Package types (3.14.0)

API documentation for dlp_v2.types package.

Classes

Action

A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ActionDetails

The results of an Action][google.privacy.dlp.v2.Action].

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ActivateJobTriggerRequest

Request message for ActivateJobTrigger.

AnalyzeDataSourceRiskDetails

Result of a risk analysis operation request.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

BigQueryDiscoveryTarget

Target used to match against for discovery with BigQuery tables

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

BigQueryField

Message defining a field of a BigQuery table.

BigQueryKey

Row key for identifying a record in BigQuery table.

BigQueryOptions

Options defining BigQuery table and row identifiers.

BigQueryRegex

A pattern to match against one or more tables, datasets, or projects that contain BigQuery tables. At least one pattern must be specified. Regular expressions use RE2 syntax <https://github.com/google/re2/wiki/Syntax>__; a guide can be found under the google/re2 repository on GitHub.

BigQueryRegexes

A collection of regular expressions to determine what tables to match against.

BigQuerySchemaModification

Attributes evaluated to determine if a schema has been modified. New values may be added at a later time.

Values: SCHEMA_MODIFICATION_UNSPECIFIED (0): Unused SCHEMA_NEW_COLUMNS (1): Profiles should be regenerated when new columns are added to the table. Default. SCHEMA_REMOVED_COLUMNS (2): Profiles should be regenerated when columns are removed from the table.

BigQueryTable

Message defining the location of a BigQuery table. A table is uniquely identified by its project_id, dataset_id, and table_name. Within a query a table is often referenced with a string in the format of: <project_id>:<dataset_id>.<table_id> or <project_id>.<dataset_id>.<table_id>.

BigQueryTableCollection

Specifies a collection of BigQuery tables. Used for Discovery.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

BigQueryTableModification

Attributes evaluated to determine if a table has been modified. New values may be added at a later time.

Values: TABLE_MODIFICATION_UNSPECIFIED (0): Unused. TABLE_MODIFIED_TIMESTAMP (1): A table will be considered modified when the last_modified_time from BigQuery has been updated.

BigQueryTableType

Over time new types may be added. Currently VIEW, MATERIALIZED_VIEW, SNAPSHOT, and non-BigLake external tables are not supported.

Values: BIG_QUERY_TABLE_TYPE_UNSPECIFIED (0): Unused. BIG_QUERY_TABLE_TYPE_TABLE (1): A normal BigQuery table. BIG_QUERY_TABLE_TYPE_EXTERNAL_BIG_LAKE (2): A table that references data stored in Cloud Storage.

BigQueryTableTypeCollection

Over time new types may be added. Currently VIEW, MATERIALIZED_VIEW, and SNAPSHOT are not supported.

Values: BIG_QUERY_COLLECTION_UNSPECIFIED (0): Unused. BIG_QUERY_COLLECTION_ALL_TYPES (1): Automatically generate profiles for all tables, even if the table type is not yet fully supported for analysis. Profiles for unsupported tables will be generated with errors to indicate their partial support. When full support is added, the tables will automatically be profiled during the next scheduled run. BIG_QUERY_COLLECTION_ONLY_SUPPORTED_TYPES (2): Only those types fully supported will be profiled. Will expand automatically as Cloud DLP adds support for new table types. Unsupported table types will not have partial profiles generated.

BigQueryTableTypes

The types of BigQuery tables supported by Cloud DLP.

BoundingBox

Bounding box encompassing detected text within an image.

BucketingConfig

Generalization function that buckets values based on ranges. The ranges and replacement values are dynamically provided by the user for custom behavior, such as 1-30 -> LOW 31-65 -> MEDIUM 66-100 -> HIGH This can be used on data of type: number, long, string, timestamp. If the bound Value type differs from the type of data being transformed, we will first attempt converting the type of the data to be transformed to match the type of the bound before comparing. See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.

ByteContentItem

Container for bytes to inspect or redact.

CancelDlpJobRequest

The request message for canceling a DLP job.

CharacterMaskConfig

Partially mask a string by replacing a given number of characters with a fixed character. Masking can start from the beginning or end of the string. This can be used on data of any type (numbers, longs, and so on) and when de-identifying structured data we'll attempt to preserve the original data's type. (This allows you to take a long like 123 and modify it to a string like **3.

