-
Notifications
You must be signed in to change notification settings - Fork 19
/
encryption_pipeline_metadata.json
153 lines (153 loc) · 5.61 KB
/
encryption_pipeline_metadata.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
{
"name": "Data encryption pipeline",
"description": "Encrypt data from different sources using DLP or Tink.",
"parameters": [
{
"name": "schema",
"label": "Data's AVRO Schema",
"helpText": "The data source's AVRO schema JSON"
},
{
"name": "tokenizeColumns",
"label": "Columns to tokenize",
"helpText": "The list of columns based on schema to tokenize. Format: $.columnName",
"isOptional": true
},
{
"name": "outputDirectory",
"label": "Output GCS directory",
"helpText": "The GCS folder to output the tokenized AVRO file. One of the outputDirectory or outputBigQueryTable needs to be provided",
"isOptional": true
},
{
"name": "outputBigQueryTable",
"label": "Output BigQuery Table",
"helpText": "The BigQuery table to output the tokenized data. One of the outputDirectory or outputBigQueryTable needs to be provided",
"isOptional": true
},
{
"name": "bigQueryAppend",
"label": "BigQuery Append",
"helpText": "flag to enable appending into output BigQuery table. Default false",
"isOptional": true
},
{
"name": "tinkEncryptionKeySetJson",
"label": "TINK Encryption Keyset JSON",
"helpText": "The Wrapped TINK encryption key to tokenize the data. Provide one of tinkEncryptionKeySetJson or dlpEncryptConfigJson",
"isOptional": true
},
{
"name": "mainKmsKeyUri",
"label": "KMS Key-Encryption-Key",
"helpText": "The wrapper key that was used for encrypting the TINK key",
"isOptional": true
},
{
"name": "dlpEncryptConfigJson",
"label": "DLP Encryption Config JSON",
"helpText": "Provide one of tinkEncryptionKeySetJson or dlpEncryptConfigJson",
"isOptional": true
},
{
"name": "valueTokenizerFactoryFullClassName",
"label": "Value Tokenizer",
"helpText": "Custom Value tokenizer factory class. The custom value tokenizer encrypts your data.",
"isOptional": true
},
{
"name": "keyMaterial",
"label": "Key Material",
"helpText": "String representing encryption key options. DLP config JSON, TINK JSON, etc.",
"isOptional": true
},
{
"name": "keyMaterialType",
"label": "Key Material Type",
"helpText": "The type of key material for encryption. One of: [TINK_GCP_KEYSET_JSON, RAW_BASE64_KEY, RAW_UTF8_KEY, GCP_KMS_WRAPPED_KEY, GCP_SECRET_KEY]",
"isOptional": true
},
{
"name": "sourceType",
"label": "Data source type",
"helpText": "The data source to analyse/inspect. One of: [AVRO, PARQUET, BIGQUERY_TABLE, BIGQUERY_QUERY, JDBC_TABLE, JDBC_QUERY, CSV_FILE]"
},
{
"name": "inputPattern",
"label": "Date Source",
"helpText": "The location of the datasource: for AVRO or PARQUET, the GCS file pattern to use as input, for BIGQUERY_TABLE: a Fully Qualified table name as {projectId}:{datasetId}.{tableId} format, for JDBC_TABLE, the name of the table. For JDBC_QUERY, a SELECT query to run on the target."
},
{
"name": "dlpRegion",
"label": "DLP Region",
"helpText": "The DLP region to use, default: global",
"isOptional": true
},
{
"name": "csvHeaders",
"label": "The Headers to use for CSV file inputs",
"helpText": "One of csvHeaders or csvFirstRowHeader is required if sourceType=CSV_FILE",
"isOptional": true
},
{
"name": "csvFirstRowHeader",
"label": "Use CSV First Row as header",
"helpText": "One of csvHeaders or csvFirstRowHeader is required if sourceType=CSV_FILE",
"isOptional": true
},
{
"name": "csvCharset",
"label": "Charset to use for CSV files",
"helpText": "default: UTF-8",
"isOptional": true
},
{
"name": "csvColumnDelimiter",
"label": "Column delimiter for CSV",
"helpText": "default: ','",
"isOptional": true
},
{
"name": "csvFormatType",
"label": "CSV Format type supported by Apache Commons CSV",
"helpText": "CSV Format type supported by Apache Commons CSV default: Default",
"isOptional": true
},
{
"name": "jdbcConnectionUrl",
"label": "JDBC Connection URL",
"helpText": "The Connection URL used for connecting to a SQL datasource using JDBC. (Required when sourceType=JDBC_TABLE)",
"isOptional": true
},
{
"name": "jdbcDriverClass",
"label": "JDBC Driver class name",
"helpText": "The JDBC driver to use for reading from SQL datasource. (Required when sourceType=JDBC_TABLE)",
"isOptional": true
},
{
"name": "jdbcFilterClause",
"label": "JDBC Filter clause",
"helpText": "The WHERE clause to filter records for inspection from JDBC source. (Optional, though Recommended when sourceType=JDBC_TABLE)",
"isOptional": true
},
{
"name": "jdbcUserName",
"label": "JDBC Connection Username",
"helpText": "The username for the database connection. (Required when sourceType=JDBC_TABLE)",
"isOptional": true
},
{
"name": "jdbcPasswordSecretsKey",
"label": "Cloud Secret Version Id that stores JDBC password",
"helpText": "The Cloud Secrets version that stores password for the user-name. (One of jdbcPassword or jdbcPasswordSecretsKey required when sourceType=JDBC_TABLE)",
"isOptional": true
},
{
"name": "jdbcPassword",
"label": "Plain-text password for the JDBC user",
"helpText": "The plain-text password for the user-name. (One of jdbcPassword or jdbcPasswordSecretsKey required when sourceType=JDBC_TABLE)",
"isOptional": true
}
]
}