the
5060 # rest of the rows are omitted. If not set, or if set to 0, all rows will be
5061 # scanned. Only one of rows_limit and rows_limit_percent can be specified.
5062 # Cannot be used in conjunction with TimespanConfig.
5063 "sampleMethod": "A String",
5064 "identifyingFields": [ # References to fields uniquely identifying rows within the table.
5065 # Nested fields in the format, like `person.birthdate.year`, are allowed.
5066 { # General identifier of a data field in a storage service.
5067 "name": "A String", # Name describing the field.
5068 },
5069 ],
5070 "rowsLimitPercent": 42, # Max percentage of rows to scan. The rest are omitted. The number of rows
5071 # scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and
5072 # 100 means no limit. Defaults to 0. Only one of rows_limit and
5073 # rows_limit_percent can be specified. Cannot be used in conjunction with
5074 # TimespanConfig.
5075 "tableReference": { # Message defining the location of a BigQuery table. A table is uniquely # Complete BigQuery table reference.
5076 # identified by its project_id, dataset_id, and table_name. Within a query
5077 # a table is often referenced with a string in the format of:
5078 # `<project_id>:<dataset_id>.<table_id>` or
5079 # `<project_id>.<dataset_id>.<table_id>`.
5080 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
5081 # If omitted, project ID is inferred from the API call.
5082 "tableId": "A String", # Name of the table.
5083 "datasetId": "A String", # Dataset ID of the table.
5084 },
5085 },
5086 "timespanConfig": { # Configuration of the timespan of the items to include in scanning.
5087 # Currently only supported when inspecting Google Cloud Storage and BigQuery.
5088 "timestampField": { # General identifier of a data field in a storage service. # Specification of the field containing the timestamp of scanned items.
5089 # Used for data sources like Datastore or BigQuery.
5090 # If not specified for BigQuery, table last modification timestamp
5091 # is checked against given time span.
5092 # The valid data types of the timestamp field are:
5093 # for BigQuery - timestamp, date, datetime;
5094 # for Datastore - timestamp.
5095 # Datastore entity will be scanned if the timestamp property does not exist
5096 # or its value is empty or invalid.
5097 "name": "A String", # Name describing the field.
5098 },
5099 "endTime": "A String", # Exclude files or rows newer than this value.
5100 # If set to zero, no upper time limit is applied.
5101 "startTime": "A String", # Exclude files or rows older than this value.
5102 "enableAutoPopulationOfTimespanConfig": True or False, # When the job is started by a JobTrigger we will automatically figure out
5103 # a valid start_time to avoid scanning files that have not been modified
5104 # since the last time the JobTrigger executed. This will be based on the
5105 # time of the execution of the last run of the JobTrigger.
5106 },
5107 "cloudStorageOptions": { # Options defining a file or a set of files within a Google Cloud Storage # Google Cloud Storage options specification.
5108 # bucket.
5109 "bytesLimitPerFile": "A String", # Max number of bytes to scan from a file. If a scanned file's size is bigger
5110 # than this value then the rest of the bytes are omitted. Only one
5111 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
5112 "sampleMethod": "A String",
5113 "fileSet": { # Set of files to scan. # The set of one or more files to scan.
5114 "url": "A String", # The Cloud Storage url of the file(s) to scan, in the format
5115 # `gs://<bucket>/<path>`. Trailing wildcard in the path is allowed.
5116 #
5117 # If the url ends in a trailing slash, the bucket or directory represented
5118 # by the url will be scanned non-recursively (content in sub-directories
5119 # will not be scanned). This means that `gs://mybucket/` is equivalent to
5120 # `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to
5121 # `gs://mybucket/directory/*`.
5122 #
5123 # Exactly one of `url` or `regex_file_set` must be set.
5124 "regexFileSet": { # Message representing a set of files in a Cloud Storage bucket. Regular # The regex-filtered set of files to scan. Exactly one of `url` or
5125 # `regex_file_set` must be set.
5126 # expressions are used to allow fine-grained control over which files in the
5127 # bucket to include.
