--- title: Getting Started with Datadog description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > Infrastructure > Datadog Resource Catalog --- # gcp_dlp_job_trigger{% #gcp_dlp_job_trigger %} ## `ancestors`{% #ancestors %} **Type**: `UNORDERED_LIST_STRING` ## `create_time`{% #create_time %} **Type**: `TIMESTAMP`**Provider name**: `createTime`**Description**: Output only. The creation timestamp of a triggeredJob. ## `description`{% #description %} **Type**: `STRING`**Provider name**: `description`**Description**: User provided description (max 256 chars) ## `errors`{% #errors %} **Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `errors`**Description**: Output only. A stream of errors encountered when the trigger was activated. Repeated errors may result in the JobTrigger automatically being paused. Will return the last 100 errors. Whenever the JobTrigger is modified this list will be cleared. - `details`**Type**: `STRUCT`**Provider name**: `details`**Description**: Detailed error codes and messages. - `code`**Type**: `INT32`**Provider name**: `code`**Description**: The status code, which should be an enum value of google.rpc.Code. - `message`**Type**: `STRING`**Provider name**: `message`**Description**: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. - `extra_info`**Type**: `STRING`**Provider name**: `extraInfo`**Description**: Additional information about the error.**Possible values**: - `ERROR_INFO_UNSPECIFIED` - Unused. - `IMAGE_SCAN_UNAVAILABLE_IN_REGION` - Image scan is not available in the region. - `FILE_STORE_CLUSTER_UNSUPPORTED` - File store cluster is not supported for profile generation. - `timestamps`**Type**: `UNORDERED_LIST_TIMESTAMP`**Provider name**: `timestamps`**Description**: The times the error occurred. List includes the oldest timestamp and the last 9 timestamps. ## `gcp_display_name`{% #gcp_display_name %} **Type**: `STRING`**Provider name**: `displayName`**Description**: Display name (max 100 chars) ## `gcp_status`{% #gcp_status %} **Type**: `STRING`**Provider name**: `status`**Description**: Required. A status for this trigger.**Possible values**: - `STATUS_UNSPECIFIED` - Unused. - `HEALTHY` - Trigger is healthy. - `PAUSED` - Trigger is temporarily paused. - `CANCELLED` - Trigger is cancelled and can not be resumed. ## `inspect_job`{% #inspect_job %} **Type**: `STRUCT`**Provider name**: `inspectJob`**Description**: For inspect jobs, a snapshot of the configuration. - `actions`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `actions`**Description**: Actions to execute at the completion of the job. - `deidentify`**Type**: `STRUCT`**Provider name**: `deidentify`**Description**: Create a de-identified copy of the input data. - `cloud_storage_output`**Type**: `STRING`**Provider name**: `cloudStorageOutput`**Description**: Required. User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for Cloud Storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket - `file_types_to_transform`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `fileTypesToTransform`**Description**: List of user-specified file type groups to transform. If specified, only the files with these file types are transformed. If empty, all supported files are transformed. Supported types may be automatically added over time. Any unsupported file types that are set in this field are excluded from de-identification. An error is recorded for each unsupported file in the TransformationDetails output table. Currently the only file types supported are: IMAGES, TEXT_FILES, CSV, TSV. - `transformation_config`**Type**: `STRUCT`**Provider name**: `transformationConfig`**Description**: User specified deidentify templates and configs for structured, unstructured, and image files. - `deidentify_template`**Type**: `STRING`**Provider name**: `deidentifyTemplate`**Description**: De-identify template. If this template is specified, it will serve as the default de-identify template. This template cannot contain `record_transformations` since it can be used for unstructured content such as free-form text files. If this template is not set, a default `ReplaceWithInfoTypeConfig` will be used to de-identify unstructured content. - `image_redact_template`**Type**: `STRING`**Provider name**: `imageRedactTemplate`**Description**: Image redact template. If this template is specified, it will serve as the de-identify template for images. If this template is not set, all findings in the image will be redacted with a black box. - `structured_deidentify_template`**Type**: `STRING`**Provider name**: `structuredDeidentifyTemplate`**Description**: Structured de-identify template. If this template is specified, it will serve as the de-identify template for structured content such as delimited files and tables. If this template is not set but the `deidentify_template` is set, then `deidentify_template` will also apply to the structured content. If neither template is set, a default `ReplaceWithInfoTypeConfig` will be used to de-identify structured content. - `transformation_details_storage_config`**Type**: `STRUCT`**Provider name**: `transformationDetailsStorageConfig`**Description**: Config for storing transformation details. This field specifies the configuration for storing detailed metadata about each transformation performed during a de-identification process. The metadata is stored separately from the de-identified content itself and provides a granular record of both successful transformations and any failures that occurred. Enabling this configuration is essential for users who need to access comprehensive information about the status, outcome, and specifics of each transformation. The details are captured in the TransformationDetails message for each operation. Key use cases: * **Auditing and compliance** * Provides a verifiable audit trail of de-identification activities, which is crucial for meeting regulatory requirements and internal data governance policies. * Logs what data was transformed, what transformations were applied, when they occurred, and their success status. This helps demonstrate accountability and due diligence in protecting sensitive data. * **Troubleshooting and debugging** * Offers detailed error messages and context if a transformation fails. This information is useful for diagnosing and resolving issues in the de-identification pipeline. * Helps pinpoint the exact location and nature of failures, speeding up the debugging process. * **Process verification and quality assurance** * Allows users to confirm that de-identification rules and transformations were applied correctly and consistently across the dataset as intended. * Helps in verifying the effectiveness of the chosen de-identification strategies. * **Data lineage and impact analysis** * Creates a record of how data elements were modified, contributing to data