Class PolicyTagManagerClient (2.0.0)

PolicyTagManagerClient(*, credentials: google.auth.credentials.Credentials = None, transport: Union[str, google.cloud.datacatalog_v1beta1.services.policy_tag_manager.transports.base.PolicyTagManagerTransport] = None, client_options: <module 'google.api_core.client_options' from '/workspace/python-datacatalog/.nox/docfx/lib/python3.8/site-packages/google/api_core/client_options.py'> = None)

The policy tag manager API service allows clients to manage their taxonomies and policy tags.

Inheritance

builtins.object > PolicyTagManagerClient

Methods

PolicyTagManagerClient

PolicyTagManagerClient(*, credentials: google.auth.credentials.Credentials = None, transport: Union[str, google.cloud.datacatalog_v1beta1.services.policy_tag_manager.transports.base.PolicyTagManagerTransport] = None, client_options: <module 'google.api_core.client_options' from '/workspace/python-datacatalog/.nox/docfx/lib/python3.8/site-packages/google/api_core/client_options.py'> = None)

Instantiate the policy tag manager client.

Parameters
NameDescription
credentials Optional[google.auth.credentials.Credentials]

The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.

transport Union[str, `.PolicyTagManagerTransport`]

The transport to use. If set to None, a transport is chosen automatically.

client_options ClientOptions

Custom options for the client. It won't take effect if a transport instance is provided. (1) The api_endpoint property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS environment variable can also be used to override the endpoint: "always" (always use the default mTLS endpoint), "never" (always use the default regular endpoint, this is the default value for the environment variable) and "auto" (auto switch to the default mTLS endpoint if client SSL credentials is present). However, the api_endpoint property takes precedence if provided. (2) The client_cert_source property is used to provide client SSL credentials for mutual TLS transport. If not provided, the default SSL credentials will be used if present.

Exceptions
TypeDescription
google.auth.exceptions.MutualTLSChannelErrorIf mutual TLS transport creation failed for any reason.

create_policy_tag

create_policy_tag(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.CreatePolicyTagRequest] = None, *, parent: Optional[str] = None, policy_tag: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.PolicyTag] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Creates a policy tag in the specified taxonomy.

Parameters
NameDescription
request `.policytagmanager.CreatePolicyTagRequest`

The request object. Request message for CreatePolicyTag.

parent `str`

Required. Resource name of the taxonomy that the policy tag will belong to. This corresponds to the parent field on the request instance; if request is provided, this should not be set.

policy_tag `.policytagmanager.PolicyTag`

The policy tag to be created. This corresponds to the policy_tag field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policytagmanager.PolicyTag`Denotes one policy tag in a taxonomy (e.g. ssn). Policy Tags can be defined in a hierarchy. For example, consider the following hierarchy: Geolocation -> (LatLong, City, ZipCode). PolicyTag "Geolocation" contains three child policy tags: "LatLong", "City", and "ZipCode".

create_taxonomy

create_taxonomy(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.CreateTaxonomyRequest] = None, *, parent: Optional[str] = None, taxonomy: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.Taxonomy] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Creates a taxonomy in the specified project.

Parameters
NameDescription
request `.policytagmanager.CreateTaxonomyRequest`

The request object. Request message for CreateTaxonomy.

parent `str`

Required. Resource name of the project that the taxonomy will belong to. This corresponds to the parent field on the request instance; if request is provided, this should not be set.

taxonomy `.policytagmanager.Taxonomy`

The taxonomy to be created. This corresponds to the taxonomy field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policytagmanager.Taxonomy`A taxonomy is a collection of policy tags that classify data along a common axis. For instance a data *sensitivity* taxonomy could contain policy tags denoting PII such as age, zipcode, and SSN. A data *origin* taxonomy could contain policy tags to distinguish user data, employee data, partner data, public data.

delete_policy_tag

delete_policy_tag(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.DeletePolicyTagRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Deletes a policy tag. Also deletes all of its descendant policy tags.

