consent_stores
Creates, updates, deletes, gets or lists a consent_stores resource.
Overview
| Name | consent_stores |
| Type | Resource |
| Id | google.healthcare.consent_stores |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. Resource name of the consent store, of the form projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}. Cannot be changed after creation. |
defaultConsentTtl | string (google-duration) | Optional. Default time to live for Consents created in this store. Must be at least 24 hours. Updating this field will not affect the expiration time of existing consents. |
enableConsentCreateOnUpdate | boolean | Optional. If true, UpdateConsent creates the Consent if it does not already exist. If unspecified, defaults to false. |
labels | object | Optional. User-supplied key-value pairs used to organize consent stores. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: \p{Ll}\p{Lo}{0,62}. Label values must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}. No more than 64 labels can be associated with a given store. For more information: https://cloud.google.com/healthcare/docs/how-tos/labeling-resources |
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. Resource name of the consent store, of the form projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}. Cannot be changed after creation. |
defaultConsentTtl | string (google-duration) | Optional. Default time to live for Consents created in this store. Must be at least 24 hours. Updating this field will not affect the expiration time of existing consents. |
enableConsentCreateOnUpdate | boolean | Optional. If true, UpdateConsent creates the Consent if it does not already exist. If unspecified, defaults to false. |
labels | object | Optional. User-supplied key-value pairs used to organize consent stores. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: \p{Ll}\p{Lo}{0,62}. Label values must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}. No more than 64 labels can be associated with a given store. For more information: https://cloud.google.com/healthcare/docs/how-tos/labeling-resources |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | projectsId, locationsId, datasetsId, consentStoresId | Gets the specified consent store. | |
list | select | projectsId, locationsId, datasetsId | pageSize, pageToken, filter | Lists the consent stores in the specified dataset. |
create | insert | projectsId, locationsId, datasetsId | consentStoreId | Creates a new consent store in the parent dataset. Attempting to create a consent store with the same ID as an existing store fails with an ALREADY_EXISTS error. |
patch | update | projectsId, locationsId, datasetsId, consentStoresId | updateMask | Updates the specified consent store. |
delete | delete | projectsId, locationsId, datasetsId, consentStoresId | Deletes the specified consent store and removes all the consent store's data. | |
check_data_access | exec | projectsId, locationsId, datasetsId, consentStoresId | Checks if a particular data_id of a User data mapping in the specified consent store is consented for the specified use. | |
query_accessible_data | exec | projectsId, locationsId, datasetsId, consentStoresId | Queries all data_ids that are consented for a specified use in the given consent store and writes them to a specified destination. The returned Operation includes a progress counter for the number of User data mappings processed. If the request is successful, a detailed response is returned of type QueryAccessibleDataResponse, contained in the response field when the operation finishes. The metadata field type is OperationMetadata. Errors are logged to Cloud Logging (see Viewing error logs in Cloud Logging). For example, the following sample log entry shows a failed to evaluate consent policy error that occurred during a QueryAccessibleData call to consent store projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}. json jsonPayload: { @type: "type.googleapis.com/google.cloud.healthcare.logging.QueryAccessibleDataLogEntry" error: { code: 9 message: "failed to evaluate consent policy" } resourceName: "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}" } logName: "projects/{project_id}/logs/healthcare.googleapis.com%2Fquery_accessible_data" operation: { id: "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/operations/{operation_id}" producer: "healthcare.googleapis.com/QueryAccessibleData" } receiveTimestamp: "TIMESTAMP" resource: { labels: { consent_store_id: "{consent_store_id}" dataset_id: "{dataset_id}" location: "{location_id}" project_id: "{project_id}" } type: "healthcare_consent_store" } severity: "ERROR" timestamp: "TIMESTAMP" | |
evaluate_user_consents | exec | projectsId, locationsId, datasetsId, consentStoresId | Evaluates the user's Consents for all matching User data mappings. Note: User data mappings are indexed asynchronously, which can cause a slight delay between the time mappings are created or updated and when they are included in EvaluateUserConsents results. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
consentStoresId | string | |
datasetsId | string | |
locationsId | string | |
projectsId | string | |
consentStoreId | string | |
filter | string | |
pageSize | integer (int32) | |
pageToken | string | |
updateMask | string (google-fieldmask) |
SELECT examples
- get
- list
Gets the specified consent store.
SELECT
name,
defaultConsentTtl,
enableConsentCreateOnUpdate,
labels
FROM google.healthcare.consent_stores
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND datasetsId = '{{ datasetsId }}' -- required
AND consentStoresId = '{{ consentStoresId }}' -- required;
Lists the consent stores in the specified dataset.
SELECT
name,
defaultConsentTtl,
enableConsentCreateOnUpdate,
labels
FROM google.healthcare.consent_stores
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND datasetsId = '{{ datasetsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}';
INSERT examples
- create
- Manifest
Creates a new consent store in the parent dataset. Attempting to create a consent store with the same ID as an existing store fails with an ALREADY_EXISTS error.
INSERT INTO google.healthcare.consent_stores (
data__name,
data__defaultConsentTtl,
data__labels,
data__enableConsentCreateOnUpdate,
projectsId,
locationsId,
datasetsId,
consentStoreId
)
SELECT
'{{ name }}',
'{{ defaultConsentTtl }}',
'{{ labels }}',
{{ enableConsentCreateOnUpdate }},
'{{ projectsId }}',
'{{ locationsId }}',
'{{ datasetsId }}',
'{{ consentStoreId }}'
RETURNING
name,
defaultConsentTtl,
enableConsentCreateOnUpdate,
labels
;
# Description fields are for documentation purposes
- name: consent_stores
props:
- name: projectsId
value: string
description: Required parameter for the consent_stores resource.
