InspectTemplate is the Schema for the InspectTemplates API. An inspect job template.
Type
CRD
Group
datalossprevention.gcp.upbound.io
Version
v1beta1
apiVersion: datalossprevention.gcp.upbound.io/v1beta1
kind: InspectTemplate
InspectTemplateSpec defines the desired state of InspectTemplate
No description provided.
The core content of the template. Structure is documented below.
List of options defining data content to scan. If empty, text, images, and other content will be included. Each value may be one of CONTENT_TEXT and CONTENT_IMAGE.
Custom info types to be used. See https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more. Structure is documented below.
Dictionary which defines the rule. Structure is documented below.
Newline-delimited file of words in Cloud Storage. Only a single file is accepted. Structure is documented below.
Type of information the findings limit applies to. Only one limit per infoType should be provided. If InfoTypeLimit does not have an infoType, the DLP API applies the limit against all infoTypes that are found but not specified in another InfoTypeLimit. Structure is documented below.
Regular expression which defines the rule. Structure is documented below.
The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included.
A reference to a StoredInfoType to use with scanning. Structure is documented below.
Restricts what infoTypes to look for. The values must correspond to InfoType values returned by infoTypes.list or listed at https://cloud.google.com/dlp/docs/infotypes-reference. When no InfoTypes or CustomInfoTypes are specified in a request, the system may automatically choose what detectors to run. By default this may be all types, but may change over time as detectors are updated. Structure is documented below.
Configuration to control the number of findings returned. Structure is documented below.
Configuration of findings limit given for specified infoTypes. Structure is documented below.
Type of information the findings limit applies to. Only one limit per infoType should be provided. If InfoTypeLimit does not have an infoType, the DLP API applies the limit against all infoTypes that are found but not specified in another InfoTypeLimit. Structure is documented below.
Set of rules to apply to the findings for this InspectConfig. Exclusion rules, contained in the set are executed in the end, other rules are executed in the order they are specified for each info type. Structure is documented below.
List of infoTypes this rule set is applied to. Structure is documented below.
Set of rules to be applied to infoTypes. The rules are applied in order. Structure is documented below.
The rule that specifies conditions when findings of infoTypes specified in InspectionRuleSet are removed from results. Structure is documented below.
Dictionary which defines the rule. Structure is documented below.
Newline-delimited file of words in Cloud Storage. Only a single file is accepted. Structure is documented below.
Regular expression which defines the rule. Structure is documented below.
The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included.
Hotword-based detection rule. Structure is documented below.
Regular expression pattern defining what qualifies as a hotword. Structure is documented below.
The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included.
Likelihood adjustment to apply to all matching findings. Structure is documented below.
Proximity of the finding within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. Note that the finding itself will be included in the window, so that hotwords may be used to match substrings of the finding itself. For example, the certainty of a phone number regex (\d{3}) \d{3}-\d{4} could be adjusted upwards if the area code is known to be the local area code of a company office using the hotword regex (xxx), where xxx is the area code in question. Structure is documented below.
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
InspectTemplateStatus defines the observed state of InspectTemplate.
Conditions of the resource.
basic
apiVersion: datalossprevention.gcp.upbound.io/v1beta1
kind: InspectTemplate
metadata:
annotations:
meta.upbound.io/example-id: datalossprevention/v1beta1/inspecttemplate
upjet.upbound.io/manual-intervention: The resource requires a real Project ID
labels:
testing.upbound.io/example-name: basic
name: basic
spec:
forProvider:
description: My description
displayName: display_name
inspectConfig:
- infoTypes:
- name: EMAIL_ADDRESS
- name: PERSON_NAME
- name: LAST_NAME
- name: DOMAIN_NAME
- name: PHONE_NUMBER
- name: FIRST_NAME
limits:
- maxFindingsPerInfoType:
- infoType:
- name: PERSON_NAME
maxFindings: 75
- infoType:
- name: LAST_NAME
maxFindings: 80
maxFindingsPerItem: 10
maxFindingsPerRequest: 50
minLikelihood: UNLIKELY
ruleSet:
- infoTypes:
- name: EMAIL_ADDRESS
rules:
- exclusionRule:
- matchingType: MATCHING_TYPE_FULL_MATCH
regex:
- pattern: .+@example.com
- infoTypes:
- name: EMAIL_ADDRESS
- name: DOMAIN_NAME
- name: PHONE_NUMBER
- name: PERSON_NAME
- name: FIRST_NAME
rules:
- exclusionRule:
- dictionary:
- wordList:
- words:
- TEST
matchingType: MATCHING_TYPE_PARTIAL_MATCH
- infoTypes:
- name: PERSON_NAME
rules:
- hotwordRule:
- hotwordRegex:
- pattern: patient
likelihoodAdjustment:
- fixedLikelihood: VERY_LIKELY
proximity:
- windowBefore: 50
parent: projects/&{project_id}
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.