This page provides pricing information for the Cloud Data Loss Prevention (DLP). Prices on this page are listed in US dollars (USD), and are effective as of February 15, 2018.
The Cloud DLP charges for usage based on the following price sheet. A bill is sent out at the end of each billing cycle, listing previous usage and charges. Prices on this page are listed in US dollars (USD).
If you pay in a currency other than USD, the prices listed in your currency on Cloud Platform SKUs apply.
Depending on the quantity of information that you instruct the Cloud DLP to scan, it is possible for costs to become prohibitively high. To learn several methods that you can use to keep costs down while also ensuring that you're using the Cloud DLP to scan the exact data that you intend to, see Keeping Cloud DLP costs under control.
To use the GCP Pricing Calculator to estimate Cloud DLP costs based on type and quantity of content scanned, see Google Cloud Platform Pricing Calculator.
Current pricing overview
The Cloud DLP provides a set of features for inspecting data and transforming parts of it. Across these scenarios, we enable you to pay only for what you use, with no upfront commitments. Cloud DLP supports the features summarized in the following table:
| Feature | Description |
|---|---|
| Inspection with predefined infoTypes | Each predefined classifier detects a different data element such as names, phone numbers, email addresses, Social Security numbers, and more. |
| Inspection with custom infoTypes | Allows custom defined dictionary to classify new elements or augment predefined infoTypes. |
| Image redaction | Extracts text from images, classifies this text, and generates a new image with rectangular boxes masking any findings. |
| De-identification | Transforms tabular or free-text data to mask, redact, or obfuscate by column, record, or infoType finding. |
| Cloud DLP templates | Provides the ability to create and manage Cloud DLP configurations and options and persist and reuse them in the form of a template. |
| Risk analysis | Scans and computes different privacy and statistical metrics on structured data in BigQuery. |
Charges are based on the total bytes processed and the features requested.
For example, inspection requests are based on the total bytes inspected and
total number of predefined or custom infoTypes used. Requests that involve
both inspection and transformation are charged for both features unless
otherwise noted. For example, simple redaction of inspect findings—which
includes the transformations
RedactConfig
and
ReplaceWithInfoTypeConfig,
as well as the
image.redact
method for inspection (not transformation)—is not counted against the
number of bytes transformed.
Units
Billing charges are resolved monthly according to how many units were processed and what tier they fall in. There are two types of units, and each unit type is calculated differently:
- Inspection units are based on the total bytes inspected and the total number of predefined or custom infoTypes used for inspection. For more information about how inspection units are calculated and what constitutes an inspect action, see Inspection, below.
- Transformation units are based on the number of bytes transformed. For more information about how transformation units are calculated and what constitutes a transform action, see Transformation, below.
Each type of unit is priced by its own schedule of tiers as detailed in the tables below. In each table, the tiers are given by ranges of giga-units (GU) and tera-units (TU). Within each range, the price listed is per GU. For example, for a given billing cycle:
- First 10 GU of inspection is free
- Inspection units are billed at $0.30 per GU for the number of units between 10 GU and 1 TU.
Inspection Units
| Tier 1 | Tier 2 | Tier 3 | Tier 4 |
|---|---|---|---|
| First 10 GU | Each additional GU up to 1 TU | Each additional GU up to 10 TU | Each additional GU over 10 TU |
| Free | $0.30 | $0.20 | $0.10 |
Each request that performs inspection reports the number of inspection units processed per request.
Transformation Units
| Tier 1 | Tier 2 | Tier 3 | Tier 4 |
|---|---|---|---|
| First 1 GU | Each additional GU up to 1 TU | Each additional GU up to 10 TU | Each additional GU over 10 TU |
| Free | $3 | $2 | $1 |
Each request that performs transformation reports the number of transformation units processed per request. Transformation includes those requests that perform de-identification and re-identification.
There is a minimum per request for each type of unit; when the units are below the minimum, they are rounded up to the minimum. Rounding is done per request. The methods for which the Cloud DLP bills directly are listed in the following table, along with which types of units each method may be billed for:
| API Method | Inspection | Transformation |
|---|---|---|
projects.image.redact |
Yes | No |
projects.content.inspect |
Yes | No |
projects.content.inspect |
Yes | No |
projects.content.deidentify |
Yes | Yes |
projects.content.reidentify |
Yes | Yes |
Inspection
Inspection units are based on the total bytes inspected and the total number of predefined or custom infoTypes used. Note that we use "KU" to stand for kilo-units. For a request that is billed for inspection units, these units are calculated by:
- Rounding up the number of distinct infoTypes requested for inspection to 10, if this number is less than 10.
