googleapis

/** * Copyright 2015 Google Inc. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import { AxiosPromise } from 'axios'; import { GoogleApis } from '../..'; import { BodyResponseCallback, GlobalOptions, MethodOptions } from '../../lib/api'; /** * Cloud Data Loss Prevention (DLP) API * * Provides methods for detection, risk analysis, and de-identification of * privacy-sensitive fragments in text, images, and Google Cloud Platform * storage repositories. * * @example * const google = require('googleapis'); * const dlp = google.dlp('v2'); * * @namespace dlp * @type {Function} * @version v2 * @variation v2 * @param {object=} options Options for Dlp */ export declare class Dlp { _options: GlobalOptions; google: GoogleApis; root: this; infoTypes: Resource$Infotypes; organizations: Resource$Organizations; projects: Resource$Projects; constructor(options: GlobalOptions, google: GoogleApis); getRoot(): this; } /** * A task to execute on the completion of a job. */ export interface Schema$GooglePrivacyDlpV2Action { /** * Publish a notification to a pubsub topic. */ pubSub: Schema$GooglePrivacyDlpV2PublishToPubSub; /** * Save resulting findings in a provided location. */ saveFindings: Schema$GooglePrivacyDlpV2SaveFindings; } /** * Result of a risk analysis operation request. */ export interface Schema$GooglePrivacyDlpV2AnalyzeDataSourceRiskDetails { categoricalStatsResult: Schema$GooglePrivacyDlpV2CategoricalStatsResult; kAnonymityResult: Schema$GooglePrivacyDlpV2KAnonymityResult; kMapEstimationResult: Schema$GooglePrivacyDlpV2KMapEstimationResult; lDiversityResult: Schema$GooglePrivacyDlpV2LDiversityResult; numericalStatsResult: Schema$GooglePrivacyDlpV2NumericalStatsResult; /** * Privacy metric to compute. */ requestedPrivacyMetric: Schema$GooglePrivacyDlpV2PrivacyMetric; /** * Input dataset to compute metrics over. */ requestedSourceTable: Schema$GooglePrivacyDlpV2BigQueryTable; } /** * An auxiliary table contains statistical information on the relative frequency * of different quasi-identifiers values. It has one or several * quasi-identifiers columns, and one column that indicates the relative * frequency of each quasi-identifier tuple. If a tuple is present in the data * but not in the auxiliary table, the corresponding relative frequency is * assumed to be zero (and thus, the tuple is highly reidentifiable). */ export interface Schema$GooglePrivacyDlpV2AuxiliaryTable { /** * Quasi-identifier columns. [required] */ quasiIds: Schema$GooglePrivacyDlpV2QuasiIdField[]; /** * The relative frequency column must contain a floating-point number between * 0 and 1 (inclusive). Null values are assumed to be zero. [required] */ relativeFrequency: Schema$GooglePrivacyDlpV2FieldId; /** * Auxiliary table location. [required] */ table: Schema$GooglePrivacyDlpV2BigQueryTable; } /** * An auxiliary table contains statistical information on the relative frequency * of different quasi-identifiers values. It has one or several * quasi-identifiers columns, and one column that indicates the relative * frequency of each quasi-identifier tuple. If a tuple is present in the data * but not in the auxiliary table, the corresponding relative frequency is * assumed to be zero (and thus, the tuple is highly reidentifiable). */ export interface Schema$GooglePrivacyDlpV2beta1AuxiliaryTable { /** * Quasi-identifier columns. [required] */ quasiIds: Schema$GooglePrivacyDlpV2beta1QuasiIdField[]; /** * The relative frequency column must contain a floating-point number between * 0 and 1 (inclusive). Null values are assumed to be zero. [required] */ relativeFrequency: Schema$GooglePrivacyDlpV2beta1FieldId; /** * Auxiliary table location. [required] */ table: Schema$GooglePrivacyDlpV2beta1BigQueryTable; } /** * Options defining BigQuery table and row identifiers. */ export interface Schema$GooglePrivacyDlpV2beta1BigQueryOptions { /** * References to fields uniquely identifying rows within the table. Nested * fields in the format, like `person.birthdate.year`, are allowed. */ identifyingFields: Schema$GooglePrivacyDlpV2beta1FieldId[]; /** * Complete BigQuery table reference. */ tableReference: Schema$GooglePrivacyDlpV2beta1BigQueryTable; } /** * Message defining the location of a BigQuery table. A table is uniquely * identified by its project_id, dataset_id, and table_name. Within a query a * table is often referenced with a string in the format of: * `<project_id>:<dataset_id>.<table_id>` or * `<project_id>.<dataset_id>.<table_id>`. */ export interface Schema$GooglePrivacyDlpV2beta1BigQueryTable { /** * Dataset ID of the table. */ datasetId: string; /** * The Google Cloud Platform project ID of the project containing the table. * If omitted, project ID is inferred from the API call. */ projectId: string; /** * Name of the table. */ tableId: string; } /** * Compute numerical stats over an individual column, including number of * distinct values and value count distribution. */ export interface Schema$GooglePrivacyDlpV2beta1CategoricalStatsConfig { /** * Field to compute categorical stats on. All column types are supported * except for arrays and structs. However, it may be more informative to use * NumericalStats when the field type is supported, depending on the data. */ field: Schema$GooglePrivacyDlpV2beta1FieldId; } /** * Histogram bucket of value frequencies in the column. */ export interface Schema$GooglePrivacyDlpV2beta1CategoricalStatsHistogramBucket { /** * Total number of records in this bucket. */ bucketSize: string; /** * Sample of value frequencies in this bucket. The total number of values * returned per bucket is capped at 20. */ bucketValues: Schema$GooglePrivacyDlpV2beta1ValueFrequency[]; /** * Lower bound on the value frequency of the values in this bucket. */ valueFrequencyLowerBound: string; /** * Upper bound on the value frequency of the values in this bucket. */ valueFrequencyUpperBound: string; } /** * Result of the categorical stats computation. */ export interface Schema$GooglePrivacyDlpV2beta1CategoricalStatsResult { /** * Histogram of value frequencies in the column. */ valueFrequencyHistogramBuckets: Schema$GooglePrivacyDlpV2beta1CategoricalStatsHistogramBucket[]; } /** * Options defining a file or a set of files (path ending with *) within a * Google Cloud Storage bucket. */ export interface Schema$GooglePrivacyDlpV2beta1CloudStorageOptions { fileSet: Schema$GooglePrivacyDlpV2beta1FileSet; } /** * A location in Cloud Storage. */ export interface Schema$GooglePrivacyDlpV2beta1CloudStoragePath { /** * The url, in the format of `gs://bucket/<path>`. */ path: string; } /** * Custom information type provided by the user. Used to find domain-specific * sensitive information configurable to the data in question. */ export interface Schema$GooglePrivacyDlpV2beta1CustomInfoType { /** * Dictionary-based custom info type. */ dictionary: Schema$GooglePrivacyDlpV2beta1Dictionary; /** * Info type configuration. All custom info types must have configurations * that do not conflict with built-in info types or other custom info types. */ infoType: Schema$GooglePrivacyDlpV2beta1InfoType; /** * Surrogate info type. */ surrogateType: Schema$GooglePrivacyDlpV2beta1SurrogateType; } /** * Options defining a data set within Google Cloud Datastore. */ export interface Schema$GooglePrivacyDlpV2beta1DatastoreOptions { /** * The kind to process. */ kind: Schema$GooglePrivacyDlpV2beta1KindExpression; /** * A partition ID identifies a grouping of entities. The grouping is always by * project and namespace, however the namespace ID may be empty. */ partitionId: Schema$GooglePrivacyDlpV2beta1PartitionId; /** * Properties to scan. If none are specified, all properties will be scanned * by default. */ projection: Schema$GooglePrivacyDlpV2beta1Projection[]; } /** * Custom information type based on a dictionary of words or phrases. This can * be used to match sensitive information specific to the data, such as a list * of employee IDs or job titles. Dictionary words are case-insensitive and all * characters other than letters and digits in the unicode [Basic Multilingual * Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) * will be replaced with whitespace when scanning for matches, so the dictionary * phrase "Sam Johnson" will match all three phrases "sam * johnson", "Sam, Johnson", and "Sam (Johnson)". * Additionally, the characters surrounding any match must be of a different * type than the adjacent characters within the word, so letters must be next to * non-letters and digits next to non-digits. For example, the dictionary word * "jen" will match the first three letters of the text * "jen123" but will return no matches for "jennifer". * Dictionary words containing a large number of characters that are not letters * or digits may result in unexpected findings because such characters are * treated as whitespace. */ export interface Schema$GooglePrivacyDlpV2beta1Dictionary { /** * List of words or phrases to search for. */ wordList: Schema$GooglePrivacyDlpV2beta1WordList; } /** * An entity in a dataset is a field or set of fields that correspond to a * single person. For example, in medical records the `EntityId` might be a * patient identifier, or for financial records it might be an account * identifier. This message is used when generalizations or analysis must be * consistent across multiple rows pertaining to the same entity. */ export interface Schema$GooglePrivacyDlpV2beta1EntityId { /** * Composite key indicating which field contains the entity identifier. */ field: Schema$GooglePrivacyDlpV2beta1FieldId; } /** * General identifier of a data field in a storage service. */ export interface Schema$GooglePrivacyDlpV2beta1FieldId { /** * Name describing the field. */ columnName: string; } /** * Set of files to scan. */ export interface Schema$GooglePrivacyDlpV2beta1FileSet { /** * The url, in the format `gs://<bucket>/<path>`. Trailing * wildcard in the path is allowed. */ url: string; } /** * Type of information detected by the API. */ export interface Schema$GooglePrivacyDlpV2beta1InfoType { /** * Name of the information type. */ name: string; } /** * Max findings configuration per info type, per content item or long running * operation. */ export interface Schema$GooglePrivacyDlpV2beta1InfoTypeLimit { /** * Type of information the findings limit applies to. Only one limit per * info_type should be provided. If InfoTypeLimit does not have an info_type, * the DLP API applies the limit against all info_types that are found but not * specified in another InfoTypeLimit. */ infoType: Schema$GooglePrivacyDlpV2beta1InfoType; /** * Max findings limit for the given infoType. */ maxFindings: number; } /** * Statistics regarding a specific InfoType. */ export interface Schema$GooglePrivacyDlpV2beta1InfoTypeStatistics { /** * Number of findings for this info type. */ count: string; /** * The type of finding this stat is for. */ infoType: Schema$GooglePrivacyDlpV2beta1InfoType; } /** * Configuration description of the scanning process. When used with * redactContent only info_types and min_likelihood are currently used. */ export interface Schema$GooglePrivacyDlpV2beta1InspectConfig { /** * Custom info types provided by the user. */ customInfoTypes: Schema$GooglePrivacyDlpV2beta1CustomInfoType[]; /** * When true, excludes type information of the findings. */ excludeTypes: boolean; /** * When true, a contextual quote from the data that triggered a finding is * included in the response; see Finding.quote. */ includeQuote: boolean; /** * Configuration of findings limit given for specified info types. */ infoTypeLimits: Schema$GooglePrivacyDlpV2beta1InfoTypeLimit[]; /** * Restricts what info_types to look for. The values must correspond to * InfoType values returned by ListInfoTypes or found in documentation. Empty * info_types runs all enabled detectors. */ infoTypes: Schema$GooglePrivacyDlpV2beta1InfoType[]; /** * Limits the number of findings per content item or long running operation. */ maxFindings: number; /** * Only returns findings equal or above this threshold. */ minLikelihood: string; } /** * Metadata returned within GetOperation for an inspect request. */ export interface Schema$GooglePrivacyDlpV2beta1InspectOperationMetadata { /** * The time which this request was started. */ createTime: string; infoTypeStats: Schema$GooglePrivacyDlpV2beta1InfoTypeStatistics[]; /** * Total size in bytes that were processed. */ processedBytes: string; /** * The inspect config used to create the Operation. */ requestInspectConfig: Schema$GooglePrivacyDlpV2beta1InspectConfig; /** * Optional location to store findings. */ requestOutputConfig: Schema$GooglePrivacyDlpV2beta1OutputStorageConfig; /** * The storage config used to create the Operation. */ requestStorageConfig: Schema$GooglePrivacyDlpV2beta1StorageConfig; /** * Estimate of the number of bytes to process. */ totalEstimatedBytes: string; } /** * The operational data. */ export interface Schema$GooglePrivacyDlpV2beta1InspectOperationResult { /** * The server-assigned name, which is only unique within the same service that * originally returns it. If you use the default HTTP mapping, the `name` * should have the format of `inspect/results/{id}`. */ name: string; } /** * k-anonymity metric, used for analysis of reidentification risk. */ export interface Schema$GooglePrivacyDlpV2beta1KAnonymityConfig { /** * Optional message indicating that each distinct entity_id should not * contribute to the k-anonymity count more than once per equivalence class. * If an entity_id appears on several rows with different quasi-identifier * tuples, it will contribute to each count exactly once. This can lead to * unexpected results. Consider a table where ID 1 is associated to * quasi-identifier "foo", ID 2 to "bar", and ID 3 to * *both* quasi-identifiers "foo" and "bar" (on separate * rows), and where this ID is used as entity_id. Then, the anonymity value * associated to ID 3 will be 2, even if it is the only ID to be associated to * both values "foo" and "bar". */ entityId: Schema$GooglePrivacyDlpV2beta1EntityId; /** * Set of fields to compute k-anonymity over. When multiple fields are * specified, they are considered a single composite key. Structs and repeated * data types are not supported; however, nested fields are supported so long * as they are not structs themselves or nested within a repeated field. */ quasiIds: Schema$GooglePrivacyDlpV2beta1FieldId[]; } /** * The set of columns' values that share the same k-anonymity value. */ export interface Schema$GooglePrivacyDlpV2beta1KAnonymityEquivalenceClass { /** * Size of the equivalence class, for example number of rows with the above * set of values. */ equivalenceClassSize: string; /** * Set of values defining the equivalence class. One value per * quasi-identifier column in the original KAnonymity metric message. The * order is always the same as the original request. */ quasiIdsValues: Schema$GooglePrivacyDlpV2beta1Value[]; } /** * Histogram bucket of equivalence class sizes in the table. */ export interface Schema$GooglePrivacyDlpV2beta1KAnonymityHistogramBucket { /** * Total number of records in this bucket. */ bucketSize: string; /** * Sample of equivalence classes in this bucket. The total number of classes * returned per bucket is capped at 20. */ bucketValues: Schema$GooglePrivacyDlpV2beta1KAnonymityEquivalenceClass[]; /** * Lower bound on the size of the equivalence classes in this bucket. */ equivalenceClassSizeLowerBound: string; /** * Upper bound on the size of the equivalence classes in this bucket. */ equivalenceClassSizeUpperBound: string; } /** * Result of the k-anonymity computation. */ export interface Schema$GooglePrivacyDlpV2beta1KAnonymityResult { /** * Histogram of k-anonymity equivalence classes. */ equivalenceClassHistogramBuckets: Schema$GooglePrivacyDlpV2beta1KAnonymityHistogramBucket[]; } /** * A representation of a Datastore kind. */ export interface Schema$GooglePrivacyDlpV2beta1KindExpression { /** * The name of the kind. */ name: string; } /** * Reidentifiability metric. This corresponds to a risk model similar to what is * called "journalist risk" in the literature, except the attack * dataset is statistically modeled instead of being perfectly known. This can * be done using publicly available data (like the US Census), or using a custom * statistical model (indicated as one or several BigQuery tables), or by * extrapolating from the distribution of values in the input dataset. */ export interface Schema$GooglePrivacyDlpV2beta1KMapEstimationConfig { /** * Several auxiliary tables can be used in the analysis. Each custom_tag used * to tag a quasi-identifiers column must appear in exactly one column of one * auxiliary table. */ auxiliaryTables: Schema$GooglePrivacyDlpV2beta1AuxiliaryTable[]; /** * Fields considered to be quasi-identifiers. No two columns can have