예약된 Cloud Data Loss Prevention API 작업 트리거를 만듭니다.
더 살펴보기
이 코드 샘플이 포함된 자세한 문서는 다음을 참조하세요.
코드 샘플
C#
민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
using System;
using System.Collections.Generic;
using static Google.Cloud.Dlp.V2.CloudStorageOptions.Types;
using static Google.Cloud.Dlp.V2.InspectConfig.Types;
using static Google.Cloud.Dlp.V2.JobTrigger.Types;
using static Google.Cloud.Dlp.V2.StorageConfig.Types;
public class TriggersCreate
{
public static JobTrigger Create(
string projectId,
string bucketName,
Likelihood minLikelihood,
int maxFindings,
bool autoPopulateTimespan,
int scanPeriod,
IEnumerable<InfoType> infoTypes,
string triggerId,
string displayName,
string description)
{
var dlp = DlpServiceClient.Create();
var jobConfig = new InspectJobConfig
{
InspectConfig = new InspectConfig
{
MinLikelihood = minLikelihood,
Limits = new FindingLimits
{
MaxFindingsPerRequest = maxFindings
},
InfoTypes = { infoTypes }
},
StorageConfig = new StorageConfig
{
CloudStorageOptions = new CloudStorageOptions
{
FileSet = new FileSet
{
Url = $"gs://{bucketName}/*"
}
},
TimespanConfig = new TimespanConfig
{
EnableAutoPopulationOfTimespanConfig = autoPopulateTimespan
}
}
};
var jobTrigger = new JobTrigger
{
Triggers =
{
new Trigger
{
Schedule = new Schedule
{
RecurrencePeriodDuration = new Google.Protobuf.WellKnownTypes.Duration
{
Seconds = scanPeriod * 60 * 60 * 24
}
}
}
},
InspectJob = jobConfig,
Status = Status.Healthy,
DisplayName = displayName,
Description = description
};
var response = dlp.CreateJobTrigger(
new CreateJobTriggerRequest
{
Parent = new LocationName(projectId, "global").ToString(),
JobTrigger = jobTrigger,
TriggerId = triggerId
});
Console.WriteLine($"Successfully created trigger {response.Name}");
return response;
}
}
Go
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
dlp "cloud.google.com/go/dlp/apiv2"
"cloud.google.com/go/dlp/apiv2/dlppb"
"github.com/golang/protobuf/ptypes/duration"
)
// createTrigger creates a trigger with the given configuration.
func createTrigger(w io.Writer, projectID string, triggerID, displayName, description, bucketName string, infoTypeNames []string) error {
// projectID := "my-project-id"
// triggerID := "my-trigger"
// displayName := "My Trigger"
// description := "My trigger description"
// bucketName := "my-bucket"
// infoTypeNames := []string{"US_SOCIAL_SECURITY_NUMBER"}
ctx := context.Background()
client, err := dlp.NewClient(ctx)
if err != nil {
return fmt.Errorf("dlp.NewClient: %w", err)
}
defer client.Close()
// Convert the info type strings to a list of InfoTypes.
var infoTypes []*dlppb.InfoType
for _, it := range infoTypeNames {
infoTypes = append(infoTypes, &dlppb.InfoType{Name: it})
}
// Create a configured request.
req := &dlppb.CreateJobTriggerRequest{
Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
TriggerId: triggerID,
JobTrigger: &dlppb.JobTrigger{
DisplayName: displayName,
Description: description,
Status: dlppb.JobTrigger_HEALTHY,
// Triggers control when the job will start.
Triggers: []*dlppb.JobTrigger_Trigger{
{
Trigger: &dlppb.JobTrigger_Trigger_Schedule{
Schedule: &dlppb.Schedule{
Option: &dlppb.Schedule_RecurrencePeriodDuration{
RecurrencePeriodDuration: &duration.Duration{
Seconds: 10 * 60 * 60 * 24, // 10 days in seconds.
},
},
},
},
},
},
// Job configures the job to run when the trigger runs.
Job: &dlppb.JobTrigger_InspectJob{
InspectJob: &dlppb.InspectJobConfig{
InspectConfig: &dlppb.InspectConfig{
InfoTypes: infoTypes,
MinLikelihood: dlppb.Likelihood_POSSIBLE,
Limits: &dlppb.InspectConfig_FindingLimits{
MaxFindingsPerRequest: 10,
},
},
StorageConfig: &dlppb.StorageConfig{
Type: &dlppb.StorageConfig_CloudStorageOptions{
CloudStorageOptions: &dlppb.CloudStorageOptions{
FileSet: &dlppb.CloudStorageOptions_FileSet{
Url: "gs://" + bucketName + "/*",
},
},
},
// Time-based configuration for each storage object. See more at
// https://cloud.google.com/dlp/docs/reference/rest/v2/InspectJobConfig#TimespanConfig
TimespanConfig: &dlppb.StorageConfig_TimespanConfig{
// Auto-populate start and end times in order to scan new objects only.
