Skip to content

feat: [google-cloud-dlp] add the TagResources API #12983

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
parthea merged 2 commits into from
Aug 6, 2024
Merged

feat: [google-cloud-dlp] add the TagResources API #12983

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
62c13de
feat: add the TagResources API
gcf-owl-bot[bot] Aug 6, 2024
9d1d591
🦉 Updates from OwlBot post-processor
gcf-owl-bot[bot] Aug 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions packages/google-cloud-dlp/google/cloud/dlp/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,7 @@
OutputStorageConfig,
PrimitiveTransformation,
PrivacyMetric,
ProfileGeneration,
ProfileStatus,
ProjectDataProfile,
QuasiId,
Expand Down Expand Up @@ -541,6 +542,7 @@
"MatchingType",
"MetadataType",
"NullPercentageLevel",
"ProfileGeneration",
"RelationalOperator",
"ResourceVisibility",
"StoredInfoTypeState",
Expand Down
2 changes: 1 addition & 1 deletion packages/google-cloud-dlp/google/cloud/dlp/gapic_version.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
__version__ = "3.20.0" # {x-release-please-version}
__version__ = "0.0.0" # {x-release-please-version}
2 changes: 2 additions & 0 deletions packages/google-cloud-dlp/google/cloud/dlp_v2/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,7 @@
OutputStorageConfig,
PrimitiveTransformation,
PrivacyMetric,
ProfileGeneration,
ProfileStatus,
ProjectDataProfile,
QuasiId,
Expand Down Expand Up @@ -506,6 +507,7 @@
"PartitionId",
"PrimitiveTransformation",
"PrivacyMetric",
"ProfileGeneration",
"ProfileStatus",
"ProjectDataProfile",
"QuasiId",
Expand Down
2 changes: 1 addition & 1 deletion packages/google-cloud-dlp/google/cloud/dlp_v2/gapic_version.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
__version__ = "3.20.0" # {x-release-please-version}
__version__ = "0.0.0" # {x-release-please-version}
2 changes: 2 additions & 0 deletions packages/google-cloud-dlp/google/cloud/dlp_v2/types/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -200,6 +200,7 @@
OutputStorageConfig,
PrimitiveTransformation,
PrivacyMetric,
ProfileGeneration,
ProfileStatus,
ProjectDataProfile,
QuasiId,
Expand Down Expand Up @@ -532,6 +533,7 @@
"MatchingType",
"MetadataType",
"NullPercentageLevel",
"ProfileGeneration",
"RelationalOperator",
"ResourceVisibility",
"StoredInfoTypeState",
Expand Down
134 changes: 134 additions & 0 deletions packages/google-cloud-dlp/google/cloud/dlp_v2/types/dlp.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
"TransformationResultStatusType",
"TransformationContainerType",
"TransformationType",
"ProfileGeneration",
"BigQueryTableTypeCollection",
"BigQueryTableType",
"DataProfileUpdateFrequency",
Expand Down Expand Up @@ -390,6 +391,25 @@ class TransformationType(proto.Enum):
REDACT_IMAGE = 14


class ProfileGeneration(proto.Enum):
r"""Whether a profile being created is the first generation or an
update.

Values:
PROFILE_GENERATION_UNSPECIFIED (0):
Unused.
PROFILE_GENERATION_NEW (1):
The profile is the first profile for the
resource.
PROFILE_GENERATION_UPDATE (2):
The profile is an update to a previous
profile.
"""
PROFILE_GENERATION_UNSPECIFIED = 0
PROFILE_GENERATION_NEW = 1
PROFILE_GENERATION_UPDATE = 2


class BigQueryTableTypeCollection(proto.Enum):
r"""Over time new types may be added. Currently VIEW, MATERIALIZED_VIEW,
and SNAPSHOT are not supported.
Expand Down Expand Up @@ -7807,6 +7827,11 @@ class DataProfileAction(proto.Message):
pub_sub_notification (google.cloud.dlp_v2.types.DataProfileAction.PubSubNotification):
Publish a message into the Pub/Sub topic.

This field is a member of `oneof`_ ``action``.
tag_resources (google.cloud.dlp_v2.types.DataProfileAction.TagResources):
Tags the profiled resources with the
specified tag values.

