创建和管理许可存储区

本页面介绍如何创建和管理许可存储区。

Consent Management API 是一个工具,用于记录用户许可、基于用户许可管理操作以及维护关联文档和记录。

使用 Consent Management API 的组织负责获取和维护允许通过 Consent Management API 处理数据所需的许可。

Consent Management API 担任政策决策点的角色。政策执行必须在应用中或通过代理实现。如需了解详情,请参阅基于特性的访问权限控制

设置权限

要使用本指南中的功能,您必须具有 roles/healthcare.consentStoreAdmin 角色。但是,如果要使用 Consent Management API 执行其他有用的操作,可能需要其他权限。如需了解详情,请参阅访问权限控制

许可存储区是顶级资源,其中包含与 Consent Management API 配置和操作相关的所有信息。许可存储区属于 Cloud Healthcare API 数据集,该数据集在创建时会被分配给一个区域。此区域是您的许可存储区运行的地理位置。

  1. 在 Google Cloud 控制台中,进入数据集页面。

    进入“数据集”

  2. 选择要在其中创建许可存储区的数据集。

  3. 点击创建数据存储区

  4. 选择许可 (Consent) 作为数据存储区类型。

  5. ID 字段中,输入在数据集中具有唯一性的名称。如果名称不唯一,则存储区创建会失败。

  6. 点击下一步

  7. 配置您的同意存储区中,选择以下一个选项,以确定存储区中许可的到期时间:

    • 没有默认到期时间意味着,默认情况下,同意不会过期。
    • 默认到期时间是指,默认情况下,同意在到期时间字段中定义的天数后到期。

  8. 如要允许使用 consentStores.patch 创建新的意见征求资源,请点击允许在更新时创建意见征求资源

  9. 点击下一步

  10. 点击添加标签来定义可选的键和值标签,以组织 Google Cloud 资源。

  11. 点击创建

如需创建许可存储区,请运行 gcloud healthcare consent-stores create 命令。

在使用下面的命令数据之前,请先进行以下替换:

  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:许可存储区的标识符。许可存储区 ID 必须包含以下内容:
    • 数据集内的唯一 ID
    • 包含 1-256 个字符的 Unicode 字符串,由以下各项组成:
      • 数字
      • 字母
      • 下划线
      • 短划线
      • 英文句点

执行以下命令:

Linux、macOS 或 Cloud Shell

gcloud healthcare consent-stores create CONSENT_STORE_ID \
  --dataset=DATASET_ID \
  --location=LOCATION

Windows (PowerShell)

gcloud healthcare consent-stores create CONSENT_STORE_ID `
  --dataset=DATASET_ID `
  --location=LOCATION

Windows (cmd.exe)

gcloud healthcare consent-stores create CONSENT_STORE_ID ^
  --dataset=DATASET_ID ^
  --location=LOCATION

您应该会收到类似如下所示的响应:

响应

Created consentStore [CONSENT_STORE_ID].

如需创建许可存储区,请使用 projects.locations.datasets.consentStores.create 方法。

在使用任何请求数据之前,请先进行以下替换:

  • PROJECT_ID:您的 Google Cloud 项目的 ID
  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:许可存储区的标识符。许可存储区 ID 必须包含以下内容:
    • 数据集内的唯一 ID
    • 包含 1-256 个字符的 Unicode 字符串,由以下各项组成:
      • 数字
      • 字母
      • 下划线
      • 短划线
      • 英文句点
  • DEFAULT_CONSENT_EXPIRATION_DURATION:可选的默认时间(以秒为单位),在此存储区中创建的同意到期之前。该时长必须至少为 24 小时(86400 秒),并且必须采用 DEFAULT_CONSENT_EXPIRATION_DURATIONs 格式。
  • ENABLE_CONSENT_CREATE_ON_UPDATE:可选布尔值,用于确定请求使用 consentStores.patch 修补不存在的意见征求资源时,是否应创建该资源。默认值为 FALSE

请求 JSON 正文:

{
  "defaultConsentTtl": "DEFAULT_CONSENT_EXPIRATION_DURATIONs",
  "enableConsentCreateOnUpdate": "ENABLE_CONSENT_CREATE_ON_UPDATE"
}

如需发送请求,请选择以下方式之一:

curl

将请求正文保存在名为 request.json 的文件中。在终端中运行以下命令,在当前目录中创建或覆盖此文件:

cat > request.json << 'EOF'
{
  "defaultConsentTtl": "DEFAULT_CONSENT_EXPIRATION_DURATIONs",
  "enableConsentCreateOnUpdate": "ENABLE_CONSENT_CREATE_ON_UPDATE"
}
EOF

然后,执行以下命令以发送 REST 请求:

curl -X POST \
    -H "Authorization: Bearer $(gcloud auth print-access-token)" \
    -H "Content-Type: application/json; charset=utf-8" \
    -d @request.json \
    "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores?consentStoreId=CONSENT_STORE_ID"

PowerShell

将请求正文保存在名为 request.json 的文件中。在终端中运行以下命令,在当前目录中创建或覆盖此文件:

@'
{
  "defaultConsentTtl": "DEFAULT_CONSENT_EXPIRATION_DURATIONs",
  "enableConsentCreateOnUpdate": "ENABLE_CONSENT_CREATE_ON_UPDATE"
}
'@  | Out-File -FilePath request.json -Encoding utf8

然后,执行以下命令以发送 REST 请求:

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method POST `
    -Headers $headers `
    -ContentType: "application/json; charset=utf-8" `
    -InFile request.json `
    -Uri "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores?consentStoreId=CONSENT_STORE_ID" | Select-Object -Expand Content

API Explorer

复制请求正文并打开方法参考页面。API Explorer 面板会在页面右侧打开。您可以与此工具进行交互以发送请求。将请求正文粘贴到此工具中,填写任何其他必填字段,然后点击执行

您应该收到类似以下内容的 JSON 响应:

const google = require('@googleapis/healthcare');
const healthcare = google.healthcare({
  version: 'v1',
  auth: new google.auth.GoogleAuth({
    scopes: ['https://www.googleapis.com/auth/cloud-platform'],
  }),
});

const createConsentStore = async () => {
  // TODO(developer): uncomment these lines before running the sample
  // const cloudRegion = 'us-central1';
  // const projectId = 'adjective-noun-123';
  // const datasetId = 'my-dataset';
  // const consentStoreId = 'my-consent-store';
  const parent = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}`;
  const request = {parent, consentStoreId};

  await healthcare.projects.locations.datasets.consentStores.create(request);
  console.log(`Created consent store: ${consentStoreId}`);
};

createConsentStore();
def create_consent_store(
    project_id: str, location: str, dataset_id: str, consent_store_id: str
):
    """Creates a new consent store within the parent dataset.
    See https://github.com/GoogleCloudPlatform/python-docs-samples/tree/main/healthcare/api-client/v1/consent
    before running the sample."""
    # Imports the Google API Discovery Service.
    from googleapiclient import discovery

    api_version = "v1"
    service_name = "healthcare"
    # Returns an authorized API client by discovering the Healthcare API
    # and using GOOGLE_APPLICATION_CREDENTIALS environment variable.
    client = discovery.build(service_name, api_version)

    # TODO(developer): Uncomment these lines and replace with your values.
    # project_id = 'my-project'  # replace with your GCP project ID
    # location = 'us-central1'  # replace with the parent dataset's location
    # dataset_id = 'my-dataset'  # replace with the consent store's parent dataset ID
    # consent_store_id = 'my-consent-store'  # replace with the consent store's ID
    consent_store_parent = (
        f"projects/{project_id}/locations/{location}/datasets/{dataset_id}"
    )

    request = (
        client.projects()
        .locations()
        .datasets()
        .consentStores()
        .create(parent=consent_store_parent, body={}, consentStoreId=consent_store_id)
    )

    response = request.execute()
    print(f"Created consent store: {consent_store_id}")
    return response

