Skip to content

googleDataLossPreventionStoredInfoType

Allows creation of custom info types.

To get more information about StoredInfoType, see:

Example Usage - Dlp Stored Info Type Basic

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.dataLossPreventionStoredInfoType.DataLossPreventionStoredInfoType(
  this,
  "basic",
  {
    description: "Description",
    display_name: "Displayname",
    parent: "projects/my-project-name",
    regex: [
      {
        group_indexes: [2],
        pattern: "patient",
      },
    ],
  }
);

Example Usage - Dlp Stored Info Type Dictionary

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.dataLossPreventionStoredInfoType.DataLossPreventionStoredInfoType(
  this,
  "dictionary",
  {
    description: "Description",
    dictionary: [
      {
        word_list: [
          {
            words: ["word", "word2"],
          },
        ],
      },
    ],
    display_name: "Displayname",
    parent: "projects/my-project-name",
  }
);

Example Usage - Dlp Stored Info Type Large Custom Dictionary

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleStorageBucketBucket = new google.storageBucket.StorageBucket(
  this,
  "bucket",
  {
    force_destroy: true,
    location: "US",
    name: "tf-test-bucket",
  }
);
const googleStorageBucketObjectObject =
  new google.storageBucketObject.StorageBucketObject(this, "object", {
    bucket: googleStorageBucketBucket.name,
    name: "tf-test-object",
    source: "./test-fixtures/dlp/words.txt",
  });
new google.dataLossPreventionStoredInfoType.DataLossPreventionStoredInfoType(
  this,
  "large",
  {
    description: "Description",
    display_name: "Displayname",
    large_custom_dictionary: [
      {
        cloud_storage_file_set: [
          {
            url: `gs://\${${googleStorageBucketBucket.name}}/\${${googleStorageBucketObjectObject.name}}`,
          },
        ],
        output_path: [
          {
            path: `gs://\${${googleStorageBucketBucket.name}}/output/dictionary.txt`,
          },
        ],
      },
    ],
    parent: "projects/my-project-name",
  }
);

Argument Reference

The following arguments are supported:

  • parent - (Required) The parent of the info type in any of the following formats:
  • projects/{{project}}
  • projects/{{project}}/locations/{{location}}
  • organizations/{{organizationId}}
  • organizations/{{organizationId}}/locations/{{location}}

  • description - (Optional) A description of the info type.

  • displayName - (Optional) User set display name of the info type.

  • regex - (Optional) Regular expression which defines the rule. Structure is documented below.

  • dictionary - (Optional) Dictionary which defines the rule. Structure is documented below.

  • largeCustomDictionary - (Optional) Dictionary which defines the rule. Structure is documented below.

The regex block supports:

  • pattern - (Required) Pattern defining the regular expression. Its syntax (https://github.com/google/re2/wiki/Syntax) can be found under the google/re2 repository on GitHub.

  • groupIndexes - (Optional) The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included.

The dictionary block supports:

  • wordList - (Optional) List of words or phrases to search for. Structure is documented below.

  • cloudStoragePath - (Optional) Newline-delimited file of words in Cloud Storage. Only a single file is accepted. Structure is documented below.

The wordList block supports:

  • words - (Required) Words or phrases defining the dictionary. The dictionary must contain at least one phrase and every phrase must contain at least 2 characters that are letters or digits.

The cloudStoragePath block supports:

  • path - (Required) A url representing a file or path (no wildcards) in Cloud Storage. Example: gs://[bucketName]/dictionaryTxt

The largeCustomDictionary block supports:

  • outputPath - (Required) Location to store dictionary artifacts in Google Cloud Storage. These files will only be accessible by project owners and the DLP API. If any of these artifacts are modified, the dictionary is considered invalid and can no longer be used. Structure is documented below.

  • cloudStorageFileSet - (Optional) Set of files containing newline-delimited lists of dictionary phrases. Structure is documented below.

  • bigQueryField - (Optional) Field in a BigQuery table where each cell represents a dictionary phrase. Structure is documented below.

The outputPath block supports:

  • path - (Required) A url representing a file or path (no wildcards) in Cloud Storage. Example: gs://[bucketName]/dictionaryTxt

The cloudStorageFileSet block supports:

  • url - (Required) The url, in the format gs://<bucket>/<path>. Trailing wildcard in the path is allowed.

The bigQueryField block supports:

  • table - (Required) Field in a BigQuery table where each cell represents a dictionary phrase. Structure is documented below.

  • field - (Required) Designated field in the BigQuery table. Structure is documented below.

The table block supports:

  • projectId - (Required) The Google Cloud Platform project ID of the project containing the table.

  • datasetId - (Required) The dataset ID of the table.

  • tableId - (Required) The name of the table.

The field block supports:

  • name - (Required) Name describing the field.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format {{parent}}/storedInfoTypes/{{name}}

  • name - The resource name of the info type. Set by the server.

Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 20 minutes.
  • update - Default is 20 minutes.
  • delete - Default is 20 minutes.

Import

StoredInfoType can be imported using any of these accepted formats:

$ terraform import google_data_loss_prevention_stored_info_type.default {{parent}}/storedInfoTypes/{{name}}
$ terraform import google_data_loss_prevention_stored_info_type.default {{parent}}/{{name}}