the same * tag. [required] */ quasiIds: Schema$GooglePrivacyDlpV2beta1TaggedField[]; /** * ISO 3166-1 alpha-2 region code to use in the statistical modeling. Required * if no column is tagged with a region-specific InfoType (like US_ZIP_5) or a * region code. */ regionCode: string; } /** * A KMapEstimationHistogramBucket message with the following values: * min_anonymity: 3 max_anonymity: 5 frequency: 42 means that there are 42 * records whose quasi-identifier values correspond to 3, 4 or 5 people in the * overlying population. An important particular case is when min_anonymity = * max_anonymity = 1: the frequency field then corresponds to the number of * uniquely identifiable records. */ export interface Schema$GooglePrivacyDlpV2beta1KMapEstimationHistogramBucket { /** * Number of records within these anonymity bounds. */ bucketSize: string; /** * Sample of quasi-identifier tuple values in this bucket. The total number of * classes returned per bucket is capped at 20. */ bucketValues: Schema$GooglePrivacyDlpV2beta1KMapEstimationQuasiIdValues[]; /** * Always greater than or equal to min_anonymity. */ maxAnonymity: string; /** * Always positive. */ minAnonymity: string; } /** * A tuple of values for the quasi-identifier columns. */ export interface Schema$GooglePrivacyDlpV2beta1KMapEstimationQuasiIdValues { /** * The estimated anonymity for these quasi-identifier values. */ estimatedAnonymity: string; /** * The quasi-identifier values. */ quasiIdsValues: Schema$GooglePrivacyDlpV2beta1Value[]; } /** * Result of the reidentifiability analysis. Note that these results are an * estimation, not exact values. */ export interface Schema$GooglePrivacyDlpV2beta1KMapEstimationResult { /** * The intervals [min_anonymity, max_anonymity] do not overlap. If a value * doesn't correspond to any such interval, the associated frequency is * zero. For example, the following records: {min_anonymity: 1, * max_anonymity: 1, frequency: 17} {min_anonymity: 2, max_anonymity: 3, * frequency: 42} {min_anonymity: 5, max_anonymity: 10, frequency: 99} mean * that there are no record with an estimated anonymity of 4, 5, or larger * than 10. */ kMapEstimationHistogram: Schema$GooglePrivacyDlpV2beta1KMapEstimationHistogramBucket[]; } /** * l-diversity metric, used for analysis of reidentification risk. */ export interface Schema$GooglePrivacyDlpV2beta1LDiversityConfig { /** * Set of quasi-identifiers indicating how equivalence classes are defined for * the l-diversity computation. When multiple fields are specified, they are * considered a single composite key. */ quasiIds: Schema$GooglePrivacyDlpV2beta1FieldId[]; /** * Sensitive field for computing the l-value. */ sensitiveAttribute: Schema$GooglePrivacyDlpV2beta1FieldId; } /** * The set of columns' values that share the same l-diversity value. */ export interface Schema$GooglePrivacyDlpV2beta1LDiversityEquivalenceClass { /** * Size of the k-anonymity equivalence class. */ equivalenceClassSize: string; /** * Number of distinct sensitive values in this equivalence class. */ numDistinctSensitiveValues: string; /** * Quasi-identifier values defining the k-anonymity equivalence class. The * order is always the same as the original request. */ quasiIdsValues: Schema$GooglePrivacyDlpV2beta1Value[]; /** * Estimated frequencies of top sensitive values. */ topSensitiveValues: Schema$GooglePrivacyDlpV2beta1ValueFrequency[]; } /** * Histogram bucket of sensitive value frequencies in the table. */ export interface Schema$GooglePrivacyDlpV2beta1LDiversityHistogramBucket { /** * Total number of records in this bucket. */ bucketSize: string; /** * Sample of equivalence classes in this bucket. The total number of classes * returned per bucket is capped at 20. */ bucketValues: Schema$GooglePrivacyDlpV2beta1LDiversityEquivalenceClass[]; /** * Lower bound on the sensitive value frequencies of the equivalence classes * in this bucket. */ sensitiveValueFrequencyLowerBound: string; /** * Upper bound on the sensitive value frequencies of the equivalence classes * in this bucket. */ sensitiveValueFrequencyUpperBound: string; } /** * Result of the l-diversity computation. */ export interface Schema$GooglePrivacyDlpV2beta1LDiversityResult { /** * Histogram of l-diversity equivalence class sensitive value frequencies. */ sensitiveValueFrequencyHistogramBuckets: Schema$GooglePrivacyDlpV2beta1LDiversityHistogramBucket[]; } /** * Compute numerical stats over an individual column, including min, max, and * quantiles. */ export interface Schema$GooglePrivacyDlpV2beta1NumericalStatsConfig { /** * Field to compute numerical stats on. Supported types are integer, float, * date, datetime, timestamp, time. */ field: Schema$GooglePrivacyDlpV2beta1FieldId; } /** * Result of the numerical stats computation. */ export interface Schema$GooglePrivacyDlpV2beta1NumericalStatsResult { /** * Maximum value appearing in the column. */ maxValue: Schema$GooglePrivacyDlpV2beta1Value; /** * Minimum value appearing in the column. */ minValue: Schema$GooglePrivacyDlpV2beta1Value; /** * List of 99 values that partition the set of field values into 100 equal * sized buckets. */ quantileValues: Schema$GooglePrivacyDlpV2beta1Value[]; } /** * Cloud repository for storing output. */ export interface Schema$GooglePrivacyDlpV2beta1OutputStorageConfig { /** * The path to a Google Cloud Storage location to store output. The bucket * must already exist and the Google APIs service account for DLP must have * write permission to write to the given bucket. Results are split over * multiple csv files with each file name matching the pattern * "[operation_id]_[count].csv", for