- name: locationsId
value: string
description: Required parameter for the consent_stores resource.
- name: datasetsId
value: string
description: Required parameter for the consent_stores resource.
- name: name
value: string
description: >
Identifier. Resource name of the consent store, of the form `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}`. Cannot be changed after creation.
- name: defaultConsentTtl
value: string
description: >
Optional. Default time to live for Consents created in this store. Must be at least 24 hours. Updating this field will not affect the expiration time of existing consents.
- name: labels
value: object
description: >
Optional. User-supplied key-value pairs used to organize consent stores. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: \p{Ll}\p{Lo}{0,62}. Label values must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}. No more than 64 labels can be associated with a given store. For more information: https://cloud.google.com/healthcare/docs/how-tos/labeling-resources
- name: enableConsentCreateOnUpdate
value: boolean
description: >
Optional. If `true`, UpdateConsent creates the Consent if it does not already exist. If unspecified, defaults to `false`.
- name: consentStoreId
value: string
UPDATE examples
- patch
Updates the specified consent store.
UPDATE google.healthcare.consent_stores
SET
data__name = '{{ name }}',
data__defaultConsentTtl = '{{ defaultConsentTtl }}',
data__labels = '{{ labels }}',
data__enableConsentCreateOnUpdate = {{ enableConsentCreateOnUpdate }}
WHERE
projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND datasetsId = '{{ datasetsId }}' --required
AND consentStoresId = '{{ consentStoresId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
defaultConsentTtl,
enableConsentCreateOnUpdate,
labels;
DELETE examples
- delete
Deletes the specified consent store and removes all the consent store's data.
DELETE FROM google.healthcare.consent_stores
WHERE projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND datasetsId = '{{ datasetsId }}' --required
AND consentStoresId = '{{ consentStoresId }}' --required;
Lifecycle Methods
- check_data_access
- query_accessible_data
- evaluate_user_consents
Checks if a particular data_id of a User data mapping in the specified consent store is consented for the specified use.
EXEC google.healthcare.consent_stores.check_data_access
@projectsId='{{ projectsId }}' --required,
@locationsId='{{ locationsId }}' --required,
@datasetsId='{{ datasetsId }}' --required,
@consentStoresId='{{ consentStoresId }}' --required
@@json=
'{
"dataId": "{{ dataId }}",
"requestAttributes": "{{ requestAttributes }}",
"consentList": "{{ consentList }}",
"responseView": "{{ responseView }}"
}';
Queries all data_ids that are consented for a specified use in the given consent store and writes them to a specified destination. The returned Operation includes a progress counter for the number of User data mappings processed. If the request is successful, a detailed response is returned of type QueryAccessibleDataResponse, contained in the response field when the operation finishes. The metadata field type is OperationMetadata. Errors are logged to Cloud Logging (see Viewing error logs in Cloud Logging). For example, the following sample log entry shows a failed to evaluate consent policy error that occurred during a QueryAccessibleData call to consent store projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}. json jsonPayload: { @type: "type.googleapis.com/google.cloud.healthcare.logging.QueryAccessibleDataLogEntry" error: { code: 9 message: "failed to evaluate consent policy" } resourceName: "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/consentStores/{consent_store_id}/consents/{consent_id}" } logName: "projects/{project_id}/logs/healthcare.googleapis.com%2Fquery_accessible_data" operation: { id: "projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/operations/{operation_id}" producer: "healthcare.googleapis.com/QueryAccessibleData" } receiveTimestamp: "TIMESTAMP" resource: { labels: { consent_store_id: "{consent_store_id}" dataset_id: "{dataset_id}" location: "{location_id}" project_id: "{project_id}" } type: "healthcare_consent_store" } severity: "ERROR" timestamp: "TIMESTAMP"
EXEC google.healthcare.consent_stores.query_accessible_data
@projectsId='{{ projectsId }}' --required,
@locationsId='{{ locationsId }}' --required,
@datasetsId='{{ datasetsId }}' --required,
@consentStoresId='{{ consentStoresId }}' --required
@@json=
'{
"gcsDestination": "{{ gcsDestination }}",
"resourceAttributes": "{{ resourceAttributes }}",
"requestAttributes": "{{ requestAttributes }}"
}';
Evaluates the user's Consents for all matching User data mappings. Note: User data mappings are indexed asynchronously, which can cause a slight delay between the time mappings are created or updated and when they are included in EvaluateUserConsents results.
EXEC google.healthcare.consent_stores.evaluate_user_consents
@projectsId='{{ projectsId }}' --required,
@locationsId='{{ locationsId }}' --required,
@datasetsId='{{ datasetsId }}' --required,
@consentStoresId='{{ consentStoresId }}' --required
@@json=
'{
"userId": "{{ userId }}",
"resourceAttributes": "{{ resourceAttributes }}",
"requestAttributes": "{{ requestAttributes }}",
"consentList": "{{ consentList }}",
"responseView": "{{ responseView }}",
"pageSize": {{ pageSize }},
"pageToken": "{{ pageToken }}"
}';