v5.18.0/website/docs/r/bigquery_datapolicy_data_policy.html.markdown - terraform-provider-google-beta - Git at Google

 ---
 # ----------------------------------------------------------------------------
 #
 #     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
 #
 # ----------------------------------------------------------------------------
 #
 #     This file is automatically generated by Magic Modules and manual
 #     changes will be clobbered when the file is regenerated.
 #
 #     Please read more about how to change this file in
 #     .github/CONTRIBUTING.md.
 #
 # ----------------------------------------------------------------------------
 subcategory: "BigQuery Data Policy"
 description: |-
   A BigQuery Data Policy
 ---

 # google\_bigquery\_datapolicy\_data\_policy

 A BigQuery Data Policy


 To get more information about DataPolicy, see:

 * [API documentation](https://cloud.google.com/bigquery/docs/reference/bigquerydatapolicy/rest/v1beta1/projects.locations.dataPolicies/create)
 * How-to Guides
     * [Official Documentation](https://cloud.google.com/bigquery/docs/column-data-masking-intro)

 <div class = "oics-button" style="float: right; margin: 0 0 -15px">
   <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=bigquery_datapolicy_data_policy_basic&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
     <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
   </a>
 </div>
 ## Example Usage - Bigquery Datapolicy Data Policy Basic


 ```hcl
 resource "google_bigquery_datapolicy_data_policy" "data_policy" {
     location         = "us-central1"
     data_policy_id   = "data_policy"
     policy_tag       = google_data_catalog_policy_tag.policy_tag.name
     data_policy_type = "COLUMN_LEVEL_SECURITY_POLICY"
   }

   resource "google_data_catalog_policy_tag" "policy_tag" {
     taxonomy     = google_data_catalog_taxonomy.taxonomy.id
     display_name = "Low security"
     description  = "A policy tag normally associated with low security items"
   }

   resource "google_data_catalog_taxonomy" "taxonomy" {
     region                 = "us-central1"
     display_name           = "taxonomy"
     description            = "A collection of policy tags"
     activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
   }
 ```

 ## Argument Reference

 The following arguments are supported:


 * `data_policy_id` -
   (Required)
   User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name.

 * `location` -
   (Required)
   The name of the location of the data policy.

 * `policy_tag` -
   (Required)
   Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}.

 * `data_policy_type` -
   (Required)
   The enrollment level of the service.
   Possible values are: `COLUMN_LEVEL_SECURITY_POLICY`, `DATA_MASKING_POLICY`.


 - - -


 * `data_masking_policy` -
   (Optional)
   The data masking policy that specifies the data masking rule to use.
   Structure is [documented below](#nested_data_masking_policy).

 * `project` - (Optional) The ID of the project in which the resource belongs.
     If it is not provided, the provider project is used.


 <a name="nested_data_masking_policy"></a>The `data_masking_policy` block supports:

 * `predefined_expression` -
   (Required)
   The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options.
   Possible values are: `SHA256`, `ALWAYS_NULL`, `DEFAULT_MASKING_VALUE`, `LAST_FOUR_CHARACTERS`, `FIRST_FOUR_CHARACTERS`, `EMAIL_MASK`, `DATE_YEAR_MASK`.

 ## Attributes Reference

 In addition to the arguments listed above, the following computed attributes are exported:

 * `id` - an identifier for the resource with format `projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}`

 * `name` -
   Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}.


 ## Timeouts

 This resource provides the following
 [Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:

 - `create` - Default is 20 minutes.
 - `update` - Default is 20 minutes.
 - `delete` - Default is 20 minutes.

 ## Import


 DataPolicy can be imported using any of these accepted formats:

 * `projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}`
 * `{{project}}/{{location}}/{{data_policy_id}}`
 * `{{location}}/{{data_policy_id}}`


 In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import DataPolicy using one of the formats above. For example:

 ```tf
 import {
   id = "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}"
   to = google_bigquery_datapolicy_data_policy.default
 }
 ```

 When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), DataPolicy can be imported using one of the formats above. For example:

 ```
 $ terraform import google_bigquery_datapolicy_data_policy.default projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}
 $ terraform import google_bigquery_datapolicy_data_policy.default {{project}}/{{location}}/{{data_policy_id}}
 $ terraform import google_bigquery_datapolicy_data_policy.default {{location}}/{{data_policy_id}}
 ```

