Skip to content

Commit

Permalink
feat: add bigquery datapolicies v1 API (#3690)
Browse files Browse the repository at this point in the history
* feat: add bigquery datapolicies v1 API

PiperOrigin-RevId: 491999451

Source-Link: googleapis/googleapis@24fc77b

Source-Link: googleapis/googleapis-gen@81aebdc
Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWJpZ3F1ZXJ5LWRhdGFwb2xpY2llcy8uT3dsQm90LnlhbWwiLCJoIjoiODFhZWJkYzdmNjhkMzkwZWUyMjZlOGUzMjdlZGJlYmNjYzk5NmU0OSJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* docs: fix minor docstring formatting

PiperOrigin-RevId: 492509862

Source-Link: googleapis/googleapis@83c3605

Source-Link: googleapis/googleapis-gen@2fd72ef
Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWJpZ3F1ZXJ5LWRhdGFwb2xpY2llcy8uT3dsQm90LnlhbWwiLCJoIjoiMmZkNzJlZjk4NjlkYjYwMjkzN2ExMDc1YWU5MWQwYjE0NjkzZWNjZiJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: sofisl <55454395+sofisl@users.noreply.github.com>
  • Loading branch information
3 people authored Dec 5, 2022
1 parent 41d80e7 commit 752036e
Show file tree
Hide file tree
Showing 24 changed files with 9,314 additions and 111 deletions.
9 changes: 9 additions & 0 deletions packages/google-cloud-bigquery-datapolicies/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,15 @@ Samples are in the [`samples/`](https://github.com/googleapis/google-cloud-node/

| Sample | Source Code | Try it |
| --------------------------- | --------------------------------- | ------ |
| Data_policy_service.create_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.create_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.create_data_policy.js,samples/README.md) |
| Data_policy_service.delete_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.delete_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.delete_data_policy.js,samples/README.md) |
| Data_policy_service.get_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.get_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.get_data_policy.js,samples/README.md) |
| Data_policy_service.get_iam_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.get_iam_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.get_iam_policy.js,samples/README.md) |
| Data_policy_service.list_data_policies | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.list_data_policies.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.list_data_policies.js,samples/README.md) |
| Data_policy_service.rename_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.rename_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.rename_data_policy.js,samples/README.md) |
| Data_policy_service.set_iam_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.set_iam_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.set_iam_policy.js,samples/README.md) |
| Data_policy_service.test_iam_permissions | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.test_iam_permissions.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.test_iam_permissions.js,samples/README.md) |
| Data_policy_service.update_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.update_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1/data_policy_service.update_data_policy.js,samples/README.md) |
| Data_policy_service.create_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1beta1/data_policy_service.create_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1beta1/data_policy_service.create_data_policy.js,samples/README.md) |
| Data_policy_service.delete_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1beta1/data_policy_service.delete_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1beta1/data_policy_service.delete_data_policy.js,samples/README.md) |
| Data_policy_service.get_data_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-bigquery-datapolicies/samples/generated/v1beta1/data_policy_service.get_data_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-bigquery-datapolicies/samples/generated/v1beta1/data_policy_service.get_data_policy.js,samples/README.md) |
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,320 @@
// Copyright 2022 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package google.cloud.bigquery.datapolicies.v1;

import "google/api/annotations.proto";
import "google/api/client.proto";
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/iam/v1/iam_policy.proto";
import "google/iam/v1/policy.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";

option csharp_namespace = "Google.Cloud.BigQuery.DataPolicies.V1";
option go_package = "google.golang.org/genproto/googleapis/cloud/bigquery/datapolicies/v1;datapolicies";
option java_multiple_files = true;
option java_outer_classname = "DataPolicyProto";
option java_package = "com.google.cloud.bigquery.datapolicies.v1";
option php_namespace = "Google\\Cloud\\BigQuery\\DataPolicies\\V1";
option ruby_package = "Google::Cloud::Bigquery::DataPolicies::V1";

// Data Policy Service provides APIs for managing the label-policy bindings.
service DataPolicyService {
option (google.api.default_host) = "bigquerydatapolicy.googleapis.com";
option (google.api.oauth_scopes) =
"https://www.googleapis.com/auth/bigquery,"
"https://www.googleapis.com/auth/cloud-platform";

