|
| 1 | +# Copyright 2017 Google Inc. |
| 2 | +# |
| 3 | +# Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | +# you may not use this file except in compliance with the License. |
| 5 | +# You may obtain a copy of the License at |
| 6 | +# |
| 7 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | +# |
| 9 | +# Unless required by applicable law or agreed to in writing, software |
| 10 | +# distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | +# See the License for the specific language governing permissions and |
| 13 | +# limitations under the License. |
| 14 | + |
| 15 | +"""Sample app that sets up Data Loss Prevention API inspect templates.""" |
| 16 | + |
| 17 | +from __future__ import print_function |
| 18 | + |
| 19 | +import argparse |
| 20 | +import os |
| 21 | +import time |
| 22 | + |
| 23 | + |
| 24 | +# [START dlp_create_template] |
| 25 | +def create_inspect_template(project, info_types, |
| 26 | + template_id=None, display_name=None, |
| 27 | + min_likelihood=None, max_findings=None, |
| 28 | + include_quote=None): |
| 29 | + """Creates a Data Loss Prevention API inspect template. |
| 30 | + Args: |
| 31 | + project: The Google Cloud project id to use as a parent resource. |
| 32 | + info_types: A list of strings representing info types to look for. |
| 33 | + A full list of info type categories can be fetched from the API. |
| 34 | + template_id: The id of the template. If omitted, an id will be randomly |
| 35 | + generated. |
| 36 | + display_name: The optional display name of the template. |
| 37 | + min_likelihood: A string representing the minimum likelihood threshold |
| 38 | + that constitutes a match. One of: 'LIKELIHOOD_UNSPECIFIED', |
| 39 | + 'VERY_UNLIKELY', 'UNLIKELY', 'POSSIBLE', 'LIKELY', 'VERY_LIKELY'. |
| 40 | + max_findings: The maximum number of findings to report; 0 = no maximum. |
| 41 | + include_quote: Boolean for whether to display a quote of the detected |
| 42 | + information in the results. |
| 43 | + Returns: |
| 44 | + None; the response from the API is printed to the terminal. |
| 45 | + """ |
| 46 | + |
| 47 | + # Import the client library |
| 48 | + import google.cloud.dlp |
| 49 | + |
| 50 | + # Instantiate a client. |
| 51 | + dlp = google.cloud.dlp.DlpServiceClient() |
| 52 | + |
| 53 | + # Prepare info_types by converting the list of strings into a list of |
| 54 | + # dictionaries (protos are also accepted). |
| 55 | + info_types = [{'name': info_type} for info_type in info_types] |
| 56 | + |
| 57 | + # Construct the configuration dictionary. Keys which are None may |
| 58 | + # optionally be omitted entirely. |
| 59 | + inspect_config = { |
| 60 | + 'info_types': info_types, |
| 61 | + 'min_likelihood': min_likelihood, |
| 62 | + 'include_quote': include_quote, |
| 63 | + 'limits': {'max_findings_per_request': max_findings}, |
| 64 | + } |
| 65 | + |
| 66 | + inspect_template = { |
| 67 | + 'inspect_config': inspect_config, |
| 68 | + 'display_name': display_name, |
| 69 | + } |
| 70 | + |
| 71 | + # Convert the project id into a full resource id. |
| 72 | + parent = dlp.project_path(project) |
| 73 | + |
| 74 | + # Call the API. |
| 75 | + response = dlp.create_inspect_template( |
| 76 | + parent, inspect_template=inspect_template, template_id=template_id) |
| 77 | + |
| 78 | + print('Successfully created template {}'.format(response.name)) |
| 79 | + |
| 80 | +# [END dlp_create_template] |
| 81 | + |
| 82 | + |
| 83 | +# [START dlp_list_templates] |
| 84 | +def list_inspect_templates(project): |
| 85 | + """Lists all Data Loss Prevention API inspect templates. |
| 86 | + Args: |
| 87 | + project: The Google Cloud project id to use as a parent resource. |
| 88 | + Returns: |
| 89 | + None; the response from the API is printed to the terminal. |
| 90 | + """ |
| 91 | + |
| 92 | + # Import the client library |
| 93 | + import google.cloud.dlp |
| 94 | + |
| 95 | + # Instantiate a client. |
| 96 | + dlp = google.cloud.dlp.DlpServiceClient() |
| 97 | + |
| 98 | + # Convert the project id into a full resource id. |
| 99 | + parent = dlp.project_path(project) |
| 100 | + |
| 101 | + # Call the API. |
| 102 | + response = dlp.list_inspect_templates(parent) |
| 103 | + |
| 104 | + # Define a helper function to convert the API's "seconds since the epoch" |
| 105 | + # time format into a human-readable string. |
| 106 | + def human_readable_time(timestamp): |
| 107 | + return str(time.localtime(timestamp.seconds)) |
| 108 | + |
| 109 | + for template in response: |
| 110 | + print('Template {}:'.format(template.name)) |
| 111 | + if template.display_name: |
| 112 | + print(' Display Name: {}'.format(template.display_name)) |
| 113 | + print(' Created: {}'.format( |
| 114 | + human_readable_time(template.create_time))) |
| 115 | + print(' Updated: {}'.format( |
| 116 | + human_readable_time(template.update_time))) |
| 117 | + |
| 118 | + config = template.inspect_config |