5128 #
5129 # Included files are those that match at least one item in `include_regex` and
5130 # do not match any items in `exclude_regex`. Note that a file that matches
5131 # items from both lists will _not_ be included. For a match to occur, the
5132 # entire file path (i.e., everything in the url after the bucket name) must
5133 # match the regular expression.
5134 #
5135 # For example, given the input `{bucket_name: "mybucket", include_regex:
5136 # ["directory1/.*"], exclude_regex:
5137 # ["directory1/excluded.*"]}`:
5138 #
5139 # * `gs://mybucket/directory1/myfile` will be included
5140 # * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches
5141 # across `/`)
5142 # * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the
5143 # full path doesn't match any items in `include_regex`)
5144 # * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path
5145 # matches an item in `exclude_regex`)
5146 #
5147 # If `include_regex` is left empty, it will match all files by default
5148 # (this is equivalent to setting `include_regex: [".*"]`).
5149 #
5150 # Some other common use cases:
5151 #
5152 # * `{bucket_name: "mybucket", exclude_regex: [".*\.pdf"]}` will include all
5153 # files in `mybucket` except for .pdf files
5154 # * `{bucket_name: "mybucket", include_regex: ["directory/[^/]+"]}` will
5155 # include all files directly under `gs://mybucket/directory/`, without matching
5156 # across `/`
5157 "excludeRegex": [ # A list of regular expressions matching file paths to exclude. All files in
5158 # the bucket that match at least one of these regular expressions will be
5159 # excluded from the scan.
5160 #
5161 # Regular expressions use RE2
5162 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
5163 # under the google/re2 repository on GitHub.
5164 "A String",
5165 ],
5166 "bucketName": "A String", # The name of a Cloud Storage bucket. Required.
5167 "includeRegex": [ # A list of regular expressions matching file paths to include. All files in
5168 # the bucket that match at least one of these regular expressions will be
5169 # included in the set of files, except for those that also match an item in
5170 # `exclude_regex`. Leaving this field empty will match all files by default
5171 # (this is equivalent to including `.*` in the list).
5172 #
5173 # Regular expressions use RE2
5174 # [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found
5175 # under the google/re2 repository on GitHub.
5176 "A String",
5177 ],
5178 },
5179 },
5180 "bytesLimitPerFilePercent": 42, # Max percentage of bytes to scan from a file. The rest are omitted. The
5181 # number of bytes scanned is rounded down. Must be between 0 and 100,
5182 # inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one
5183 # of bytes_limit_per_file and bytes_limit_per_file_percent can be specified.
5184 "filesLimitPercent": 42, # Limits the number of files to scan to this percentage of the input FileSet.
5185 # Number of files scanned is rounded down. Must be between 0 and 100,
5186 # inclusively. Both 0 and 100 means no limit. Defaults to 0.
5187 "fileTypes": [ # List of file type groups to include in the scan.
5188 # If empty, all files are scanned and available data format processors
5189 # are applied. In addition, the binary content of the selected files
5190 # is always scanned as well.
5191 "A String",
5192 ],
5193 },
5194 },
5195 "inspectConfig": { # Configuration description of the scanning process. # How and what to scan for.
5196 # When used with redactContent only info_types and min_likelihood are currently
5197 # used.
5198 "excludeInfoTypes": True or False, # When true, excludes type information of the findings.
5199 "limits": {
5200 "maxFindingsPerRequest": 42, # Max number of findings that will be returned per request/job.
5201 # When set within `InspectContentRequest`, the maximum returned is 2000
5202 # regardless if this is set higher.
5203 "maxFindingsPerInfoType": [ # Configuration of findings limit given for specified infoTypes.
5204 { # Max findings configuration per infoType, per content item or long
5205 # running DlpJob.
5206 "infoType": { # Type of information detected by the API. # Type of information the findings limit applies to. Only one limit per
5207 # info_type should be provided. If InfoTypeLimit does not have an
5208 # info_type, the DLP API applies the limit against all info_types that
5209 # are found but not specified in another InfoTypeLimit.
5210 "name": "A String", # Name of the information type. Either a name of your choosing when
5211 # creating a CustomInfoType, or one of the names listed
5212 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
5213 # a built-in type. InfoType names should conform to the pattern
5214 # [a-zA-Z0-9_]{1,64}.
