Class: Google::Cloud::Dlp::V2::Action

Inherits:

Object

• Object
• Google::Cloud::Dlp::V2::Action

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/privacy/dlp/v2/dlp.rb

Overview

A task to execute on the completion of a job. See https://cloud.google.com/sensitive-data-protection/docs/concepts-actions to learn more.

Defined Under Namespace

Classes: Deidentify, JobNotificationEmails, PublishFindingsToCloudDataCatalog, PublishSummaryToCscc, PublishToPubSub, PublishToStackdriver, SaveFindings

Instance Attribute Summary

• #deidentify ⇒ ::Google::Cloud::Dlp::V2::Action::Deidentify

  Create a de-identified copy of the input data.

• #job_notification_emails ⇒ ::Google::Cloud::Dlp::V2::Action::JobNotificationEmails

  Sends an email when the job completes.

• #pub_sub ⇒ ::Google::Cloud::Dlp::V2::Action::PublishToPubSub

  Publish a notification to a Pub/Sub topic.

• #publish_findings_to_cloud_data_catalog ⇒ ::Google::Cloud::Dlp::V2::Action::PublishFindingsToCloudDataCatalog

  Publish findings to Cloud Datahub.

• #publish_summary_to_cscc ⇒ ::Google::Cloud::Dlp::V2::Action::PublishSummaryToCscc

  Publish summary to Cloud Security Command Center (Alpha).

• #publish_to_stackdriver ⇒ ::Google::Cloud::Dlp::V2::Action::PublishToStackdriver

  Enable Stackdriver metric dlp.googleapis.com/finding_count.

• #save_findings ⇒ ::Google::Cloud::Dlp::V2::Action::SaveFindings

  Save resulting findings in a provided location.

Instance Attribute Details

#deidentify ⇒ ::Google::Cloud::Dlp::V2::Action::Deidentify

Returns Create a de-identified copy of the input data.

Returns:

• (::Google::Cloud::Dlp::V2::Action::Deidentify) —

  Create a de-identified copy of the input data.

# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 3381

class Action
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # If set, the detailed findings will be persisted to the specified
  # OutputStorageConfig. Only a single instance of this action can be
  # specified.
  # Compatible with: Inspect, Risk
  # @!attribute [rw] output_config
  #   @return [::Google::Cloud::Dlp::V2::OutputStorageConfig]
  #     Location to store findings outside of DLP.
  class SaveFindings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
  # message contains a single field, `DlpJobName`, which is equal to the
  # finished job's
  # [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
  # Compatible with: Inspect, Risk
  # @!attribute [rw] topic
  #   @return [::String]
  #     Cloud Pub/Sub topic to send notifications to. The topic must have given
  #     publishing access rights to the DLP API service account executing
  #     the long running DlpJob sending the notifications.
  #     Format is projects/\\{project}/topics/\\{topic}.
  class PublishToPubSub
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish the result summary of a DlpJob to [Security Command
  # Center](https://cloud.google.com/security-command-center). This action is
  # available for only projects that belong to an organization. This action
  # publishes the count of finding instances and their infoTypes. The summary
  # of findings are persisted in Security Command Center and are governed by
  # [service-specific policies for Security Command
  # Center](https://cloud.google.com/terms/service-terms). Only a single
  # instance of this action can be specified. Compatible with: Inspect
  class PublishSummaryToCscc
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
  # templates are applied to the resource that Cloud DLP scanned. Data
  # Catalog tag templates are stored in the same project and region where the
  # BigQuery table exists. For Cloud DLP to create and apply the tag template,
  # the Cloud DLP service agent must have the
  # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