This field is a member of `oneof`_ ``action``.
"""

Expand Down Expand Up @@ -7922,6 +7947,109 @@ class DetailLevel(proto.Enum):
)
)

class TagResources(proto.Message):
r"""If set, attaches the [tags]
(https://cloud.google.com/resource-manager/docs/tags/tags-overview)
provided to profiled resources. Tags support `access
control <https://cloud.google.com/iam/docs/tags-access-control>`__.
You can conditionally grant or deny access to a resource based on
whether the resource has a specific tag.

Attributes:
tag_conditions (MutableSequence[google.cloud.dlp_v2.types.DataProfileAction.TagResources.TagCondition]):
The tags to associate with different
conditions.
profile_generations_to_tag (MutableSequence[google.cloud.dlp_v2.types.ProfileGeneration]):
The profile generations for which the tag should be attached
to resources. If you attach a tag to only new profiles, then
if the sensitivity score of a profile subsequently changes,
its tag doesn't change. By default, this field includes only
new profiles. To include both new and updated profiles for
tagging, this field should explicitly include both
``PROFILE_GENERATION_NEW`` and
``PROFILE_GENERATION_UPDATE``.
lower_data_risk_to_low (bool):
Whether applying a tag to a resource should lower the risk
of the profile for that resource. For example, in
conjunction with an `IAM deny
policy <https://cloud.google.com/iam/docs/deny-overview>`__,
you can deny all principals a permission if a tag value is
present, mitigating the risk of the resource. This also
lowers the data risk of resources at the lower levels of the
resource hierarchy. For example, reducing the data risk of a
table data profile also reduces the data risk of the
constituent column data profiles.
"""

class TagCondition(proto.Message):
r"""The tag to attach to profiles matching the condition. At most one
``TagCondition`` can be specified per sensitivity level.


.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Attributes:
tag (google.cloud.dlp_v2.types.DataProfileAction.TagResources.TagValue):
The tag value to attach to resources.
sensitivity_score (google.cloud.dlp_v2.types.SensitivityScore):
Conditions attaching the tag to a resource on
its profile having this sensitivity score.

This field is a member of `oneof`_ ``type``.
"""

tag: "DataProfileAction.TagResources.TagValue" = proto.Field(
proto.MESSAGE,
number=1,
message="DataProfileAction.TagResources.TagValue",
)
sensitivity_score: storage.SensitivityScore = proto.Field(
proto.MESSAGE,
number=2,
oneof="type",
message=storage.SensitivityScore,
)

class TagValue(proto.Message):
r"""A value of a tag.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Attributes:
namespaced_value (str):
The namespaced name for the tag value to attach to
resources. Must be in the format
``{parent_id}/{tag_key_short_name}/{short_name}``, for
example, "123456/environment/prod".

This field is a member of `oneof`_ ``format``.
"""

namespaced_value: str = proto.Field(
proto.STRING,
number=1,
oneof="format",
)

tag_conditions: MutableSequence[
"DataProfileAction.TagResources.TagCondition"
] = proto.RepeatedField(
proto.MESSAGE,
number=1,
message="DataProfileAction.TagResources.TagCondition",
)
profile_generations_to_tag: MutableSequence[
"ProfileGeneration"
] = proto.RepeatedField(
proto.ENUM,
number=2,
enum="ProfileGeneration",
)
lower_data_risk_to_low: bool = proto.Field(
proto.BOOL,
number=3,
)

export_data: Export = proto.Field(
proto.MESSAGE,
number=1,
Expand All @@ -7934,6 +8062,12 @@ class DetailLevel(proto.Enum):
oneof="action",
message=PubSubNotification,
)
tag_resources: TagResources = proto.Field(
proto.MESSAGE,
number=8,
oneof="action",
message=TagResources,
)


class DataProfileJobConfig(proto.Message):
Expand Down
2 changes: 1 addition & 1 deletion ...es/google-cloud-dlp/samples/generated_samples/snippet_metadata_google.privacy.dlp.v2.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
],
"language": "PYTHON",
"name": "google-cloud-dlp",
"version": "3.20.0"
"version": "0.1.0"
},
"snippets": [
{
Expand Down