CharsToIgnore

Characters to skip when doing deidentification of a value. These will be left alone and skipped.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

CloudStorageFileSet

Message representing a set of files in Cloud Storage.

CloudStorageOptions

Options defining a file or a set of files within a Cloud Storage bucket.

CloudStoragePath

Message representing a single file or path in Cloud Storage.

CloudStorageRegexFileSet

Message representing a set of files in a Cloud Storage bucket. Regular expressions are used to allow fine-grained control over which files in the bucket to include.

Included files are those that match at least one item in include_regex and do not match any items in exclude_regex. Note that a file that matches items from both lists will not be included. For a match to occur, the entire file path (i.e., everything in the url after the bucket name) must match the regular expression.

For example, given the input {bucket_name: "mybucket", include_regex: ["directory1/.*"], exclude_regex: ["directory1/excluded.*"]}:

  • gs://mybucket/directory1/myfile will be included
  • gs://mybucket/directory1/directory2/myfile will be included (.* matches across /)
  • gs://mybucket/directory0/directory1/myfile will not be included (the full path doesn't match any items in include_regex)
  • gs://mybucket/directory1/excludedfile will not be included (the path matches an item in exclude_regex)

If include_regex is left empty, it will match all files by default (this is equivalent to setting include_regex: [".*"]).

Some other common use cases:

  • {bucket_name: "mybucket", exclude_regex: [".*\.pdf"]} will include all files in mybucket except for .pdf files
  • {bucket_name: "mybucket", include_regex: ["directory/[^/]+"]} will include all files directly under gs://mybucket/directory/, without matching across /

Color

Represents a color in the RGB color space.

ColumnDataProfile

The profile for a scanned column within a table.

Container

Represents a container that may contain DLP findings. Examples of a container include a file, table, or database record.

ContentItem

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ContentLocation

Precise location of the finding within a document, record, image, or metadata container.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ContentOption

Deprecated and unused.

Values: CONTENT_UNSPECIFIED (0): Includes entire content of a file or a data stream. CONTENT_TEXT (1): Text content within the data, excluding any metadata. CONTENT_IMAGE (2): Images found in the data.

CreateDeidentifyTemplateRequest

Request message for CreateDeidentifyTemplate.

CreateDiscoveryConfigRequest

Request message for CreateDiscoveryConfig.

CreateDlpJobRequest

Request message for CreateDlpJobRequest. Used to initiate long running jobs such as calculating risk metrics or inspecting Google Cloud Storage.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

CreateInspectTemplateRequest

Request message for CreateInspectTemplate.

CreateJobTriggerRequest

Request message for CreateJobTrigger.

CreateStoredInfoTypeRequest

Request message for CreateStoredInfoType.

CryptoDeterministicConfig

Pseudonymization method that generates deterministic encryption for the given input. Outputs a base64 encoded representation of the encrypted output. Uses AES-SIV based on the RFC https://tools.ietf.org/html/rfc5297.

CryptoHashConfig

Pseudonymization method that generates surrogates via cryptographic hashing. Uses SHA-256. The key size must be either 32 or 64 bytes. Outputs a base64 encoded representation of the hashed output (for example, L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=). Currently, only string and integer values can be hashed. See https://cloud.google.com/dlp/docs/pseudonymization to learn more.

CryptoKey

This is a data encryption key (DEK) (as opposed to a key encryption key (KEK) stored by Cloud Key Management Service (Cloud KMS). When using Cloud KMS to wrap or unwrap a DEK, be sure to set an appropriate IAM policy on the KEK to ensure an attacker cannot unwrap the DEK.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

CryptoReplaceFfxFpeConfig

Replaces an identifier with a surrogate using Format Preserving Encryption (FPE) with the FFX mode of operation; however when used in the ReidentifyContent API method, it serves the opposite function by reversing the surrogate back into the original identifier. The identifier must be encoded as ASCII. For a given crypto key and context, the same identifier will be replaced with the same surrogate. Identifiers must be at least two characters long. In the case that the identifier is the empty string, it will be skipped. See https://cloud.google.com/dlp/docs/pseudonymization to learn more.

Note: We recommend using CryptoDeterministicConfig for all use cases which do not require preserving the input alphabet space and size, plus warrant referential integrity.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

CustomInfoType

Custom information type provided by the user. Used to find domain-specific sensitive information configurable to the data in question.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DataProfileAction

A task to execute when a data profile has been generated.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DataProfileBigQueryRowSchema

The schema of data to be saved to the BigQuery table when the DataProfileAction is enabled.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DataProfileConfigSnapshot

Snapshot of the configurations used to generate the profile.

