Cloud Data Loss Prevention (Cloud DLP) is now a part of Sensitive Data Protection. The API name remains the same: Cloud Data Loss Prevention API (DLP API). For information about the services that make up Sensitive Data Protection, see Sensitive Data Protection overview .

Method: projects.dlpJobs.create

HTTP request
Path parameters
Request body
- JSON representation
Response body
Authorization scopes
Try it!

Creates a new job to inspect storage or calculate risk metrics. See https://cloud.google.com/sensitive-data-protection/docs/inspecting-storage and https://cloud.google.com/sensitive-data-protection/docs/compute-risk-analysis to learn more.

When no InfoTypes or CustomInfoTypes are specified in inspect jobs, the system will automatically choose what detectors to run. By default this may be all types, but may change over time as detectors are updated.

HTTP request

Choose a location:

POST https://dlp.googleapis.com/v2/{parent=projects/*}/dlpJobs

The URLs use gRPC Transcoding syntax.

Path parameters

Parameters

parent

string

Required. Parent resource name.

The format of this value varies depending on whether you have specified a processing location :

Projects scope, location specified: projects/{projectId}/locations/{locationId}
Projects scope, no location specified (defaults to global): projects/{projectId}

The following example parent string specifies a parent project with the identifier example-project , and specifies the europe-west3 location for processing data:

 parent=projects/example-project/locations/europe-west3

Authorization requires the following IAM permission on the specified resource parent :

dlp.jobs.create

Request body

The request body contains data with the following structure:

JSON representation

JSON representation
{ "jobId" : string , "locationId" : string , // Union field `job` can be only one of the following: "inspectJob" : { object ( `InspectJobConfig` ) } , "riskJob" : { object ( `RiskAnalysisJobConfig` ) } // End of list of possible types for union field `job` . }

 { 
 "jobId" 
 : 
 string 
 , 
 "locationId" 
 : 
 string 
 , 
 // Union field job 
can be only one of the following: 
 "inspectJob" 
 : 
 { 
 object (  InspectJobConfig 
 
) 
 } 
 , 
 "riskJob" 
 : 
 { 
 object (  RiskAnalysisJobConfig 
 
) 
 } 
 // End of list of possible types for union field job 
. 
 }

Fields

jobId

string

The job id can contain uppercase and lowercase letters, numbers, and hyphens; that is, it must match the regular expression: [a-zA-Z\d-_]+ . The maximum length is 100 characters. Can be empty to allow the system to generate one.

locationId

string

Deprecated. This field has no effect.

Union field job . The configuration details for the specific type of job to run. job can be only one of the following:

inspectJob

object ( InspectJobConfig )

An inspection job scans a storage repository for InfoTypes.

riskJob

object ( RiskAnalysisJobConfig )

A risk analysis job calculates re-identification risk metrics for a BigQuery table.

Response body

If successful, the response body contains a newly created instance of DlpJob .

Authorization scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview .