security_settings.proto 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268
  1. // Copyright 2021 Google LLC
  2. //
  3. // Licensed under the Apache License, Version 2.0 (the "License");
  4. // you may not use this file except in compliance with the License.
  5. // You may obtain a copy of the License at
  6. //
  7. // http://www.apache.org/licenses/LICENSE-2.0
  8. //
  9. // Unless required by applicable law or agreed to in writing, software
  10. // distributed under the License is distributed on an "AS IS" BASIS,
  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. // See the License for the specific language governing permissions and
  13. // limitations under the License.
  14. syntax = "proto3";
  15. package google.cloud.dialogflow.cx.v3;
  16. import "google/api/annotations.proto";
  17. import "google/api/client.proto";
  18. import "google/api/field_behavior.proto";
  19. import "google/api/resource.proto";
  20. import "google/longrunning/operations.proto";
  21. import "google/protobuf/empty.proto";
  22. import "google/protobuf/field_mask.proto";
  23. option cc_enable_arenas = true;
  24. option csharp_namespace = "Google.Cloud.Dialogflow.Cx.V3";
  25. option go_package = "google.golang.org/genproto/googleapis/cloud/dialogflow/cx/v3;cx";
  26. option java_multiple_files = true;
  27. option java_outer_classname = "SecuritySettingsProto";
  28. option java_package = "com.google.cloud.dialogflow.cx.v3";
  29. option objc_class_prefix = "DF";
  30. // Service for managing security settings for Dialogflow.
  31. service SecuritySettingsService {
  32. option (google.api.default_host) = "dialogflow.googleapis.com";
  33. option (google.api.oauth_scopes) =
  34. "https://www.googleapis.com/auth/cloud-platform,"
  35. "https://www.googleapis.com/auth/dialogflow";
  36. // Create security settings in the specified location.
  37. rpc CreateSecuritySettings(CreateSecuritySettingsRequest) returns (SecuritySettings) {
  38. option (google.api.http) = {
  39. post: "/v3/{parent=projects/*/locations/*}/securitySettings"
  40. body: "security_settings"
  41. };
  42. option (google.api.method_signature) = "parent,security_settings";
  43. }
  44. // Retrieves the specified [SecuritySettings][google.cloud.dialogflow.cx.v3.SecuritySettings].
  45. // The returned settings may be stale by up to 1 minute.
  46. rpc GetSecuritySettings(GetSecuritySettingsRequest) returns (SecuritySettings) {
  47. option (google.api.http) = {
  48. get: "/v3/{name=projects/*/locations/*/securitySettings/*}"
  49. };
  50. option (google.api.method_signature) = "name";
  51. }
  52. // Updates the specified [SecuritySettings][google.cloud.dialogflow.cx.v3.SecuritySettings].
  53. rpc UpdateSecuritySettings(UpdateSecuritySettingsRequest) returns (SecuritySettings) {
  54. option (google.api.http) = {
  55. patch: "/v3/{security_settings.name=projects/*/locations/*/securitySettings/*}"
  56. body: "security_settings"
  57. };
  58. option (google.api.method_signature) = "security_settings,update_mask";
  59. }
  60. // Returns the list of all security settings in the specified location.
  61. rpc ListSecuritySettings(ListSecuritySettingsRequest) returns (ListSecuritySettingsResponse) {
  62. option (google.api.http) = {
  63. get: "/v3/{parent=projects/*/locations/*}/securitySettings"
  64. };
  65. option (google.api.method_signature) = "parent";
  66. }
  67. // Deletes the specified [SecuritySettings][google.cloud.dialogflow.cx.v3.SecuritySettings].
  68. rpc DeleteSecuritySettings(DeleteSecuritySettingsRequest) returns (google.protobuf.Empty) {
  69. option (google.api.http) = {
  70. delete: "/v3/{name=projects/*/locations/*/securitySettings/*}"
  71. };
  72. option (google.api.method_signature) = "name";
  73. }
  74. }
  75. // The request message for [SecuritySettingsService.GetSecuritySettings][google.cloud.dialogflow.cx.v3.SecuritySettingsService.GetSecuritySettings].
