Skip to content

Commit fe3f78f

Browse files
gcf-owl-bot[bot]gcf-owl-bot[bot]
authored
feat: [google-cloud-dlp] add the TagResources API (googleapis#12983)
- [ ] Regenerate this pull request now. PiperOrigin-RevId: 659709816 Source-Link: googleapis/googleapis@7314e20 Source-Link: https://github.com/googleapis/googleapis-gen/commit/7c795b5d8eb8354c58d5acd18c620b197ac338a4 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWRscC8uT3dsQm90LnlhbWwiLCJoIjoiN2M3OTViNWQ4ZWI4MzU0YzU4ZDVhY2QxOGM2MjBiMTk3YWMzMzhhNCJ9 --------- Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
1 parent 3c7fe07 commit fe3f78f

7 files changed

Lines changed: 143 additions & 3 deletions

File tree

packages/google-cloud-dlp/google/cloud/dlp/__init__.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -207,6 +207,7 @@
207207
OutputStorageConfig,
208208
PrimitiveTransformation,
209209
PrivacyMetric,
210+
ProfileGeneration,
210211
ProfileStatus,
211212
ProjectDataProfile,
212213
QuasiId,
@@ -541,6 +542,7 @@
541542
"MatchingType",
542543
"MetadataType",
543544
"NullPercentageLevel",
545+
"ProfileGeneration",
544546
"RelationalOperator",
545547
"ResourceVisibility",
546548
"StoredInfoTypeState",

packages/google-cloud-dlp/google/cloud/dlp/gapic_version.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,4 +13,4 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16-
__version__ = "3.20.0" # {x-release-please-version}
16+
__version__ = "0.0.0" # {x-release-please-version}

packages/google-cloud-dlp/google/cloud/dlp_v2/__init__.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -206,6 +206,7 @@
206206
OutputStorageConfig,
207207
PrimitiveTransformation,
208208
PrivacyMetric,
209+
ProfileGeneration,
209210
ProfileStatus,
210211
ProjectDataProfile,
211212
QuasiId,
@@ -506,6 +507,7 @@
506507
"PartitionId",
507508
"PrimitiveTransformation",
508509
"PrivacyMetric",
510+
"ProfileGeneration",
509511
"ProfileStatus",
510512
"ProjectDataProfile",
511513
"QuasiId",

packages/google-cloud-dlp/google/cloud/dlp_v2/gapic_version.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,4 +13,4 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.
1515
#
16-
__version__ = "3.20.0" # {x-release-please-version}
16+
__version__ = "0.0.0" # {x-release-please-version}

packages/google-cloud-dlp/google/cloud/dlp_v2/types/__init__.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -200,6 +200,7 @@
200200
OutputStorageConfig,
201201
PrimitiveTransformation,
202202
PrivacyMetric,
203+
ProfileGeneration,
203204
ProfileStatus,
204205
ProjectDataProfile,
205206
QuasiId,
@@ -532,6 +533,7 @@
532533
"MatchingType",
533534
"MetadataType",
534535
"NullPercentageLevel",
536+
"ProfileGeneration",
535537
"RelationalOperator",
536538
"ResourceVisibility",
537539
"StoredInfoTypeState",

packages/google-cloud-dlp/google/cloud/dlp_v2/types/dlp.py

Lines changed: 134 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@
3535
"TransformationResultStatusType",
3636
"TransformationContainerType",
3737
"TransformationType",
38+
"ProfileGeneration",
3839
"BigQueryTableTypeCollection",
3940
"BigQueryTableType",
4041
"DataProfileUpdateFrequency",
@@ -390,6 +391,25 @@ class TransformationType(proto.Enum):
390391
REDACT_IMAGE = 14
391392

392393

394+
class ProfileGeneration(proto.Enum):
395+
r"""Whether a profile being created is the first generation or an
396+
update.
397+
398+
Values:
399+
PROFILE_GENERATION_UNSPECIFIED (0):
400+
Unused.
401+
PROFILE_GENERATION_NEW (1):
402+
The profile is the first profile for the
403+
resource.
404+
PROFILE_GENERATION_UPDATE (2):
405+
The profile is an update to a previous
406+
profile.
407+
"""
408+
PROFILE_GENERATION_UNSPECIFIED = 0
409+
PROFILE_GENERATION_NEW = 1
410+
PROFILE_GENERATION_UPDATE = 2
411+
412+
393413
class BigQueryTableTypeCollection(proto.Enum):
394414
r"""Over time new types may be added. Currently VIEW, MATERIALIZED_VIEW,
395415
and SNAPSHOT are not supported.
@@ -7807,6 +7827,11 @@ class DataProfileAction(proto.Message):
78077827
pub_sub_notification (google.cloud.dlp_v2.types.DataProfileAction.PubSubNotification):
78087828
Publish a message into the Pub/Sub topic.
78097829
7830+
This field is a member of `oneof`_ ``action``.
7831+
tag_resources (google.cloud.dlp_v2.types.DataProfileAction.TagResources):
7832+
Tags the profiled resources with the
7833+
specified tag values.
7834+
78107835
This field is a member of `oneof`_ ``action``.
78117836
"""
78127837

@@ -7922,6 +7947,109 @@ class DetailLevel(proto.Enum):
79227947
)
79237948
)
79247949