| 119 | + print(' InfoTypes: {}'.format(', '.join( |
| 120 | + [it.name for it in config.info_types] |
| 121 | + ))) |
| 122 | + print(' Minimum likelihood: {}'.format(config.min_likelihood)) |
| 123 | + print(' Include quotes: {}'.format(config.include_quote)) |
| 124 | + print(' Max findings per request: {}'.format( |
| 125 | + config.limits.max_findings_per_request)) |
| 126 | + |
| 127 | +# [END dlp_list_templates] |
| 128 | + |
| 129 | + |
| 130 | +# [START dlp_delete_template] |
| 131 | +def delete_inspect_template(project, template_id): |
| 132 | + """Deletes a Data Loss Prevention API template. |
| 133 | + Args: |
| 134 | + project: The id of the Google Cloud project which owns the template. |
| 135 | + template_id: The id of the template to delete. |
| 136 | + Returns: |
| 137 | + None; the response from the API is printed to the terminal. |
| 138 | + """ |
| 139 | + |
| 140 | + # Import the client library |
| 141 | + import google.cloud.dlp |
| 142 | + |
| 143 | + # Instantiate a client. |
| 144 | + dlp = google.cloud.dlp.DlpServiceClient() |
| 145 | + |
| 146 | + # Convert the project id into a full resource id. |
| 147 | + parent = dlp.project_path(project) |
| 148 | + |
| 149 | + # Combine the template id with the parent id. |
| 150 | + template_resource = '{}/inspectTemplates/{}'.format(parent, template_id) |
| 151 | + |
| 152 | + # Call the API. |
| 153 | + dlp.delete_inspect_template(template_resource) |
| 154 | + |
| 155 | + print('Template {} successfully deleted.'.format(template_resource)) |
| 156 | + |
| 157 | +# [END dlp_delete_template] |
| 158 | + |
| 159 | + |
| 160 | +if __name__ == '__main__': |
| 161 | + default_project = os.environ.get('GCLOUD_PROJECT') |
| 162 | + |
| 163 | + parser = argparse.ArgumentParser(description=__doc__) |
| 164 | + subparsers = parser.add_subparsers( |
| 165 | + dest='action', help='Select which action to perform.') |
| 166 | + subparsers.required = True |
| 167 | + |
| 168 | + parser_create = subparsers.add_parser('create', help='Create a template.') |
| 169 | + parser_create.add_argument( |
| 170 | + '--template_id', |
| 171 | + help='The id of the template. If omitted, an id will be randomly ' |
| 172 | + 'generated') |
| 173 | + parser_create.add_argument( |
| 174 | + '--display_name', |
| 175 | + help='The optional display name of the template.') |
| 176 | + parser_create.add_argument( |
| 177 | + '--project', |
| 178 | + help='The Google Cloud project id to use as a parent resource.', |
| 179 | + default=default_project) |
| 180 | + parser_create.add_argument( |
| 181 | + '--info_types', action='append', |
| 182 | + help='Strings representing info types to look for. A full list of ' |
| 183 | + 'info categories and types is available from the API. Examples ' |
| 184 | + 'include "FIRST_NAME", "LAST_NAME", "EMAIL_ADDRESS". ' |
| 185 | + 'If unspecified, the three above examples will be used.', |
| 186 | + default=['FIRST_NAME', 'LAST_NAME', 'EMAIL_ADDRESS']) |
| 187 | + parser_create.add_argument( |
| 188 | + '--min_likelihood', |
| 189 | + choices=['LIKELIHOOD_UNSPECIFIED', 'VERY_UNLIKELY', 'UNLIKELY', |
| 190 | + 'POSSIBLE', 'LIKELY', 'VERY_LIKELY'], |
| 191 | + help='A string representing the minimum likelihood threshold that ' |
| 192 | + 'constitutes a match.') |
| 193 | + parser_create.add_argument( |
| 194 | + '--max_findings', type=int, |
| 195 | + help='The maximum number of findings to report; 0 = no maximum.') |
| 196 | + parser_create.add_argument( |
| 197 | + '--include_quote', type=bool, |
| 198 | + help='A boolean for whether to display a quote of the detected ' |
| 199 | + 'information in the results.', |
| 200 | + default=True) |
| 201 | + |
| 202 | + parser_list = subparsers.add_parser('list', help='List all templates.') |
| 203 | + parser_list.add_argument( |
| 204 | + '--project', |
| 205 | + help='The Google Cloud project id to use as a parent resource.', |
| 206 | + default=default_project) |
| 207 | + |
| 208 | + parser_delete = subparsers.add_parser('delete', help='Delete a template.') |
| 209 | + parser_delete.add_argument( |
| 210 | + 'template_id', |
| 211 | + help='The id of the template to delete.') |
| 212 | + parser_delete.add_argument( |
| 213 | + '--project', |
| 214 | + help='The Google Cloud project id to use as a parent resource.', |
| 215 | + default=default_project) |
| 216 | + |
| 217 | + args = parser.parse_args() |
| 218 | + |
| 219 | + if args.action == 'create': |
| 220 | + create_inspect_template( |
| 221 | + args.project, args.info_types, |
| 222 | + template_id=args.template_id, display_name=args.display_name, |
| 223 | + min_likelihood=args.min_likelihood, |
| 224 | + max_findings=args.max_findings, include_quote=args.include_quote |
| 225 | + ) |
| 226 | + elif args.action == 'list': |
| 227 | + list_inspect_templates(args.project) |
| 228 | + elif args.action == 'delete': |
| 229 | + delete_inspect_template(args.project, args.template_id) |
0 commit comments