5215 },
5216 "maxFindings": 42, # Max findings limit for the given infoType.
5217 },
5218 ],
5219 "maxFindingsPerItem": 42, # Max number of findings that will be returned for each item scanned.
5220 # When set within `InspectDataSourceRequest`,
5221 # the maximum returned is 2000 regardless if this is set higher.
5222 # When set within `InspectContentRequest`, this field is ignored.
5223 },
5224 "minLikelihood": "A String", # Only returns findings equal or above this threshold. The default is
5225 # POSSIBLE.
5226 # See https://cloud.google.com/dlp/docs/likelihood to learn more.
5227 "customInfoTypes": [ # CustomInfoTypes provided by the user. See
5228 # https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more.
5229 { # Custom information type provided by the user. Used to find domain-specific
5230 # sensitive information configurable to the data in question.
5231 "regex": { # Message defining a custom regular expression. # Regular expression based CustomInfoType.
5232 "pattern": "A String", # Pattern defining the regular expression. Its syntax
5233 # (https://github.com/google/re2/wiki/Syntax) can be found under the
5234 # google/re2 repository on GitHub.
5235 "groupIndexes": [ # The index of the submatch to extract as findings. When not
5236 # specified, the entire match is returned. No more than 3 may be included.
5237 42,
5238 ],
5239 },
5240 "surrogateType": { # Message for detecting output from deidentification transformations # Message for detecting output from deidentification transformations that
5241 # support reversing.
5242 # such as
5243 # [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig).
5244 # These types of transformations are
5245 # those that perform pseudonymization, thereby producing a "surrogate" as
5246 # output. This should be used in conjunction with a field on the
5247 # transformation such as `surrogate_info_type`. This CustomInfoType does
5248 # not support the use of `detection_rules`.
5249 },
5250 "infoType": { # Type of information detected by the API. # CustomInfoType can either be a new infoType, or an extension of built-in
5251 # infoType, when the name matches one of existing infoTypes and that infoType
5252 # is specified in `InspectContent.info_types` field. Specifying the latter
5253 # adds findings to the one detected by the system. If built-in info type is
5254 # not specified in `InspectContent.info_types` list then the name is treated
5255 # as a custom info type.
5256 "name": "A String", # Name of the information type. Either a name of your choosing when
5257 # creating a CustomInfoType, or one of the names listed
5258 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
5259 # a built-in type. InfoType names should conform to the pattern
5260 # [a-zA-Z0-9_]{1,64}.
5261 },
5262 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # A list of phrases to detect as a CustomInfoType.
5263 # be used to match sensitive information specific to the data, such as a list
5264 # of employee IDs or job titles.
5265 #
5266 # Dictionary words are case-insensitive and all characters other than letters
5267 # and digits in the unicode [Basic Multilingual
5268 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
5269 # will be replaced with whitespace when scanning for matches, so the
5270 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
5271 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
5272 # surrounding any match must be of a different type than the adjacent
5273 # characters within the word, so letters must be next to non-letters and
5274 # digits next to non-digits. For example, the dictionary word "jen" will
5275 # match the first three letters of the text "jen123" but will return no
5276 # matches for "jennifer".
5277 #
5278 # Dictionary words containing a large number of characters that are not
5279 # letters or digits may result in unexpected findings because such characters
5280 # are treated as whitespace. The
5281 # [limits](https://cloud.google.com/dlp/limits) page contains details about
5282 # the size limits of dictionaries. For dictionaries that do not fit within
5283 # these constraints, consider using `LargeCustomDictionaryConfig` in the
5284 # `StoredInfoType` API.
5285 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
5286 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
5287 # at least one phrase and every phrase must contain at least 2 characters
5288 # that are letters or digits. [required]
5289 "A String",
5290 ],
5291 },
5292 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
5293 # is accepted.
5294 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
5295 # Example: gs://[BUCKET_NAME]/dictionary.txt
5296 },
5297 },
5298 "storedType": { # A reference to a StoredInfoType to use with scanning. # Load an existing `StoredInfoType` resource for use in
5299 # `InspectDataSource`. Not currently supported in `InspectContent`.
