이제 Cloud Data Loss Prevention(Cloud DLP)은 민감한 정보 보호에 포함됩니다. API 이름은 Cloud Data Loss Prevention API(DLP API)로 그대로 유지됩니다. 민감한 정보 보호를 구성하는 서비스에 대한 자세한 내용은 민감한 정보 보호 개요를 참조하세요.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[],[],null,["# Grant discovery access to a service agent\n\nThis page describes how to grant the required role to a service agent so\nthat it can be used to profile data at the organization or folder level.\n\nPerform these tasks if both of the following conditions apply:\n\n- You created a scan configuration at the organization or folder level.\n- Sensitive Data Protection isn't generating any data profiles\n for the scan configuration. When you [view configuration\n errors](/sensitive-data-protection/docs/manage-scan-configurations#view-errors),\n you see the following error message:\n\n\n ```\n None of the driver projects (PROJECT_ID) have MISSING_PERMISSION\n permission for organizations/ORGANIZATION_ID.\n ```\n\n \u003cbr /\u003e\n\nGet the ID of the service agent\n-------------------------------\n\nGet the service agent ID that is associated with\nyour scan configuration:\n\n1. Go to the discovery scan configurations list.\n\n\n [Go to discovery scan configurations](https://console.cloud.google.com/security/sensitive-data-protection/landing/configuration/dataProfiles/configurations;source=7)\n2. On the toolbar, select your organization.\n3. Select your scan configuration.\n4. On the **Scan configuration details** page, copy the value of the **Service agent** field. The service agent ID is in the format of an email address.\n\nGive your service agent ID to a Google Cloud administrator, who must then\n[grant data profiling access](/sensitive-data-protection/docs/grant-data-profiling-access#grant-roles-org)\nto the service agent.\n\nGrant data profiling access\n---------------------------\n\nThis section describes how to grant access to a service agent so\nthat it can be used to profile data at the organization or folder level.\n\nOnly someone who has the [permissions to\ngrant IAM roles to a service agent](/sensitive-data-protection/docs/data-profiles#permissions-to-grant-profiling-access),\nsuch as a Google Cloud administrator, can perform these steps.\n\nTo complete these steps, you need the [ID of the service agent](/sensitive-data-protection/docs/grant-data-profiling-access#get-sa-id) that you want to grant data profiling access\nto.\n\nTo grant data profiling access at the organization or folder level,\nfollow these steps:\n\n1. In the Google Cloud console, go to the **IAM** page.\n\n [Go\n to IAM](https://console.cloud.google.com/iam-admin/iam)\n2. On the toolbar, select your organization.\n\n3. Click person_add **Grant access**.\n\n4. In the **New principals** field, enter the service agent ID.\n\n5. In the **Select a role** field, enter and select **DLP Organization Data\n Profiles Driver**.\n\n6. Click **Save**."]]