REST Resource: projects.locations.securitySettings

Stay organized with collections Save and categorize content based on your preferences.

Resource: SecuritySettings

Represents the settings related to security issues, such as data redaction and data retention. It may take hours for updates on the settings to propagate to all the related components and take effect.

JSON representation
{
  "name": string,
  "displayName": string,
  "redactionStrategy": enum (RedactionStrategy),
  "redactionScope": enum (RedactionScope),
  "inspectTemplate": string,
  "deidentifyTemplate": string,
  "purgeDataTypes": [
    enum (PurgeDataType)
  ],
  "audioExportSettings": {
    object (AudioExportSettings)
  },
  "insightsExportSettings": {
    object (InsightsExportSettings)
  },
  "retentionWindowDays": integer
}
Fields
name

string

Resource name of the settings. Required for the SecuritySettingsService.UpdateSecuritySettings method. SecuritySettingsService.CreateSecuritySettings populates the name automatically. Format: projects/<Project ID>/locations/<Location ID>/securitySettings/<Security Settings ID>.

displayName

string

Required. The human-readable name of the security settings, unique within the location.

redactionStrategy

enum (RedactionStrategy)

Strategy that defines how we do redaction.

redactionScope

enum (RedactionScope)

Defines the data for which Dialogflow applies redaction. Dialogflow does not redact data that it does not have access to – for example, Cloud logging.

inspectTemplate

string

DLP inspect template name. Use this template to define inspect base settings.

The DLP Inspect Templates Reader role is needed on the Dialogflow service identity service account (has the form service-PROJECT_NUMBER@gcp-sa-dialogflow.iam.gserviceaccount.com) for your agent's project.

If empty, we use the default DLP inspect config.

The template name will have one of the following formats: projects/<Project ID>/locations/<Location ID>/inspectTemplates/<Template ID> OR organizations/<Organization ID>/locations/<Location ID>/inspectTemplates/<Template ID>

Note: inspectTemplate must be located in the same region as the SecuritySettings.

deidentifyTemplate

string

DLP deidentify template name. Use this template to define de-identification configuration for the content.

The DLP De-identify Templates Reader role is needed on the Dialogflow service identity service account (has the form service-PROJECT_NUMBER@gcp-sa-dialogflow.iam.gserviceaccount.com) for your agent's project.

If empty, Dialogflow replaces sensitive info with [redacted] text.

The template name will have one of the following formats: projects/<Project ID>/locations/<Location ID>/deidentifyTemplates/<Template ID> OR organizations/<Organization ID>/locations/<Location ID>/deidentifyTemplates/<Template ID>

Note: deidentifyTemplate must be located in the same region as the SecuritySettings.

purgeDataTypes[]

enum (PurgeDataType)

List of types of data to remove when retention settings triggers purge.

audioExportSettings

object (AudioExportSettings)

Controls audio export settings for post-conversation analytics when ingesting audio to conversations via [Participants.AnalyzeContent][] or [Participants.StreamingAnalyzeContent][].

If retentionStrategy is set to REMOVE_AFTER_CONVERSATION or [audioExportSettings.gcs_bucket][] is empty, audio export is disabled.

If audio export is enabled, audio is recorded and saved to [audioExportSettings.gcs_bucket][], subject to retention policy of [audioExportSettings.gcs_bucket][].

This setting won't effect audio input for implicit sessions via Sessions.DetectIntent or Sessions.StreamingDetectIntent.

insightsExportSettings

object (InsightsExportSettings)

Controls conversation exporting settings to Insights after conversation is completed.

If retentionStrategy is set to REMOVE_AFTER_CONVERSATION, Insights export is disabled no matter what you configure here.

retentionWindowDays

integer

Retains data in interaction logging for the specified number of days. This does not apply to Cloud logging, which is owned by the user - not Dialogflow. User must set a value lower than Dialogflow's default 365d TTL. Setting a value higher than that has no effect. A missing value or setting to 0 also means we use Dialogflow's default TTL. Note: Interaction logging is a limited access feature. Talk to your Google representative to check availability for you.

RedactionStrategy

Defines how we redact data.

Enums
REDACTION_STRATEGY_UNSPECIFIED Do not redact.
REDACT_WITH_SERVICE Call redaction service to clean up the data to be persisted.

RedactionScope

Defines what types of data to redact.

Enums
REDACTION_SCOPE_UNSPECIFIED Don't redact any kind of data.
REDACT_DISK_STORAGE On data to be written to disk or similar devices that are capable of holding data even if power is disconnected. This includes data that are temporarily saved on disk.

PurgeDataType

Type of data we purge after retention settings triggers purge.

Enums
PURGE_DATA_TYPE_UNSPECIFIED Unspecified. Do not use.
DIALOGFLOW_HISTORY Dialogflow history. This does not include Cloud logging, which is owned by the user - not Dialogflow.

AudioExportSettings

Settings for exporting audio.

JSON representation
{
  "gcsBucket": string,
  "audioExportPattern": string,
  "enableAudioRedaction": boolean,
  "audioFormat": enum (AudioFormat)
}
Fields
gcsBucket

string

Cloud Storage bucket to export audio record to. Settings this field would grant the Storage Object Creator role to the Dialogflow Service Agent. API caller that tries to modify this field should have the permission of storage.buckets.setIamPolicy.

audioExportPattern

string

Filename pattern for exported audio.

enableAudioRedaction

boolean

Enable audio redaction if it is true.

audioFormat

enum (AudioFormat)

File format for exported audio file. Currently only in telephony recordings.

AudioFormat

File format for exported audio file. Currently only in telephony recordings.

Enums
AUDIO_FORMAT_UNSPECIFIED Unspecified. Do not use.
MULAW G.711 mu-law PCM with 8kHz sample rate.
MP3 MP3 file format.
OGG OGG Vorbis.

InsightsExportSettings

Settings for exporting conversations to Insights.

JSON representation
{
  "enableInsightsExport": boolean
}
Fields
enableInsightsExport

boolean

If enabled, we will automatically exports conversations to Insights and Insights runs its analyzers.

Methods

create

Create security settings in the specified location.

delete

Deletes the specified SecuritySettings.

get

Retrieves the specified SecuritySettings.

list

Returns the list of all security settings in the specified location.

patch

Updates the specified SecuritySettings.