5300 "name": "A String", # Resource name of the requested `StoredInfoType`, for example
5301 # `organizations/433245324/storedInfoTypes/432452342` or
5302 # `projects/project-id/storedInfoTypes/432452342`.
5303 "createTime": "A String", # Timestamp indicating when the version of the `StoredInfoType` used for
5304 # inspection was created. Output-only field, populated by the system.
5305 },
5306 "detectionRules": [ # Set of detection rules to apply to all findings of this CustomInfoType.
5307 # Rules are applied in order that they are specified. Not supported for the
5308 # `surrogate_type` CustomInfoType.
5309 { # Deprecated; use `InspectionRuleSet` instead. Rule for modifying a
5310 # `CustomInfoType` to alter behavior under certain circumstances, depending
5311 # on the specific details of the rule. Not supported for the `surrogate_type`
5312 # custom infoType.
5313 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
5314 # proximity of hotwords.
5315 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
5316 # The total length of the window cannot exceed 1000 characters. Note that
5317 # the finding itself will be included in the window, so that hotwords may
5318 # be used to match substrings of the finding itself. For example, the
5319 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
5320 # adjusted upwards if the area code is known to be the local area code of
5321 # a company office using the hotword regex "\(xxx\)", where "xxx"
5322 # is the area code in question.
5323 # rule.
5324 "windowAfter": 42, # Number of characters after the finding to consider.
5325 "windowBefore": 42, # Number of characters before the finding to consider.
5326 },
5327 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
5328 "pattern": "A String", # Pattern defining the regular expression. Its syntax
5329 # (https://github.com/google/re2/wiki/Syntax) can be found under the
5330 # google/re2 repository on GitHub.
5331 "groupIndexes": [ # The index of the submatch to extract as findings. When not
5332 # specified, the entire match is returned. No more than 3 may be included.
5333 42,
5334 ],
5335 },
5336 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
5337 # part of a detection rule.
5338 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
5339 # levels. For example, if a finding would be `POSSIBLE` without the
5340 # detection rule and `relative_likelihood` is 1, then it is upgraded to
5341 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
5342 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
5343 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
5344 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
5345 # a final likelihood of `LIKELY`.
5346 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
5347 },
5348 },
5349 },
5350 ],
5351 "exclusionType": "A String", # If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding
5352 # to be returned. It still can be used for rules matching.
5353 "likelihood": "A String", # Likelihood to return for this CustomInfoType. This base value can be
5354 # altered by a detection rule if the finding meets the criteria specified by
5355 # the rule. Defaults to `VERY_LIKELY` if not specified.
5356 },
5357 ],
5358 "includeQuote": True or False, # When true, a contextual quote from the data that triggered a finding is
5359 # included in the response; see Finding.quote.
5360 "ruleSet": [ # Set of rules to apply to the findings for this InspectConfig.
5361 # Exclusion rules, contained in the set are executed in the end, other
5362 # rules are executed in the order they are specified for each info type.
5363 { # Rule set for modifying a set of infoTypes to alter behavior under certain
5364 # circumstances, depending on the specific details of the rules within the set.
5365 "rules": [ # Set of rules to be applied to infoTypes. The rules are applied in order.
5366 { # A single inspection rule to be applied to infoTypes, specified in
5367 # `InspectionRuleSet`.
5368 "hotwordRule": { # The rule that adjusts the likelihood of findings within a certain # Hotword-based detection rule.
5369 # proximity of hotwords.
5370 "proximity": { # Message for specifying a window around a finding to apply a detection # Proximity of the finding within which the entire hotword must reside.
5371 # The total length of the window cannot exceed 1000 characters. Note that
5372 # the finding itself will be included in the window, so that hotwords may
5373 # be used to match substrings of the finding itself. For example, the
5374 # certainty of a phone number regex "\(\d{3}\) \d{3}-\d{4}" could be
5375 # adjusted upwards if the area code is known to be the local area code of
5376 # a company office using the hotword regex "\(xxx\)", where "xxx"
5377 # is the area code in question.