EnableAutoPopulationOfTimespanConfig: true,
},
},
},
},
},
}
// Send the request.
resp, err := client.CreateJobTrigger(ctx, req)
if err != nil {
return fmt.Errorf("CreateJobTrigger: %w", err)
}
fmt.Fprintf(w, "Successfully created trigger: %v", resp.GetName())
return nil
}
Java
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.CloudStorageOptions;
import com.google.privacy.dlp.v2.CreateJobTriggerRequest;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectJobConfig;
import com.google.privacy.dlp.v2.JobTrigger;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.Schedule;
import com.google.privacy.dlp.v2.StorageConfig;
import com.google.privacy.dlp.v2.StorageConfig.TimespanConfig;
import com.google.protobuf.Duration;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
public class TriggersCreate {
public static void main(String[] args) throws Exception {
// TODO(developer): Replace these variables before running the sample.
String projectId = "your-project-id";
String gcsPath = "gs://" + "your-bucket-name" + "path/to/file.txt";
createTrigger(projectId, gcsPath);
}
public static void createTrigger(String projectId, String gcsPath) throws IOException {
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
// Set autoPopulateTimespan to true to scan only new content
boolean autoPopulateTimespan = true;
TimespanConfig timespanConfig =
TimespanConfig.newBuilder()
.setEnableAutoPopulationOfTimespanConfig(autoPopulateTimespan)
.build();
// Specify the GCS file to be inspected.
CloudStorageOptions cloudStorageOptions =
CloudStorageOptions.newBuilder()
.setFileSet(CloudStorageOptions.FileSet.newBuilder().setUrl(gcsPath))
.build();
StorageConfig storageConfig =
StorageConfig.newBuilder()
.setCloudStorageOptions(cloudStorageOptions)
.setTimespanConfig(timespanConfig)
.build();
// Specify the type of info the inspection will look for.
// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types
List<InfoType> infoTypes =
Stream.of("PHONE_NUMBER", "EMAIL_ADDRESS", "CREDIT_CARD_NUMBER")
.map(it -> InfoType.newBuilder().setName(it).build())
.collect(Collectors.toList());
InspectConfig inspectConfig = InspectConfig.newBuilder().addAllInfoTypes(infoTypes).build();
// Configure the inspection job we want the service to perform.
InspectJobConfig inspectJobConfig =
InspectJobConfig.newBuilder()
.setInspectConfig(inspectConfig)
.setStorageConfig(storageConfig)
.build();
// Set scanPeriod to the number of days between scans (minimum: 1 day)
int scanPeriod = 1;
// Optionally set a display name of max 100 chars and a description of max 250 chars
String displayName = "Daily Scan";
String description = "A daily inspection for personally identifiable information.";
// Schedule scan of GCS bucket every scanPeriod number of days (minimum = 1 day)
Duration duration = Duration.newBuilder().setSeconds(scanPeriod * 24 * 3600).build();
Schedule schedule = Schedule.newBuilder().setRecurrencePeriodDuration(duration).build();
JobTrigger.Trigger trigger = JobTrigger.Trigger.newBuilder().setSchedule(schedule).build();
JobTrigger jobTrigger =
JobTrigger.newBuilder()
.setInspectJob(inspectJobConfig)
.setDisplayName(displayName)
.setDescription(description)
.setStatus(JobTrigger.Status.HEALTHY)
.addTriggers(trigger)
.build();
// Create scan request to be sent by client
CreateJobTriggerRequest createJobTriggerRequest =
CreateJobTriggerRequest.newBuilder()
.setParent(LocationName.of(projectId, "global").toString())
.setJobTrigger(jobTrigger)
.build();
// Send the scan request and process the response
JobTrigger createdJobTrigger = dlpServiceClient.createJobTrigger(createJobTriggerRequest);
System.out.println("Created Trigger: " + createdJobTrigger.getName());
System.out.println("Display Name: " + createdJobTrigger.getDisplayName());
System.out.println("Description: " + createdJobTrigger.getDescription());
}
}
}Node.js
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');
// Instantiates a client
const dlp = new DLP.DlpServiceClient();
// The project ID to run the API call under
// const projectId = 'my-project';
// (Optional) The name of the trigger to be created.