Parameters
NameDescription
request `.policytagmanager.DeletePolicyTagRequest`

The request object. Request message for DeletePolicyTag.

name `str`

Required. Resource name of the policy tag to be deleted. All of its descendant policy tags will also be deleted. This corresponds to the name field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

delete_taxonomy

delete_taxonomy(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.DeleteTaxonomyRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Deletes a taxonomy. This operation will also delete all policy tags in this taxonomy along with their associated policies.

Parameters
NameDescription
request `.policytagmanager.DeleteTaxonomyRequest`

The request object. Request message for DeleteTaxonomy.

name `str`

Required. Resource name of the taxonomy to be deleted. All policy tags in this taxonomy will also be deleted. This corresponds to the name field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

from_service_account_file

from_service_account_file(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
NameDescription
filename str

The path to the service account private key json file.

Returns
TypeDescription
{@api.name}The constructed client.

from_service_account_json

from_service_account_json(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
NameDescription
filename str

The path to the service account private key json file.

Returns
TypeDescription
{@api.name}The constructed client.

get_iam_policy

get_iam_policy(request: Optional[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Gets the IAM policy for a taxonomy or a policy tag.

Parameters
NameDescription
request `.iam_policy.GetIamPolicyRequest`

The request object. Request message for GetIamPolicy method.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policy.Policy`Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A ``Policy`` is a collection of ``bindings``. A ``binding`` binds one or more ``members`` to a single ``role``. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A ``role`` is a named list of permissions (defined by IAM or configured by users). A ``binding`` can optionally specify a ``condition``, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. **JSON Example** :: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ]="" }="" **yaml="" example**="" ::="" bindings:="" -="" members:="" -="" user:mike@example.com="" -="" group:admins@example.com="" -="" domain:google.com="" -="" serviceaccount:my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="" `iam="" developer's="" guide="">

get_policy_tag

get_policy_tag(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.GetPolicyTagRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Gets a policy tag.

Parameters
NameDescription
request `.policytagmanager.GetPolicyTagRequest`

The request object. Request message for GetPolicyTag.

name `str`

Required. Resource name of the requested policy tag. This corresponds to the name field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policytagmanager.PolicyTag`Denotes one policy tag in a taxonomy (e.g. ssn). Policy Tags can be defined in a hierarchy. For example, consider the following hierarchy: Geolocation -> (LatLong, City, ZipCode). PolicyTag "Geolocation" contains three child policy tags: "LatLong", "City", and "ZipCode".

get_taxonomy

get_taxonomy(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.GetTaxonomyRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Gets a taxonomy.

Parameters
NameDescription
request `.policytagmanager.GetTaxonomyRequest`

The request object. Request message for GetTaxonomy.

name `str`

Required. Resource name of the requested taxonomy. This corresponds to the name field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policytagmanager.Taxonomy`A taxonomy is a collection of policy tags that classify data along a common axis. For instance a data *sensitivity* taxonomy could contain policy tags denoting PII such as age, zipcode, and SSN. A data *origin* taxonomy could contain policy tags to distinguish user data, employee data, partner data, public data.

list_policy_tags

list_policy_tags(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.ListPolicyTagsRequest] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Lists all policy tags in a taxonomy.

Parameters
NameDescription
request `.policytagmanager.ListPolicyTagsRequest`

The request object. Request message for ListPolicyTags.

parent `str`

Required. Resource name of the taxonomy to list the policy tags of. This corresponds to the parent field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.pagers.ListPolicyTagsPager`Response message for ListPolicyTags. Iterating over this object will yield results and resolve additional pages automatically.

list_taxonomies

list_taxonomies(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.ListTaxonomiesRequest] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Lists all taxonomies in a project in a particular location that the caller has permission to view.