5378 # rule.
5379 "windowAfter": 42, # Number of characters after the finding to consider.
5380 "windowBefore": 42, # Number of characters before the finding to consider.
5381 },
5382 "hotwordRegex": { # Message defining a custom regular expression. # Regular expression pattern defining what qualifies as a hotword.
5383 "pattern": "A String", # Pattern defining the regular expression. Its syntax
5384 # (https://github.com/google/re2/wiki/Syntax) can be found under the
5385 # google/re2 repository on GitHub.
5386 "groupIndexes": [ # The index of the submatch to extract as findings. When not
5387 # specified, the entire match is returned. No more than 3 may be included.
5388 42,
5389 ],
5390 },
5391 "likelihoodAdjustment": { # Message for specifying an adjustment to the likelihood of a finding as # Likelihood adjustment to apply to all matching findings.
5392 # part of a detection rule.
5393 "relativeLikelihood": 42, # Increase or decrease the likelihood by the specified number of
5394 # levels. For example, if a finding would be `POSSIBLE` without the
5395 # detection rule and `relative_likelihood` is 1, then it is upgraded to
5396 # `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`.
5397 # Likelihood may never drop below `VERY_UNLIKELY` or exceed
5398 # `VERY_LIKELY`, so applying an adjustment of 1 followed by an
5399 # adjustment of -1 when base likelihood is `VERY_LIKELY` will result in
5400 # a final likelihood of `LIKELY`.
5401 "fixedLikelihood": "A String", # Set the likelihood of a finding to a fixed value.
5402 },
5403 },
5404 "exclusionRule": { # The rule that specifies conditions when findings of infoTypes specified in # Exclusion rule.
5405 # `InspectionRuleSet` are removed from results.
5406 "regex": { # Message defining a custom regular expression. # Regular expression which defines the rule.
5407 "pattern": "A String", # Pattern defining the regular expression. Its syntax
5408 # (https://github.com/google/re2/wiki/Syntax) can be found under the
5409 # google/re2 repository on GitHub.
5410 "groupIndexes": [ # The index of the submatch to extract as findings. When not
5411 # specified, the entire match is returned. No more than 3 may be included.
5412 42,
5413 ],
5414 },
5415 "excludeInfoTypes": { # List of exclude infoTypes. # Set of infoTypes for which findings would affect this rule.
5416 "infoTypes": [ # InfoType list in ExclusionRule rule drops a finding when it overlaps or
5417 # contained within with a finding of an infoType from this list. For
5418 # example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"` and
5419 # `exclusion_rule` containing `exclude_info_types.info_types` with
5420 # "EMAIL_ADDRESS" the phone number findings are dropped if they overlap
5421 # with EMAIL_ADDRESS finding.
5422 # That leads to "555-222-2222@example.org" to generate only a single
5423 # finding, namely email address.
5424 { # Type of information detected by the API.
5425 "name": "A String", # Name of the information type. Either a name of your choosing when
5426 # creating a CustomInfoType, or one of the names listed
5427 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
5428 # a built-in type. InfoType names should conform to the pattern
5429 # [a-zA-Z0-9_]{1,64}.
5430 },
5431 ],
5432 },
5433 "dictionary": { # Custom information type based on a dictionary of words or phrases. This can # Dictionary which defines the rule.
5434 # be used to match sensitive information specific to the data, such as a list
5435 # of employee IDs or job titles.
5436 #
5437 # Dictionary words are case-insensitive and all characters other than letters
5438 # and digits in the unicode [Basic Multilingual
5439 # Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane)
5440 # will be replaced with whitespace when scanning for matches, so the
5441 # dictionary phrase "Sam Johnson" will match all three phrases "sam johnson",
5442 # "Sam, Johnson", and "Sam (Johnson)". Additionally, the characters
5443 # surrounding any match must be of a different type than the adjacent
5444 # characters within the word, so letters must be next to non-letters and
5445 # digits next to non-digits. For example, the dictionary word "jen" will
5446 # match the first three letters of the text "jen123" but will return no
5447 # matches for "jennifer".