lineage. This is useful for understanding the provenance of de-identified data. * Aids in assessing the potential impact of de-identification choices on downstream analytical processes or data usability. * **Reporting and operational insights** * You can analyze the metadata stored in a queryable BigQuery table to generate reports on transformation success rates, common error types, processing volumes (e.g., transformedBytes), and the types of transformations applied. * These insights can inform optimization of de-identification configurations and resource planning. To take advantage of these benefits, set this configuration. The stored details include a description of the transformation, success or error codes, error messages, the number of bytes transformed, the location of the transformed content, and identifiers for the job and source data. - `table`**Type**: `STRUCT`**Provider name**: `table`**Description**: The BigQuery table in which to store the output. This may be an existing table or in a new table in an existing dataset. If table_id is not set a new one will be generated for you with the following format: dlp_googleapis_transformation_details_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used for generating the date details. - `dataset_id`**Type**: `STRING`**Provider name**: `datasetId`**Description**: Dataset ID of the table. - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: The Google Cloud project ID of the project containing the table. If omitted, project ID is inferred from the API call. - `table_id`**Type**: `STRING`**Provider name**: `tableId`**Description**: Name of the table. - `job_notification_emails`**Type**: `STRUCT`**Provider name**: `jobNotificationEmails`**Description**: Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts). - `pub_sub`**Type**: `STRUCT`**Provider name**: `pubSub`**Description**: Publish a notification to a Pub/Sub topic. - `topic`**Type**: `STRING`**Provider name**: `topic`**Description**: Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}. - `publish_findings_to_cloud_data_catalog`**Type**: `STRUCT`**Provider name**: `publishFindingsToCloudDataCatalog`**Description**: Publish findings to Cloud Datahub. - `publish_summary_to_cscc`**Type**: `STRUCT`**Provider name**: `publishSummaryToCscc`**Description**: Publish summary to Cloud Security Command Center (Alpha). - `publish_to_stackdriver`**Type**: `STRUCT`**Provider name**: `publishToStackdriver`**Description**: Enable Stackdriver metric dlp.googleapis.com/finding_count. - `save_findings`**Type**: `STRUCT`**Provider name**: `saveFindings`**Description**: Save resulting findings in a provided location. - `output_config`**Type**: `STRUCT`**Provider name**: `outputConfig`**Description**: Location to store findings outside of DLP. - `output_schema`**Type**: `STRING`**Provider name**: `outputSchema`**Description**: Schema used for writing the findings for Inspect jobs. This field is only used for Inspect and must be unspecified for Risk jobs. Columns are derived from the `Finding` object. If appending to an existing table, any columns from the predefined schema that are missing will be added. No columns in the existing table will be deleted. If unspecified, then all available columns will be used for a new table or an (existing) table with no schema, and no changes will be made to an existing table that has a schema. Only for use with external storage.**Possible values**: - `OUTPUT_SCHEMA_UNSPECIFIED` - Unused. - `BASIC_COLUMNS` - Basic schema including only `info_type`, `quote`, `certainty`, and `timestamp`. - `GCS_COLUMNS` - Schema tailored to findings from scanning Cloud Storage. - `DATASTORE_COLUMNS` - Schema tailored to findings from scanning Google Datastore. - `BIG_QUERY_COLUMNS` - Schema tailored to findings from scanning Google BigQuery. - `ALL_COLUMNS` - Schema containing all columns. - `table`**Type**: `STRUCT`**Provider name**: `table`**Description**: Store findings in an existing table or a new table in an existing dataset. If table_id is not set a new one will be generated for you with the following format: dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used for generating the date details. For Inspect, each column in an existing output table must have the same name, type, and mode of a field in the `Finding` object. For Risk, an existing output table should be the output of a previous Risk analysis job run on the same source table, with the same privacy metric and quasi-identifiers. Risk jobs that analyze the same table but compute a different privacy metric, or use different sets of quasi-identifiers, cannot store their results in the same table. - `dataset_id`**Type**: `STRING`**Provider name**: `datasetId`**Description**: Dataset ID of the table. - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: The Google Cloud project ID of the project containing the table. If omitted, project ID is inferred from the API call. - `table_id`**Type**: `STRING`**Provider name**: `tableId`**Description**: Name of the table. - `inspect_config`**Type**: `STRUCT`**Provider name**: `inspectConfig`**Description**: How and what to scan for. - `content_options`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `contentOptions`**Description**: Deprecated and unused. - `custom_info_types`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `customInfoTypes`**Description**: CustomInfoTypes provided by the user. See [https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes](https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes) to learn more. - `detection_rules`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `detectionRules`**Description**: Set of detection rules to apply to all findings of this CustomInfoType. Rules are applied in order that they are specified. Not supported for the `surrogate_type` CustomInfoType. - `hotword_rule`**Type**: `STRUCT`**Provider name**: `hotwordRule`**Description**: Hotword-based detection rule. - `hotword_regex`**Type**: `STRUCT`**Provider name**: `hotwordRegex`**Description**: Regular expression pattern defining what qualifies as a hotword. - `group_indexes`**Type**: `UNORDERED_LIST_INT32`**Provider name**: `groupIndexes`**Description**: The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included. - `pattern`**Type**: `STRING`**Provider name**: `pattern`**Description**: Pattern defining the regular expression. Its syntax ([https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax)) can be found under the google/re2 repository on GitHub. - `likelihood_adjustment`**Type**: `STRUCT`**Provider name**: `likelihoodAdjustment`**Description**: Likelihood adjustment to apply to all matching findings. - `fixed_likelihood`**Type**: `STRING`**Provider name**: `fixedLikelihood`**Description**: Set the likelihood of a finding to a fixed value.