Parameters
NameDescription
request `.policytagmanager.ListTaxonomiesRequest`

The request object. Request message for ListTaxonomies.

parent `str`

Required. Resource name of the project to list the taxonomies of. This corresponds to the parent field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.pagers.ListTaxonomiesPager`Response message for ListTaxonomies. Iterating over this object will yield results and resolve additional pages automatically.

parse_policy_tag_path

parse_policy_tag_path(path: str)

Parse a policy_tag path into its component segments.

parse_taxonomy_path

parse_taxonomy_path(path: str)

Parse a taxonomy path into its component segments.

policy_tag_path

policy_tag_path(project: str, location: str, taxonomy: str, policy_tag: str)

Return a fully-qualified policy_tag string.

set_iam_policy

set_iam_policy(request: Optional[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Sets the IAM policy for a taxonomy or a policy tag.

Parameters
NameDescription
request `.iam_policy.SetIamPolicyRequest`

The request object. Request message for SetIamPolicy method.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policy.Policy`Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A ``Policy`` is a collection of ``bindings``. A ``binding`` binds one or more ``members`` to a single ``role``. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A ``role`` is a named list of permissions (defined by IAM or configured by users). A ``binding`` can optionally specify a ``condition``, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. **JSON Example** :: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ]="" }="" **yaml="" example**="" ::="" bindings:="" -="" members:="" -="" user:mike@example.com="" -="" group:admins@example.com="" -="" domain:google.com="" -="" serviceaccount:my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="" `iam="" developer's="" guide="">

taxonomy_path

taxonomy_path(project: str, location: str, taxonomy: str)

Return a fully-qualified taxonomy string.

test_iam_permissions

test_iam_permissions(request: Optional[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Returns the permissions that a caller has on the specified taxonomy or policy tag.

Parameters
NameDescription
request `.iam_policy.TestIamPermissionsRequest`

The request object. Request message for TestIamPermissions method.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.iam_policy.TestIamPermissionsResponse`Response message for ``TestIamPermissions`` method.

update_policy_tag

update_policy_tag(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.UpdatePolicyTagRequest] = None, *, policy_tag: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.PolicyTag] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Updates a policy tag.

Parameters
NameDescription
request `.policytagmanager.UpdatePolicyTagRequest`

The request object. Request message for UpdatePolicyTag.

policy_tag `.policytagmanager.PolicyTag`

The policy tag to update. Only the description, display_name, and parent_policy_tag fields can be updated. This corresponds to the policy_tag field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policytagmanager.PolicyTag`Denotes one policy tag in a taxonomy (e.g. ssn). Policy Tags can be defined in a hierarchy. For example, consider the following hierarchy: Geolocation -> (LatLong, City, ZipCode). PolicyTag "Geolocation" contains three child policy tags: "LatLong", "City", and "ZipCode".

update_taxonomy

update_taxonomy(request: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.UpdateTaxonomyRequest] = None, *, taxonomy: Optional[google.cloud.datacatalog_v1beta1.types.policytagmanager.Taxonomy] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ())

Updates a taxonomy.

Parameters
NameDescription
request `.policytagmanager.UpdateTaxonomyRequest`

The request object. Request message for UpdateTaxonomy.

taxonomy `.policytagmanager.Taxonomy`

The taxonomy to update. Only description, display_name, and activated policy types can be updated. This corresponds to the taxonomy field on the request instance; if request is provided, this should not be set.

retry google.api_core.retry.Retry

Designation of what errors, if any, should be retried.

timeout float

The timeout for this request.

metadata Sequence[Tuple[str, str]]

Strings which should be sent along with the request as metadata.

Returns
TypeDescription
`.policytagmanager.Taxonomy`A taxonomy is a collection of policy tags that classify data along a common axis. For instance a data *sensitivity* taxonomy could contain policy tags denoting PII such as age, zipcode, and SSN. A data *origin* taxonomy could contain policy tags to distinguish user data, employee data, partner data, public data.