DataPolicyServiceClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.bigquery.datapolicies_v1beta1.services.data_policy_service.transports.base.DataPolicyServiceTransport]] = None, client_options: Optional[Union[google.api_core.client_options.ClientOptions, dict]] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)
Data Policy Service provides APIs for managing the label-policy bindings.
Properties
transport
Returns the transport used by the client instance.
Type | Description |
DataPolicyServiceTransport | The transport used by the client instance. |
Methods
DataPolicyServiceClient
DataPolicyServiceClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.bigquery.datapolicies_v1beta1.services.data_policy_service.transports.base.DataPolicyServiceTransport]] = None, client_options: Optional[Union[google.api_core.client_options.ClientOptions, dict]] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)
Instantiates the data policy service client.
Name | Description |
credentials |
Optional[google.auth.credentials.Credentials]
The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment. |
transport |
Union[str, DataPolicyServiceTransport]
The transport to use. If set to None, a transport is chosen automatically. |
client_options |
Optional[Union[google.api_core.client_options.ClientOptions, dict]]
Custom options for the client. It won't take effect if a |
client_info |
google.api_core.gapic_v1.client_info.ClientInfo
The client info used to send a user-agent string along with API requests. If |
Type | Description |
google.auth.exceptions.MutualTLSChannelError | If mutual TLS transport creation failed for any reason. |
__exit__
__exit__(type, value, traceback)
Releases underlying transport's resources.
common_billing_account_path
common_billing_account_path(billing_account: str)
Returns a fully-qualified billing_account string.
common_folder_path
common_folder_path(folder: str)
Returns a fully-qualified folder string.
common_location_path
common_location_path(project: str, location: str)
Returns a fully-qualified location string.
common_organization_path
common_organization_path(organization: str)
Returns a fully-qualified organization string.
common_project_path
common_project_path(project: str)
Returns a fully-qualified project string.
create_data_policy
create_data_policy(request: Optional[Union[google.cloud.bigquery.datapolicies_v1beta1.types.datapolicy.CreateDataPolicyRequest, dict]] = None, *, parent: Optional[str] = None, data_policy: Optional[google.cloud.bigquery.datapolicies_v1beta1.types.datapolicy.DataPolicy] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
Creates a new data policy under a project with the given
dataPolicyId
(used as the display name), policy tag, and
data policy type.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
def sample_create_data_policy():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
data_policy = datapolicies_v1beta1.DataPolicy()
data_policy.policy_tag = "policy_tag_value"
data_policy.data_masking_policy.predefined_expression = "DEFAULT_MASKING_VALUE"
request = datapolicies_v1beta1.CreateDataPolicyRequest(
parent="parent_value",
data_policy=data_policy,
)
# Make the request
response = client.create_data_policy(request=request)
# Handle the response
print(response)
Name | Description |
request |
Union[google.cloud.bigquery.datapolicies_v1beta1.types.CreateDataPolicyRequest, dict]
The request object. Request message for the CreateDataPolicy method. |
parent |
str
Required. Resource name of the project that the data policy will belong to. The format is |
data_policy |
google.cloud.bigquery.datapolicies_v1beta1.types.DataPolicy
Required. The data policy to create. The |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.cloud.bigquery.datapolicies_v1beta1.types.DataPolicy | Represents the label-policy binding. |
data_policy_path
data_policy_path(project: str, location: str, data_policy: str)
Returns a fully-qualified data_policy string.
delete_data_policy
delete_data_policy(request: Optional[Union[google.cloud.bigquery.datapolicies_v1beta1.types.datapolicy.DeleteDataPolicyRequest, dict]] = None, *, name: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
Deletes the data policy specified by its resource name.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
def sample_delete_data_policy():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
request = datapolicies_v1beta1.DeleteDataPolicyRequest(
name="name_value",
)
# Make the request
client.delete_data_policy(request=request)
Name | Description |
request |
Union[google.cloud.bigquery.datapolicies_v1beta1.types.DeleteDataPolicyRequest, dict]
The request object. Request message for the DeleteDataPolicy method. |
name |
str
Required. Resource name of the data policy to delete. Format is |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
from_service_account_file
from_service_account_file(filename: str, *args, **kwargs)
Creates an instance of this client using the provided credentials file.
Name | Description |
filename |
str
The path to the service account private key json file. |
Type | Description |
DataPolicyServiceClient | The constructed client. |
from_service_account_info
from_service_account_info(info: dict, *args, **kwargs)
Creates an instance of this client using the provided credentials info.