**Possible values**: - `LIKELIHOOD_UNSPECIFIED` - Default value; same as POSSIBLE. - `VERY_UNLIKELY` - Highest chance of a false positive. - `UNLIKELY` - High chance of a false positive. - `POSSIBLE` - Some matching signals. The default value. - `LIKELY` - Low chance of a false positive. - `VERY_LIKELY` - Confidence level is high. Lowest chance of a false positive. - `relative_likelihood`**Type**: `INT32`**Provider name**: `relativeLikelihood`**Description**: Increase or decrease the likelihood by the specified number of levels. For example, if a finding would be `POSSIBLE` without the detection rule and `relative_likelihood` is 1, then it is upgraded to `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. Likelihood may never drop below `VERY_UNLIKELY` or exceed `VERY_LIKELY`, so applying an adjustment of 1 followed by an adjustment of -1 when base likelihood is `VERY_LIKELY` will result in a final likelihood of `LIKELY`. - `proximity`**Type**: `STRUCT`**Provider name**: `proximity`**Description**: Range of characters within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. The finding itself will be included in the window, so that hotwords can be used to match substrings of the finding itself. Suppose you want Cloud DLP to promote the likelihood of the phone number regex "(\d{3}) \d{3}-\d{4}" if the area code is known to be the area code of a company's office. In this case, use the hotword regex "(xxx)", where "xxx" is the area code in question. For tabular data, if you want to modify the likelihood of an entire column of findngs, see [Hotword example: Set the match likelihood of a table column] ([https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values)](https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values%29). - `window_after`**Type**: `INT32`**Provider name**: `windowAfter`**Description**: Number of characters after the finding to consider. - `window_before`**Type**: `INT32`**Provider name**: `windowBefore`**Description**: Number of characters before the finding to consider. For tabular data, if you want to modify the likelihood of an entire column of findngs, set this to 1. For more information, see [Hotword example: Set the match likelihood of a table column] ([https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values)](https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values%29). - `dictionary`**Type**: `STRUCT`**Provider name**: `dictionary`**Description**: A list of phrases to detect as a CustomInfoType. - `cloud_storage_path`**Type**: `STRUCT`**Provider name**: `cloudStoragePath`**Description**: Newline-delimited file of words in Cloud Storage. Only a single file is accepted. - `path`**Type**: `STRING`**Provider name**: `path`**Description**: A URL representing a file or path (no wildcards) in Cloud Storage. Example: `gs://[BUCKET_NAME]/dictionary.txt` - `word_list`**Type**: `STRUCT`**Provider name**: `wordList`**Description**: List of words or phrases to search for. - `words`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `words`**Description**: Words or phrases defining the dictionary. The dictionary must contain at least one phrase and every phrase must contain at least 2 characters that are letters or digits. [required] - `exclusion_type`**Type**: `STRING`**Provider name**: `exclusionType`**Description**: If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding to be returned. It still can be used for rules matching.**Possible values**: - `EXCLUSION_TYPE_UNSPECIFIED` - A finding of this custom info type will not be excluded from results. - `EXCLUSION_TYPE_EXCLUDE` - A finding of this custom info type will be excluded from final results, but can still affect rule execution. - `info_type`**Type**: `STRUCT`**Provider name**: `infoType`**Description**: CustomInfoType can either be a new infoType, or an extension of built-in infoType, when the name matches one of existing infoTypes and that infoType is specified in `InspectContent.info_types` field. Specifying the latter adds findings to the one detected by the system. If built-in info type is not specified in `InspectContent.info_types` list then the name is treated as a custom info type. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at [https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`. - `sensitivity_score`**Type**: `STRUCT`**Provider name**: `sensitivityScore`**Description**: Optional custom sensitivity for this InfoType. This only applies to data profiling. - `score`**Type**: `STRING`**Provider name**: `score`**Description**: The sensitivity score applied to the resource.**Possible values**: - `SENSITIVITY_SCORE_UNSPECIFIED` - Unused. - `SENSITIVITY_LOW` - No sensitive information detected. The resource isn't publicly accessible. - `SENSITIVITY_UNKNOWN` - Unable to determine sensitivity. - `SENSITIVITY_MODERATE` - Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access. - `SENSITIVITY_HIGH` - High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Optional version name for this InfoType. - `likelihood`**Type**: `STRING`**Provider name**: `likelihood`**Description**: Likelihood to return for this CustomInfoType. This base value can be altered by a detection rule if the finding meets the criteria specified by the rule. Defaults to `VERY_LIKELY` if not specified.**Possible values**: - `LIKELIHOOD_UNSPECIFIED` - Default value; same as POSSIBLE. - `VERY_UNLIKELY` - Highest chance of a false positive. - `UNLIKELY` - High chance of a false positive. - `POSSIBLE` - Some matching signals. The default value. - `LIKELY` - Low chance of a false positive. - `VERY_LIKELY` - Confidence level is high. Lowest chance of a false positive. - `regex`**Type**: `STRUCT`**Provider name**: `regex`**Description**: Regular expression based CustomInfoType. - `group_indexes`**Type**: `UNORDERED_LIST_INT32`**Provider name**: `groupIndexes`**Description**: The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included. - `pattern`**Type**: `STRING`**Provider name**: `pattern`**Description**: Pattern defining the regular expression. Its syntax ([https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax)) can be found under the google/re2 repository on GitHub. - `sensitivity_score`**Type**: `STRUCT`**Provider name**: `sensitivityScore`**Description**: Sensitivity for this CustomInfoType. If this CustomInfoType extends an existing InfoType, the sensitivity here will take precedence over that of the original InfoType. If unset for a CustomInfoType, it will default to HIGH. This only applies to data profiling. - `score`**Type**: `STRING`**Provider name**: `score`**Description**: The sensitivity score applied to the resource.