Resource: DataPolicy
Represents the label-policy binding.
JSON representation |
---|
{ "name": string, "dataPolicyType": enum ( |
Fields | |
---|---|
name |
Output only. Resource name of this data policy, in the format of |
data |
Type of data policy. |
data |
User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name. |
Union field matching_label . Label that is bound to this data policy. matching_label can be only one of the following: |
|
policy |
Policy tag resource name, in the format of |
Union field policy . The policy that is bound to this data policy. policy can be only one of the following: |
|
data |
The data masking policy that specifies the data masking rule to use. |
DataMaskingPolicy
The data masking policy that is used to specify data masking rule.
JSON representation |
---|
{ // Union field |
Fields | |
---|---|
Union field masking_expression . A masking expression to bind to the data masking rule. masking_expression can be only one of the following: |
|
predefined |
A predefined masking expression. |
routine |
The name of the BigQuery routine that contains the custom masking routine, in the format of |
PredefinedExpression
The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options.
Enums | |
---|---|
PREDEFINED_EXPRESSION_UNSPECIFIED |
Default, unspecified predefined expression. No masking will take place since no expression is specified. |
SHA256 |
Masking expression to replace data with SHA-256 hash. |
ALWAYS_NULL |
Masking expression to replace data with NULLs. |
DEFAULT_MASKING_VALUE |
Masking expression to replace data with their default masking values. The default masking values for each type listed as below:
|
LAST_FOUR_CHARACTERS |
Masking expression shows the last four characters of text. The masking behavior is as follows:
|
FIRST_FOUR_CHARACTERS |
Masking expression shows the first four characters of text. The masking behavior is as follows:
|
EMAIL_MASK |
Masking expression for email addresses. The masking behavior is as follows:
For more information, see Email mask. |
DATE_YEAR_MASK |
Masking expression to only show the year of
Truncation occurs according to the UTC time zone. To change this, adjust the default time zone using the |
DataPolicyType
A list of supported data policy types.
Enums | |
---|---|
DATA_POLICY_TYPE_UNSPECIFIED |
Default value for the data policy type. This should not be used. |
COLUMN_LEVEL_SECURITY_POLICY |
Used to create a data policy for column-level security, without data masking. |
DATA_MASKING_POLICY |
Used to create a data policy for data masking. |
Methods |
|
---|---|
|
Creates a new data policy under a project with the given dataPolicyId (used as the display name), policy tag, and data policy type. |
|
Deletes the data policy specified by its resource name. |
|
Gets the data policy specified by its resource name. |
|
Gets the IAM policy for the specified data policy. |
|
List all of the data policies in the specified parent project. |
|
Updates the metadata for an existing data policy. |
|
Renames the id (display name) of the specified data policy. |
|
Sets the IAM policy for the specified data policy. |
|
Returns the caller's permission on the specified data policy resource. |