DataProfileJobConfig

Configuration for setting up a job to scan resources for profile generation. Only one data profile configuration may exist per organization, folder, or project.

The generated data profiles are retained according to the data retention policy.

DataProfileLocation

The data that will be profiled.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DataProfilePubSubCondition

A condition for determining whether a Pub/Sub should be triggered.

DataProfilePubSubMessage

Pub/Sub topic message for a DataProfileAction.PubSubNotification event. To receive a message of protocol buffer schema type, convert the message data to an object of this proto class.

DataProfileUpdateFrequency

How frequently data profiles can be updated. New options can be added at a later time.

Values: UPDATE_FREQUENCY_UNSPECIFIED (0): Unspecified. UPDATE_FREQUENCY_NEVER (1): After the data profile is created, it will never be updated. UPDATE_FREQUENCY_DAILY (2): The data profile can be updated up to once every 24 hours. UPDATE_FREQUENCY_MONTHLY (4): The data profile can be updated up to once every 30 days. Default.

DataRiskLevel

Score is a summary of all elements in the data profile. A higher number means more risk.

DatastoreKey

Record key for a finding in Cloud Datastore.

DatastoreOptions

Options defining a data set within Google Cloud Datastore.

DateShiftConfig

Shifts dates by random number of days, with option to be consistent for the same context. See https://cloud.google.com/dlp/docs/concepts-date-shifting to learn more.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DateTime

Message for a date time object. e.g. 2018-01-01, 5th August.

DeidentifyConfig

The configuration that controls how the data will change.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DeidentifyContentRequest

Request to de-identify a ContentItem.

DeidentifyContentResponse

Results of de-identifying a ContentItem.

DeidentifyDataSourceDetails

The results of a Deidentify][google.privacy.dlp.v2.Action.Deidentify] action from an inspect job.

DeidentifyDataSourceStats

Summary of what was modified during a transformation.

DeidentifyTemplate

DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.

DeleteDeidentifyTemplateRequest

Request message for DeleteDeidentifyTemplate.

DeleteDiscoveryConfigRequest

Request message for DeleteDiscoveryConfig.

DeleteDlpJobRequest

The request message for deleting a DLP job.

DeleteInspectTemplateRequest

Request message for DeleteInspectTemplate.

DeleteJobTriggerRequest

Request message for DeleteJobTrigger.

DeleteStoredInfoTypeRequest

Request message for DeleteStoredInfoType.

Disabled

Do not profile the tables.

DiscoveryBigQueryConditions

Requirements that must be true before a table is scanned in discovery for the first time. There is an AND relationship between the top-level attributes. Additionally, minimum conditions with an OR relationship that must be met before Cloud DLP scans a table can be set (like a minimum row count or a minimum table age).

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DiscoveryBigQueryFilter

Determines what tables will have profiles generated within an organization or project. Includes the ability to filter by regular expression patterns on project ID, dataset ID, and table ID.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DiscoveryConfig

Configuration for discovery to scan resources for profile generation. Only one discovery configuration may exist per organization, folder, or project.

The generated data profiles are retained according to the data retention policy.

DiscoveryGenerationCadence

What must take place for a profile to be updated and how frequently it should occur. New tables are scanned as quickly as possible depending on system capacity.

DiscoverySchemaModifiedCadence

The cadence at which to update data profiles when a schema is modified.

DiscoveryStartingLocation

The location to begin a discovery scan. Denotes an organization ID or folder ID within an organization.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DiscoveryTableModifiedCadence

The cadence at which to update data profiles when a table is modified.

DiscoveryTarget

Target used to match against for Discovery.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DlpJob

Combines all of the information about a DLP job.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

DlpJobType

An enum to represent the various types of DLP jobs.

Values: DLP_JOB_TYPE_UNSPECIFIED (0): Defaults to INSPECT_JOB. INSPECT_JOB (1): The job inspected Google Cloud for sensitive data. RISK_ANALYSIS_JOB (2): The job executed a Risk Analysis computation.

DocumentLocation

Location of a finding within a document.

EncryptionStatus

How a resource is encrypted.

