Class: Google::Cloud::Dlp::V2::DataProfileAction::TagResources

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/privacy/dlp/v2/dlp.rb

Overview

If set, attaches the tags provided to profiled resources. Tags support access control. You can conditionally grant or deny access to a resource based on whether the resource has a specific tag.

Defined Under Namespace

Classes: TagCondition, TagValue

Instance Attribute Summary collapse

Instance Attribute Details

#lower_data_risk_to_low::Boolean

Returns Whether applying a tag to a resource should lower the risk of the profile for that resource. For example, in conjunction with an IAM deny policy, you can deny all principals a permission if a tag value is present, mitigating the risk of the resource. This also lowers the data risk of resources at the lower levels of the resource hierarchy. For example, reducing the data risk of a table data profile also reduces the data risk of the constituent column data profiles.

Returns:

  • (::Boolean)

    Whether applying a tag to a resource should lower the risk of the profile for that resource. For example, in conjunction with an IAM deny policy, you can deny all principals a permission if a tag value is present, mitigating the risk of the resource. This also lowers the data risk of resources at the lower levels of the resource hierarchy. For example, reducing the data risk of a table data profile also reduces the data risk of the constituent column data profiles.



4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
 
# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 4577

class TagResources
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The tag to attach to profiles matching the condition. At most one
  # `TagCondition` can be specified per sensitivity level.
  # @!attribute [rw] tag
  #   @return [::Google::Cloud::Dlp::V2::DataProfileAction::TagResources::TagValue]
  #     The tag value to attach to resources.
  # @!attribute [rw] sensitivity_score
  #   @return [::Google::Cloud::Dlp::V2::SensitivityScore]
  #     Conditions attaching the tag to a resource on its profile having this
  #     sensitivity score.
  class TagCondition
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A value of a tag.
  # @!attribute [rw] namespaced_value
  #   @return [::String]
  #     The namespaced name for the tag value to attach to resources. Must be
  #     in the format `{parent_id}/{tag_key_short_name}/{short_name}`, for
  #     example, "123456/environment/prod" for an organization parent, or
  #     "my-project/environment/prod" for a project parent.
  class TagValue
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#profile_generations_to_tag::Array<::Google::Cloud::Dlp::V2::ProfileGeneration>

Returns The profile generations for which the tag should be attached to resources. If you attach a tag to only new profiles, then if the sensitivity score of a profile subsequently changes, its tag doesn't change. By default, this field includes only new profiles. To include both new and updated profiles for tagging, this field should explicitly include both PROFILE_GENERATION_NEW and PROFILE_GENERATION_UPDATE.

Returns:

  • (::Array<::Google::Cloud::Dlp::V2::ProfileGeneration>)

    The profile generations for which the tag should be attached to resources. If you attach a tag to only new profiles, then if the sensitivity score of a profile subsequently changes, its tag doesn't change. By default, this field includes only new profiles. To include both new and updated profiles for tagging, this field should explicitly include both PROFILE_GENERATION_NEW and PROFILE_GENERATION_UPDATE.



4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
 
# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 4577

class TagResources
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The tag to attach to profiles matching the condition. At most one
  # `TagCondition` can be specified per sensitivity level.
  # @!attribute [rw] tag
  #   @return [::Google::Cloud::Dlp::V2::DataProfileAction::TagResources::TagValue]
  #     The tag value to attach to resources.
  # @!attribute [rw] sensitivity_score
  #   @return [::Google::Cloud::Dlp::V2::SensitivityScore]
  #     Conditions attaching the tag to a resource on its profile having this
  #     sensitivity score.
  class TagCondition
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A value of a tag.
  # @!attribute [rw] namespaced_value
  #   @return [::String]
  #     The namespaced name for the tag value to attach to resources. Must be
  #     in the format `{parent_id}/{tag_key_short_name}/{short_name}`, for
  #     example, "123456/environment/prod" for an organization parent, or
  #     "my-project/environment/prod" for a project parent.
  class TagValue
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#tag_conditions::Array<::Google::Cloud::Dlp::V2::DataProfileAction::TagResources::TagCondition>

Returns The tags to associate with different conditions.

Returns:



4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
 
# File 'proto_docs/google/privacy/dlp/v2/dlp.rb', line 4577

class TagResources
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The tag to attach to profiles matching the condition. At most one
  # `TagCondition` can be specified per sensitivity level.
  # @!attribute [rw] tag
  #   @return [::Google::Cloud::Dlp::V2::DataProfileAction::TagResources::TagValue]
  #     The tag value to attach to resources.
  # @!attribute [rw] sensitivity_score
  #   @return [::Google::Cloud::Dlp::V2::SensitivityScore]
  #     Conditions attaching the tag to a resource on its profile having this
  #     sensitivity score.
  class TagCondition
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A value of a tag.
  # @!attribute [rw] namespaced_value
  #   @return [::String]
  #     The namespaced name for the tag value to attach to resources. Must be
  #     in the format `{parent_id}/{tag_key_short_name}/{short_name}`, for
  #     example, "123456/environment/prod" for an organization parent, or
  #     "my-project/environment/prod" for a project parent.
  class TagValue
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end