5448 #
5449 # Dictionary words containing a large number of characters that are not
5450 # letters or digits may result in unexpected findings because such characters
5451 # are treated as whitespace. The
5452 # [limits](https://cloud.google.com/dlp/limits) page contains details about
5453 # the size limits of dictionaries. For dictionaries that do not fit within
5454 # these constraints, consider using `LargeCustomDictionaryConfig` in the
5455 # `StoredInfoType` API.
5456 "wordList": { # Message defining a list of words or phrases to search for in the data. # List of words or phrases to search for.
5457 "words": [ # Words or phrases defining the dictionary. The dictionary must contain
5458 # at least one phrase and every phrase must contain at least 2 characters
5459 # that are letters or digits. [required]
5460 "A String",
5461 ],
5462 },
5463 "cloudStoragePath": { # Message representing a single file or path in Cloud Storage. # Newline-delimited file of words in Cloud Storage. Only a single file
5464 # is accepted.
5465 "path": "A String", # A url representing a file or path (no wildcards) in Cloud Storage.
5466 # Example: gs://[BUCKET_NAME]/dictionary.txt
5467 },
5468 },
5469 "matchingType": "A String", # How the rule is applied, see MatchingType documentation for details.
5470 },
5471 },
5472 ],
5473 "infoTypes": [ # List of infoTypes this rule set is applied to.
5474 { # Type of information detected by the API.
5475 "name": "A String", # Name of the information type. Either a name of your choosing when
5476 # creating a CustomInfoType, or one of the names listed
5477 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
5478 # a built-in type. InfoType names should conform to the pattern
5479 # [a-zA-Z0-9_]{1,64}.
5480 },
5481 ],
5482 },
5483 ],
5484 "contentOptions": [ # List of options defining data content to scan.
5485 # If empty, text, images, and other content will be included.
5486 "A String",
5487 ],
5488 "infoTypes": [ # Restricts what info_types to look for. The values must correspond to
5489 # InfoType values returned by ListInfoTypes or listed at
5490 # https://cloud.google.com/dlp/docs/infotypes-reference.
5491 #
5492 # When no InfoTypes or CustomInfoTypes are specified in a request, the
5493 # system may automatically choose what detectors to run. By default this may
5494 # be all types, but may change over time as detectors are updated.
5495 #
5496 # The special InfoType name "ALL_BASIC" can be used to trigger all detectors,
5497 # but may change over time as new InfoTypes are added. If you need precise
5498 # control and predictability as to what detectors are run you should specify
5499 # specific InfoTypes listed in the reference.
5500 { # Type of information detected by the API.
5501 "name": "A String", # Name of the information type. Either a name of your choosing when
5502 # creating a CustomInfoType, or one of the names listed
5503 # at https://cloud.google.com/dlp/docs/infotypes-reference when specifying
5504 # a built-in type. InfoType names should conform to the pattern
5505 # [a-zA-Z0-9_]{1,64}.
5506 },
5507 ],
5508 },
5509 "inspectTemplateName": "A String", # If provided, will be used as the default for all values in InspectConfig.
5510 # `inspect_config` will be merged into the values persisted as part of the
5511 # template.
5512 "actions": [ # Actions to execute at the completion of the job.
5513 { # A task to execute on the completion of a job.
5514 # See https://cloud.google.com/dlp/docs/concepts-actions to learn more.
5515 "saveFindings": { # If set, the detailed findings will be persisted to the specified # Save resulting findings in a provided location.
5516 # OutputStorageConfig. Only a single instance of this action can be
5517 # specified.
5518 # Compatible with: Inspect, Risk
5519 "outputConfig": { # Cloud repository for storing output.
5520 "table": { # Message defining the location of a BigQuery table. A table is uniquely # Store findings in an existing table or a new table in an existing
5521 # dataset. If table_id is not set a new one will be generated
5522 # for you with the following format:
5523 # dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific timezone will be used for
5524 # generating the date details.
5525 #
5526 # For Inspect, each column in an existing output table must have the same
5527 # name, type, and mode of a field in the `Finding` object.