Values: ENCRYPTION_STATUS_UNSPECIFIED (0): Unused. ENCRYPTION_GOOGLE_MANAGED (1): Google manages server-side encryption keys on your behalf. ENCRYPTION_CUSTOMER_MANAGED (2): Customer provides the key.

EntityId

An entity in a dataset is a field or set of fields that correspond to a single person. For example, in medical records the EntityId might be a patient identifier, or for financial records it might be an account identifier. This message is used when generalizations or analysis must take into account that multiple rows correspond to the same entity.

Error

Details information about an error encountered during job execution or the results of an unsuccessful activation of the JobTrigger.

ExcludeByHotword

The rule to exclude findings based on a hotword. For record inspection of tables, column names are considered hotwords. An example of this is to exclude a finding if it belongs to a BigQuery column that matches a specific pattern.

ExcludeInfoTypes

List of excluded infoTypes.

ExclusionRule

The rule that specifies conditions when findings of infoTypes specified in InspectionRuleSet are removed from results.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

FieldId

General identifier of a data field in a storage service.

FieldTransformation

The transformation to apply to the field.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

FileType

Definitions of file type groups to scan. New types will be added to this list.

Values: FILE_TYPE_UNSPECIFIED (0): Includes all files. BINARY_FILE (1): Includes all file extensions not covered by another entry. Binary scanning attempts to convert the content of the file to utf_8 to scan the file. If you wish to avoid this fall back, specify one or more of the other file types in your storage scan. TEXT_FILE (2): Included file extensions:

    asc,asp, aspx, brf, c, cc,cfm, cgi, cpp, csv,
    cxx, c++, cs, css, dart,   dat, dot, eml,,
    epbub, ged, go, h, hh, hpp, hxx, h++, hs, html,
    htm,   mkd, markdown, m, ml, mli, perl, pl,
    plist, pm, php, phtml, pht,   properties, py,
    pyw, rb, rbw, rs, rss,  rc, scala, sh, sql,
    swift, tex,   shtml, shtm, xhtml, lhs, ics, ini,
    java, js, json, kix, kml, ocaml, md,   txt,
    text, tsv, vb, vcard, vcs, wml, xcodeproj, xml,
    xsl, xsd, yml, yaml.
IMAGE (3):
    Included file extensions: bmp, gif, jpg, jpeg, jpe, png.
    Setting
    `bytes_limit_per_file][google.privacy.dlp.v2.CloudStorageOptions.bytes_limit_per_file]`
    or
    `bytes_limit_per_file_percent][google.privacy.dlp.v2.CloudStorageOptions.bytes_limit_per_file]`
    has no effect on image files. Image inspection is restricted
    to the `global`, `us`, `asia`, and `europe` regions.
WORD (5):
    Microsoft Word files larger than 30 MB will be scanned as
    binary files. Included file extensions: docx, dotx, docm,
    dotm. Setting `bytes_limit_per_file` or
    `bytes_limit_per_file_percent` has no effect on Word
    files.
PDF (6):
    PDF files larger than 30 MB will be scanned as binary files.
    Included file extensions: pdf. Setting
    `bytes_limit_per_file` or `bytes_limit_per_file_percent`
    has no effect on PDF files.
AVRO (7):
    Included file extensions:

    avro
CSV (8):
    Included file extensions:

    csv
TSV (9):
    Included file extensions:

    tsv
POWERPOINT (11):
    Microsoft PowerPoint files larger than 30 MB will be scanned
    as binary files. Included file extensions: pptx, pptm, potx,
    potm, pot. Setting `bytes_limit_per_file` or
    `bytes_limit_per_file_percent` has no effect on PowerPoint
    files.
EXCEL (12):
    Microsoft Excel files larger than 30 MB will be scanned as
    binary files. Included file extensions: xlsx, xlsm, xltx,
    xltm. Setting `bytes_limit_per_file` or
    `bytes_limit_per_file_percent` has no effect on Excel
    files.

Finding

Represents a piece of potentially sensitive content.

FinishDlpJobRequest

The request message for finishing a DLP hybrid job.

FixedSizeBucketingConfig

Buckets values based on fixed size ranges. The Bucketing transformation can provide all of this functionality, but requires more configuration. This message is provided as a convenience to the user for simple bucketing strategies.

The transformed value will be a hyphenated string of {lower_bound}-{upper_bound}. For example, if lower_bound = 10 and upper_bound = 20, all values that are within this bucket will be replaced with "10-20".