- Multiplying this number by the number of bytes inspected.
- Rounding the result up to 10 KU, if it is less than 10 KU.
The inspect methods are the following:
projects.image.redactprojects.content.inspectprojects.content.inspectprojects.content.deidentifyprojects.content.reidentify
Transformation
Transformation units are based on the number of bytes transformed. Note that we use "KU" to stand for kilo-units. For a request that is billed for transformation units, these units are calculated by:
- Taking the sum of the number of bytes transformed.
- Rounding up to 1 KU, only if this number is less than 1 KU and if no inspection units are to be billed for this request.
The transform methods are the following:
Risk analysis
Risk analysis uses resources in BigQuery and charges will show up as BigQuery usage. The Cloud DLP does not add any additional charges for risk analysis.
Risk analysis jobs are created using the projects.dlpJobs.create method with the
following configuration objects:
Examples
Per request unit calculations
The following table details examples that show how units are calculated for various requests. Note that "KU" stands for kilo-units.
| Example | Bytes inspected | InfoTypes configured for inspection | Bytes transformed | Resulting inspection units | Resulting transformation units |
|---|---|---|---|---|---|
| Inspection without round-up | 1 KB | 12 | 0 | 1 KB * 12 results in 12 KU | 0 |
| Inspection with infoType round-up | 2 KB | 8 | 0 | 2 KB * 10 results in 20 KU | 0 |
| Inspection with unit round-up | 500 B | 10 | 0 | 500 B * 10 rounds up to 10 KU | 0 |
| Transformation without round-up | 0 | 0 | 2 KB | 0 | 2 KU |
| Transformation with round-up | 0 | 0 | 500 B | 0 | 500 B rounds up to 1 KU |
| Transformation with inspection skips round-up | 1 KB | 10 | 500 B | 1 KB * 10 results in 10 KU | 500 B |
Billing charges per cycle
The following table details examples that show how units are billed for within a billing cycle. Each example assumes the given inspection and transformation units are the total amount of units of their type for the billing cycle.
| Example | Inspection units | Transformation units | Resulting inspection charges | Resulting transformation charges |
|---|---|---|---|---|
| Free usage through tier 1 | 9 GU | 900 MU | 9 GU * $0.0 / GU = $0 | 0.9 GU * $0.0 / GU = $0 |
| Charged usage through tier 2 | 30 GU | 4 GU | (10 GU * $0.0 / GU) + (20 GU * $0.3 / GU) = $6 |
(1 GU * $0.0 / GU) + (3 GU * $3 / GU) = $9 |
| Charged Usage through tier 3 | 1200 GU | 1100 GU | (10 GU * $0.0 / GU) + (1000 GU * $0.3 / GU) + (190 GU * $0.2 / GU) = $338 |
(1 GU * $0.0 / GU) + (1000 GU * $3 / GU) + (99 GU * $2 / GU) = $3198 |
If you pay in a currency other than USD, the prices listed in your currency on Cloud Platform SKUs apply.
End-to-end example
The following table shows monthly costs for various quantities of requests and their configurations:
| Example | Number of requests per month | Bytes inspected per request | InfoTypes configured for inspection per request | Bytes transformed per request | Billing charges |
|---|---|---|---|---|---|
| Inspection only | 2 million | 1 KB | 10 | 0 | (1 KB * 10 = 10 KU) * 2 million = 20 GU (10 GU * $0.0 / GU) + (10 GU * $0.3 / GU) = $3 |
| Transformation only | 2 million | 0 | 0 | 1 KB | (1 KB = 1 KU) * 2 million = 2 GU (1 GU * $0.0 / GU) + (1 GU * $3.0 / GU) = $3 |
| Inspection and transformation | 2 million | 10 KB | 10 | 1 KB | Inspect: (10 KB * 10 = 100 KU) * 2 million = 200 GU (10 GU * $0.0 / GU) + (190 GU * $0.3 / GU) = $57 Transform: (1 KB = 1 KU) * 2 million = 2 GU (1 GU * $0.0 / GU) + (1 GU * $3.0 / GU) = $3 Total: $57 (inspection) + $3 (transformation) = $60 |
If you pay in a currency other than USD, the prices listed in your currency on Cloud Platform SKUs apply.
Controlling Costs
Depending on the quantity of information that you instruct the Cloud DLP to scan, it is possible for costs to become prohibitively high. To learn several methods that you can use to keep costs down while also ensuring that you're using the Cloud DLP to scan the exact data that you intend to, see Keeping Cloud DLP costs under control.
