Enrolls the customer resource(folder/project/organization) to the audit manager service by creating the audit managers Service Agent in customers workload and granting required permissions to the Service Agent. Please note that if enrollment request is made on the already enrolled workload then enrollment is executed overriding the existing set of destinations.
HTTP request
POST https://auditmanager.googleapis.com/v1/{scope=organizations/*/locations/*}:enrollResource
The URL uses gRPC Transcoding syntax.
Path parameters
| Parameters | |
|---|---|
scope |
Required. The resource to be enrolled to the audit manager. Scope format should be resourceType/resource_identifier Eg: projects/{project}/locations/{location}, folders/{folder}/locations/{location} organizations/{organization}/locations/{location} |
Request body
The request body contains data with the following structure:
| JSON representation |
|---|
{
"destinations": [
{
object ( |
| Fields | |
|---|---|
destinations[] |
Required. List of destination among which customer can choose to upload their reports during the audit process. While enrolling at a organization/folder level, customer can choose Cloud storage bucket in any project. If the audit is triggered at project level using the service agent at organization/folder level, all the destination options associated with respective organization/folder level service agent will be available to auditing projects. |
Response body
If successful, the response body contains an instance of Enrollment.
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the scope resource:
auditmanager.locations.enrollResource
For more information, see the IAM documentation.