  76. message GetSecuritySettingsRequest {
  77. // Required. Resource name of the settings.
  78. // Format: `projects/<Project ID>/locations/<Location
  79. // ID>/securitySettings/<security settings ID>`.
  80. string name = 1 [
  81. (google.api.field_behavior) = REQUIRED,
  82. (google.api.resource_reference) = {
  83. type: "dialogflow.googleapis.com/SecuritySettings"
  84. }
  85. ];
  86. }
  87. // The request message for [SecuritySettingsService.UpdateSecuritySettings][google.cloud.dialogflow.cx.v3.SecuritySettingsService.UpdateSecuritySettings].
  88. message UpdateSecuritySettingsRequest {
  89. // Required. [SecuritySettings] object that contains values for each of the
  90. // fields to update.
  91. SecuritySettings security_settings = 1 [(google.api.field_behavior) = REQUIRED];
  92. // Required. The mask to control which fields get updated. If the mask is not present,
  93. // all fields will be updated.
  94. google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = REQUIRED];
  95. }
  96. // The request message for [SecuritySettings.ListSecuritySettings][].
  97. message ListSecuritySettingsRequest {
  98. // Required. The location to list all security settings for.
  99. // Format: `projects/<Project ID>/locations/<Location ID>`.
  100. string parent = 1 [
  101. (google.api.field_behavior) = REQUIRED,
  102. (google.api.resource_reference) = {
  103. child_type: "dialogflow.googleapis.com/SecuritySettings"
  104. }
  105. ];
  106. // The maximum number of items to return in a single page. By default 20 and
  107. // at most 100.
  108. int32 page_size = 2;
  109. // The next_page_token value returned from a previous list request.
  110. string page_token = 3;
  111. }
  112. // The response message for [SecuritySettings.ListSecuritySettings][].
  113. message ListSecuritySettingsResponse {
  114. // The list of security settings.
  115. repeated SecuritySettings security_settings = 1;
  116. // Token to retrieve the next page of results, or empty if there are no more
  117. // results in the list.
  118. string next_page_token = 2;
  119. }
  120. // The request message for [SecuritySettings.CreateSecuritySettings][].
  121. message CreateSecuritySettingsRequest {
  122. // Required. The location to create an [SecuritySettings][google.cloud.dialogflow.cx.v3.SecuritySettings] for.
  123. // Format: `projects/<Project ID>/locations/<Location ID>`.
  124. string parent = 1 [
  125. (google.api.field_behavior) = REQUIRED,
  126. (google.api.resource_reference) = {
  127. child_type: "dialogflow.googleapis.com/SecuritySettings"
  128. }
  129. ];
  130. // Required. The security settings to create.
  131. SecuritySettings security_settings = 2 [(google.api.field_behavior) = REQUIRED];
  132. }
  133. // The request message for [SecuritySettings.DeleteSecuritySettings][].
  134. message DeleteSecuritySettingsRequest {
  135. // Required. The name of the [SecuritySettings][google.cloud.dialogflow.cx.v3.SecuritySettings] to delete.
  136. // Format: `projects/<Project ID>/locations/<Location
  137. // ID>/securitySettings/<Security Settings ID>`.
  138. string name = 1 [
  139. (google.api.field_behavior) = REQUIRED,
  140. (google.api.resource_reference) = {
  141. type: "dialogflow.googleapis.com/SecuritySettings"
  142. }
  143. ];
  144. }
  145. // Represents the settings related to security issues, such as data redaction
  146. // and data retention. It may take hours for updates on the settings to
  147. // propagate to all the related components and take effect.
  148. message SecuritySettings {
  149. option (google.api.resource) = {
  150. type: "dialogflow.googleapis.com/SecuritySettings"
  151. pattern: "projects/{project}/locations/{location}/securitySettings/{security_settings}"
  152. };
  153. // Settings for exporting conversations to
  154. // [Insights](https://cloud.google.com/dialogflow/priv/docs/insights).
