Create a Sensitive Data Protection inspection template

This quickstart shows you how to create and use a Sensitive Data Protection inspection template in the Google Cloud console. Sensitive Data Protection inspection templates let you create and persist configuration information in Sensitive Data Protection.

To complete this quickstart, you need to have data that you can scan in Cloud Storage, BigQuery, or Firestore in Datastore mode (Datastore).


To follow step-by-step guidance for this task directly in the Google Cloud console, click Guide me:

Guide me


Before you begin

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  3. Make sure that billing is enabled for your Google Cloud project.

  4. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  5. Make sure that billing is enabled for your Google Cloud project.

  6. Enable the Sensitive Data Protection API.

    Enable the API

Create a template

In the following sections, you configure and create an inspection template.

Define template

  1. In the Sensitive Data Protection section of the Google Cloud console, go to the Create template page.

    Go to Create template

  2. On the Create template page, define the following options:

    • For Template type, use the default setting Inspect (find sensitive data).

    • For Template ID, enter quickstart-template.

    • For Display name, enter Quickstart template.

    • For Description, leave the field empty.

    • For Resource location, use the default setting Global (any region).

  3. Click Continue.

Configure detection

You now configure the template to detect for an infoType such as credit card numbers.

  1. In the Configure detection section of the Create template page, do the following:

    • In the InfoTypes section, click Manage infoTypes, select the infoTypes that you want to scan for, and then click Done.

    • In the Confidence threshold section, select Possible from the Likelihood list.

      The default value Possible is sufficient for most purposes. If you routinely get matches that are too broad when you use this template, move the slider up. If you get too few matches, move the slider down.

  2. To create the template, click Create.

    The template's summary information page appears. To return to the main Sensitive Data Protection page, click Up to Template list.

Use the template

The following steps describe how to configure the template for use in a scan:

  1. In the Google Cloud console, go to the Create job or job trigger page.

    Go to Create job or job trigger

  2. Follow the prompts to create an inspection job or job trigger (a recurring job). When you are prompted to configure the detection, select the template that you created.

Clean up

To avoid incurring charges to your Google Cloud account for the resources used on this page, follow these steps.

Delete the project

The easiest way to eliminate billing is to delete the project that you created for the tutorial.

To delete the project:

  1. In the Google Cloud console, go to the Manage resources page.

    Go to Manage resources

  2. In the project list, select the project that you want to delete, and then click Delete.
  3. In the dialog, type the project ID, and then click Shut down to delete the project.

Delete the template

There are no costs associated with creating and storing templates. However, if you want to delete a template, follow these steps:

  1. If necessary, select the project in which you created a template from the Google Cloud console toolbar.

  2. Go to the Sensitive Data Protection page.

    Go to Sensitive Data Protection

  3. Click the Configuration tab, and then click the Templates tab. The Google Cloud console displays a list of all templates for the current project.

  4. In the Actions column for the template you want to delete, click the trigger actions menu , click Delete, and then click Confirm.

What's next