7950+
class TagResources(proto.Message):
7951+
r"""If set, attaches the [tags]
7952+
(https://cloud.google.com/resource-manager/docs/tags/tags-overview)
7953+
provided to profiled resources. Tags support `access
7954+
control <https://cloud.google.com/iam/docs/tags-access-control>`__.
7955+
You can conditionally grant or deny access to a resource based on
7956+
whether the resource has a specific tag.
7957+
7958+
Attributes:
7959+
tag_conditions (MutableSequence[google.cloud.dlp_v2.types.DataProfileAction.TagResources.TagCondition]):
7960+
The tags to associate with different
7961+
conditions.
7962+
profile_generations_to_tag (MutableSequence[google.cloud.dlp_v2.types.ProfileGeneration]):
7963+
The profile generations for which the tag should be attached
7964+
to resources. If you attach a tag to only new profiles, then
7965+
if the sensitivity score of a profile subsequently changes,
7966+
its tag doesn't change. By default, this field includes only
7967+
new profiles. To include both new and updated profiles for
7968+
tagging, this field should explicitly include both
7969+
``PROFILE_GENERATION_NEW`` and
7970+
``PROFILE_GENERATION_UPDATE``.
7971+
lower_data_risk_to_low (bool):
7972+
Whether applying a tag to a resource should lower the risk
7973+
of the profile for that resource. For example, in
7974+
conjunction with an `IAM deny
7975+
policy <https://cloud.google.com/iam/docs/deny-overview>`__,
7976+
you can deny all principals a permission if a tag value is
7977+
present, mitigating the risk of the resource. This also
7978+
lowers the data risk of resources at the lower levels of the
7979+
resource hierarchy. For example, reducing the data risk of a
7980+
table data profile also reduces the data risk of the
7981+
constituent column data profiles.
7982+
"""
7983+
7984+
class TagCondition(proto.Message):
7985+
r"""The tag to attach to profiles matching the condition. At most one
7986+
``TagCondition`` can be specified per sensitivity level.
7987+
7988+
7989+
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
7990+
7991+
Attributes:
7992+
tag (google.cloud.dlp_v2.types.DataProfileAction.TagResources.TagValue):
7993+
The tag value to attach to resources.
7994+
sensitivity_score (google.cloud.dlp_v2.types.SensitivityScore):
7995+
Conditions attaching the tag to a resource on
7996+
its profile having this sensitivity score.
7997+
7998+
This field is a member of `oneof`_ ``type``.
7999+
"""
8000+
8001+
tag: "DataProfileAction.TagResources.TagValue" = proto.Field(
8002+
proto.MESSAGE,
8003+
number=1,
8004+
message="DataProfileAction.TagResources.TagValue",
8005+
)
8006+
sensitivity_score: storage.SensitivityScore = proto.Field(
8007+
proto.MESSAGE,
8008+
number=2,
8009+
oneof="type",
8010+
message=storage.SensitivityScore,
8011+
)
8012+
8013+
class TagValue(proto.Message):
8014+
r"""A value of a tag.
8015+
8016+
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
8017+
8018+
Attributes:
8019+
namespaced_value (str):
8020+
The namespaced name for the tag value to attach to
8021+
resources. Must be in the format
8022+
``{parent_id}/{tag_key_short_name}/{short_name}``, for
8023+
example, "123456/environment/prod".
8024+
8025+
This field is a member of `oneof`_ ``format``.
8026+
"""
8027+
8028+
namespaced_value: str = proto.Field(
8029+
proto.STRING,
8030+
number=1,
8031+
oneof="format",
8032+
)
8033+
8034+
tag_conditions: MutableSequence[
8035+
"DataProfileAction.TagResources.TagCondition"
8036+
] = proto.RepeatedField(
8037+
proto.MESSAGE,
8038+
number=1,
8039+
message="DataProfileAction.TagResources.TagCondition",
8040+
)
8041+
profile_generations_to_tag: MutableSequence[
8042+
"ProfileGeneration"
8043+
] = proto.RepeatedField(
8044+
proto.ENUM,
8045+
number=2,
8046+
enum="ProfileGeneration",
8047+
)
8048+
lower_data_risk_to_low: bool = proto.Field(
8049+
proto.BOOL,
8050+
number=3,
8051+
)
8052+
79258053
export_data: Export = proto.Field(
79268054
proto.MESSAGE,
79278055
number=1,
@@ -7934,6 +8062,12 @@ class DetailLevel(proto.Enum):
79348062
oneof="action",
79358063
message=PubSubNotification,
79368064
)
8065+
tag_resources: TagResources = proto.Field(
8066+
proto.MESSAGE,
8067+
number=8,
8068+
oneof="action",
8069+
message=TagResources,
8070+
)
79378071

79388072

79398073
class DataProfileJobConfig(proto.Message):

packages/google-cloud-dlp/samples/generated_samples/snippet_metadata_google.privacy.dlp.v2.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
],
99
"language": "PYTHON",
1010
"name": "google-cloud-dlp",
11-
"version": "3.20.0"
11+
"version": "0.1.0"
1212
},
1313
"snippets": [
1414
{

0 commit comments

Comments
 (0)