创建许可存储区后,您可以进行更新。例如,您可以添加或移除标签来整理用户意见征求存储区。

以下示例展示了如何删除许可存储区。

如需修改许可存储区,请完成以下步骤:

  1. 在 Google Cloud 控制台中,进入数据集页面。

    进入“数据集”

  2. 选择包含您要修改的许可存储区的数据集。
  3. 数据存储区列表中,点击要修改的数据存储区。
  4. 如需修改许可存储区的配置,请点击许可存储区配置旁边的修改图标。

    如需详细了解许可存储区的配置选项,请参阅创建许可存储区
  5. 如需为商店添加一个或多个标签,请依次点击 标签添加标签,然后输入键值对标签。 如需详细了解资源标签,请参阅使用资源标签
  6. 点击保存

如需修改许可存储区,请运行 gcloud healthcare consent-stores update 命令。

在使用下面的命令数据之前,请先进行以下替换:

  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:意见征求存储区 ID
  • KEY:用于整理用户意见征求存储区的键值对中的键。如需了解标签要求和限制,请参阅 labels
  • VALUE:用于整理用户意见征求存储区的键值对中的值。如需了解标签要求和限制,请参阅 labels

执行以下命令:

Linux、macOS 或 Cloud Shell

gcloud healthcare consent-stores update CONSENT_STORE_ID \
  --dataset=DATASET_ID \
  --location=LOCATION \
  --update-labels=KEY=VALUE

Windows (PowerShell)

gcloud healthcare consent-stores update CONSENT_STORE_ID `
  --dataset=DATASET_ID `
  --location=LOCATION `
  --update-labels=KEY=VALUE

Windows (cmd.exe)

gcloud healthcare consent-stores update CONSENT_STORE_ID ^
  --dataset=DATASET_ID ^
  --location=LOCATION ^
  --update-labels=KEY=VALUE

您应该会收到类似如下所示的响应:

响应

Updated consentStore [CONSENT_STORE_ID].
labels:
  KEY: VALUE
name: projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID

如需修改许可存储区,请使用 projects.locations.datasets.consentStores.patch 方法。

在使用任何请求数据之前,请先进行以下替换:

  • PROJECT_ID:您的 Google Cloud 项目的 ID
  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:意见征求存储区 ID
  • KEY:用于整理用户意见征求存储区的键值对中的键。如需了解标签要求和限制,请参阅 labels
  • VALUE:用于整理用户意见征求存储区的键值对中的值。如需了解标签要求和限制,请参阅 labels

请求 JSON 正文:

{
  "labels": {
    "KEY": "VALUE"
  }
}

如需发送请求,请选择以下方式之一:

curl

将请求正文保存在名为 request.json 的文件中。在终端中运行以下命令,在当前目录中创建或覆盖此文件:

cat > request.json << 'EOF'
{
  "labels": {
    "KEY": "VALUE"
  }
}
EOF

然后,执行以下命令以发送 REST 请求:

curl -X PATCH \
    -H "Authorization: Bearer $(gcloud auth print-access-token)" \
    -H "Content-Type: application/json; charset=utf-8" \
    -d @request.json \
    "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID?updateMask=labels"

PowerShell

将请求正文保存在名为 request.json 的文件中。在终端中运行以下命令,在当前目录中创建或覆盖此文件:

@'
{
  "labels": {
    "KEY": "VALUE"
  }
}
'@  | Out-File -FilePath request.json -Encoding utf8

然后,执行以下命令以发送 REST 请求:

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method PATCH `
    -Headers $headers `
    -ContentType: "application/json; charset=utf-8" `
    -InFile request.json `
    -Uri "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID?updateMask=labels" | Select-Object -Expand Content

API Explorer

复制请求正文并打开方法参考页面。API Explorer 面板会在页面右侧打开。您可以与此工具进行交互以发送请求。将请求正文粘贴到此工具中,填写任何其他必填字段,然后点击执行