example * `3094877188788974909_1.csv`. The `operation_id` matches the identifier for * the Operation, and the `count` is a counter used for tracking the number of * files written. The CSV file(s) contain the following columns regardless of * storage type scanned: - id - info_type - likelihood - byte size of finding * - quote - timestamp For Cloud Storage the next columns are: - file_path - * start_offset For Cloud Datastore the next columns are: - project_id - * namespace_id - path - column_name - offset For BigQuery the next columns * are: - row_number - project_id - dataset_id - table_id */ storagePath: Schema$GooglePrivacyDlpV2beta1CloudStoragePath; /** * Store findings in a new table in the dataset. */ table: Schema$GooglePrivacyDlpV2beta1BigQueryTable; } /** * Datastore partition ID. A partition ID identifies a grouping of entities. The * grouping is always by project and namespace, however the namespace ID may be * empty. A partition ID contains several dimensions: project ID and namespace * ID. */ export interface Schema$GooglePrivacyDlpV2beta1PartitionId { /** * If not empty, the ID of the namespace to which the entities belong. */ namespaceId: string; /** * The ID of the project to which the entities belong. */ projectId: string; } /** * Privacy metric to compute for reidentification risk analysis. */ export interface Schema$GooglePrivacyDlpV2beta1PrivacyMetric { categoricalStatsConfig: Schema$GooglePrivacyDlpV2beta1CategoricalStatsConfig; kAnonymityConfig: Schema$GooglePrivacyDlpV2beta1KAnonymityConfig; kMapEstimationConfig: Schema$GooglePrivacyDlpV2beta1KMapEstimationConfig; lDiversityConfig: Schema$GooglePrivacyDlpV2beta1LDiversityConfig; numericalStatsConfig: Schema$GooglePrivacyDlpV2beta1NumericalStatsConfig; } /** * A representation of a Datastore property in a projection. */ export interface Schema$GooglePrivacyDlpV2beta1Projection { /** * The property to project. */ property: Schema$GooglePrivacyDlpV2beta1PropertyReference; } /** * A reference to a property relative to the Datastore kind expressions. */ export interface Schema$GooglePrivacyDlpV2beta1PropertyReference { /** * The name of the property. If name includes "."s, it may be * interpreted as a property name path. */ name: string; } /** * A quasi-identifier column has a custom_tag, used to know which column in the * data corresponds to which column in the statistical model. */ export interface Schema$GooglePrivacyDlpV2beta1QuasiIdField { customTag: string; field: Schema$GooglePrivacyDlpV2beta1FieldId; } /** * Metadata returned within the * [`riskAnalysis.operations.get`](/dlp/docs/reference/rest/v2beta1/riskAnalysis.operations/get) * for risk analysis. */ export interface Schema$GooglePrivacyDlpV2beta1RiskAnalysisOperationMetadata { /** * The time which this request was started. */ createTime: string; /** * Privacy metric to compute. */ requestedPrivacyMetric: Schema$GooglePrivacyDlpV2beta1PrivacyMetric; /** * Input dataset to compute metrics over. */ requestedSourceTable: Schema$GooglePrivacyDlpV2beta1BigQueryTable; } /** * Result of a risk analysis * [`Operation`](/dlp/docs/reference/rest/v2beta1/inspect.operations) request. */ export interface Schema$GooglePrivacyDlpV2beta1RiskAnalysisOperationResult { categoricalStatsResult: Schema$GooglePrivacyDlpV2beta1CategoricalStatsResult; kAnonymityResult: Schema$GooglePrivacyDlpV2beta1KAnonymityResult; kMapEstimationResult: Schema$GooglePrivacyDlpV2beta1KMapEstimationResult; lDiversityResult: Schema$GooglePrivacyDlpV2beta1LDiversityResult; numericalStatsResult: Schema$GooglePrivacyDlpV2beta1NumericalStatsResult; } /** * Shared message indicating Cloud storage type. */ export interface Schema$GooglePrivacyDlpV2beta1StorageConfig { /** * BigQuery options specification. */ bigQueryOptions: Schema$GooglePrivacyDlpV2beta1BigQueryOptions; /** * Google Cloud Storage options specification. */ cloudStorageOptions: Schema$GooglePrivacyDlpV2beta1CloudStorageOptions; /** * Google Cloud Datastore options specification. */ datastoreOptions: Schema$GooglePrivacyDlpV2beta1DatastoreOptions; } /** * Message for detecting output from deidentification transformations such as * [`CryptoReplaceFfxFpeConfig`](/dlp/docs/reference/rest/v2beta1/content/deidentify#CryptoReplaceFfxFpeConfig). * These types of transformations are those that perform pseudonymization, * thereby producing a "surrogate" as output. This should be used in * conjunction with a field on the transformation such as `surrogate_info_type`. * This custom info type does not support the use of `detection_rules`. */ export interface Schema$GooglePrivacyDlpV2beta1SurrogateType { } /** * A column with a semantic tag attached. */ export interface Schema$GooglePrivacyDlpV2beta1TaggedField { /** * A column can be tagged with a custom tag. In this case, the user must * indicate an auxiliary table that contains statistical information on the * possible values of this column (below). */ customTag: string; /** * Identifies the column. [required] */ field: Schema$GooglePrivacyDlpV2beta1FieldId; /** * If no semantic tag is indicated, we infer the statistical model from the * distribution of values in the input data */ inferred: Schema$GoogleProtobufEmpty; /** * A column can be tagged with a InfoType to use the relevant public dataset * as a statistical model of population, if available. We currently support US * ZIP codes, region codes, ages and genders. */ infoType: Schema$GooglePrivacyDlpV2beta1InfoType; } /** * Set of primitive values supported by the system. Note that for the purposes * of inspection or transformation, the number of bytes considered to