This can be used on data of type: double, long.

If the bound Value type differs from the type of data being transformed, we will first attempt converting the type of the data to be transformed to match the type of the bound before comparing.

See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.

GetDeidentifyTemplateRequest

Request message for GetDeidentifyTemplate.

GetDiscoveryConfigRequest

Request message for GetDiscoveryConfig.

GetDlpJobRequest

The request message for [DlpJobs.GetDlpJob][].

GetInspectTemplateRequest

Request message for GetInspectTemplate.

GetJobTriggerRequest

Request message for GetJobTrigger.

GetStoredInfoTypeRequest

Request message for GetStoredInfoType.

HybridContentItem

An individual hybrid item to inspect. Will be stored temporarily during processing.

HybridFindingDetails

Populate to associate additional data with each finding.

HybridInspectDlpJobRequest

Request to search for potentially sensitive info in a custom location.

HybridInspectJobTriggerRequest

Request to search for potentially sensitive info in a custom location.

HybridInspectResponse

Quota exceeded errors will be thrown once quota has been met.

HybridInspectStatistics

Statistics related to processing hybrid inspect requests.

HybridOptions

Configuration to control jobs where the content being inspected is outside of Google Cloud Platform.

ImageLocation

Location of the finding within an image.

ImageTransformations

A type of transformation that is applied over images.

InfoType

Type of information detected by the API.

InfoTypeCategory

Classification of infoTypes to organize them according to geographic location, industry, and data type.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

InfoTypeDescription

InfoType description.

InfoTypeStats

Statistics regarding a specific InfoType.

InfoTypeSummary

The infoType details for this column.

InfoTypeSupportedBy

Parts of the APIs which use certain infoTypes.

Values: ENUM_TYPE_UNSPECIFIED (0): Unused. INSPECT (1): Supported by the inspect operations. RISK_ANALYSIS (2): Supported by the risk analysis operations.

InfoTypeTransformations

A type of transformation that will scan unstructured text and apply various PrimitiveTransformation\ s to each finding, where the transformation is applied to only values that were identified as a specific info_type.

InspectConfig

Configuration description of the scanning process. When used with redactContent only info_types and min_likelihood are currently used.

InspectContentRequest

Request to search for potentially sensitive info in a ContentItem.

InspectContentResponse

Results of inspecting an item.

InspectDataSourceDetails

The results of an inspect DataSource job.

InspectJobConfig

Controls what and how to inspect for findings.

InspectResult

All the findings for a single scanned item.

InspectTemplate

The inspectTemplate contains a configuration (set of types of sensitive data to be detected) to be used anywhere you otherwise would normally specify InspectConfig. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.

InspectionRule

A single inspection rule to be applied to infoTypes, specified in InspectionRuleSet.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

InspectionRuleSet

Rule set for modifying a set of infoTypes to alter behavior under certain circumstances, depending on the specific details of the rules within the set.

JobTrigger

Contains a configuration to make dlp api calls on a repeating basis. See https://cloud.google.com/dlp/docs/concepts-job-triggers to learn more.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Key

A unique identifier for a Datastore entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts.

KindExpression

A representation of a Datastore kind.

KmsWrappedCryptoKey

Include to use an existing data crypto key wrapped by KMS. The wrapped key must be a 128-, 192-, or 256-bit key. Authorization requires the following IAM permissions when sending a request to perform a crypto transformation using a KMS-wrapped crypto key: dlp.kms.encrypt

For more information, see Creating a wrapped key.

Note: When you use Cloud KMS for cryptographic operations, charges apply <https://cloud.google.com/kms/pricing>__.

LargeCustomDictionaryConfig

Configuration for a custom dictionary created from a data source of any size up to the maximum size defined in the limits <https://cloud.google.com/dlp/limits>__ page. The artifacts of dictionary creation are stored in the specified Cloud Storage location. Consider using CustomInfoType.Dictionary for smaller dictionaries that satisfy the size requirements.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

LargeCustomDictionaryStats

Summary statistics of a custom dictionary.

Likelihood

Coarse-grained confidence level of how well a particular finding satisfies the criteria to match a particular infoType.

Likelihood is calculated based on the number of signals a finding has that implies that the finding matches the infoType. For example, a string that has an '@' and a '.com' is more likely to be a match for an email address than a string that only has an '@'.