Name | Description |
info |
dict
The service account private key info. |
Type | Description |
DataPolicyServiceClient | The constructed client. |
from_service_account_json
from_service_account_json(filename: str, *args, **kwargs)
Creates an instance of this client using the provided credentials file.
Name | Description |
filename |
str
The path to the service account private key json file. |
Type | Description |
DataPolicyServiceClient | The constructed client. |
get_data_policy
get_data_policy(request: Optional[Union[google.cloud.bigquery.datapolicies_v1beta1.types.datapolicy.GetDataPolicyRequest, dict]] = None, *, name: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
Gets the data policy specified by its resource name.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
def sample_get_data_policy():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
request = datapolicies_v1beta1.GetDataPolicyRequest(
name="name_value",
)
# Make the request
response = client.get_data_policy(request=request)
# Handle the response
print(response)
Name | Description |
request |
Union[google.cloud.bigquery.datapolicies_v1beta1.types.GetDataPolicyRequest, dict]
The request object. Request message for the GetDataPolicy method. |
name |
str
Required. Resource name of the requested data policy. Format is |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.cloud.bigquery.datapolicies_v1beta1.types.DataPolicy | Represents the label-policy binding. |
get_iam_policy
get_iam_policy(request: Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]] = None, *, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
Gets the IAM policy for the specified data policy.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
from google.iam.v1 import iam_policy_pb2 # type: ignore
def sample_get_iam_policy():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
request = iam_policy_pb2.GetIamPolicyRequest(
resource="resource_value",
)
# Make the request
response = client.get_iam_policy(request=request)
# Handle the response
print(response)
Name | Description |
request |
Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]
The request object. Request message for |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.iam.v1.policy_pb2.Policy | An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ],="" "etag":="" "bwwwja0yfja=", " version":="" 3="" }="" **yaml="" example:**="" bindings:="" -="" members:="" -="" user:\="" mike@example.com="" -="" group:\="" admins@example.com="" -="" domain:google.com="" -="" serviceaccount:\="" my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:\="" eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" etag:="" bwwwja0yfja="version:" 3="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="" [iam="" documentation](\=""> |
get_mtls_endpoint_and_cert_source
get_mtls_endpoint_and_cert_source(
client_options: Optional[google.api_core.client_options.ClientOptions] = None,
)
Return the API endpoint and client cert source for mutual TLS.
The client cert source is determined in the following order:
(1) if GOOGLE_API_USE_CLIENT_CERTIFICATE
environment variable is not "true", the
client cert source is None.
(2) if client_options.client_cert_source
is provided, use the provided one; if the
default client cert source exists, use the default one; otherwise the client cert
source is None.
The API endpoint is determined in the following order:
(1) if client_options.api_endpoint
if provided, use the provided one.
(2) if GOOGLE_API_USE_CLIENT_CERTIFICATE
environment variable is "always", use the
default mTLS endpoint; if the environment variable is "never", use the default API
endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise
use the default API endpoint.
More details can be found at https://google.aip.dev/auth/4114.
Name | Description |
client_options |
google.api_core.client_options.ClientOptions
Custom options for the client. Only the |
Type | Description |
google.auth.exceptions.MutualTLSChannelError | If any errors happen. |
Type | Description |
Tuple[str, Callable[[], Tuple[bytes, bytes]]] | returns the API endpoint and the client cert source to use. |
list_data_policies
list_data_policies(request: Optional[Union[google.cloud.bigquery.datapolicies_v1beta1.types.datapolicy.ListDataPoliciesRequest, dict]] = None, *, parent: Optional[str] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
List all of the data policies in the specified parent project.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
def sample_list_data_policies():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
request = datapolicies_v1beta1.ListDataPoliciesRequest(
parent="parent_value",
)
# Make the request
page_result = client.list_data_policies(request=request)
# Handle the response
for response in page_result:
print(response)
Name | Description |
request |
Union[google.cloud.bigquery.datapolicies_v1beta1.types.ListDataPoliciesRequest, dict]
The request object. Request message for the ListDataPolicies method. |
parent |
str
Required. Resource name of the project for which to list data policies. Format is |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.cloud.bigquery.datapolicies_v1beta1.services.data_policy_service.pagers.ListDataPoliciesPager | Response message for the ListDataPolicies method. Iterating over this object will yield results and resolve additional pages automatically. |
parse_common_billing_account_path
parse_common_billing_account_path(path: str)
Parse a billing_account path into its component segments.
parse_common_folder_path
parse_common_folder_path(path: str)
Parse a folder path into its component segments.
parse_common_location_path
parse_common_location_path(path: str)
Parse a location path into its component segments.
parse_common_organization_path
parse_common_organization_path(path: str)
Parse a organization path into its component segments.
parse_common_project_path
parse_common_project_path(path: str)
Parse a project path into its component segments.
parse_data_policy_path
parse_data_policy_path(path: str)
Parses a data_policy path into its component segments.
set_iam_policy
set_iam_policy(request: Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]] = None, *, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
Sets the IAM policy for the specified data policy.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
from google.iam.v1 import iam_policy_pb2 # type: ignore
def sample_set_iam_policy():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
request = iam_policy_pb2.SetIamPolicyRequest(
resource="resource_value",
)
# Make the request
response = client.set_iam_policy(request=request)
# Handle the response
print(response)
Name | Description |
request |
Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]
The request object. Request message for |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.iam.v1.policy_pb2.Policy | An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A Policy is a collection of bindings. A binding binds one or more members, or principals, to a single role. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions; each role can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a binding can also specify a condition, which is a logical expression that allows access to a resource only if the expression evaluates to true. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ],="" "etag":="" "bwwwja0yfja=", " version":="" 3="" }="" **yaml="" example:**="" bindings:="" -="" members:="" -="" user:\="" mike@example.com="" -="" group:\="" admins@example.com="" -="" domain:google.com="" -="" serviceaccount:\="" my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:\="" eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" etag:="" bwwwja0yfja="version:" 3="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="" [iam="" documentation](\=""> |
test_iam_permissions
test_iam_permissions(request: Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, *, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
Returns the caller's permission on the specified data policy resource.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
from google.iam.v1 import iam_policy_pb2 # type: ignore
def sample_test_iam_permissions():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
request = iam_policy_pb2.TestIamPermissionsRequest(
resource="resource_value",
permissions=['permissions_value1', 'permissions_value2'],
)
# Make the request
response = client.test_iam_permissions(request=request)
# Handle the response
print(response)
Name | Description |
request |
Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]
The request object. Request message for |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse | Response message for TestIamPermissions method. |
update_data_policy
update_data_policy(request: Optional[Union[google.cloud.bigquery.datapolicies_v1beta1.types.datapolicy.UpdateDataPolicyRequest, dict]] = None, *, data_policy: Optional[google.cloud.bigquery.datapolicies_v1beta1.types.datapolicy.DataPolicy] = None, update_mask: Optional[google.protobuf.field_mask_pb2.FieldMask] = None, retry: Union[google.api_core.retry.Retry, google.api_core.gapic_v1.method._MethodDefault] = <_MethodDefault._DEFAULT_VALUE: <object object>>, timeout: Union[float, object] = <_MethodDefault._DEFAULT_VALUE: <object object>>, metadata: Sequence[Tuple[str, str]] = ())
Updates the metadata for an existing data policy. The target data policy can be specified by the resource name.
# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
# client as shown in:
# https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud.bigquery import datapolicies_v1beta1
def sample_update_data_policy():
# Create a client
client = datapolicies_v1beta1.DataPolicyServiceClient()
# Initialize request argument(s)
data_policy = datapolicies_v1beta1.DataPolicy()
data_policy.policy_tag = "policy_tag_value"
data_policy.data_masking_policy.predefined_expression = "DEFAULT_MASKING_VALUE"
request = datapolicies_v1beta1.UpdateDataPolicyRequest(
data_policy=data_policy,
)
# Make the request
response = client.update_data_policy(request=request)
# Handle the response
print(response)
Name | Description |
request |
Union[google.cloud.bigquery.datapolicies_v1beta1.types.UpdateDataPolicyRequest, dict]
The request object. Response message for the UpdateDataPolicy method. |
data_policy |
google.cloud.bigquery.datapolicies_v1beta1.types.DataPolicy
Required. Update the data policy's metadata. The target data policy is determined by the |
update_mask |
google.protobuf.field_mask_pb2.FieldMask
The update mask applies to the resource. For the |
retry |
google.api_core.retry.Retry
Designation of what errors, if any, should be retried. |
timeout |
float
The timeout for this request. |
metadata |
Sequence[Tuple[str, str]]
Strings which should be sent along with the request as metadata. |
Type | Description |
google.cloud.bigquery.datapolicies_v1beta1.types.DataPolicy | Represents the label-policy binding. |