comprise a * 'Value' is based on its representation as a UTF-8 encoded string. For * example, if 'integer_value' is set to 123456789, the number of bytes * would be counted as 9, even though an int64 only holds up to 8 bytes of data. */ export interface Schema$GooglePrivacyDlpV2beta1Value { booleanValue: boolean; dateValue: Schema$GoogleTypeDate; floatValue: number; integerValue: string; stringValue: string; timestampValue: string; timeValue: Schema$GoogleTypeTimeOfDay; } /** * A value of a field, including its frequency. */ export interface Schema$GooglePrivacyDlpV2beta1ValueFrequency { /** * How many times the value is contained in the field. */ count: string; /** * A value contained in the field in question. */ value: Schema$GooglePrivacyDlpV2beta1Value; } /** * Message defining a list of words or phrases to search for in the data. */ export interface Schema$GooglePrivacyDlpV2beta1WordList { /** * Words or phrases defining the dictionary. The dictionary must contain at * least one phrase and every phrase must contain at least 2 characters that * are letters or digits. [required] */ words: string[]; } /** * Row key for identifying a record in BigQuery table. */ export interface Schema$GooglePrivacyDlpV2BigQueryKey { /** * Absolute number of the row from the beginning of the table at the time of * scanning. */ rowNumber: string; /** * Complete BigQuery table reference. */ tableReference: Schema$GooglePrivacyDlpV2BigQueryTable; } /** * Options defining BigQuery table and row identifiers. */ export interface Schema$GooglePrivacyDlpV2BigQueryOptions { /** * References to fields uniquely identifying rows within the table. Nested * fields in the format, like `person.birthdate.year`, are allowed. */ identifyingFields: Schema$GooglePrivacyDlpV2FieldId[]; /** * Complete BigQuery table reference. */ tableReference: Schema$GooglePrivacyDlpV2BigQueryTable; } /** * Message defining the location of a BigQuery table. A table is uniquely * identified by its project_id, dataset_id, and table_name. Within a query a * table is often referenced with a string in the format of: * `<project_id>:<dataset_id>.<table_id>` or * `<project_id>.<dataset_id>.<table_id>`. */ export interface Schema$GooglePrivacyDlpV2BigQueryTable { /** * Dataset ID of the table. */ datasetId: string; /** * The Google Cloud Platform project ID of the project containing the table. * If omitted, project ID is inferred from the API call. */ projectId: string; /** * Name of the table. */ tableId: string; } /** * Bounding box encompassing detected text within an image. */ export interface Schema$GooglePrivacyDlpV2BoundingBox { /** * Height of the bounding box in pixels. */ height: number; /** * Left coordinate of the bounding box. (0,0) is upper left. */ left: number; /** * Top coordinate of the bounding box. (0,0) is upper left. */ top: number; /** * Width of the bounding box in pixels. */ width: number; } /** * Bucket is represented as a range, along with replacement values. */ export interface Schema$GooglePrivacyDlpV2Bucket { /** * Upper bound of the range, exclusive; type must match min. */ max: Schema$GooglePrivacyDlpV2Value; /** * Lower bound of the range, inclusive. Type should be the same as max if * used. */ min: Schema$GooglePrivacyDlpV2Value; /** * Replacement value for this bucket. If not provided the default behavior * will be to hyphenate the min-max range. */ replacementValue: Schema$GooglePrivacyDlpV2Value; } /** * Generalization function that buckets values based on ranges. The ranges and * replacement values are dynamically provided by the user for custom behavior, * such as 1-30 -> LOW 31-65 -> MEDIUM 66-100 -> HIGH This can be used * on data of type: number, long, string, timestamp. If the bound `Value` type * differs from the type of data being transformed, we will first attempt * converting the type of the data to be transformed to match the type of the * bound before comparing. */ export interface Schema$GooglePrivacyDlpV2BucketingConfig { /** * Set of buckets. Ranges must be non-overlapping. */ buckets: Schema$GooglePrivacyDlpV2Bucket[]; } /** * Container for bytes to inspect or redact. */ export interface Schema$GooglePrivacyDlpV2ByteContentItem { /** * Content data to inspect or redact. */ data: string; /** * The type of data stored in the bytes string. Default will be TEXT_UTF8. */ type: string; } /** * The request message for canceling a DLP job. */ export interface Schema$GooglePrivacyDlpV2CancelDlpJobRequest { } /** * Compute numerical stats over an individual column, including number of * distinct values and value count distribution. */ export interface Schema$GooglePrivacyDlpV2CategoricalStatsConfig { /** * Field to compute categorical stats on. All column types are supported * except for arrays and structs. However, it may be more informative to use * NumericalStats when the field type is supported, depending on the data. */ field: Schema$GooglePrivacyDlpV2FieldId; } export interface Schema$GooglePrivacyDlpV2CategoricalStatsHistogramBucket { /** * Total number of values in this bucket. */ bucketSize: string; /** * Total number of distinct values in this bucket. */ bucketValueCount: string; /** * Sample of value frequencies in this bucket. The total number of values * returned per bucket is capped at 20. */ bucketValues: Schema$GooglePrivacyDlpV2ValueFrequency[]; /** * Lower bound on the value frequency of the values in this bucket. */ valueFrequencyLowerBound: string; /** * Upper bound on the value frequency of the values in this bucket. */ valueFrequencyUpperBound: string; } /** * Result of the categorical stats computation. */ export