In general, the highest likelihood level has the strongest signals that indicate a match. That is, a finding with a high likelihood has a low chance of being a false positive.

For more information about each likelihood level and how likelihood works, see Match likelihood <https://cloud.google.com/dlp/docs/likelihood>__.

Values: LIKELIHOOD_UNSPECIFIED (0): Default value; same as POSSIBLE. VERY_UNLIKELY (1): Highest chance of a false positive. UNLIKELY (2): High chance of a false positive. POSSIBLE (3): Some matching signals. The default value. LIKELY (4): Low chance of a false positive. VERY_LIKELY (5): Confidence level is high. Lowest chance of a false positive.

ListDeidentifyTemplatesRequest

Request message for ListDeidentifyTemplates.

ListDeidentifyTemplatesResponse

Response message for ListDeidentifyTemplates.

ListDiscoveryConfigsRequest

Request message for ListDiscoveryConfigs.

ListDiscoveryConfigsResponse

Response message for ListDiscoveryConfigs.

ListDlpJobsRequest

The request message for listing DLP jobs.

ListDlpJobsResponse

The response message for listing DLP jobs.

ListInfoTypesRequest

Request for the list of infoTypes.

ListInfoTypesResponse

Response to the ListInfoTypes request.

ListInspectTemplatesRequest

Request message for ListInspectTemplates.

ListInspectTemplatesResponse

Response message for ListInspectTemplates.

ListJobTriggersRequest

Request message for ListJobTriggers.

ListJobTriggersResponse

Response message for ListJobTriggers.

ListStoredInfoTypesRequest

Request message for ListStoredInfoTypes.

ListStoredInfoTypesResponse

Response message for ListStoredInfoTypes.

Location

Specifies the location of the finding.

Manual

Job trigger option for hybrid jobs. Jobs must be manually created and finished.

MatchingType

Type of the match which can be applied to different ways of matching, like Dictionary, regular expression and intersecting with findings of another info type.

Values: MATCHING_TYPE_UNSPECIFIED (0): Invalid. MATCHING_TYPE_FULL_MATCH (1): Full match.

    - Dictionary: join of Dictionary results matched
      complete finding quote
    - Regex: all regex matches fill a finding quote
      start to end
    - Exclude info type: completely inside affecting
      info types findings
MATCHING_TYPE_PARTIAL_MATCH (2):
    Partial match.

    - Dictionary: at least one of the tokens in the
      finding matches
    - Regex: substring of the finding matches
    - Exclude info type: intersects with affecting
      info types findings
MATCHING_TYPE_INVERSE_MATCH (3):
    Inverse match.

    - Dictionary: no tokens in the finding match the
      dictionary
    - Regex: finding doesn't match the regex
    - Exclude info type: no intersection with
      affecting info types findings

MetadataLocation

Metadata Location

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

MetadataType

Type of metadata containing the finding.

Values: METADATATYPE_UNSPECIFIED (0): Unused STORAGE_METADATA (2): General file metadata provided by Cloud Storage.

NullPercentageLevel

Bucketized nullness percentage levels. A higher level means a higher percentage of the column is null.

Values: NULL_PERCENTAGE_LEVEL_UNSPECIFIED (0): Unused. NULL_PERCENTAGE_VERY_LOW (1): Very few null entries. NULL_PERCENTAGE_LOW (2): Some null entries. NULL_PERCENTAGE_MEDIUM (3): No description available. NULL_PERCENTAGE_HIGH (4): A lot of null entries.

OtherInfoTypeSummary

Infotype details for other infoTypes found within a column.

OutputStorageConfig

Cloud repository for storing output.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

PartitionId

Datastore partition ID. A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty.

A partition ID contains several dimensions:

project ID and namespace ID.

PrimitiveTransformation

A rule for transforming a value.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

PrivacyMetric

Privacy metric to compute for reidentification risk analysis.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ProfileStatus

QuasiId

A column with a semantic tag attached.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

QuoteInfo

Message for infoType-dependent details parsed from quote.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Range

Generic half-open interval [start, end)

RecordCondition

A condition for determining whether a transformation should be applied to a field.

RecordKey

Message for a unique key indicating a record that contains a finding.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

RecordLocation

Location of a finding within a row or record.

RecordSuppression

Configuration to suppress records whose suppression conditions evaluate to true.

RecordTransformation

RecordTransformations

A type of transformation that is applied over structured data such as a table.