// Creates a new data policy under a project with the given `dataPolicyId`
// (used as the display name), policy tag, and data policy type.
rpc CreateDataPolicy(CreateDataPolicyRequest) returns (DataPolicy) {
option (google.api.http) = {
post: "/v1/{parent=projects/*/locations/*}/dataPolicies"
body: "data_policy"
};
option (google.api.method_signature) = "parent,data_policy";
}

// Updates the metadata for an existing data policy. The target data policy
// can be specified by the resource name.
rpc UpdateDataPolicy(UpdateDataPolicyRequest) returns (DataPolicy) {
option (google.api.http) = {
patch: "/v1/{data_policy.name=projects/*/locations/*/dataPolicies/*}"
body: "data_policy"
};
option (google.api.method_signature) = "data_policy,update_mask";
}

// Renames the id (display name) of the specified data policy.
rpc RenameDataPolicy(RenameDataPolicyRequest) returns (DataPolicy) {
option (google.api.http) = {
post: "/v1/{name=projects/*/locations/*/dataPolicies/*}:rename"
body: "*"
};
option (google.api.method_signature) = "name,new_data_policy_id";
}

// Deletes the data policy specified by its resource name.
rpc DeleteDataPolicy(DeleteDataPolicyRequest)
returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v1/{name=projects/*/locations/*/dataPolicies/*}"
};
option (google.api.method_signature) = "name";
}

// Gets the data policy specified by its resource name.
rpc GetDataPolicy(GetDataPolicyRequest) returns (DataPolicy) {
option (google.api.http) = {
get: "/v1/{name=projects/*/locations/*/dataPolicies/*}"
};
option (google.api.method_signature) = "name";
}

// List all of the data policies in the specified parent project.
rpc ListDataPolicies(ListDataPoliciesRequest)
returns (ListDataPoliciesResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/locations/*}/dataPolicies"
};
option (google.api.method_signature) = "parent";
}

// Gets the IAM policy for the specified data policy.
rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest)
returns (google.iam.v1.Policy) {
option (google.api.http) = {
post: "/v1/{resource=projects/*/locations/*/dataPolicies/*}:getIamPolicy"
body: "*"
};
}

// Sets the IAM policy for the specified data policy.
rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest)
returns (google.iam.v1.Policy) {
option (google.api.http) = {
post: "/v1/{resource=projects/*/locations/*/dataPolicies/*}:setIamPolicy"
body: "*"
};
}

// Returns the caller's permission on the specified data policy resource.
rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest)
returns (google.iam.v1.TestIamPermissionsResponse) {
option (google.api.http) = {
post: "/v1/{resource=projects/*/locations/*/dataPolicies/*}:testIamPermissions"
body: "*"
};
}
}

// Request message for the CreateDataPolicy method.
message CreateDataPolicyRequest {
// Required. Resource name of the project that the data policy will belong to.
// The format is `projects/{project_number}/locations/{location_id}`.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
child_type: "bigquerydatapolicy.googleapis.com/DataPolicy"
}
];

// Required. The data policy to create. The `name` field does not need to be
// provided for the data policy creation.
DataPolicy data_policy = 2 [(google.api.field_behavior) = REQUIRED];
}

// Response message for the UpdateDataPolicy method.
message UpdateDataPolicyRequest {
// Required. Update the data policy's metadata.
//
// The target data policy is determined by the `name` field.
// Other fields are updated to the specified values based on the field masks.
DataPolicy data_policy = 1 [(google.api.field_behavior) = REQUIRED];

// The update mask applies to the resource. For the `FieldMask` definition,
// see
// https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
// If not set, defaults to all of the fields that are allowed to update.
//
// Updates to the `name` and `dataPolicyId` fields are not allowed.
google.protobuf.FieldMask update_mask = 2;
}

// Request message for the RenameDataPolicy method.
message RenameDataPolicyRequest {
// Required. Resource name of the data policy to rename. The format is
// `projects/{project_number}/locations/{location_id}/dataPolicies/{data_policy_id}`
string name = 1 [(google.api.field_behavior) = REQUIRED];

// Required. The new data policy id.
string new_data_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
}

// Request message for the DeleteDataPolicy method.
message DeleteDataPolicyRequest {
// Required. Resource name of the data policy to delete. Format is
// `projects/{project_number}/locations/{location_id}/dataPolicies/{data_policy_id}`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
type: "bigquerydatapolicy.googleapis.com/DataPolicy"
}
];
}