// const triggerId = 'my-trigger';
// (Optional) A display name for the trigger to be created
// const displayName = 'My Trigger';
// (Optional) A description for the trigger to be created
// const description = "This is a sample trigger.";
// The name of the bucket to scan.
// const bucketName = 'YOUR-BUCKET';
// Limit scan to new content only.
// const autoPopulateTimespan = true;
// How often to wait between scans, in days (minimum = 1 day)
// const scanPeriod = 1;
// The infoTypes of information to match
// const infoTypes = [{ name: 'PHONE_NUMBER' }, { name: 'EMAIL_ADDRESS' }, { name: 'CREDIT_CARD_NUMBER' }];
// The minimum likelihood required before returning a match
// const minLikelihood = 'LIKELIHOOD_UNSPECIFIED';
// The maximum number of findings to report per request (0 = server maximum)
// const maxFindings = 0;
async function createTrigger() {
// Get reference to the bucket to be inspected
const storageItem = {
cloudStorageOptions: {
fileSet: {url: `gs://${bucketName}/*`},
},
timeSpanConfig: {
enableAutoPopulationOfTimespanConfig: autoPopulateTimespan,
},
};
// Construct job to be triggered
const job = {
inspectConfig: {
infoTypes: infoTypes,
minLikelihood: minLikelihood,
limits: {
maxFindingsPerRequest: maxFindings,
},
},
storageConfig: storageItem,
};
// Construct trigger creation request
const request = {
parent: `projects/${projectId}/locations/global`,
jobTrigger: {
inspectJob: job,
displayName: displayName,
description: description,
triggers: [
{
schedule: {
recurrencePeriodDuration: {
seconds: scanPeriod * 60 * 60 * 24, // Trigger the scan daily
},
},
},
],
status: 'HEALTHY',
},
triggerId: triggerId,
};
// Run trigger creation request
const [trigger] = await dlp.createJobTrigger(request);
console.log(`Successfully created trigger ${trigger.name}.`);
}
createTrigger();PHP
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\CloudStorageOptions;
use Google\Cloud\Dlp\V2\CloudStorageOptions\FileSet;
use Google\Cloud\Dlp\V2\CreateJobTriggerRequest;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectConfig\FindingLimits;
use Google\Cloud\Dlp\V2\InspectJobConfig;
use Google\Cloud\Dlp\V2\JobTrigger;
use Google\Cloud\Dlp\V2\JobTrigger\Status;
use Google\Cloud\Dlp\V2\JobTrigger\Trigger;
use Google\Cloud\Dlp\V2\Likelihood;
use Google\Cloud\Dlp\V2\Schedule;
use Google\Cloud\Dlp\V2\StorageConfig;
use Google\Cloud\Dlp\V2\StorageConfig\TimespanConfig;
use Google\Protobuf\Duration;
/**
* Create a Data Loss Prevention API job trigger.
*
* @param string $callingProjectId The project ID to run the API call under
* @param string $bucketName The name of the bucket to scan
* @param string $triggerId (Optional) The name of the trigger to be created
* @param string $displayName (Optional) The human-readable name to give the trigger
* @param string $description (Optional) A description for the trigger to be created
* @param int $scanPeriod (Optional) How often to wait between scans, in days (minimum = 1 day)
* @param bool $autoPopulateTimespan (Optional) Automatically limit scan to new content only
* @param int $maxFindings (Optional) The maximum number of findings to report per request (0 = server maximum)
*/
function create_trigger(
string $callingProjectId,
string $bucketName,
string $triggerId,
string $displayName,
string $description,
int $scanPeriod,
bool $autoPopulateTimespan,
int $maxFindings
): void {
// Instantiate a client.
$dlp = new DlpServiceClient();
// ----- Construct job config -----
// The infoTypes of information to match
$personNameInfoType = (new InfoType())
->setName('PERSON_NAME');
$phoneNumberInfoType = (new InfoType())
->setName('PHONE_NUMBER');
$infoTypes = [$personNameInfoType, $phoneNumberInfoType];
// The minimum likelihood required before returning a match
$minLikelihood = likelihood::LIKELIHOOD_UNSPECIFIED;
// Specify finding limits
$limits = (new FindingLimits())
->setMaxFindingsPerRequest($maxFindings);
// Create the inspectConfig object
$inspectConfig = (new InspectConfig())
->setMinLikelihood($minLikelihood)
->setLimits($limits)
->setInfoTypes($infoTypes);
// Create triggers
$duration = (new Duration())
->setSeconds($scanPeriod * 60 * 60 * 24);
$schedule = (new Schedule())
->setRecurrencePeriodDuration($duration);
$triggerObject = (new Trigger())
->setSchedule($schedule);
// Create the storageConfig object
$fileSet = (new FileSet())
->setUrl('gs://' . $bucketName . '/*');
$storageOptions = (new CloudStorageOptions())
->setFileSet($fileSet);
// Auto-populate start and end times in order to scan new objects only.
