Quickstart: Creating a Cloud DLP inspection template

You can use templates to create and persist configuration information to use with Cloud Data Loss Prevention (DLP). Templates are useful for decoupling configuration information—like what you inspect for or de-identify—from the implementation of your requests. Templates provide a way to manage large-scale rollouts of Cloud DLP inspection jobs.

This quickstart guides you through the creation of a new inspection template using Cloud DLP in the Google Cloud Platform Console.

To learn about all available inspection template options, see Creating Cloud DLP inspection templates.

Before you begin

  1. Accede a tu Cuenta de Google.

    Si todavía no tienes una cuenta, regístrate para obtener una nueva.

  2. Selecciona o crea un proyecto de GCP.

    Ir a la página Administrar recursos

  3. Asegúrate de tener habilitada la facturación para tu proyecto.

    Aprende a habilitar la facturación

  4. Habilita las Cloud DLP API necesarias.

    Habilita las API

Open Cloud DLP

To access Cloud DLP in the GCP Console:

Go to Cloud DLP

Alternatively, do the following:

  1. In the GCP Console, if the navigation menu isn't visible, click the navigation button in the upper-left corner of the page.
  2. Point to Security, and then click Data Loss Prevention.

The main Cloud DLP page opens.

Create a new template

To create a template in Cloud DLP:

  1. In the GCP Console, open Cloud DLP.

    Go to Cloud DLP

  2. From the Create menu, choose Template.

    Screenshot of DLP UI with Create menu > Templates

    Alternatively, click the following button:

    Create new template

  3. On the Create template page, first enter a name for the inspection template. This is how you'll refer to the template when you run a job, create a job trigger, and so on. You can use letters, numbers, and hyphens. If you want, you can also enter a description to help you remember what the template does.


Next, choose a built-in infoType to use to scan your content.

InfoType detectors find sensitive data of a certain type. For example, the Cloud DLP US_SOCIAL_SECURITY_NUMBER infoType detector finds US Social Security numbers.

In the InfoTypes field, choose ALL_BASIC to scan for all default infoTypes.

More information about each detector is provided in InfoType detector reference.

Confidence threshold

If you want, you can change the confidence threshold, or match likelihood value, to tweak how Cloud DLP matches your content.

Every time Cloud DLP detects a potential match for sensitive data, it assigns it a likelihood value on a scale from "Very unlikely" to "Very likely." When you set a likelihood value here, you are instructing Cloud DLP to only match on data that corresponds to that likelihood value or higher.

The default value of "Possible" is sufficient for most purposes. If you routinely get matches that are too broad when you use this template, move the slider up. If you get too few matches, move the slider down.

Finish the template

When you're done, click Create to create the template. The template's summary information page appears.

To return to the main Cloud DLP page, click the Back arrow in the GCP Console.

Use the template

After you've created your template using this quickstart, you're ready to run a scan using the template. If you're not already familiar with how to run an inspection scan, follow the instructions provided in Quickstart scheduling Cloud DLP inspection scans with the following change:

  • In the Configure detection > Templates section, click in the Template name field and select the template you just created.

Clean up

To avoid incurring charges to your GCP account for the resources used in this quickstart:

Delete the project

The easiest way to eliminate billing is to delete the project that you created for the tutorial.

To delete the project:

  1. En la GCP Console, dirígete a la página Proyectos.

    Ir a la página Proyectos

  2. En la lista de proyectos, selecciona el proyecto que deseas borrar y haz clic en Borrar.
  3. En el cuadro de diálogo, escribe el ID del proyecto y, luego, haz clic en Cerrar para borrar el proyecto.

Delete the template

  1. If necessary, choose the name of the project in which you created a template from the menu at the top of the GCP Console. Then open Cloud DLP in the GCP Console.

    Go to Cloud DLP

  2. Click the Configuration tab, and then the Templates tab. The console displays a list of all templates for the current project.

  3. In the Actions column for the template you want to delete, click the more actions menu (displayed as three dots arranged vertically) , and then click Delete.

    Screenshot of DLP UI templates with Actions menu open.

Alternatively, from the list of templates, click the name of the template you want to delete. On the template's detail page, click Delete.

What's next

  • Learn more about creating templates, using either Cloud DLP in the GCP Console, the Cloud DLP API, or client libraries in several programming languages: Creating Cloud DLP inspection templates.
¿Te sirvió esta página? Envíanos tu opinión:

Enviar comentarios sobre…

Cloud Data Loss Prevention