// Request message for the GetDataPolicy method.
message GetDataPolicyRequest {
// Required. Resource name of the requested data policy. Format is
// `projects/{project_number}/locations/{location_id}/dataPolicies/{data_policy_id}`.
string name = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
type: "bigquerydatapolicy.googleapis.com/DataPolicy"
}
];
}

// Request message for the ListDataPolicies method.
message ListDataPoliciesRequest {
// Required. Resource name of the project for which to list data policies.
// Format is `projects/{project_number}/locations/{location_id}`.
string parent = 1 [
(google.api.field_behavior) = REQUIRED,
(google.api.resource_reference) = {
child_type: "bigquerydatapolicy.googleapis.com/DataPolicy"
}
];

// The maximum number of data policies to return. Must be a value between 1
// and 1000.
// If not set, defaults to 50.
int32 page_size = 2;

// The `nextPageToken` value returned from a previous list request, if any. If
// not set, defaults to an empty string.
string page_token = 3;

// Filters the data policies by policy tags that they
// are associated with. Currently filter only supports
// "policy<span></span>_tag" based filtering and OR based predicates. Sample
// filter can be "policy<span></span>_tag:
// `'projects/1/locations/us/taxonomies/2/policyTags/3'`". You may use
// wildcard such as "policy<span></span>_tag:
// `'projects/1/locations/us/taxonomies/2/*'`".
string filter = 4;
}

// Response message for the ListDataPolicies method.
message ListDataPoliciesResponse {
// Data policies that belong to the requested project.
repeated DataPolicy data_policies = 1;

// Token used to retrieve the next page of results, or empty if there are no
// more results.
string next_page_token = 2;
}

// Represents the label-policy binding.
message DataPolicy {
option (google.api.resource) = {
type: "bigquerydatapolicy.googleapis.com/DataPolicy"
pattern: "projects/{project}/locations/{location}/dataPolicies/{data_policy}"
};

// A list of supported data policy types.
enum DataPolicyType {
// Default value for the data policy type. This should not be used.
DATA_POLICY_TYPE_UNSPECIFIED = 0;

// Used to create a data policy for column-level security, without data
// masking.
COLUMN_LEVEL_SECURITY_POLICY = 3;

// Used to create a data policy for data masking.
DATA_MASKING_POLICY = 2;
}

// Label that is bound to this data policy.
oneof matching_label {
// Policy tag resource name, in the format of
// `projects/{project_number}/locations/{location_id}/taxonomies/{taxonomy_id}/policyTags/{policyTag_id}`.
string policy_tag = 4;
}

// The policy that is bound to this data policy.
oneof policy {
// The data masking policy that specifies the data masking rule to use.
DataMaskingPolicy data_masking_policy = 5;
}

// Output only. Resource name of this data policy, in the format of
// `projects/{project_number}/locations/{location_id}/dataPolicies/{data_policy_id}`.
string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];

// Type of data policy.
DataPolicyType data_policy_type = 2;

// User-assigned (human readable) ID of the data policy that needs to be
// unique within a project. Used as {data_policy_id} in part of the resource
// name.
string data_policy_id = 3;
}

// The data masking policy that is used to specify data masking rule.
message DataMaskingPolicy {
// The available masking rules. Learn more here:
// https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options.
enum PredefinedExpression {
// Default, unspecified predefined expression. No masking will take place
// since no expression is specified.
PREDEFINED_EXPRESSION_UNSPECIFIED = 0;

// Masking expression to replace data with SHA-256 hash.
SHA256 = 3;

// Masking expression to replace data with NULLs.
ALWAYS_NULL = 5;

// Masking expression to replace data with their default masking values.
// The default masking values for each type listed as below:
//
// * STRING: ""
// * BYTES: b''
// * INTEGER: 0
// * FLOAT: 0.0
// * NUMERIC: 0
// * BOOLEAN: FALSE
// * TIMESTAMP: 0001-01-01 00:00:00 UTC
// * DATE: 0001-01-01
// * TIME: 00:00:00
// * DATETIME: 0001-01-01T00:00:00
// * GEOGRAPHY: POINT(0 0)
// * BIGNUMERIC: 0
// * ARRAY: []
// * STRUCT: NOT_APPLICABLE
// * JSON: NULL
DEFAULT_MASKING_VALUE = 7;
}

// A masking expression to bind to the data masking rule.
oneof masking_expression {
// A predefined masking expression.
PredefinedExpression predefined_expression = 1;
}
}
Loading

0 comments on commit 752036e

Please sign in to comment.