**Possible values**: - `SENSITIVITY_SCORE_UNSPECIFIED` - Unused. - `SENSITIVITY_LOW` - No sensitive information detected. The resource isn't publicly accessible. - `SENSITIVITY_UNKNOWN` - Unable to determine sensitivity. - `SENSITIVITY_MODERATE` - Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access. - `SENSITIVITY_HIGH` - High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII. - `stored_type`**Type**: `STRUCT`**Provider name**: `storedType`**Description**: Load an existing `StoredInfoType` resource for use in `InspectDataSource`. Not currently supported in `InspectContent`. - `create_time`**Type**: `TIMESTAMP`**Provider name**: `createTime`**Description**: Timestamp indicating when the version of the `StoredInfoType` used for inspection was created. Output-only field, populated by the system. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Resource name of the requested `StoredInfoType`, for example `organizations/433245324/storedInfoTypes/432452342` or `projects/project-id/storedInfoTypes/432452342`. - `surrogate_type`**Type**: `STRUCT`**Provider name**: `surrogateType`**Description**: Message for detecting output from deidentification transformations that support reversing. - `exclude_info_types`**Type**: `BOOLEAN`**Provider name**: `excludeInfoTypes`**Description**: When true, excludes type information of the findings. This is not used for data profiling. - `include_quote`**Type**: `BOOLEAN`**Provider name**: `includeQuote`**Description**: When true, a contextual quote from the data that triggered a finding is included in the response; see Finding.quote. This is not used for data profiling. - `info_types`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `infoTypes`**Description**: Restricts what info_types to look for. The values must correspond to InfoType values returned by ListInfoTypes or listed at [https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference). When no InfoTypes or CustomInfoTypes are specified in a request, the system may automatically choose a default list of detectors to run, which may change over time. If you need precise control and predictability as to what detectors are run you should specify specific InfoTypes listed in the reference, otherwise a default list will be used, which may change over time. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at [https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`. - `sensitivity_score`**Type**: `STRUCT`**Provider name**: `sensitivityScore`**Description**: Optional custom sensitivity for this InfoType. This only applies to data profiling. - `score`**Type**: `STRING`**Provider name**: `score`**Description**: The sensitivity score applied to the resource.**Possible values**: - `SENSITIVITY_SCORE_UNSPECIFIED` - Unused. - `SENSITIVITY_LOW` - No sensitive information detected. The resource isn't publicly accessible. - `SENSITIVITY_UNKNOWN` - Unable to determine sensitivity. - `SENSITIVITY_MODERATE` - Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access. - `SENSITIVITY_HIGH` - High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Optional version name for this InfoType. - `limits`**Type**: `STRUCT`**Provider name**: `limits`**Description**: Configuration to control the number of findings returned. This is not used for data profiling. When redacting sensitive data from images, finding limits don't apply. They can cause unexpected or inconsistent results, where only some data is redacted. Don't include finding limits in RedactImage requests. Otherwise, Cloud DLP returns an error. When set within an InspectJobConfig, the specified maximum values aren't hard limits. If an inspection job reaches these limits, the job ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns can be multiple times higher than these maximum values. - `max_findings_per_info_type`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `maxFindingsPerInfoType`**Description**: Configuration of findings limit given for specified infoTypes. - `info_type`**Type**: `STRUCT`**Provider name**: `infoType`**Description**: Type of information the findings limit applies to. Only one limit per info_type should be provided. If InfoTypeLimit does not have an info_type, the DLP API applies the limit against all info_types that are found but not specified in another InfoTypeLimit. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at [https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`. - `sensitivity_score`**Type**: `STRUCT`**Provider name**: `sensitivityScore`**Description**: Optional custom sensitivity for this InfoType. This only applies to data profiling. - `score`**Type**: `STRING`**Provider name**: `score`**Description**: The sensitivity score applied to the resource.**Possible values**: - `SENSITIVITY_SCORE_UNSPECIFIED` - Unused. - `SENSITIVITY_LOW` - No sensitive information detected. The resource isn't publicly accessible. - `SENSITIVITY_UNKNOWN` - Unable to determine sensitivity. - `SENSITIVITY_MODERATE` - Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access. - `SENSITIVITY_HIGH` - High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Optional version name for this InfoType. - `max_findings`**Type**: `INT32`**Provider name**: `maxFindings`**Description**: Max findings limit for the given infoType. - `max_findings_per_item`**Type**: `INT32`**Provider name**: `maxFindingsPerItem`**Description**: Max number of findings that are returned for each item scanned. When set within an InspectContentRequest, this field is ignored. This value isn't a hard limit. If the number of findings for an item reaches this limit, the inspection of that item ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns for the item can be multiple times higher than this value. - `max_findings_per_request`**Type**: `INT32`**Provider name**: `maxFindingsPerRequest`**Description**: Max number of findings that are returned per request or job. If you set this field in an InspectContentRequest, the resulting maximum value is the value that you set or 3,000, whichever is lower. This value isn't a hard limit. If an inspection reaches this limit, the inspection ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns can be multiple times higher than this value. - `min_likelihood`**Type**: `STRING`**Provider name**: `minLikelihood`**Description**: Only returns findings equal to or above this threshold. The default is POSSIBLE. In general, the highest likelihood setting yields the fewest findings in results and the lowest chance of a false positive. For more information, see [Match likelihood](https://cloud.google.com/sensitive-data-protection/docs/likelihood).