Action(mapping=None, *, ignore_unknown_fields=False, **kwargs)
A task to execute on the completion of a job. See https://cloud.google.com/sensitive-data-protection/docs/concepts-actions to learn more.
This message has oneof
_ fields (mutually exclusive fields).
For each oneof, at most one member field can be set at the same time.
Setting any member of the oneof automatically clears all other
members.
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
Attributes |
|
---|---|
Name | Description |
save_findings |
google.cloud.dlp_v2.types.Action.SaveFindings
Save resulting findings in a provided location. This field is a member of oneof _ action .
|
pub_sub |
google.cloud.dlp_v2.types.Action.PublishToPubSub
Publish a notification to a Pub/Sub topic. This field is a member of oneof _ action .
|
publish_summary_to_cscc |
google.cloud.dlp_v2.types.Action.PublishSummaryToCscc
Publish summary to Cloud Security Command Center (Alpha). This field is a member of oneof _ action .
|
publish_findings_to_cloud_data_catalog |
google.cloud.dlp_v2.types.Action.PublishFindingsToCloudDataCatalog
Publish findings to Cloud Datahub. This field is a member of oneof _ action .
|
deidentify |
google.cloud.dlp_v2.types.Action.Deidentify
Create a de-identified copy of the input data. This field is a member of oneof _ action .
|
job_notification_emails |
google.cloud.dlp_v2.types.Action.JobNotificationEmails
Sends an email when the job completes. The email goes to IAM project owners and technical `Essential Contacts |
publish_to_stackdriver |
google.cloud.dlp_v2.types.Action.PublishToStackdriver
Enable Stackdriver metric dlp.googleapis.com/finding_count. This field is a member of oneof _ action .
|
Classes
Deidentify
Deidentify(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Create a de-identified copy of the requested table or files.
A TransformationDetail will be created for each transformation.
If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table.
Compatible with: Inspect
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
JobNotificationEmails
JobNotificationEmails(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Sends an email when the job completes. The email goes to IAM project
owners and technical Essential
Contacts <https://cloud.google.com/resource-manager/docs/managing-notification-contacts>
__.
PublishFindingsToCloudDataCatalog
PublishFindingsToCloudDataCatalog(
mapping=None, *, ignore_unknown_fields=False, **kwargs
)
Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
templates are applied to the resource that Cloud DLP scanned. Data
Catalog tag templates are stored in the same project and region
where the BigQuery table exists. For Cloud DLP to create and apply
the tag template, the Cloud DLP service agent must have the
roles/datacatalog.tagTemplateOwner
permission on the project.
The tag template contains fields summarizing the results of the
DlpJob. Any field values previously written by another DlpJob are
deleted. InfoType naming patterns][google.privacy.dlp.v2.InfoType]
are strictly enforced when using this feature.
Findings are persisted in Data Catalog storage and are governed by
service-specific policies for Data Catalog. For more information,
see Service Specific
Terms <https://cloud.google.com/terms/service-terms>
__.
Only a single instance of this action can be specified. This action is allowed only if all resources being scanned are BigQuery tables. Compatible with: Inspect
PublishSummaryToCscc
PublishSummaryToCscc(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Publish the result summary of a DlpJob to Security Command
Center <https://cloud.google.com/security-command-center>
. This
action is available for only projects that belong to an
organization. This action publishes the count of finding instances
and their infoTypes. The summary of findings are persisted in
Security Command Center and are governed by service-specific
policies for Security Command
Center <https://cloud.google.com/terms/service-terms>
. Only a
single instance of this action can be specified. Compatible with:
Inspect
PublishToPubSub
PublishToPubSub(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Publish a message into a given Pub/Sub topic when DlpJob has
completed. The message contains a single field, DlpJobName
,
which is equal to the finished job's
`DlpJob.name
https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob`__.
Compatible with: Inspect, Risk
PublishToStackdriver
PublishToStackdriver(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Enable Stackdriver metric dlp.googleapis.com/finding_count. This will publish a metric to stack driver on each infotype requested and how many findings were found for it. CustomDetectors will be bucketed as 'Custom' under the Stackdriver label 'info_type'.
SaveFindings
SaveFindings(mapping=None, *, ignore_unknown_fields=False, **kwargs)
If set, the detailed findings will be persisted to the specified OutputStorageConfig. Only a single instance of this action can be specified. Compatible with: Inspect, Risk