您应该收到类似以下内容的 JSON 响应:

const google = require('@googleapis/healthcare');
const healthcare = google.healthcare({
  version: 'v1',
  auth: new google.auth.GoogleAuth({
    scopes: ['https://www.googleapis.com/auth/cloud-platform'],
  }),
});

const patchConsentStore = async () => {
  // TODO(developer): uncomment these lines before running the sample
  // const cloudRegion = 'us-central1';
  // const projectId = 'adjective-noun-123';
  // const datasetId = 'my-dataset';
  // const consentStoreId = 'my-consent-store';
  // const defaultConsentTtl = '172800s' Must be at least 24 hours, specified
  // in seconds, appended with 's' character.
  const name = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}/consentStores/${consentStoreId}`;
  const request = {
    name,
    updateMask: 'defaultConsentTtl',
    resource: {
      defaultConsentTtl: defaultConsentTtl,
    },
  };

  await healthcare.projects.locations.datasets.consentStores.patch(request);
  console.log(
    `Patched consent store ${consentStoreId} with default consent time-to-live ${defaultConsentTtl}`
  );
};

patchConsentStore();
def patch_consent_store(
    project_id: str,
    location: str,
    dataset_id: str,
    consent_store_id: str,
    default_consent_ttl,
):
    """Updates the consent store.
    See https://github.com/GoogleCloudPlatform/python-docs-samples/tree/main/healthcare/api-client/v1/consent
    before running the sample."""
    # Imports the Google API Discovery Service.
    from googleapiclient import discovery

    api_version = "v1"
    service_name = "healthcare"
    # Returns an authorized API client by discovering the Healthcare API
    # and using GOOGLE_APPLICATION_CREDENTIALS environment variable.
    client = discovery.build(service_name, api_version)

    # TODO(developer): Uncomment these lines and replace with your values.
    # project_id = 'my-project'  # replace with your GCP project ID
    # location = 'us-central1'  # replace with the parent dataset's location
    # dataset_id = 'my-dataset'  # replace with the consent store's parent dataset ID
    # consent_store_id = 'my-consent-store'  # replace with the consent store's ID
    # default_consent_ttl = '172800s'  # replace with a default TTL
    consent_store_parent = "projects/{}/locations/{}/datasets/{}".format(
        project_id, location, dataset_id
    )
    consent_store_name = "{}/consentStores/{}".format(
        consent_store_parent, consent_store_id
    )

    # Updates the default time-to-live (TTL) of consents in the consent store.
    # Updating the TTL does not affect the expiration time of existing consents.
    # Specify as a duration in seconds with up to nine fractional digits,
    # terminated by "s", for example "172800s".
    # Minimum value is 24 hours, or "86400s" in seconds.
    patch = {"defaultConsentTtl": default_consent_ttl}

    request = (
        client.projects()
        .locations()
        .datasets()
        .consentStores()
        .patch(name=consent_store_name, updateMask="defaultConsentTtl", body=patch)
    )

    response = request.execute()
    print(
        "Patched consent store {} with new default consent TTL: {}".format(
            consent_store_id, default_consent_ttl
        )
    )

    return response

以下示例展示了如何获取许可存储区的详细信息。

如需查看许可存储区的详情,请执行以下操作:

  1. 在 Google Cloud 控制台中,转到数据集页面。

    进入“数据集”

  2. 选择包含您要查看的许可存储区的数据集。
  3. 点击许可存储区的名称。

如需获取有关许可存储区的详细信息,请运行 gcloud healthcare consent-stores describe 命令。

在使用下面的命令数据之前,请先进行以下替换:

  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:意见征求存储区 ID

执行以下命令:

Linux、macOS 或 Cloud Shell

gcloud healthcare consent-stores describe CONSENT_STORE_ID \
  --dataset=DATASET_ID \
  --location=LOCATION

Windows (PowerShell)

gcloud healthcare consent-stores describe CONSENT_STORE_ID `
  --dataset=DATASET_ID `
  --location=LOCATION

Windows (cmd.exe)

gcloud healthcare consent-stores describe CONSENT_STORE_ID ^
  --dataset=DATASET_ID ^
  --location=LOCATION
 如果您在 ConsentStore 资源中配置了任何字段,这些字段也会在响应中显示。