  # template contains fields summarizing the results of the DlpJob. Any field
  # values previously written by another DlpJob are deleted. [InfoType naming
  # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
  # this feature.
  #
  # Findings are persisted in Data Catalog storage and are governed by
  # service-specific policies for Data Catalog. For more information, see
  # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
  #
  # Only a single instance of this action can be specified. This action is
  # allowed only if all resources being scanned are BigQuery tables.
  # Compatible with: Inspect
  class PublishFindingsToCloudDataCatalog
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Create a de-identified copy of the requested table or files.
  #
  # A TransformationDetail will be created for each transformation.
  #
  # If any rows in BigQuery are skipped during de-identification
  # (transformation errors or row size exceeds BigQuery insert API limits) they
  # are placed in the failure output table. If the original row exceeds
  # the BigQuery insert API limit it will be truncated when written to the
  # failure output table. The failure output table can be set in the
  # action.deidentify.output.big_query_output.deidentified_failure_output_table
  # field, if no table is set, a table will be automatically created in the
  # same project and dataset as the original table.
  #
  # Compatible with: Inspect
  # @!attribute [rw] transformation_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationConfig]
  #     User specified deidentify templates and configs for structured,
  #     unstructured, and image files.
  # @!attribute [rw] transformation_details_storage_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
  #     Config for storing transformation details. This is separate from the
  #     de-identified content, and contains metadata about the successful
  #     transformations and/or failures that occurred while de-identifying. This
  #     needs to be set in order for users to access information about the status
  #     of each transformation (see
  #     {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
  #     message for more information about what is noted).
  # @!attribute [rw] cloud_storage_output
  #   @return [::String]
  #     Required. User settable Cloud Storage bucket and folders to store
  #     de-identified files. This field must be set for Cloud Storage
  #     deidentification. The output Cloud Storage bucket must be different
  #     from the input bucket. De-identified files will overwrite files in the
  #     output path.
  #
  #     Form of: gs://bucket/folder/ or gs://bucket
  # @!attribute [rw] file_types_to_transform
  #   @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
  #     List of user-specified file type groups to transform. If specified, only
  #     the files with these file types will be transformed. If empty, all
  #     supported files will be transformed. Supported types may be automatically
  #     added over time. If a file type is set in this field that isn't supported
  #     by the Deidentify action then the job will fail and will not be
  #     successfully created/started. Currently the only file types supported
  #     are: IMAGES, TEXT_FILES, CSV, TSV.
  class Deidentify
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Sends an email when the job completes. The email goes to IAM project owners
  # and technical [Essential
  # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
  class JobNotificationEmails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
  # will publish a metric to stack driver on each infotype requested and
  # how many findings were found for it. CustomDetectors will be bucketed
  # as 'Custom' under the Stackdriver label 'info_type'.
  class PublishToStackdriver
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#job_notification_emails ⇒ ::Google::Cloud::Dlp::V2::Action::JobNotificationEmails

