Cloud Data Loss Prevention (Cloud DLP) kini menjadi bagian dari Sensitive Data Protection. Nama API tetap sama: Cloud Data Loss Prevention API (DLP API). Untuk informasi tentang layanan yang membentuk Perlindungan Data Sensitif, lihat Ringkasan Perlindungan Data Sensitif.
Tetap teratur dengan koleksi
Simpan dan kategorikan konten berdasarkan preferensi Anda.
Halaman ini menjelaskan cara memberikan peran yang diperlukan kepada agen layanan sehingga dapat digunakan untuk membuat profil data di tingkat organisasi atau folder.
Lakukan tugas ini jika kedua kondisi berikut berlaku:
Anda membuat konfigurasi pemindaian di tingkat organisasi atau folder.
Sensitive Data Protection tidak membuat profil data apa pun untuk konfigurasi pemindaian. Saat Anda melihat error
konfigurasi,
Anda akan melihat pesan error berikut:
None of the driver projects (PROJECT_ID) have MISSING_PERMISSION
permission for organizations/ORGANIZATION_ID.
Mendapatkan ID agen layanan
Dapatkan ID agen layanan yang terkait dengan
konfigurasi pemindaian Anda:
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-04 UTC."],[],[],null,["# Grant discovery access to a service agent\n\nThis page describes how to grant the required role to a service agent so\nthat it can be used to profile data at the organization or folder level.\n\nPerform these tasks if both of the following conditions apply:\n\n- You created a scan configuration at the organization or folder level.\n- Sensitive Data Protection isn't generating any data profiles\n for the scan configuration. When you [view configuration\n errors](/sensitive-data-protection/docs/manage-scan-configurations#view-errors),\n you see the following error message:\n\n\n ```\n None of the driver projects (PROJECT_ID) have MISSING_PERMISSION\n permission for organizations/ORGANIZATION_ID.\n ```\n\n \u003cbr /\u003e\n\nGet the ID of the service agent\n-------------------------------\n\nGet the service agent ID that is associated with\nyour scan configuration:\n\n1. Go to the discovery scan configurations list.\n\n\n [Go to discovery scan configurations](https://console.cloud.google.com/security/sensitive-data-protection/landing/configuration/dataProfiles/configurations;source=7)\n2. On the toolbar, select your organization.\n3. Select your scan configuration.\n4. On the **Scan configuration details** page, copy the value of the **Service agent** field. The service agent ID is in the format of an email address.\n\nGive your service agent ID to a Google Cloud administrator, who must then\n[grant data profiling access](/sensitive-data-protection/docs/grant-data-profiling-access#grant-roles-org)\nto the service agent.\n\nGrant data profiling access\n---------------------------\n\nThis section describes how to grant access to a service agent so\nthat it can be used to profile data at the organization or folder level.\n\nOnly someone who has the [permissions to\ngrant IAM roles to a service agent](/sensitive-data-protection/docs/data-profiles#permissions-to-grant-profiling-access),\nsuch as a Google Cloud administrator, can perform these steps.\n\nTo complete these steps, you need the [ID of the service agent](/sensitive-data-protection/docs/grant-data-profiling-access#get-sa-id) that you want to grant data profiling access\nto.\n\nTo grant data profiling access at the organization or folder level,\nfollow these steps:\n\n1. In the Google Cloud console, go to the **IAM** page.\n\n [Go\n to IAM](https://console.cloud.google.com/iam-admin/iam)\n2. On the toolbar, select your organization.\n\n3. Click person_add **Grant access**.\n\n4. In the **New principals** field, enter the service agent ID.\n\n5. In the **Select a role** field, enter and select **DLP Organization Data\n Profiles Driver**.\n\n6. Click **Save**."]]