响应

name: projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID

如需获取有关许可存储区的详细信息,请使用 projects.locations.datasets.consentStores.get 方法。

在使用任何请求数据之前,请先进行以下替换:

  • PROJECT_ID:您的 Google Cloud 项目的 ID
  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:意见征求存储区 ID

如需发送请求,请选择以下方式之一:

curl

执行以下命令: 

curl -X GET \
    -H "Authorization: Bearer $(gcloud auth print-access-token)" \
    "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID"

PowerShell

执行以下命令: 

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method GET `
    -Headers $headers `
    -Uri "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID" | Select-Object -Expand Content

API Explorer

打开方法参考页面。API Explorer 面板会在页面右侧打开。您可以与此工具进行交互以发送请求。填写所有必填字段,然后点击执行

如果您在 ConsentStore 资源中配置了任何字段,则这些字段也会显示在响应中。 
const google = require('@googleapis/healthcare');
const healthcare = google.healthcare({
  version: 'v1',
  auth: new google.auth.GoogleAuth({
    scopes: ['https://www.googleapis.com/auth/cloud-platform'],
  }),
});

const getConsentStore = async () => {
  // TODO(developer): uncomment these lines before running the sample
  // const cloudRegion = 'us-central1';
  // const projectId = 'adjective-noun-123';
  // const datasetId = 'my-dataset';
  // const consentStoreId = 'my-consent-store';
  const name = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}/consentStores/${consentStoreId}`;
  const request = {name};

  const consentStore =
    await healthcare.projects.locations.datasets.consentStores.get(request);
  console.log(consentStore.data);
};

getConsentStore();
def get_consent_store(
    project_id: str, location: str, dataset_id: str, consent_store_id: str
):
    """Gets the specified consent store.
    See https://github.com/GoogleCloudPlatform/python-docs-samples/tree/main/healthcare/api-client/v1/consent
    before running the sample."""
    # Imports the Google API Discovery Service.
    from googleapiclient import discovery

    # Imports Python's built-in "json" module
    import json

    api_version = "v1"
    service_name = "healthcare"
    # Returns an authorized API client by discovering the Healthcare API
    # and using GOOGLE_APPLICATION_CREDENTIALS environment variable.
    client = discovery.build(service_name, api_version)

    # TODO(developer): Uncomment these lines and replace with your values.
    # project_id = 'my-project'  # replace with your GCP project ID
    # location = 'us-central1'  # replace with the parent dataset's location
    # dataset_id = 'my-dataset'  # replace with the consent store's parent dataset ID
    # consent_store_id = 'my-consent-store'  # replace with the consent store's ID
    consent_store_parent = "projects/{}/locations/{}/datasets/{}".format(
        project_id, location, dataset_id
    )
    consent_store_name = "{}/consentStores/{}".format(
        consent_store_parent, consent_store_id
    )

    consent_stores = client.projects().locations().datasets().consentStores()
    consent_store = consent_stores.get(name=consent_store_name).execute()

    print(json.dumps(consent_store, indent=2))
    return consent_store

以下示例展示了如何列出数据集中的许可存储区。

如需查看数据集中的数据存储区,请执行以下操作:

  1. 在 Google Cloud 控制台中,转到“数据集”页面。

    进入“数据集”

  2. 选择包含要查看的数据存储区的数据集。

如需列出数据集中的用户意见征求存储区,请运行 gcloud healthcare consent-stores list 命令。

在使用下面的命令数据之前,请先进行以下替换:

  • DATASET_ID:用户意见征求存储区的父数据集
  • LOCATION:数据集位置

执行以下命令:

Linux、macOS 或 Cloud Shell

gcloud healthcare consent-stores list --dataset=DATASET_ID \
  --location=LOCATION

Windows (PowerShell)

gcloud healthcare consent-stores list --dataset=DATASET_ID `
  --location=LOCATION

Windows (cmd.exe)

gcloud healthcare consent-stores list --dataset=DATASET_ID ^
  --location=LOCATION
 如果您在 ConsentStore 资源中配置了任何字段,这些字段也会在响应中显示。 
ID               LABELS  LOCATION
CONSENT_STORE_ID           LOCATION