$timespanConfig = (new TimespanConfig())
->setEnableAutoPopulationOfTimespanConfig($autoPopulateTimespan);
$storageConfig = (new StorageConfig())
->setCloudStorageOptions($storageOptions)
->setTimespanConfig($timespanConfig);
// Construct the jobConfig object
$jobConfig = (new InspectJobConfig())
->setInspectConfig($inspectConfig)
->setStorageConfig($storageConfig);
// ----- Construct trigger object -----
$jobTriggerObject = (new JobTrigger())
->setTriggers([$triggerObject])
->setInspectJob($jobConfig)
->setStatus(Status::HEALTHY)
->setDisplayName($displayName)
->setDescription($description);
// Run trigger creation request
$parent = $dlp->locationName($callingProjectId, 'global');
$createJobTriggerRequest = (new CreateJobTriggerRequest())
->setParent($parent)
->setJobTrigger($jobTriggerObject)
->setTriggerId($triggerId);
$trigger = $dlp->createJobTrigger($createJobTriggerRequest);
// Print results
printf('Successfully created trigger %s' . PHP_EOL, $trigger->getName());
}Python
Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.
Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
from typing import Optional
import google.cloud.dlp
def create_trigger(
project: str,
bucket: str,
scan_period_days: int,
info_types: List[str],
trigger_id: Optional[str] = None,
display_name: Optional[str] = None,
description: Optional[str] = None,
min_likelihood: Optional[int] = None,
max_findings: Optional[int] = None,
auto_populate_timespan: Optional[bool] = False,
) -> None:
"""Creates a scheduled Data Loss Prevention API inspect_content trigger.
Args:
project: The Google Cloud project id to use as a parent resource.
bucket: The name of the GCS bucket to scan. This sample scans all
files in the bucket using a wildcard.
scan_period_days: How often to repeat the scan, in days.
The minimum is 1 day.
info_types: A list of strings representing info types to look for.
A full list of info type categories can be fetched from the API.
trigger_id: The id of the trigger. If omitted, an id will be randomly
generated.
display_name: The optional display name of the trigger.
description: The optional description of the trigger.
min_likelihood: A string representing the minimum likelihood threshold
that constitutes a match. One of: 'LIKELIHOOD_UNSPECIFIED',
'VERY_UNLIKELY', 'UNLIKELY', 'POSSIBLE', 'LIKELY', 'VERY_LIKELY'.
max_findings: The maximum number of findings to report; 0 = no maximum.
auto_populate_timespan: Automatically populates time span config start
and end times in order to scan new content only.
Returns:
None; the response from the API is printed to the terminal.
"""
# Instantiate a client.
dlp = google.cloud.dlp_v2.DlpServiceClient()
# Prepare info_types by converting the list of strings into a list of
# dictionaries (protos are also accepted).
info_types = [{"name": info_type} for info_type in info_types]
# Construct the configuration dictionary. Keys which are None may
# optionally be omitted entirely.
inspect_config = {
"info_types": info_types,
"min_likelihood": min_likelihood,
"limits": {"max_findings_per_request": max_findings},
}
# Construct a cloud_storage_options dictionary with the bucket's URL.
url = f"gs://{bucket}/*"
storage_config = {
"cloud_storage_options": {"file_set": {"url": url}},
# Time-based configuration for each storage object.
"timespan_config": {
# Auto-populate start and end times in order to scan new objects
# only.
"enable_auto_population_of_timespan_config": auto_populate_timespan
},
}
# Construct the job definition.
job = {"inspect_config": inspect_config, "storage_config": storage_config}
# Construct the schedule definition:
schedule = {
"recurrence_period_duration": {"seconds": scan_period_days * 60 * 60 * 24}
}
# Construct the trigger definition.
job_trigger = {
"inspect_job": job,
"display_name": display_name,
"description": description,
"triggers": [{"schedule": schedule}],
"status": google.cloud.dlp_v2.JobTrigger.Status.HEALTHY,
}
# Convert the project id into a full resource id.
parent = f"projects/{project}"
# Call the API.
response = dlp.create_job_trigger(
request={"parent": parent, "job_trigger": job_trigger, "trigger_id": trigger_id}
)
print(f"Successfully created trigger {response.name}")
다음 단계
다른 Google Cloud 제품의 코드 샘플을 검색하고 필터링하려면 Google Cloud 샘플 브라우저를 참조하세요.