interface Schema$GooglePrivacyDlpV2CategoricalStatsResult { /** * Histogram of value frequencies in the column. */ valueFrequencyHistogramBuckets: Schema$GooglePrivacyDlpV2CategoricalStatsHistogramBucket[]; } /** * Partially mask a string by replacing a given number of characters with a * fixed character. Masking can start from the beginning or end of the string. * This can be used on data of any type (numbers, longs, and so on) and when * de-identifying structured data we'll attempt to preserve the original * data's type. (This allows you to take a long like 123 and modify it to a * string like **3. */ export interface Schema$GooglePrivacyDlpV2CharacterMaskConfig { /** * When masking a string, items in this list will be skipped when replacing. * For example, if your string is 555-555-5555 and you ask us to skip `-` and * mask 5 chars with * we would produce ***-*55-5555. */ charactersToIgnore: Schema$GooglePrivacyDlpV2CharsToIgnore[]; /** * Character to mask the sensitive values&mdash;for example, "*" * for an alphabetic string such as name, or "0" for a numeric * string such as ZIP code or credit card number. String must have length 1. * If not supplied, we will default to "*" for strings, 0 for * digits. */ maskingCharacter: string; /** * Number of characters to mask. If not set, all matching chars will be * masked. Skipped characters do not count towards this tally. */ numberToMask: number; /** * Mask characters in reverse order. For example, if `masking_character` is * '0', number_to_mask is 14, and `reverse_order` is false, then * 1234-5678-9012-3456 -> 00000000000000-3456 If `masking_character` is * '*', `number_to_mask` is 3, and `reverse_order` is true, then 12345 * -> 12*** */ reverseOrder: boolean; } /** * Characters to skip when doing deidentification of a value. These will be left * alone and skipped. */ export interface Schema$GooglePrivacyDlpV2CharsToIgnore { charactersToSkip: string; commonCharactersToIgnore: string; } /** * Options defining a file or a set of files (path ending with *) within a * Google Cloud Storage bucket. */ export interface Schema$GooglePrivacyDlpV2CloudStorageOptions { /** * Max number of bytes to scan from a file. If a scanned file's size is * bigger than this value then the rest of the bytes are omitted. */ bytesLimitPerFile: string; fileSet: Schema$GooglePrivacyDlpV2FileSet; /** * List of file type groups to include in the scan. If empty, all files are * scanned and available data format processors are applied. */ fileTypes: string[]; } /** * Represents a color in the RGB color space. */ export interface Schema$GooglePrivacyDlpV2Color { /** * The amount of blue in the color as a value in the interval [0, 1]. */ blue: number; /** * The amount of green in the color as a value in the interval [0, 1]. */ green: number; /** * The amount of red in the color as a value in the interval [0, 1]. */ red: number; } /** * The field type of `value` and `field` do not need to match to be considered * equal, but not all comparisons are possible. A `value` of type: - `string` * can be compared against all other types - `boolean` can only be compared * against other booleans - `integer` can be compared against doubles or a * string if the string value can be parsed as an integer. - `double` can be * compared against integers or a string if the string can be parsed as a * double. - `Timestamp` can be compared against strings in RFC 3339 date string * format. - `TimeOfDay` can be compared against timestamps and strings in the * format of 'HH:mm:ss'. If we fail to compare do to type mismatch, a * warning will be given and the condition will evaluate to false. */ export interface Schema$GooglePrivacyDlpV2Condition { /** * Field within the record this condition is evaluated against. [required] */ field: Schema$GooglePrivacyDlpV2FieldId; /** * Operator used to compare the field or infoType to the value. [required] */ operator: string; /** * Value to compare against. [Required, except for `EXISTS` tests.] */ value: Schema$GooglePrivacyDlpV2Value; } /** * A collection of conditions. */ export interface Schema$GooglePrivacyDlpV2Conditions { conditions: Schema$GooglePrivacyDlpV2Condition[]; } /** * Container structure for the content to inspect. */ export interface Schema$GooglePrivacyDlpV2ContentItem { /** * Content data to inspect or redact. Replaces `type` and `data`. */ byteItem: Schema$GooglePrivacyDlpV2ByteContentItem; /** * Structured content for inspection. */ table: Schema$GooglePrivacyDlpV2Table; /** * String data to inspect or redact. */ value: string; } /** * Findings container location data. */ export interface Schema$GooglePrivacyDlpV2ContentLocation { /** * Name of the container where the finding is located. The top level name is * the source file name or table name. Nested names could be absent if the * embedded object has no string identifier (for an example an image contained * within a document). */ containerName: string; /** * Findings container modification timestamp, if applicable. For Google Cloud * Storage contains last file modification timestamp. For BigQuery table * contains last_modified_time property. For Datastore - not populated. */ containerTimestamp: string; /** * Findings container version, if available ("generation" for Google * Cloud Storage). */ containerVersion: string; /** * Location data for document files. */ documentLocation: Schema$GooglePrivacyDlpV2DocumentLocation; /** * Location within an image's pixels. */ imageLocation: Schema$GooglePrivacyDlpV2ImageLocation; /** * Location within a row or record of a database table. */ recordLocation: