This page describes how to get the status of an in-progress audit that you started using Audit Manager or Compliance Manager. Audits are long-running operations, and it can be helpful to get the status of an audit while the operation is running.
Before you begin
Ensure that you have one of the following IAM roles:
- Audit Manager Admin (
roles/auditmanager.admin) - Audit Manager Auditor (
roles/auditmanager.auditor) - Compliance Manager
Viewer
(
roles/cloudsecuritycompliance.viewer) (required if you're auditing a framework that you've created using Compliance Manager)
- Audit Manager Admin (
Identify the audit for which you want to get the status.
Get the status of an in-progress audit
Console
In the Google Cloud console, go to the View audits page.
On the View assessments page, you can view the current status of an in-progress audit or get more information about a completed audit.
To view more information about the audit, click the link in the Status column.
gcloud
The gcloud audit-manager operations describe
command describes an audit operation.
Before using any of the command data below, make the following replacements:
- RESOURCE_TYPE: the type of resource, either a project or a folder. For example:
foldersorprojects. - RESOURCE_ID: the resource ID of the project or folder. For example:
8767234. - LOCATION: the location of the Audit Manager API endpoint. For a list of
available endpoints, see Audit Manager locations. For example:
us-central1. - AUDIT_OPERATION_ID: The unique ID for the in-progress operation that was included in the response body when you ran the audit. For
example:
098234.
Execute the following command:
Linux, macOS, or Cloud Shell
gcloud audit-manager operations describe AUDIT_OPERATION_ID \ --RESOURCE_TYPE=RESOURCE_ID \ --location=LOCATION
Windows (PowerShell)
gcloud audit-manager operations describe AUDIT_OPERATION_ID ` --RESOURCE_TYPE=RESOURCE_ID ` --location=LOCATION
Windows (cmd.exe)
gcloud audit-manager operations describe AUDIT_OPERATION_ID ^ --RESOURCE_TYPE=RESOURCE_ID ^ --location=LOCATION
A successful response includes one of the following execution status types:
| Status type | Description |
|---|---|
OPERATION_STATE_UNSPECIFIED |
An invalid state. |
OPERATION_STATE_NOT_STARTED |
The audit report generation process has not yet started. |
OPERATION_STATE_EVALUATION_IN_PROGRESS |
Audit Manager is evaluating the resources against compliance controls. |
OPERATION_STATE_EVALUATION_DONE |
Audit Manager has completed compliance evaluation. |
OPERATION_STATE_EVIDENCE_REPORT_GENERATION_IN_PROGRESS |
Audit Manager is creating an audit report from the evaluated data. |
OPERATION_STATE_EVIDENCE_REPORT_GENERATION_DONE |
Audit Manager has completed the generation of the audit report. |
OPERATION_STATE_EVIDENCE_UPLOAD_IN_PROGRESS |
Audit Manager is uploading the audit report and evidence to the destination. |
OPERATION_STATE_DONE |
The audit report generation process is completed. |
OPERATION_STATE_FAILED |
The audit report generation process has failed. |
Each of the execution status types might provide any of the following additional information, when applicable:
| Additional status | Description |
|---|---|
failure_reason |
If the audit assessment fails, this field provides the reason for the failure. |
evaluation_percent_complete |
If evaluation has started, this field provides the percentage of the progress. When the process is yet to start, the field starts at 0. When the process is concluded, the field is set to 100. |
report_generation_percent_complete |
If the report generation has started, this field provides percentage of the progress. When the process is yet to start, the field starts at 0. When the process is concluded, the field is set to 100. |
report_uploading_percent_complete |
If the report uploading has started, this field provides percentage of the progress. When the process is yet to start, the field starts at 0. When the process is concluded, the field is set to 100. |
A successful gcloud response is similar to the following:
done: true name: projects/PROJECT_ID/locations/LOCATION/operationDetails/AUDIT_OPERATION_ID response: '@type': type.googleapis.com/google.cloud.auditmanager.v1.AuditReport gcsUri: gs://testbucketauditmanager
REST
Before using any of the request data, make the following replacements:
- RESOURCE_TYPE: the type of resource, either a project or a folder. For example:
foldersorprojects. - RESOURCE_ID: the resource ID of the project or folder. For example:
8767234. - LOCATION: the location of the Audit Manager API endpoint. For a list of
available endpoints, see Audit Manager locations. For example:
us-central1. - AUDIT_OPERATION_ID: The unique ID for the in-progress operation that was included in the response body when you ran the audit. For
example:
098234.
HTTP method and URL:
GET https://auditmanager.googleapis.com/v1/RESOURCE_TYPE/RESOURCE_ID/locations/LOCATION//operationDetails/AUDIT_OPERATION_ID
To send your request, choose one of these options:
curl
Execute the following command:
curl -X GET \
-H "Authorization: Bearer $(gcloud auth print-access-token)" \
"https://auditmanager.googleapis.com/v1/RESOURCE_TYPE/RESOURCE_ID/locations/LOCATION//operationDetails/AUDIT_OPERATION_ID"
PowerShell
Execute the following command:
$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }
Invoke-WebRequest `
-Method GET `
-Headers $headers `
-Uri "https://auditmanager.googleapis.com/v1/RESOURCE_TYPE/RESOURCE_ID/locations/LOCATION//operationDetails/AUDIT_OPERATION_ID" | Select-Object -Expand Content
A successful response includes one of the following execution status types:
| Status type | Description |
|---|---|
OPERATION_STATE_UNSPECIFIED |
An invalid state. |
OPERATION_STATE_NOT_STARTED |
The audit report generation process has not yet started. |
OPERATION_STATE_EVALUATION_IN_PROGRESS |
Audit Manager is evaluating the resources against compliance controls. |
OPERATION_STATE_EVALUATION_DONE |
Audit Manager has completed compliance evaluation. |
OPERATION_STATE_EVIDENCE_REPORT_GENERATION_IN_PROGRESS |
Audit Manager is creating an audit report from the evaluated data. |
OPERATION_STATE_EVIDENCE_REPORT_GENERATION_DONE |
Audit Manager has completed the generation of the audit report. |
OPERATION_STATE_EVIDENCE_UPLOAD_IN_PROGRESS |
Audit Manager is uploading the audit report and evidence to the destination. |
OPERATION_STATE_DONE |
The audit report generation process is completed. |
OPERATION_STATE_FAILED |
The audit report generation process has failed. |
Each of the execution status types might provide any of the following additional information, when applicable:
| Additional status | Description |
|---|---|
failure_reason |
If the audit assessment fails, this field provides the reason for the failure. |
evaluation_percent_complete |
If evaluation has started, this field provides the percentage of the progress. When the process is yet to start, the field starts at 0. When the process is concluded, the field is set to 100. |
report_generation_percent_complete |
If the report generation has started, this field provides percentage of the progress. When the process is yet to start, the field starts at 0. When the process is concluded, the field is set to 100. |
report_uploading_percent_complete |
If the report uploading has started, this field provides percentage of the progress. When the process is yet to start, the field starts at 0. When the process is concluded, the field is set to 100. |
A successful REST response is similar to the following:
{
"name": "projects/PROJECT_ID/locations/LOCATION/operationDetails/AUDIT_OPERATION_ID",
"done": true,
"response": {
"@type": "type.googleapis.com/google.cloud.auditmanager.v1.AuditReport",
"gcsUri": "gs://testbucketauditmanager"
}
}
When an audit report is completed and uploaded, a link to the report is returned.