5528 #
5529 # For Risk, an existing output table should be the output of a previous
5530 # Risk analysis job run on the same source table, with the same privacy
5531 # metric and quasi-identifiers. Risk jobs that analyze the same table but
5532 # compute a different privacy metric, or use different sets of
5533 # quasi-identifiers, cannot store their results in the same table.
5534 # identified by its project_id, dataset_id, and table_name. Within a query
5535 # a table is often referenced with a string in the format of:
5536 # `<project_id>:<dataset_id>.<table_id>` or
5537 # `<project_id>.<dataset_id>.<table_id>`.
5538 "projectId": "A String", # The Google Cloud Platform project ID of the project containing the table.
5539 # If omitted, project ID is inferred from the API call.
5540 "tableId": "A String", # Name of the table.
5541 "datasetId": "A String", # Dataset ID of the table.
5542 },
5543 "outputSchema": "A String", # Schema used for writing the findings for Inspect jobs. This field is only
5544 # used for Inspect and must be unspecified for Risk jobs. Columns are derived
5545 # from the `Finding` object. If appending to an existing table, any columns
5546 # from the predefined schema that are missing will be added. No columns in
5547 # the existing table will be deleted.
5548 #
5549 # If unspecified, then all available columns will be used for a new table or
5550 # an (existing) table with no schema, and no changes will be made to an
5551 # existing table that has a schema.
5552 },
5553 },
5554 "jobNotificationEmails": { # Enable email notification to project owners and editors on jobs's # Enable email notification to project owners and editors on job's
5555 # completion/failure.
5556 # completion/failure.
5557 },
5558 "publishSummaryToCscc": { # Publish the result summary of a DlpJob to the Cloud Security # Publish summary to Cloud Security Command Center (Alpha).
5559 # Command Center (CSCC Alpha).
5560 # This action is only available for projects which are parts of
5561 # an organization and whitelisted for the alpha Cloud Security Command
5562 # Center.
5563 # The action will publish count of finding instances and their info types.
5564 # The summary of findings will be persisted in CSCC and are governed by CSCC
5565 # service-specific policy, see https://cloud.google.com/terms/service-terms
5566 # Only a single instance of this action can be specified.
5567 # Compatible with: Inspect
5568 },
5569 "pubSub": { # Publish a message into given Pub/Sub topic when DlpJob has completed. The # Publish a notification to a pubsub topic.
5570 # message contains a single field, `DlpJobName`, which is equal to the
5571 # finished job's
5572 # [`DlpJob.name`](/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
5573 # Compatible with: Inspect, Risk
5574 "topic": "A String", # Cloud Pub/Sub topic to send notifications to. The topic must have given
5575 # publishing access rights to the DLP API service account executing
5576 # the long running DlpJob sending the notifications.
5577 # Format is projects/{project}/topics/{topic}.
5578 },
5579 },
5580 ],
5581 },
5582 "triggers": [ # A list of triggers which will be OR'ed together. Only one in the list
5583 # needs to trigger for a job to be started. The list may contain only
5584 # a single Schedule trigger and must have at least one object.
5585 { # What event needs to occur for a new job to be started.
5586 "schedule": { # Schedule for triggeredJobs. # Create a job on a repeating basis based on the elapse of time.
5587 "recurrencePeriodDuration": "A String", # With this option a job is started a regular periodic basis. For
5588 # example: every day (86400 seconds).
5589 #
5590 # A scheduled start time will be skipped if the previous
5591 # execution has not ended when its scheduled time occurs.
5592 #
5593 # This value must be set to a time duration greater than or equal
5594 # to 1 day and can be no longer than 60 days.
5595 },
5596 },
5597 ],
5598 "lastRunTime": "A String", # The timestamp of the last time this trigger executed, output only field.
5599 "createTime": "A String", # The creation timestamp of a triggeredJob, output only field.
5600 "name": "A String", # Unique resource name for the triggeredJob, assigned by the service when the
5601 # triggeredJob is created, for example
5602 # `projects/dlp-test-project/triggeredJobs/53234423`.
5603 }</pre>
5604</div>
5605
5606</body></html>