Schema$GooglePrivacyDlpV2RecordLocation; } /** * Request message for CreateDeidentifyTemplate. */ export interface Schema$GooglePrivacyDlpV2CreateDeidentifyTemplateRequest { /** * The DeidentifyTemplate to create. */ deidentifyTemplate: Schema$GooglePrivacyDlpV2DeidentifyTemplate; /** * The template id can contain uppercase and lowercase letters, numbers, and * hyphens; that is, it must match the regular expression: `[a-zA-Z\\d-]+`. * The maximum length is 100 characters. Can be empty to allow the system to * generate one. */ templateId: string; } /** * Request message for CreateDlpJobRequest. Used to initiate long running jobs * such as calculating risk metrics or inspecting Google Cloud Storage. */ export interface Schema$GooglePrivacyDlpV2CreateDlpJobRequest { inspectJob: Schema$GooglePrivacyDlpV2InspectJobConfig; /** * The job id can contain uppercase and lowercase letters, numbers, and * hyphens; that is, it must match the regular expression: `[a-zA-Z\\d-]+`. * The maximum length is 100 characters. Can be empty to allow the system to * generate one. */ jobId: string; riskJob: Schema$GooglePrivacyDlpV2RiskAnalysisJobConfig; } /** * Request message for CreateInspectTemplate. */ export interface Schema$GooglePrivacyDlpV2CreateInspectTemplateRequest { /** * The InspectTemplate to create. */ inspectTemplate: Schema$GooglePrivacyDlpV2InspectTemplate; /** * The template id can contain uppercase and lowercase letters, numbers, and * hyphens; that is, it must match the regular expression: `[a-zA-Z\\d-]+`. * The maximum length is 100 characters. Can be empty to allow the system to * generate one. */ templateId: string; } /** * Request message for CreateJobTrigger. */ export interface Schema$GooglePrivacyDlpV2CreateJobTriggerRequest { /** * The JobTrigger to create. */ jobTrigger: Schema$GooglePrivacyDlpV2JobTrigger; /** * The trigger id can contain uppercase and lowercase letters, numbers, and * hyphens; that is, it must match the regular expression: `[a-zA-Z\\d-]+`. * The maximum length is 100 characters. Can be empty to allow the system to * generate one. */ triggerId: string; } /** * Pseudonymization method that generates surrogates via cryptographic hashing. * Uses SHA-256. The key size must be either 32 or 64 bytes. Outputs a 32 byte * digest as an uppercase hex string (for example, * 41D1567F7F99F1DC2A5FAB886DEE5BEE). Currently, only string and integer values * can be hashed. */ export interface Schema$GooglePrivacyDlpV2CryptoHashConfig { /** * The key used by the hash function. */ cryptoKey: Schema$GooglePrivacyDlpV2CryptoKey; } /** * This is a data encryption key (DEK) (as opposed to a key encryption key (KEK) * stored by KMS). When using KMS to wrap/unwrap DEKs, be sure to set an * appropriate IAM policy on the KMS CryptoKey (KEK) to ensure an attacker * cannot unwrap the data crypto key. */ export interface Schema$GooglePrivacyDlpV2CryptoKey { kmsWrapped: Schema$GooglePrivacyDlpV2KmsWrappedCryptoKey; transient: Schema$GooglePrivacyDlpV2TransientCryptoKey; unwrapped: Schema$GooglePrivacyDlpV2UnwrappedCryptoKey; } /** * Replaces an identifier with a surrogate using FPE with the FFX mode of * operation; however when used in the `ReidentifyContent` API method, it serves * the opposite function by reversing the surrogate back into the original * identifier. The identifier must be encoded as ASCII. For a given crypto key * and context, the same identifier will be replaced with the same surrogate. * Identifiers must be at least two characters long. In the case that the * identifier is the empty string, it will be skipped. See * [Pseudonymization](/dlp/docs/pseudonymization) for example usage. */ export interface Schema$GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig { commonAlphabet: string; /** * The 'tweak', a context may be used for higher security since the * same identifier in two different contexts won't be given the same * surrogate. If the context is not set, a default tweak will be used. If the * context is set but: 1. there is no record present when transforming a * given value or 1. the field is not present when transforming a given value, * a default tweak will be used. Note that case (1) is expected when an * `InfoTypeTransformation` is applied to both structured and non-structured * `ContentItem`s. Currently, the referenced field may be of value type * integer or string. The tweak is constructed as a sequence of bytes in big * endian byte order such that: - a 64 bit integer is encoded followed by a * single byte of value 1 - a string is encoded in UTF-8 format followed by a * single byte of value å 2 */ context: Schema$GooglePrivacyDlpV2FieldId; /** * The key used by the encryption algorithm. [required] */ cryptoKey: Schema$GooglePrivacyDlpV2CryptoKey; /** * This is supported by mapping these to the alphanumeric characters that the * FFX mode natively supports. This happens before/after * encryption/decryption. Each character listed must appear only once. Number * of characters must be in the range [2, 62]. This must be encoded as ASCII. * The order of characters does not matter. */ customAlphabet: string; /** * The native way to select the alphabet. Must be in the range [2, 62]. */ radix: number; /** * The custom infoType to annotate the surrogate with. This annotation will be * applied to the surrogate by prefixing it with the name of the custom * infoType followed by the number of characters comprising the surrogate. The * following scheme defines the format: * info_type_name(surrogate_character_count):surrogate For example, if the * name of custom infoType is 'MY_TOKEN_INFO_TYPE' and the surrogate * is 'abc&#3