 ## User Project Overrides

 This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).
	---
	# ----------------------------------------------------------------------------
	#
	# * AUTO GENERATED CODE * Type: MMv1 ***
	#
	# ----------------------------------------------------------------------------
	#
	# This file is automatically generated by Magic Modules and manual
	# changes will be clobbered when the file is regenerated.
	#
	# Please read more about how to change this file in
	# .github/CONTRIBUTING.md.
	#
	# ----------------------------------------------------------------------------
	subcategory: "BigQuery Data Policy"
	description: \|-
	A BigQuery Data Policy
	---

	# google\_bigquery\_datapolicy\_data\_policy

	A BigQuery Data Policy


	To get more information about DataPolicy, see:

	* [API documentation](https://cloud.google.com/bigquery/docs/reference/bigquerydatapolicy/rest/v1beta1/projects.locations.dataPolicies/create)
	* How-to Guides
	* [Official Documentation](https://cloud.google.com/bigquery/docs/column-data-masking-intro)

	<div class = "oics-button" style="float: right; margin: 0 0 -15px">
	<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=bigquery_datapolicy_data_policy_basic&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
	<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
	</a>
	</div>
	## Example Usage - Bigquery Datapolicy Data Policy Basic


	```hcl
	resource "google_bigquery_datapolicy_data_policy" "data_policy" {
	location = "us-central1"
	data_policy_id = "data_policy"
	policy_tag = google_data_catalog_policy_tag.policy_tag.name
	data_policy_type = "COLUMN_LEVEL_SECURITY_POLICY"
	}

	resource "google_data_catalog_policy_tag" "policy_tag" {
	taxonomy = google_data_catalog_taxonomy.taxonomy.id
	display_name = "Low security"
	description = "A policy tag normally associated with low security items"
	}

	resource "google_data_catalog_taxonomy" "taxonomy" {
	region = "us-central1"
	display_name = "taxonomy"
	description = "A collection of policy tags"
	activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
	}
	```

	## Argument Reference

	The following arguments are supported:


	* `data_policy_id` -
	(Required)
	User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name.

	* `location` -
	(Required)
	The name of the location of the data policy.

	* `policy_tag` -
	(Required)
	Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}.

	* `data_policy_type` -
	(Required)
	The enrollment level of the service.
	Possible values are: `COLUMN_LEVEL_SECURITY_POLICY`, `DATA_MASKING_POLICY`.


	- - -


	* `data_masking_policy` -
	(Optional)
	The data masking policy that specifies the data masking rule to use.
	Structure is [documented below](#nested_data_masking_policy).

	* `project` - (Optional) The ID of the project in which the resource belongs.
	If it is not provided, the provider project is used.


	<a name="nested_data_masking_policy"></a>The `data_masking_policy` block supports:

	* `predefined_expression` -
	(Required)
	The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options.
	Possible values are: `SHA256`, `ALWAYS_NULL`, `DEFAULT_MASKING_VALUE`, `LAST_FOUR_CHARACTERS`, `FIRST_FOUR_CHARACTERS`, `EMAIL_MASK`, `DATE_YEAR_MASK`.

	## Attributes Reference

	In addition to the arguments listed above, the following computed attributes are exported:

	* `id` - an identifier for the resource with format `projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}`

	* `name` -
	Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}.


	## Timeouts

	This resource provides the following
	[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:

	- `create` - Default is 20 minutes.
	- `update` - Default is 20 minutes.
	- `delete` - Default is 20 minutes.

	## Import


	DataPolicy can be imported using any of these accepted formats:

	* `projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}`
	* `{{project}}/{{location}}/{{data_policy_id}}`
	* `{{location}}/{{data_policy_id}}`


	In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import DataPolicy using one of the formats above. For example:

	```tf
	import {
	id = "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}"
	to = google_bigquery_datapolicy_data_policy.default
	}
	```

	When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), DataPolicy can be imported using one of the formats above. For example:

	```
	$ terraform import google_bigquery_datapolicy_data_policy.default projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}
	$ terraform import google_bigquery_datapolicy_data_policy.default {{project}}/{{location}}/{{data_policy_id}}
	$ terraform import google_bigquery_datapolicy_data_policy.default {{location}}/{{data_policy_id}}
	```

	## User Project Overrides

	This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).