要列出数据集中的许可存储区,请使用 projects.locations.datasets.consentStores.list 方法。

在使用任何请求数据之前,请先进行以下替换:

  • PROJECT_ID:您的 Google Cloud 项目的 ID
  • DATASET_ID:用户意见征求存储区的父数据集
  • LOCATION:数据集位置

如需发送请求,请选择以下方式之一:

curl

执行以下命令: 

curl -X GET \
    -H "Authorization: Bearer $(gcloud auth print-access-token)" \
    "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores"

PowerShell

执行以下命令: 

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method GET `
    -Headers $headers `
    -Uri "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores" | Select-Object -Expand Content

API Explorer

打开方法参考页面。API Explorer 面板会在页面右侧打开。您可以与此工具进行交互以发送请求。填写所有必填字段,然后点击执行

如果您在 ConsentStore 资源中配置了任何字段,则这些字段也会显示在响应中。 
const google = require('@googleapis/healthcare');
const healthcare = google.healthcare({
  version: 'v1',
  auth: new google.auth.GoogleAuth({
    scopes: ['https://www.googleapis.com/auth/cloud-platform'],
  }),
});

const listConsentStores = async () => {
  // TODO(developer): uncomment these lines before running the sample
  // const cloudRegion = 'us-central1';
  // const projectId = 'adjective-noun-123';
  // const datasetId = 'my-dataset';
  const parent = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}`;
  const request = {parent};

  const consentStores =
    await healthcare.projects.locations.datasets.consentStores.list(request);
  console.log(JSON.stringify(consentStores.data));
};

listConsentStores();
def list_consent_stores(project_id, location, dataset_id):
    """Lists the consent stores in the given dataset.
    See https://github.com/GoogleCloudPlatform/python-docs-samples/tree/main/healthcare/api-client/v1/consent
    before running the sample."""
    # Imports the Google API Discovery Service.
    from googleapiclient import discovery

    api_version = "v1"
    service_name = "healthcare"
    # Returns an authorized API client by discovering the Healthcare API
    # and using GOOGLE_APPLICATION_CREDENTIALS environment variable.
    client = discovery.build(service_name, api_version)

    # TODO(developer): Uncomment these lines and replace with your values.
    # project_id = 'my-project'  # replace with your GCP project ID
    # location = 'us-central1'  # replace with the parent dataset's location
    # dataset_id = 'my-dataset'  # replace with the consent store's parent dataset ID
    consent_store_parent = "projects/{}/locations/{}/datasets/{}".format(
        project_id, location, dataset_id
    )

    consent_stores = (
        client.projects()
        .locations()
        .datasets()
        .consentStores()
        .list(parent=consent_store_parent)
        .execute()
        .get("consentStores", [])
    )

    for consent_store in consent_stores:
        print(consent_store)

    return consent_stores

以下示例展示了如何删除许可存储区。

如需删除数据存储区,请执行以下操作:

  1. 在 Google Cloud 控制台中,转到数据集页面。

    进入“数据集”

  2. 选择包含您要删除的数据存储区的数据集。
  3. 从要删除的数据存储区的操作下拉列表中选择删除
  4. 输入数据存储区名称,然后点击删除以确认删除。

如需删除许可存储区,请运行 gcloud healthcare consent-stores delete 命令。

在使用下面的命令数据之前,请先进行以下替换:

  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:意见征求存储区 ID

执行以下命令:

Linux、macOS 或 Cloud Shell

gcloud healthcare consent-stores delete CONSENT_STORE_ID \
  --dataset=DATASET_ID \
  --location=LOCATION

Windows (PowerShell)

gcloud healthcare consent-stores delete CONSENT_STORE_ID `
  --dataset=DATASET_ID `
  --location=LOCATION

Windows (cmd.exe)

gcloud healthcare consent-stores delete CONSENT_STORE_ID ^
  --dataset=DATASET_ID ^
  --location=LOCATION
 如需确认,请输入 Y。您应该会收到类似如下所示的响应。 
Deleted consentStore [CONSENT_STORE_ID].

如需删除许可存储区,请使用 projects.locations.datasets.consentStores.delete 方法。

在使用任何请求数据之前,请先进行以下替换:

  • PROJECT_ID:您的 Google Cloud 项目的 ID
  • LOCATION:数据集位置
  • DATASET_ID:用户意见征求存储区的父数据集
  • CONSENT_STORE_ID:意见征求存储区 ID

如需发送请求,请选择以下方式之一:

curl

执行以下命令: 

curl -X DELETE \
    -H "Authorization: Bearer $(gcloud auth print-access-token)" \
    "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID"

PowerShell

执行以下命令: 

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method DELETE `
    -Headers $headers `
    -Uri "https://healthcare.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/consentStores/CONSENT_STORE_ID" | Select-Object -Expand Content

API Explorer

打开方法参考页面。API Explorer 面板会在页面右侧打开。您可以与此工具进行交互以发送请求。填写所有必填字段,然后点击执行

您应该收到类似以下内容的 JSON 响应:

const google = require('@googleapis/healthcare');
const healthcare = google.healthcare({
  version: 'v1',
  auth: new google.auth.GoogleAuth({
    scopes: ['https://www.googleapis.com/auth/cloud-platform'],
  }),
});

const deleteConsentStore = async () => {
  // TODO(developer): uncomment these lines before running the sample
  // const cloudRegion = 'us-central1';
  // const projectId = 'adjective-noun-123';
  // const datasetId = 'my-dataset';
  // const consentStoreId = 'my-consent-store';
  const name = `projects/${projectId}/locations/${cloudRegion}/datasets/${datasetId}/consentStores/${consentStoreId}`;
  const request = {name};

  await healthcare.projects.locations.datasets.consentStores.delete(request);
  console.log(`Deleted consent store: ${consentStoreId}`);
};

deleteConsentStore();
def delete_consent_store(
    project_id: str, location: str, dataset_id: str, consent_store_id: str
):
    """Deletes the specified consent store.
    See https://github.com/GoogleCloudPlatform/python-docs-samples/tree/main/healthcare/api-client/v1/consent
    before running the sample."""
    # Imports the Google API Discovery Service.
    from googleapiclient import discovery

    api_version = "v1"
    service_name = "healthcare"
    # Returns an authorized API client by discovering the Healthcare API
    # and using GOOGLE_APPLICATION_CREDENTIALS environment variable.
    client = discovery.build(service_name, api_version)

    # TODO(developer): Uncomment these lines and replace with your values.
    # project_id = 'my-project'  # replace with your GCP project ID
    # location = 'us-central1'  # replace with the parent dataset's location
    # dataset_id = 'my-dataset'  # replace with the consent store's parent dataset ID
    # consent_store_id = 'my-consent-store'  # replace with the consent store's ID
    consent_store_parent = "projects/{}/locations/{}/datasets/{}".format(
        project_id, location, dataset_id
    )
    consent_store_name = "{}/consentStores/{}".format(
        consent_store_parent, consent_store_id
    )

    request = (
        client.projects()
        .locations()
        .datasets()
        .consentStores()
        .delete(name=consent_store_name)
    )

    response = request.execute()
    print(f"Deleted consent store: {consent_store_id}")
    return response

审核日志记录

Consent Management API 会写入以下类型的审核日志:

  • 管理员活动:记录修改资源配置或元数据的操作。您无法停用管理员活动审核日志。
  • 数据访问:包含用于读取资源配置或元数据的 API 调用,以及用于创建、修改或读取客户提供的资源数据的外部 API 调用。必须启用这些日志。例如,数据访问审核日志可用于记录发出访问权限判定请求的服务、该请求中提供的信息以及 API 如何响应该请求。如需详细了解数据访问审核日志,请参阅配置数据访问审核日志。如需详细了解 Cloud Healthcare API 中的审核日志记录,请访问查看 Cloud Audit Logs

如需详细了解 Consent Management API 的审核日志,请参阅查看 Cloud Audit Logs