**Possible values**: - `LIKELIHOOD_UNSPECIFIED` - Default value; same as POSSIBLE. - `VERY_UNLIKELY` - Highest chance of a false positive. - `UNLIKELY` - High chance of a false positive. - `POSSIBLE` - Some matching signals. The default value. - `LIKELY` - Low chance of a false positive. - `VERY_LIKELY` - Confidence level is high. Lowest chance of a false positive. - `min_likelihood_per_info_type`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `minLikelihoodPerInfoType`**Description**: Minimum likelihood per infotype. For each infotype, a user can specify a minimum likelihood. The system only returns a finding if its likelihood is above this threshold. If this field is not set, the system uses the InspectConfig min_likelihood. - `info_type`**Type**: `STRUCT`**Provider name**: `infoType`**Description**: Type of information the likelihood threshold applies to. Only one likelihood per info_type should be provided. If InfoTypeLikelihood does not have an info_type, the configuration fails. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at [https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`. - `sensitivity_score`**Type**: `STRUCT`**Provider name**: `sensitivityScore`**Description**: Optional custom sensitivity for this InfoType. This only applies to data profiling. - `score`**Type**: `STRING`**Provider name**: `score`**Description**: The sensitivity score applied to the resource.**Possible values**: - `SENSITIVITY_SCORE_UNSPECIFIED` - Unused. - `SENSITIVITY_LOW` - No sensitive information detected. The resource isn't publicly accessible. - `SENSITIVITY_UNKNOWN` - Unable to determine sensitivity. - `SENSITIVITY_MODERATE` - Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access. - `SENSITIVITY_HIGH` - High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Optional version name for this InfoType. - `min_likelihood`**Type**: `STRING`**Provider name**: `minLikelihood`**Description**: Only returns findings equal to or above this threshold. This field is required or else the configuration fails.**Possible values**: - `LIKELIHOOD_UNSPECIFIED` - Default value; same as POSSIBLE. - `VERY_UNLIKELY` - Highest chance of a false positive. - `UNLIKELY` - High chance of a false positive. - `POSSIBLE` - Some matching signals. The default value. - `LIKELY` - Low chance of a false positive. - `VERY_LIKELY` - Confidence level is high. Lowest chance of a false positive. - `rule_set`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `ruleSet`**Description**: Set of rules to apply to the findings for this InspectConfig. Exclusion rules, contained in the set are executed in the end, other rules are executed in the order they are specified for each info type. - `info_types`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `infoTypes`**Description**: List of infoTypes this rule set is applied to. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at [https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`. - `sensitivity_score`**Type**: `STRUCT`**Provider name**: `sensitivityScore`**Description**: Optional custom sensitivity for this InfoType. This only applies to data profiling. - `score`**Type**: `STRING`**Provider name**: `score`**Description**: The sensitivity score applied to the resource.**Possible values**: - `SENSITIVITY_SCORE_UNSPECIFIED` - Unused. - `SENSITIVITY_LOW` - No sensitive information detected. The resource isn't publicly accessible. - `SENSITIVITY_UNKNOWN` - Unable to determine sensitivity. - `SENSITIVITY_MODERATE` - Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access. - `SENSITIVITY_HIGH` - High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Optional version name for this InfoType. - `rules`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `rules`**Description**: Set of rules to be applied to infoTypes. The rules are applied in order. - `exclusion_rule`**Type**: `STRUCT`**Provider name**: `exclusionRule`**Description**: Exclusion rule. - `dictionary`**Type**: `STRUCT`**Provider name**: `dictionary`**Description**: Dictionary which defines the rule. - `cloud_storage_path`**Type**: `STRUCT`**Provider name**: `cloudStoragePath`**Description**: Newline-delimited file of words in Cloud Storage. Only a single file is accepted. - `path`**Type**: `STRING`**Provider name**: `path`**Description**: A URL representing a file or path (no wildcards) in Cloud Storage. Example: `gs://[BUCKET_NAME]/dictionary.txt` - `word_list`**Type**: `STRUCT`**Provider name**: `wordList`**Description**: List of words or phrases to search for. - `words`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `words`**Description**: Words or phrases defining the dictionary. The dictionary must contain at least one phrase and every phrase must contain at least 2 characters that are letters or digits. [required] - `exclude_by_hotword`**Type**: `STRUCT`**Provider name**: `excludeByHotword`**Description**: Drop if the hotword rule is contained in the proximate context. For tabular data, the context includes the column name. - `hotword_regex`**Type**: `STRUCT`**Provider name**: `hotwordRegex`**Description**: Regular expression pattern defining what qualifies as a hotword. - `group_indexes`**Type**: `UNORDERED_LIST_INT32`**Provider name**: `groupIndexes`**Description**: The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included. - `pattern`**Type**: `STRING`**Provider name**: `pattern`**Description**: Pattern defining the regular expression. Its syntax ([https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax)) can be found under the google/re2 repository on GitHub. - `proximity`**Type**: `STRUCT`**Provider name**: `proximity`**Description**: Range of characters within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. The windowBefore property in proximity should be set to 1 if the hotword needs to be included in a column header. - `window_after`**Type**: `INT32`**Provider name**: `windowAfter`**Description**: Number of characters after the finding to consider. - `window_before`**Type**: `INT32`**Provider name**: `windowBefore`**Description**: Number of characters before the finding to consider. For tabular data, if you want to modify the likelihood of an entire column of findngs, set this to 1. For more information, see [Hotword example: Set the match likelihood of a table column] ([https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values)](https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values%29). - `exclude_info_types`**Type**: `STRUCT`**Provider name**: `excludeInfoTypes`**Description**: Set of infoTypes for which findings would affect this rule. - `info_types`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `infoTypes`**Description**: InfoType list in ExclusionRule rule drops a finding when it overlaps or contained within with a finding of an infoType from this list. For example, for `InspectionRuleSet.info_types` containing "PHONE_NUMBER"`and`exclusion_rule`containing`exclude_info_types.info_types` with "EMAIL_ADDRESS" the phone number findings are dropped if they overlap with EMAIL_ADDRESS finding. That leads to "[555-222-2222@example.org](mailto:555-222-2222@example.org)" to generate only a single finding, namely email address. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at [https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference](https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference) when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`. - `sensitivity_score`**Type**: `STRUCT`**Provider name**: `sensitivityScore`**Description**: Optional custom sensitivity for this InfoType. This only applies to data profiling. - `score`**Type**: `STRING`**Provider name**: `score`**Description**: The sensitivity score applied to the resource.**Possible values**: - `SENSITIVITY_SCORE_UNSPECIFIED` - Unused. - `SENSITIVITY_LOW` - No sensitive information detected. The resource isn't publicly accessible. - `SENSITIVITY_UNKNOWN` - Unable to determine sensitivity. - `SENSITIVITY_MODERATE` - Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access. - `SENSITIVITY_HIGH` - High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII. - `version`**Type**: `STRING`**Provider name**: `version`**Description**: Optional version name for this InfoType. - `matching_type`**Type**: `STRING`**Provider name**: `matchingType`**Description**: How the rule is applied, see MatchingType documentation for details.**Possible values**: - `MATCHING_TYPE_UNSPECIFIED` - Invalid. - `MATCHING_TYPE_FULL_MATCH` - Full match. - Dictionary: join of Dictionary results matched complete finding quote - Regex: all regex matches fill a finding quote start to end - Exclude info type: completely inside affecting info types findings - `MATCHING_TYPE_PARTIAL_MATCH` - Partial match. - Dictionary: at least one of the tokens in the finding matches - Regex: substring of the finding matches - Exclude info type: intersects with affecting info types findings - `MATCHING_TYPE_INVERSE_MATCH` - Inverse match. - Dictionary: no tokens in the finding match the dictionary - Regex: finding doesn't match the regex - Exclude info type: no intersection with affecting info types findings - `regex`**Type**: `STRUCT`**Provider name**: `regex`**Description**: Regular expression which defines the rule. - `group_indexes`**Type**: `UNORDERED_LIST_INT32`**Provider name**: `groupIndexes`**Description**: The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included. - `pattern`**Type**: `STRING`**Provider name**: `pattern`**Description**: Pattern defining the regular expression. Its syntax ([https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax)) can be found under the google/re2 repository on GitHub. - `hotword_rule`**Type**: `STRUCT`**Provider name**: `hotwordRule`**Description**: Hotword-based detection rule. - `hotword_regex`**Type**: `STRUCT`**Provider name**: `hotwordRegex`**Description**: Regular expression pattern defining what qualifies as a hotword. - `group_indexes`**Type**: `UNORDERED_LIST_INT32`**Provider name**: `groupIndexes`**Description**: The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included. - `pattern`**Type**: `STRING`**Provider name**: `pattern`**Description**: Pattern defining the regular expression. Its syntax ([https://github.com/google/re2/wiki/Syntax](https://github.com/google/re2/wiki/Syntax)) can be found under the google/re2 repository on GitHub. - `likelihood_adjustment`**Type**: `STRUCT`**Provider name**: `likelihoodAdjustment`**Description**: Likelihood adjustment to apply to all matching findings. - `fixed_likelihood`**Type**: `STRING`**Provider name**: `fixedLikelihood`**Description**: Set the likelihood of a finding to a fixed value.**Possible values**: - `LIKELIHOOD_UNSPECIFIED` - Default value; same as POSSIBLE. - `VERY_UNLIKELY` - Highest chance of a false positive. - `UNLIKELY` - High chance of a false positive. - `POSSIBLE` - Some matching signals. The default value. - `LIKELY` - Low chance of a false positive. - `VERY_LIKELY` - Confidence level is high. Lowest chance of a false positive. - `relative_likelihood`**Type**: `INT32`**Provider name**: `relativeLikelihood`**Description**: Increase or decrease the likelihood by the specified number of levels. For example, if a finding would be `POSSIBLE` without the detection rule and `relative_likelihood` is 1, then it is upgraded to `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. Likelihood may never drop below `VERY_UNLIKELY` or exceed `VERY_LIKELY`, so applying an adjustment of 1 followed by an adjustment of -1 when base likelihood is `VERY_LIKELY` will result in a final likelihood of `LIKELY`. - `proximity`**Type**: `STRUCT`**Provider name**: `proximity`**Description**: Range of characters within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. The finding itself will be included in the window, so that hotwords can be used to match substrings of the finding itself. Suppose you want Cloud DLP to promote the likelihood of the phone number regex "(\d{3}) \d{3}-\d{4}" if the area code is known to be the area code of a company's office. In this case, use the hotword regex "(xxx)", where "xxx" is the area code in question. For tabular data, if you want to modify the likelihood of an entire column of findngs, see [Hotword example: Set the match likelihood of a table column] ([https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values)](https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values%29). - `window_after`**Type**: `INT32`**Provider name**: `windowAfter`**Description**: Number of characters after the finding to consider. - `window_before`**Type**: `INT32`**Provider name**: `windowBefore`**Description**: Number of characters before the finding to consider. For tabular data, if you want to modify the likelihood of an entire column of findngs, set this to 1. For more information, see [Hotword example: Set the match likelihood of a table column] ([https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values)](https://cloud.google.com/sensitive-data-protection/docs/creating-custom-infotypes-likelihood#match-column-values%29). - `inspect_template_name`**Type**: `STRING`**Provider name**: `inspectTemplateName`**Description**: If provided, will be used as the default for all values in InspectConfig. `inspect_config` will be merged into the values persisted as part of the template. - `storage_config`**Type**: `STRUCT`**Provider name**: `storageConfig`**Description**: The data to scan. - `big_query_options`**Type**: `STRUCT`**Provider name**: `bigQueryOptions`**Description**: BigQuery options. - `excluded_fields`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `excludedFields`**Description**: References to fields excluded from scanning. This allows you to skip inspection of entire columns which you know have no findings. When inspecting a table, we recommend that you inspect all columns. Otherwise, findings might be affected because hints from excluded columns will not be used. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name describing the field. - `identifying_fields`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `identifyingFields`**Description**: Table fields that may uniquely identify a row within the table. When `actions.saveFindings.outputConfig.table` is specified, the values of columns specified here are available in the output table under `location.content_locations.record_location.record_key.id_values`. Nested fields such as `person.birthdate.year` are allowed. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name describing the field. - `included_fields`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `includedFields`**Description**: Limit scanning only to these fields. When inspecting a table, we recommend that you inspect all columns. Otherwise, findings might be affected because hints from excluded columns will not be used. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name describing the field. - `rows_limit`**Type**: `INT64`**Provider name**: `rowsLimit`**Description**: Max number of rows to scan. If the table has more rows than this value, the rest of the rows are omitted. If not set, or if set to 0, all rows will be scanned. Only one of rows_limit and rows_limit_percent can be specified. Cannot be used in conjunction with TimespanConfig. - `rows_limit_percent`**Type**: `INT32`**Provider name**: `rowsLimitPercent`**Description**: Max percentage of rows to scan. The rest are omitted. The number of rows scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one of rows_limit and rows_limit_percent can be specified. Cannot be used in conjunction with TimespanConfig. Caution: A [known issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#bq-sampling) is causing the `rowsLimitPercent` field to behave unexpectedly. We recommend using `rowsLimit` instead. - `sample_method`**Type**: `STRING`**Provider name**: `sampleMethod`**Description**: How to sample the data.**Possible values**: - `SAMPLE_METHOD_UNSPECIFIED` - No sampling. - `TOP` - Scan groups of rows in the order BigQuery provides (default). Multiple groups of rows may be scanned in parallel, so results may not appear in the same order the rows are read. - `RANDOM_START` - Randomly pick groups of rows to scan. - `table_reference`**Type**: `STRUCT`**Provider name**: `tableReference`**Description**: Complete BigQuery table reference. - `dataset_id`**Type**: `STRING`**Provider name**: `datasetId`**Description**: Dataset ID of the table. - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: The Google Cloud project ID of the project containing the table. If omitted, project ID is inferred from the API call. - `table_id`**Type**: `STRING`**Provider name**: `tableId`**Description**: Name of the table. - `cloud_storage_options`**Type**: `STRUCT`**Provider name**: `cloudStorageOptions`**Description**: Cloud Storage options. - `bytes_limit_per_file`**Type**: `INT64`**Provider name**: `bytesLimitPerFile`**Description**: Max number of bytes to scan from a file. If a scanned file's size is bigger than this value then the rest of the bytes are omitted. Only one of `bytes_limit_per_file` and `bytes_limit_per_file_percent` can be specified. This field can't be set if de-identification is requested. For certain file types, setting this field has no effect. For more information, see [Limits on bytes scanned per file](https://cloud.google.com/sensitive-data-protection/docs/supported-file-types#max-byte-size-per-file). - `bytes_limit_per_file_percent`**Type**: `INT32`**Provider name**: `bytesLimitPerFilePercent`**Description**: Max percentage of bytes to scan from a file. The rest are omitted. The number of bytes scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. This field can't be set if de-identification is requested. For certain file types, setting this field has no effect. For more information, see [Limits on bytes scanned per file](https://cloud.google.com/sensitive-data-protection/docs/supported-file-types#max-byte-size-per-file). - `file_set`**Type**: `STRUCT`**Provider name**: `fileSet`**Description**: The set of one or more files to scan. - `regex_file_set`**Type**: `STRUCT`**Provider name**: `regexFileSet`**Description**: The regex-filtered set of files to scan. Exactly one of `url` or `regex_file_set` must be set. - `bucket_name`**Type**: `STRING`**Provider name**: `bucketName`**Description**: The name of a Cloud Storage bucket. Required. - `exclude_regex`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `excludeRegex`**Description**: A list of regular expressions matching file paths to exclude. All files in the bucket that match at least one of these regular expressions will be excluded from the scan. Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub. - `include_regex`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `includeRegex`**Description**: A list of regular expressions matching file paths to include. All files in the bucket that match at least one of these regular expressions will be included in the set of files, except for those that also match an item in `exclude_regex`. Leaving this field empty will match all files by default (this is equivalent to including `.*` in the list). Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub. - `url`**Type**: `STRING`**Provider name**: `url`**Description**: The Cloud Storage url of the file(s) to scan, in the format `gs:///`. Trailing wildcard in the path is allowed. If the url ends in a trailing slash, the bucket or directory represented by the url will be scanned non-recursively (content in sub-directories will not be scanned). This means that `gs://mybucket/` is equivalent to `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to `gs://mybucket/directory/*`. Exactly one of `url` or `regex_file_set` must be set. - `file_types`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `fileTypes`**Description**: List of file type groups to include in the scan. If empty, all files are scanned and available data format processors are applied. In addition, the binary content of the selected files is always scanned as well. Images are scanned only as binary if the specified region does not support image inspection and no file_types were specified. Image inspection is restricted to 'global', 'us', 'asia', and 'europe'. - `files_limit_percent`**Type**: `INT32`**Provider name**: `filesLimitPercent`**Description**: Limits the number of files to scan to this percentage of the input FileSet. Number of files scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. - `sample_method`**Type**: `STRING`**Provider name**: `sampleMethod`**Description**: How to sample the data.**Possible values**: - `SAMPLE_METHOD_UNSPECIFIED` - No sampling. - `TOP` - Scan from the top (default). - `RANDOM_START` - For each file larger than bytes_limit_per_file, randomly pick the offset to start scanning. The scanned bytes are contiguous. - `datastore_options`**Type**: `STRUCT`**Provider name**: `datastoreOptions`**Description**: Google Cloud Datastore options. - `kind`**Type**: `STRUCT`**Provider name**: `kind`**Description**: The kind to process. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: The name of the kind. - `partition_id`**Type**: `STRUCT`**Provider name**: `partitionId`**Description**: A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. - `namespace_id`**Type**: `STRING`**Provider name**: `namespaceId`**Description**: If not empty, the ID of the namespace to which the entities belong. - `project_id`**Type**: `STRING`**Provider name**: `projectId`**Description**: The ID of the project to which the entities belong. - `hybrid_options`**Type**: `STRUCT`**Provider name**: `hybridOptions`**Description**: Hybrid inspection options. - `description`**Type**: `STRING`**Provider name**: `description`**Description**: A short description of where the data is coming from. Will be stored once in the job. 256 max length. - `required_finding_label_keys`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `requiredFindingLabelKeys`**Description**: These are labels that each inspection request must include within their 'finding_labels' map. Request may contain others, but any missing one of these will be rejected. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. No more than 10 keys can be required. - `table_options`**Type**: `STRUCT`**Provider name**: `tableOptions`**Description**: If the container is a table, additional information to make findings meaningful such as the columns that are primary keys. - `identifying_fields`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `identifyingFields`**Description**: The columns that are the primary keys for table objects included in ContentItem. A copy of this cell's value will stored alongside alongside each finding so that the finding can be traced to the specific row it came from. No more than 3 may be provided. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name describing the field. - `timespan_config`**Type**: `STRUCT`**Provider name**: `timespanConfig`**Description**: Configuration of the timespan of the items to include in scanning. - `enable_auto_population_of_timespan_config`**Type**: `BOOLEAN`**Provider name**: `enableAutoPopulationOfTimespanConfig`**Description**: When the job is started by a JobTrigger we will automatically figure out a valid start_time to avoid scanning files that have not been modified since the last time the JobTrigger executed. This will be based on the time of the execution of the last run of the JobTrigger or the timespan end_time used in the last run of the JobTrigger. **For BigQuery** Inspect jobs triggered by automatic population will scan data that is at least three hours old when the job starts. This is because streaming buffer rows are not read during inspection and reading up to the current timestamp will result in skipped rows. See the [known issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#recently-streamed-data) related to this operation. - `end_time`**Type**: `TIMESTAMP`**Provider name**: `endTime`**Description**: Exclude files, tables, or rows newer than this value. If not set, no upper time limit is applied. - `start_time`**Type**: `TIMESTAMP`**Provider name**: `startTime`**Description**: Exclude files, tables, or rows older than this value. If not set, no lower time limit is applied. - `timestamp_field`**Type**: `STRUCT`**Provider name**: `timestampField`**Description**: Specification of the field containing the timestamp of scanned items. Used for data sources like Datastore and BigQuery. **For BigQuery** If this value is not specified and the table was modified between the given start and end times, the entire table will be scanned. If this value is specified, then rows are filtered based on the given start and end times. Rows with a `NULL` value in the provided BigQuery column are skipped. Valid data types of the provided BigQuery column are: `INTEGER`, `DATE`, `TIMESTAMP`, and `DATETIME`. If your BigQuery table is [partitioned at ingestion time](https://cloud.google.com/bigquery/docs/partitioned-tables#ingestion_time), you can use any of the following pseudo-columns as your timestamp field. When used with Cloud DLP, these pseudo-column names are case sensitive. - `_PARTITIONTIME` - `_PARTITIONDATE` - `_PARTITION_LOAD_TIME` **For Datastore** If this value is specified, then entities are filtered based on the given start and end times. If an entity does not contain the provided timestamp property or contains empty or invalid values, then it is included. Valid data types of the provided timestamp property are: `TIMESTAMP`. See the [known issue](https://cloud.google.com/sensitive-data-protection/docs/known-issues#bq-timespan) related to this operation. - `name`**Type**: `STRING`**Provider name**: `name`**Description**: Name describing the field. ## `labels`{% #labels %} **Type**: `UNORDERED_LIST_STRING` ## `last_run_time`{% #last_run_time %} **Type**: `TIMESTAMP`**Provider name**: `lastRunTime`**Description**: Output only. The timestamp of the last time this trigger executed. ## `name`{% #name %} **Type**: `STRING`**Provider name**: `name`**Description**: Unique resource name for the triggeredJob, assigned by the service when the triggeredJob is created, for example `projects/dlp-test-project/jobTriggers/53234423`. ## `organization_id`{% #organization_id %} **Type**: `STRING` ## `parent`{% #parent %} **Type**: `STRING` ## `project_id`{% #project_id %} **Type**: `STRING` ## `project_number`{% #project_number %} **Type**: `STRING` ## `region_id`{% #region_id %} **Type**: `STRING` ## `resource_name`{% #resource_name %} **Type**: `STRING` ## `tags`{% #tags %} **Type**: `UNORDERED_LIST_STRING` ## `triggers`{% #triggers %} **Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `triggers`**Description**: A list of triggers which will be OR'ed together. Only one in the list needs to trigger for a job to be started. The list may contain only a single Schedule trigger and must have at least one object. - `manual`**Type**: `STRUCT`**Provider name**: `manual`**Description**: For use with hybrid jobs. Jobs must be manually created and finished. - `schedule`**Type**: `STRUCT`**Provider name**: `schedule`**Description**: Create a job on a repeating basis based on the elapse of time. - `recurrence_period_duration`**Type**: `STRING`**Provider name**: `recurrencePeriodDuration`**Description**: With this option a job is started on a regular periodic basis. For example: every day (86400 seconds). A scheduled start time will be skipped if the previous execution has not ended when its scheduled time occurs. This value must be set to a time duration greater than or equal to 1 day and can be no longer than 60 days. ## `update_time`{% #update_time %} **Type**: `TIMESTAMP`**Provider name**: `updateTime`**Description**: Output only. The last update timestamp of a triggeredJob. ## `zone_id`{% #zone_id %} **Type**: `STRING`