Returns Sends an email when the job completes. The email goes to IAM project owners and technical Essential Contacts.

Returns:

• (::Google::Cloud::Dlp::V2::Action::JobNotificationEmails) —

  Sends an email when the job completes. The email goes to IAM project owners and technical Essential Contacts.

# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 3381

class Action
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # If set, the detailed findings will be persisted to the specified
  # OutputStorageConfig. Only a single instance of this action can be
  # specified.
  # Compatible with: Inspect, Risk
  # @!attribute [rw] output_config
  #   @return [::Google::Cloud::Dlp::V2::OutputStorageConfig]
  #     Location to store findings outside of DLP.
  class SaveFindings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
  # message contains a single field, `DlpJobName`, which is equal to the
  # finished job's
  # [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
  # Compatible with: Inspect, Risk
  # @!attribute [rw] topic
  #   @return [::String]
  #     Cloud Pub/Sub topic to send notifications to. The topic must have given
  #     publishing access rights to the DLP API service account executing
  #     the long running DlpJob sending the notifications.
  #     Format is projects/\\{project}/topics/\\{topic}.
  class PublishToPubSub
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish the result summary of a DlpJob to [Security Command
  # Center](https://cloud.google.com/security-command-center). This action is
  # available for only projects that belong to an organization. This action
  # publishes the count of finding instances and their infoTypes. The summary
  # of findings are persisted in Security Command Center and are governed by
  # [service-specific policies for Security Command
  # Center](https://cloud.google.com/terms/service-terms). Only a single
  # instance of this action can be specified. Compatible with: Inspect
  class PublishSummaryToCscc
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
  # templates are applied to the resource that Cloud DLP scanned. Data
  # Catalog tag templates are stored in the same project and region where the
  # BigQuery table exists. For Cloud DLP to create and apply the tag template,
  # the Cloud DLP service agent must have the
  # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
  # template contains fields summarizing the results of the DlpJob. Any field
  # values previously written by another DlpJob are deleted. [InfoType naming
  # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
  # this feature.
  #
  # Findings are persisted in Data Catalog storage and are governed by
  # service-specific policies for Data Catalog. For more information, see
  # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
  #
  # Only a single instance of this action can be specified. This action is
  # allowed only if all resources being scanned are BigQuery tables.
  # Compatible with: Inspect
  class PublishFindingsToCloudDataCatalog
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Create a de-identified copy of the requested table or files.
  #
  # A TransformationDetail will be created for each transformation.
  #
  # If any rows in BigQuery are skipped during de-identification
  # (transformation errors or row size exceeds BigQuery insert API limits) they
  # are placed in the failure output table. If the original row exceeds
  # the BigQuery insert API limit it will be truncated when written to the
  # failure output table. The failure output table can be set in the
  # action.deidentify.output.big_query_output.deidentified_failure_output_table
  # field, if no table is set, a table will be automatically created in the
  # same project and dataset as the original table.
  #
  # Compatible with: Inspect
  # @!attribute [rw] transformation_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationConfig]
  #     User specified deidentify templates and configs for structured,
  #     unstructured, and image files.
  # @!attribute [rw] transformation_details_storage_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
  #     Config for storing transformation details. This is separate from the
  #     de-identified content, and contains metadata about the successful
  #     transformations and/or failures that occurred while de-identifying. This
  #     needs to be set in order for users to access information about the status
  #     of each transformation (see
  #     {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
  #     message for more information about what is noted).
  # @!attribute [rw] cloud_storage_output
  #   @return [::String]
  #     Required. User settable Cloud Storage bucket and folders to store
  #     de-identified files. This field must be set for Cloud Storage
  #     deidentification. The output Cloud Storage bucket must be different
  #     from the input bucket. De-identified files will overwrite files in the
  #     output path.
  #
  #     Form of: gs://bucket/folder/ or gs://bucket
  # @!attribute [rw] file_types_to_transform
  #   @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
  #     List of user-specified file type groups to transform. If specified, only
  #     the files with these file types will be transformed. If empty, all
  #     supported files will be transformed. Supported types may be automatically
  #     added over time. If a file type is set in this field that isn't supported
  #     by the Deidentify action then the job will fail and will not be
  #     successfully created/started. Currently the only file types supported
  #     are: IMAGES, TEXT_FILES, CSV, TSV.
  class Deidentify
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Sends an email when the job completes. The email goes to IAM project owners
  # and technical [Essential
  # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
  class JobNotificationEmails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
  # will publish a metric to stack driver on each infotype requested and
  # how many findings were found for it. CustomDetectors will be bucketed
  # as 'Custom' under the Stackdriver label 'info_type'.
  class PublishToStackdriver
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#pub_sub ⇒ ::Google::Cloud::Dlp::V2::Action::PublishToPubSub

Returns Publish a notification to a Pub/Sub topic.

Returns:

• (::Google::Cloud::Dlp::V2::Action::PublishToPubSub) —

  Publish a notification to a Pub/Sub topic.

# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 3381

class Action
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # If set, the detailed findings will be persisted to the specified
  # OutputStorageConfig. Only a single instance of this action can be
  # specified.
  # Compatible with: Inspect, Risk
  # @!attribute [rw] output_config
  #   @return [::Google::Cloud::Dlp::V2::OutputStorageConfig]
  #     Location to store findings outside of DLP.
  class SaveFindings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
  # message contains a single field, `DlpJobName`, which is equal to the
  # finished job's
  # [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
  # Compatible with: Inspect, Risk
  # @!attribute [rw] topic
  #   @return [::String]
  #     Cloud Pub/Sub topic to send notifications to. The topic must have given
  #     publishing access rights to the DLP API service account executing
  #     the long running DlpJob sending the notifications.
  #     Format is projects/\\{project}/topics/\\{topic}.
  class PublishToPubSub
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish the result summary of a DlpJob to [Security Command
  # Center](https://cloud.google.com/security-command-center). This action is
  # available for only projects that belong to an organization. This action
  # publishes the count of finding instances and their infoTypes. The summary
  # of findings are persisted in Security Command Center and are governed by
  # [service-specific policies for Security Command
  # Center](https://cloud.google.com/terms/service-terms). Only a single
  # instance of this action can be specified. Compatible with: Inspect
  class PublishSummaryToCscc
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
  # templates are applied to the resource that Cloud DLP scanned. Data
  # Catalog tag templates are stored in the same project and region where the
  # BigQuery table exists. For Cloud DLP to create and apply the tag template,
  # the Cloud DLP service agent must have the
  # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
  # template contains fields summarizing the results of the DlpJob. Any field
  # values previously written by another DlpJob are deleted. [InfoType naming
  # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
  # this feature.
  #
  # Findings are persisted in Data Catalog storage and are governed by
  # service-specific policies for Data Catalog. For more information, see
  # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
  #
  # Only a single instance of this action can be specified. This action is
  # allowed only if all resources being scanned are BigQuery tables.
  # Compatible with: Inspect
  class PublishFindingsToCloudDataCatalog
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Create a de-identified copy of the requested table or files.
  #
  # A TransformationDetail will be created for each transformation.
  #
  # If any rows in BigQuery are skipped during de-identification
  # (transformation errors or row size exceeds BigQuery insert API limits) they
  # are placed in the failure output table. If the original row exceeds
  # the BigQuery insert API limit it will be truncated when written to the
  # failure output table. The failure output table can be set in the
  # action.deidentify.output.big_query_output.deidentified_failure_output_table
  # field, if no table is set, a table will be automatically created in the
  # same project and dataset as the original table.
  #
  # Compatible with: Inspect
  # @!attribute [rw] transformation_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationConfig]
  #     User specified deidentify templates and configs for structured,
  #     unstructured, and image files.
  # @!attribute [rw] transformation_details_storage_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
  #     Config for storing transformation details. This is separate from the
  #     de-identified content, and contains metadata about the successful
  #     transformations and/or failures that occurred while de-identifying. This
  #     needs to be set in order for users to access information about the status
  #     of each transformation (see
  #     {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
  #     message for more information about what is noted).
  # @!attribute [rw] cloud_storage_output
  #   @return [::String]
  #     Required. User settable Cloud Storage bucket and folders to store
  #     de-identified files. This field must be set for Cloud Storage
  #     deidentification. The output Cloud Storage bucket must be different
  #     from the input bucket. De-identified files will overwrite files in the
  #     output path.
  #
  #     Form of: gs://bucket/folder/ or gs://bucket
  # @!attribute [rw] file_types_to_transform
  #   @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
  #     List of user-specified file type groups to transform. If specified, only
  #     the files with these file types will be transformed. If empty, all
  #     supported files will be transformed. Supported types may be automatically
  #     added over time. If a file type is set in this field that isn't supported
  #     by the Deidentify action then the job will fail and will not be
  #     successfully created/started. Currently the only file types supported
  #     are: IMAGES, TEXT_FILES, CSV, TSV.
  class Deidentify
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Sends an email when the job completes. The email goes to IAM project owners
  # and technical [Essential
  # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
  class JobNotificationEmails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
  # will publish a metric to stack driver on each infotype requested and
  # how many findings were found for it. CustomDetectors will be bucketed
  # as 'Custom' under the Stackdriver label 'info_type'.
  class PublishToStackdriver
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#publish_findings_to_cloud_data_catalog ⇒ ::Google::Cloud::Dlp::V2::Action::PublishFindingsToCloudDataCatalog

Returns Publish findings to Cloud Datahub.

Returns:

• (::Google::Cloud::Dlp::V2::Action::PublishFindingsToCloudDataCatalog) —

  Publish findings to Cloud Datahub.

# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 3381

class Action
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # If set, the detailed findings will be persisted to the specified
  # OutputStorageConfig. Only a single instance of this action can be
  # specified.
  # Compatible with: Inspect, Risk
  # @!attribute [rw] output_config
  #   @return [::Google::Cloud::Dlp::V2::OutputStorageConfig]
  #     Location to store findings outside of DLP.
  class SaveFindings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
  # message contains a single field, `DlpJobName`, which is equal to the
  # finished job's
  # [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
  # Compatible with: Inspect, Risk
  # @!attribute [rw] topic
  #   @return [::String]
  #     Cloud Pub/Sub topic to send notifications to. The topic must have given
  #     publishing access rights to the DLP API service account executing
  #     the long running DlpJob sending the notifications.
  #     Format is projects/\\{project}/topics/\\{topic}.
  class PublishToPubSub
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish the result summary of a DlpJob to [Security Command
  # Center](https://cloud.google.com/security-command-center). This action is
  # available for only projects that belong to an organization. This action
  # publishes the count of finding instances and their infoTypes. The summary
  # of findings are persisted in Security Command Center and are governed by
  # [service-specific policies for Security Command
  # Center](https://cloud.google.com/terms/service-terms). Only a single
  # instance of this action can be specified. Compatible with: Inspect
  class PublishSummaryToCscc
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
  # templates are applied to the resource that Cloud DLP scanned. Data
  # Catalog tag templates are stored in the same project and region where the
  # BigQuery table exists. For Cloud DLP to create and apply the tag template,
  # the Cloud DLP service agent must have the
  # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
  # template contains fields summarizing the results of the DlpJob. Any field
  # values previously written by another DlpJob are deleted. [InfoType naming
  # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
  # this feature.
  #
  # Findings are persisted in Data Catalog storage and are governed by
  # service-specific policies for Data Catalog. For more information, see
  # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
  #
  # Only a single instance of this action can be specified. This action is
  # allowed only if all resources being scanned are BigQuery tables.
  # Compatible with: Inspect
  class PublishFindingsToCloudDataCatalog
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Create a de-identified copy of the requested table or files.
  #
  # A TransformationDetail will be created for each transformation.
  #
  # If any rows in BigQuery are skipped during de-identification
  # (transformation errors or row size exceeds BigQuery insert API limits) they
  # are placed in the failure output table. If the original row exceeds
  # the BigQuery insert API limit it will be truncated when written to the
  # failure output table. The failure output table can be set in the
  # action.deidentify.output.big_query_output.deidentified_failure_output_table
  # field, if no table is set, a table will be automatically created in the
  # same project and dataset as the original table.
  #
  # Compatible with: Inspect
  # @!attribute [rw] transformation_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationConfig]
  #     User specified deidentify templates and configs for structured,
  #     unstructured, and image files.
  # @!attribute [rw] transformation_details_storage_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
  #     Config for storing transformation details. This is separate from the
  #     de-identified content, and contains metadata about the successful
  #     transformations and/or failures that occurred while de-identifying. This
  #     needs to be set in order for users to access information about the status
  #     of each transformation (see
  #     {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
  #     message for more information about what is noted).
  # @!attribute [rw] cloud_storage_output
  #   @return [::String]
  #     Required. User settable Cloud Storage bucket and folders to store
  #     de-identified files. This field must be set for Cloud Storage
  #     deidentification. The output Cloud Storage bucket must be different
  #     from the input bucket. De-identified files will overwrite files in the
  #     output path.
  #
  #     Form of: gs://bucket/folder/ or gs://bucket
  # @!attribute [rw] file_types_to_transform
  #   @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
  #     List of user-specified file type groups to transform. If specified, only
  #     the files with these file types will be transformed. If empty, all
  #     supported files will be transformed. Supported types may be automatically
  #     added over time. If a file type is set in this field that isn't supported
  #     by the Deidentify action then the job will fail and will not be
  #     successfully created/started. Currently the only file types supported
  #     are: IMAGES, TEXT_FILES, CSV, TSV.
  class Deidentify
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Sends an email when the job completes. The email goes to IAM project owners
  # and technical [Essential
  # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
  class JobNotificationEmails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
  # will publish a metric to stack driver on each infotype requested and
  # how many findings were found for it. CustomDetectors will be bucketed
  # as 'Custom' under the Stackdriver label 'info_type'.
  class PublishToStackdriver
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#publish_summary_to_cscc ⇒ ::Google::Cloud::Dlp::V2::Action::PublishSummaryToCscc

Returns Publish summary to Cloud Security Command Center (Alpha).

Returns:

• (::Google::Cloud::Dlp::V2::Action::PublishSummaryToCscc) —

  Publish summary to Cloud Security Command Center (Alpha).

# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 3381

class Action
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # If set, the detailed findings will be persisted to the specified
  # OutputStorageConfig. Only a single instance of this action can be
  # specified.
  # Compatible with: Inspect, Risk
  # @!attribute [rw] output_config
  #   @return [::Google::Cloud::Dlp::V2::OutputStorageConfig]
  #     Location to store findings outside of DLP.
  class SaveFindings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
  # message contains a single field, `DlpJobName`, which is equal to the
  # finished job's
  # [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
  # Compatible with: Inspect, Risk
  # @!attribute [rw] topic
  #   @return [::String]
  #     Cloud Pub/Sub topic to send notifications to. The topic must have given
  #     publishing access rights to the DLP API service account executing
  #     the long running DlpJob sending the notifications.
  #     Format is projects/\\{project}/topics/\\{topic}.
  class PublishToPubSub
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish the result summary of a DlpJob to [Security Command
  # Center](https://cloud.google.com/security-command-center). This action is
  # available for only projects that belong to an organization. This action
  # publishes the count of finding instances and their infoTypes. The summary
  # of findings are persisted in Security Command Center and are governed by
  # [service-specific policies for Security Command
  # Center](https://cloud.google.com/terms/service-terms). Only a single
  # instance of this action can be specified. Compatible with: Inspect
  class PublishSummaryToCscc
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
  # templates are applied to the resource that Cloud DLP scanned. Data
  # Catalog tag templates are stored in the same project and region where the
  # BigQuery table exists. For Cloud DLP to create and apply the tag template,
  # the Cloud DLP service agent must have the
  # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
  # template contains fields summarizing the results of the DlpJob. Any field
  # values previously written by another DlpJob are deleted. [InfoType naming
  # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
  # this feature.
  #
  # Findings are persisted in Data Catalog storage and are governed by
  # service-specific policies for Data Catalog. For more information, see
  # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
  #
  # Only a single instance of this action can be specified. This action is
  # allowed only if all resources being scanned are BigQuery tables.
  # Compatible with: Inspect
  class PublishFindingsToCloudDataCatalog
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Create a de-identified copy of the requested table or files.
  #
  # A TransformationDetail will be created for each transformation.
  #
  # If any rows in BigQuery are skipped during de-identification
  # (transformation errors or row size exceeds BigQuery insert API limits) they
  # are placed in the failure output table. If the original row exceeds
  # the BigQuery insert API limit it will be truncated when written to the
  # failure output table. The failure output table can be set in the
  # action.deidentify.output.big_query_output.deidentified_failure_output_table
  # field, if no table is set, a table will be automatically created in the
  # same project and dataset as the original table.
  #
  # Compatible with: Inspect
  # @!attribute [rw] transformation_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationConfig]
  #     User specified deidentify templates and configs for structured,
  #     unstructured, and image files.
  # @!attribute [rw] transformation_details_storage_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
  #     Config for storing transformation details. This is separate from the
  #     de-identified content, and contains metadata about the successful
  #     transformations and/or failures that occurred while de-identifying. This
  #     needs to be set in order for users to access information about the status
  #     of each transformation (see
  #     {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
  #     message for more information about what is noted).
  # @!attribute [rw] cloud_storage_output
  #   @return [::String]
  #     Required. User settable Cloud Storage bucket and folders to store
  #     de-identified files. This field must be set for Cloud Storage
  #     deidentification. The output Cloud Storage bucket must be different
  #     from the input bucket. De-identified files will overwrite files in the
  #     output path.
  #
  #     Form of: gs://bucket/folder/ or gs://bucket
  # @!attribute [rw] file_types_to_transform
  #   @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
  #     List of user-specified file type groups to transform. If specified, only
  #     the files with these file types will be transformed. If empty, all
  #     supported files will be transformed. Supported types may be automatically
  #     added over time. If a file type is set in this field that isn't supported
  #     by the Deidentify action then the job will fail and will not be
  #     successfully created/started. Currently the only file types supported
  #     are: IMAGES, TEXT_FILES, CSV, TSV.
  class Deidentify
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Sends an email when the job completes. The email goes to IAM project owners
  # and technical [Essential
  # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
  class JobNotificationEmails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
  # will publish a metric to stack driver on each infotype requested and
  # how many findings were found for it. CustomDetectors will be bucketed
  # as 'Custom' under the Stackdriver label 'info_type'.
  class PublishToStackdriver
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#publish_to_stackdriver ⇒ ::Google::Cloud::Dlp::V2::Action::PublishToStackdriver

Returns Enable Stackdriver metric dlp.googleapis.com/finding_count.

Returns:

• (::Google::Cloud::Dlp::V2::Action::PublishToStackdriver) —

  Enable Stackdriver metric dlp.googleapis.com/finding_count.

# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 3381

class Action
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # If set, the detailed findings will be persisted to the specified
  # OutputStorageConfig. Only a single instance of this action can be
  # specified.
  # Compatible with: Inspect, Risk
  # @!attribute [rw] output_config
  #   @return [::Google::Cloud::Dlp::V2::OutputStorageConfig]
  #     Location to store findings outside of DLP.
  class SaveFindings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
  # message contains a single field, `DlpJobName`, which is equal to the
  # finished job's
  # [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
  # Compatible with: Inspect, Risk
  # @!attribute [rw] topic
  #   @return [::String]
  #     Cloud Pub/Sub topic to send notifications to. The topic must have given
  #     publishing access rights to the DLP API service account executing
  #     the long running DlpJob sending the notifications.
  #     Format is projects/\\{project}/topics/\\{topic}.
  class PublishToPubSub
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish the result summary of a DlpJob to [Security Command
  # Center](https://cloud.google.com/security-command-center). This action is
  # available for only projects that belong to an organization. This action
  # publishes the count of finding instances and their infoTypes. The summary
  # of findings are persisted in Security Command Center and are governed by
  # [service-specific policies for Security Command
  # Center](https://cloud.google.com/terms/service-terms). Only a single
  # instance of this action can be specified. Compatible with: Inspect
  class PublishSummaryToCscc
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
  # templates are applied to the resource that Cloud DLP scanned. Data
  # Catalog tag templates are stored in the same project and region where the
  # BigQuery table exists. For Cloud DLP to create and apply the tag template,
  # the Cloud DLP service agent must have the
  # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
  # template contains fields summarizing the results of the DlpJob. Any field
  # values previously written by another DlpJob are deleted. [InfoType naming
  # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
  # this feature.
  #
  # Findings are persisted in Data Catalog storage and are governed by
  # service-specific policies for Data Catalog. For more information, see
  # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
  #
  # Only a single instance of this action can be specified. This action is
  # allowed only if all resources being scanned are BigQuery tables.
  # Compatible with: Inspect
  class PublishFindingsToCloudDataCatalog
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Create a de-identified copy of the requested table or files.
  #
  # A TransformationDetail will be created for each transformation.
  #
  # If any rows in BigQuery are skipped during de-identification
  # (transformation errors or row size exceeds BigQuery insert API limits) they
  # are placed in the failure output table. If the original row exceeds
  # the BigQuery insert API limit it will be truncated when written to the
  # failure output table. The failure output table can be set in the
  # action.deidentify.output.big_query_output.deidentified_failure_output_table
  # field, if no table is set, a table will be automatically created in the
  # same project and dataset as the original table.
  #
  # Compatible with: Inspect
  # @!attribute [rw] transformation_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationConfig]
  #     User specified deidentify templates and configs for structured,
  #     unstructured, and image files.
  # @!attribute [rw] transformation_details_storage_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
  #     Config for storing transformation details. This is separate from the
  #     de-identified content, and contains metadata about the successful
  #     transformations and/or failures that occurred while de-identifying. This
  #     needs to be set in order for users to access information about the status
  #     of each transformation (see
  #     {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
  #     message for more information about what is noted).
  # @!attribute [rw] cloud_storage_output
  #   @return [::String]
  #     Required. User settable Cloud Storage bucket and folders to store
  #     de-identified files. This field must be set for Cloud Storage
  #     deidentification. The output Cloud Storage bucket must be different
  #     from the input bucket. De-identified files will overwrite files in the
  #     output path.
  #
  #     Form of: gs://bucket/folder/ or gs://bucket
  # @!attribute [rw] file_types_to_transform
  #   @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
  #     List of user-specified file type groups to transform. If specified, only
  #     the files with these file types will be transformed. If empty, all
  #     supported files will be transformed. Supported types may be automatically
  #     added over time. If a file type is set in this field that isn't supported
  #     by the Deidentify action then the job will fail and will not be
  #     successfully created/started. Currently the only file types supported
  #     are: IMAGES, TEXT_FILES, CSV, TSV.
  class Deidentify
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Sends an email when the job completes. The email goes to IAM project owners
  # and technical [Essential
  # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
  class JobNotificationEmails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
  # will publish a metric to stack driver on each infotype requested and
  # how many findings were found for it. CustomDetectors will be bucketed
  # as 'Custom' under the Stackdriver label 'info_type'.
  class PublishToStackdriver
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#save_findings ⇒ ::Google::Cloud::Dlp::V2::Action::SaveFindings

Returns Save resulting findings in a provided location.

Returns:

• (::Google::Cloud::Dlp::V2::Action::SaveFindings) —

  Save resulting findings in a provided location.

# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 3381

class Action
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # If set, the detailed findings will be persisted to the specified
  # OutputStorageConfig. Only a single instance of this action can be
  # specified.
  # Compatible with: Inspect, Risk
  # @!attribute [rw] output_config
  #   @return [::Google::Cloud::Dlp::V2::OutputStorageConfig]
  #     Location to store findings outside of DLP.
  class SaveFindings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish a message into a given Pub/Sub topic when DlpJob has completed. The
  # message contains a single field, `DlpJobName`, which is equal to the
  # finished job's
  # [`DlpJob.name`](https://cloud.google.com/sensitive-data-protection/docs/reference/rest/v2/projects.dlpJobs#DlpJob).
  # Compatible with: Inspect, Risk
  # @!attribute [rw] topic
  #   @return [::String]
  #     Cloud Pub/Sub topic to send notifications to. The topic must have given
  #     publishing access rights to the DLP API service account executing
  #     the long running DlpJob sending the notifications.
  #     Format is projects/\\{project}/topics/\\{topic}.
  class PublishToPubSub
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish the result summary of a DlpJob to [Security Command
  # Center](https://cloud.google.com/security-command-center). This action is
  # available for only projects that belong to an organization. This action
  # publishes the count of finding instances and their infoTypes. The summary
  # of findings are persisted in Security Command Center and are governed by
  # [service-specific policies for Security Command
  # Center](https://cloud.google.com/terms/service-terms). Only a single
  # instance of this action can be specified. Compatible with: Inspect
  class PublishSummaryToCscc
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag
  # templates are applied to the resource that Cloud DLP scanned. Data
  # Catalog tag templates are stored in the same project and region where the
  # BigQuery table exists. For Cloud DLP to create and apply the tag template,
  # the Cloud DLP service agent must have the
  # `roles/datacatalog.tagTemplateOwner` permission on the project. The tag
  # template contains fields summarizing the results of the DlpJob. Any field
  # values previously written by another DlpJob are deleted. [InfoType naming
  # patterns][google.privacy.dlp.v2.InfoType] are strictly enforced when using
  # this feature.
  #
  # Findings are persisted in Data Catalog storage and are governed by
  # service-specific policies for Data Catalog. For more information, see
  # [Service Specific Terms](https://cloud.google.com/terms/service-terms).
  #
  # Only a single instance of this action can be specified. This action is
  # allowed only if all resources being scanned are BigQuery tables.
  # Compatible with: Inspect
  class PublishFindingsToCloudDataCatalog
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Create a de-identified copy of the requested table or files.
  #
  # A TransformationDetail will be created for each transformation.
  #
  # If any rows in BigQuery are skipped during de-identification
  # (transformation errors or row size exceeds BigQuery insert API limits) they
  # are placed in the failure output table. If the original row exceeds
  # the BigQuery insert API limit it will be truncated when written to the
  # failure output table. The failure output table can be set in the
  # action.deidentify.output.big_query_output.deidentified_failure_output_table
  # field, if no table is set, a table will be automatically created in the
  # same project and dataset as the original table.
  #
  # Compatible with: Inspect
  # @!attribute [rw] transformation_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationConfig]
  #     User specified deidentify templates and configs for structured,
  #     unstructured, and image files.
  # @!attribute [rw] transformation_details_storage_config
  #   @return [::Google::Cloud::Dlp::V2::TransformationDetailsStorageConfig]
  #     Config for storing transformation details. This is separate from the
  #     de-identified content, and contains metadata about the successful
  #     transformations and/or failures that occurred while de-identifying. This
  #     needs to be set in order for users to access information about the status
  #     of each transformation (see
  #     {::Google::Cloud::Dlp::V2::TransformationDetails TransformationDetails}
  #     message for more information about what is noted).
  # @!attribute [rw] cloud_storage_output
  #   @return [::String]
  #     Required. User settable Cloud Storage bucket and folders to store
  #     de-identified files. This field must be set for Cloud Storage
  #     deidentification. The output Cloud Storage bucket must be different
  #     from the input bucket. De-identified files will overwrite files in the
  #     output path.
  #
  #     Form of: gs://bucket/folder/ or gs://bucket
  # @!attribute [rw] file_types_to_transform
  #   @return [::Array<::Google::Cloud::Dlp::V2::FileType>]
  #     List of user-specified file type groups to transform. If specified, only
  #     the files with these file types will be transformed. If empty, all
  #     supported files will be transformed. Supported types may be automatically
  #     added over time. If a file type is set in this field that isn't supported
  #     by the Deidentify action then the job will fail and will not be
  #     successfully created/started. Currently the only file types supported
  #     are: IMAGES, TEXT_FILES, CSV, TSV.
  class Deidentify
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Sends an email when the job completes. The email goes to IAM project owners
  # and technical [Essential
  # Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).
  class JobNotificationEmails
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Enable Stackdriver metric dlp.googleapis.com/finding_count. This
  # will publish a metric to stack driver on each infotype requested and
  # how many findings were found for it. CustomDetectors will be bucketed
  # as 'Custom' under the Stackdriver label 'info_type'.
  class PublishToStackdriver
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end