  155. message InsightsExportSettings {
  156. // If enabled, we will automatically exports
  157. // conversations to Insights and Insights runs its analyzers.
  158. bool enable_insights_export = 1;
  159. }
  160. // Defines how we redact data.
  161. enum RedactionStrategy {
  162. // Do not redact.
  163. REDACTION_STRATEGY_UNSPECIFIED = 0;
  164. // Call redaction service to clean up the data to be persisted.
  165. REDACT_WITH_SERVICE = 1;
  166. }
  167. // Defines what types of data to redact.
  168. enum RedactionScope {
  169. // Don't redact any kind of data.
  170. REDACTION_SCOPE_UNSPECIFIED = 0;
  171. // On data to be written to disk or similar devices that are capable of
  172. // holding data even if power is disconnected. This includes data that are
  173. // temporarily saved on disk.
  174. REDACT_DISK_STORAGE = 2;
  175. }
  176. // Type of data we purge after retention settings triggers purge.
  177. enum PurgeDataType {
  178. // Unspecified. Do not use.
  179. PURGE_DATA_TYPE_UNSPECIFIED = 0;
  180. // Dialogflow history. This does not include Cloud logging, which is
  181. // owned by the user - not Dialogflow.
  182. DIALOGFLOW_HISTORY = 1;
  183. }
  184. // Required. Resource name of the settings.
  185. // Format: `projects/<Project ID>/locations/<Location
  186. // ID>/securitySettings/<Security Settings ID>`.
  187. string name = 1 [(google.api.field_behavior) = REQUIRED];
  188. // Required. The human-readable name of the security settings, unique within the
  189. // location.
  190. string display_name = 2 [(google.api.field_behavior) = REQUIRED];
  191. // Strategy that defines how we do redaction.
  192. RedactionStrategy redaction_strategy = 3;
  193. // Defines the data for which Dialogflow applies redaction. Dialogflow does
  194. // not redact data that it does not have access to – for example, Cloud
  195. // logging.
  196. RedactionScope redaction_scope = 4;
  197. // [DLP](https://cloud.google.com/dlp/docs) inspect template name. Use this
  198. // template to define inspect base settings.
  199. //
  200. // If empty, we use the default DLP inspect config.
  201. //
  202. // The template name will have one of the following formats:
  203. // `projects/<Project ID>/inspectTemplates/<Template ID>` OR
  204. // `projects/<Project ID>/locations/<Location ID>/inspectTemplates/<Template
  205. // ID>` OR
  206. // `organizations/<Organization ID>/inspectTemplates/<Template ID>`
  207. string inspect_template = 9;
  208. // Specifies how data is retained. Note that even if the data is
  209. // purged due to retention policy, we may still hold it in backup storage for
  210. // a few days without allowing direct readings.
  211. oneof data_retention {
  212. // Retains data in interaction logging for the specified number of days.
  213. // This does not apply to Cloud logging, which is owned by the user - not
  214. // Dialogflow.
  215. // User must Set a value lower than Dialogflow's default 30d TTL. Setting a
  216. // value higher than that has no effect.
  217. // A missing value or setting to 0 also means we use Dialogflow's default
  218. // TTL.
  219. // Note: Interaction logging is a limited access feature. Talk to your
  220. // Google representative to check availability for you.
  221. int32 retention_window_days = 6;
  222. }
  223. // List of types of data to remove when retention settings triggers purge.
  224. repeated PurgeDataType purge_data_types = 8;
  225. // Optional. Controls conversation exporting settings to Insights after conversation is
  226. // completed.
  227. //
  228. // If [retention_strategy][google.cloud.dialogflow.cx.v3.SecuritySettings.retention_strategy] is set to REMOVE_AFTER_CONVERSATION,
  229. // Insights export is disabled no matter what you configure here.
  230. InsightsExportSettings insights_export_settings = 13 [(google.api.field_behavior) = OPTIONAL];
  231. }