Method: organizations.locations.postures.extract

Extracts existing policies from an organization, folder, or project, and applies them to another organization, folder, or project as a Posture.

If the other organization, folder, or project already has a posture, then the result of the long-running operation is an ALREADY_EXISTS error.

HTTP request

POST https://securityposture.googleapis.com/v1/{parent=organizations/*/locations/*}/postures:extract

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
parent

string

Required. The parent resource name, in the format organizations/{organization}/locations/global.

Request body

The request body contains data with the following structure:

JSON representation
{
  "postureId": string,
  "workload": string
}
Fields
postureId

string

Required. An identifier for the posture.

workload

string

Required. The organization, folder, or project from which policies are extracted. Must be within the organization defined in parent.

Use one of the following formats:

  • organization/{organization_number}
  • folder/{folder_number}
  • project/{project_number}

Response body

If successful, the response body contains an instance of Operation.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the parent resource:

  • securityposture.postures.extract

For more information, see the IAM documentation.