RedactConfig

Redact a given value. For example, if used with an InfoTypeTransformation transforming PHONE_NUMBER, and input 'My phone number is 206-555-0123', the output would be 'My phone number is '.

RedactImageRequest

Request to search for potentially sensitive info in an image and redact it by covering it with a colored rectangle.

RedactImageResponse

Results of redacting an image.

ReidentifyContentRequest

Request to re-identify an item.

ReidentifyContentResponse

Results of re-identifying an item.

RelationalOperator

Operators available for comparing the value of fields.

Values: RELATIONAL_OPERATOR_UNSPECIFIED (0): Unused EQUAL_TO (1): Equal. Attempts to match even with incompatible types. NOT_EQUAL_TO (2): Not equal to. Attempts to match even with incompatible types. GREATER_THAN (3): Greater than. LESS_THAN (4): Less than. GREATER_THAN_OR_EQUALS (5): Greater than or equals. LESS_THAN_OR_EQUALS (6): Less than or equals. EXISTS (7): Exists

ReplaceDictionaryConfig

Replace each input value with a value randomly selected from the dictionary.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ReplaceValueConfig

Replace each input value with a given Value.

ReplaceWithInfoTypeConfig

Replace each matching finding with the name of the info_type.

ResourceVisibility

How broadly a resource has been shared. New items may be added over time. A higher number means more restricted.

Values: RESOURCE_VISIBILITY_UNSPECIFIED (0): Unused. RESOURCE_VISIBILITY_PUBLIC (10): Visible to any user. RESOURCE_VISIBILITY_RESTRICTED (20): Visible only to specific users.

RiskAnalysisJobConfig

Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more.

Schedule

Schedule for inspect job triggers.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

SensitivityScore

Score is calculated from of all elements in the data profile. A higher level means the data is more sensitive.

StatisticalTable

An auxiliary table containing statistical information on the relative frequency of different quasi-identifiers values. It has one or several quasi-identifiers columns, and one column that indicates the relative frequency of each quasi-identifier tuple. If a tuple is present in the data but not in the auxiliary table, the corresponding relative frequency is assumed to be zero (and thus, the tuple is highly reidentifiable).

StorageConfig

Shared message indicating Cloud storage type.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

StorageMetadataLabel

Storage metadata label to indicate which metadata entry contains findings.

StoredInfoType

StoredInfoType resource message that contains information about the current version and any pending updates.

StoredInfoTypeConfig

Configuration for stored infoTypes. All fields and subfield are provided by the user. For more information, see https://cloud.google.com/dlp/docs/creating-custom-infotypes.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

StoredInfoTypeState

State of a StoredInfoType version.

Values: STORED_INFO_TYPE_STATE_UNSPECIFIED (0): Unused PENDING (1): StoredInfoType version is being created. READY (2): StoredInfoType version is ready for use. FAILED (3): StoredInfoType creation failed. All relevant error messages are returned in the StoredInfoTypeVersion message. INVALID (4): StoredInfoType is no longer valid because artifacts stored in user-controlled storage were modified. To fix an invalid StoredInfoType, use the UpdateStoredInfoType method to create a new version.

StoredInfoTypeStats

Statistics for a StoredInfoType.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

StoredInfoTypeVersion

Version of a StoredInfoType, including the configuration used to build it, create timestamp, and current state.

StoredType

A reference to a StoredInfoType to use with scanning.

Table

Structured content to inspect. Up to 50,000 Value\ s per request allowed. See https://cloud.google.com/dlp/docs/inspecting-structured-text#inspecting_a_table to learn more.

TableDataProfile

The profile for a scanned table.

TableLocation

Location of a finding within a table.

TableOptions

Instructions regarding the table content being inspected.

TimePartConfig

For use with Date, Timestamp, and TimeOfDay, extract or preserve a portion of the value.

TransformationConfig

User specified templates and configs for how to deidentify structured, unstructures, and image files. User must provide either a unstructured deidentify template or at least one redact image config.

TransformationContainerType

Describes functionality of a given container in its original format.

Values: TRANSFORM_UNKNOWN_CONTAINER (0): No description available. TRANSFORM_BODY (1): No description available. TRANSFORM_METADATA (2): No description available. TRANSFORM_TABLE (3): No description available.

TransformationDescription

A flattened description of a PrimitiveTransformation or RecordSuppression.

TransformationDetails

Details about a single transformation. This object contains a description of the transformation, information about whether the transformation was successfully applied, and the precise location where the transformation occurred. These details are stored in a user-specified BigQuery table.

TransformationDetailsStorageConfig

Config for storing transformation details.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

TransformationErrorHandling

How to handle transformation errors during de-identification. A transformation error occurs when the requested transformation is incompatible with the data. For example, trying to de-identify an IP address using a DateShift transformation would result in a transformation error, since date info cannot be extracted from an IP address. Information about any incompatible transformations, and how they were handled, is returned in the response as part of the TransformationOverviews.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

TransformationLocation

Specifies the location of a transformation.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

TransformationOverview

Overview of the modifications that occurred.

TransformationResultStatus

TransformationResultStatusType

Enum of possible outcomes of transformations. SUCCESS if transformation and storing of transformation was successful, otherwise, reason for not transforming.

Values: STATE_TYPE_UNSPECIFIED (0): No description available. INVALID_TRANSFORM (1): This will be set when a finding could not be transformed (i.e. outside user set bucket range). BIGQUERY_MAX_ROW_SIZE_EXCEEDED (2): This will be set when a BigQuery transformation was successful but could not be stored back in BigQuery because the transformed row exceeds BigQuery's max row size. METADATA_UNRETRIEVABLE (3): This will be set when there is a finding in the custom metadata of a file, but at the write time of the transformed file, this key / value pair is unretrievable. SUCCESS (4): This will be set when the transformation and storing of it is successful.

TransformationSummary

Summary of a single transformation. Only one of 'transformation', 'field_transformation', or 'record_suppress' will be set.

TransformationType

An enum of rules that can be used to transform a value. Can be a record suppression, or one of the transformation rules specified under PrimitiveTransformation.

Values: TRANSFORMATION_TYPE_UNSPECIFIED (0): Unused RECORD_SUPPRESSION (1): Record suppression REPLACE_VALUE (2): Replace value REPLACE_DICTIONARY (15): Replace value using a dictionary. REDACT (3): Redact CHARACTER_MASK (4): Character mask CRYPTO_REPLACE_FFX_FPE (5): FFX-FPE FIXED_SIZE_BUCKETING (6): Fixed size bucketing BUCKETING (7): Bucketing REPLACE_WITH_INFO_TYPE (8): Replace with info type TIME_PART (9): Time part CRYPTO_HASH (10): Crypto hash DATE_SHIFT (12): Date shift CRYPTO_DETERMINISTIC_CONFIG (13): Deterministic crypto REDACT_IMAGE (14): Redact image

TransientCryptoKey

Use this to have a random data crypto key generated. It will be discarded after the request finishes.

UniquenessScoreLevel

Bucketized uniqueness score levels. A higher uniqueness score is a strong signal that the column may contain a unique identifier like user id. A low value indicates that the column contains few unique values like booleans or other classifiers.

Values: UNIQUENESS_SCORE_LEVEL_UNSPECIFIED (0): Some columns do not have estimated uniqueness. Possible reasons include having too few values. UNIQUENESS_SCORE_LOW (1): Low uniqueness, possibly a boolean, enum or similiarly typed column. UNIQUENESS_SCORE_MEDIUM (2): Medium uniqueness. UNIQUENESS_SCORE_HIGH (3): High uniqueness, possibly a column of free text or unique identifiers.

UnwrappedCryptoKey

Using raw keys is prone to security risks due to accidentally leaking the key. Choose another type of key if possible.

UpdateDeidentifyTemplateRequest

Request message for UpdateDeidentifyTemplate.

UpdateDiscoveryConfigRequest

Request message for UpdateDiscoveryConfig.

UpdateInspectTemplateRequest

Request message for UpdateInspectTemplate.

UpdateJobTriggerRequest

Request message for UpdateJobTrigger.

UpdateStoredInfoTypeRequest

Request message for UpdateStoredInfoType.

Value

Set of primitive values supported by the system. Note that for the purposes of inspection or transformation, the number of bytes considered to comprise a 'Value' is based on its representation as a UTF-8 encoded string. For example, if 'integer_value' is set to 123456789, the number of bytes would be counted as 9, even though an int64 only holds up to 8 bytes of data.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

ValueFrequency

A value of a field, including its frequency.

VersionDescription

Details about each available version for an infotype.