Skip to main content

Get Cloud Account Status (GCP)



Lists the status of a GCP Cloud account. You can use this API to verify the status of the security capabilities which you will be onboarding on Prisma Cloud.



    accountGroupCreationMode string

    Possible values: [MANUAL, AUTO, RECURSIVE]

    Default value: MANUAL

    MANUAL: Account will be mapped to the account group mentioned in defaultAccountGroupId.

    AUTO: Automatically creates account groups for each top-level folder in the hierarchy.

    RECURSIVE: Automatically creates account groups for the folders that are nested within the GCP organization hierarchy.

    Applicable only if the accountType is organization.

    cloudAccount objectrequired
    accountId stringrequired

    Organization resource ID if accountType is organization.

    Project ID if accountType is account or masterServiceAccount.

    Workspace domain name if accountType is workspace_domain.

    accountType stringrequired

    Possible values: [account, masterServiceAccount, organization, workspace_domain]

    Cloud Account Type.

    account: GCP Project

    organization: GCP Organization

    masterServiceAccount: Onboard all GCP projects that are accessible by the service account

    workspace_domain: GCP Workspace

    enabled boolean

    Enable or disable this account on Prisma Cloud.

    Default value: false

    groupIds string[]

    List of Account Groups that must be mapped to this account. To get the account group ids,call List Account Groups API

    name stringrequired

    Account name for the GCP account that will be onboarded on Prisma Cloud. (must be unique)

    projectId string

    ID of the project.

    Get the project ID from the credentials json file that is generated from the GCP Terraform template.

    compressionEnabled boolean

    Enable or disable compressed network flow log generation.

    Default value: false

    credentials objectrequired

    Add contents of the JSON file, which contains the credentials, that is generated from the GCP Terraform template.

    auth_provider_x509_cert_url string
    auth_uri string
    client_email string
    client_id string
    client_x509_cert_url string
    private_key string
    private_key_id string
    project_id string
    token_uri string
    type string
    dataflowEnabledProject string

    Project ID where the Dataflow API is enabled .

    Required if compressionEnabled is set to true and if the accountType is organization.

    Optional if the accountType is account or masterServiceAccount

    defaultAccountGroupId stringrequired

    Applicable only

    • If accountType is organization and accountGroupCreationMode is MANUAL.

    • If accountType is masterServiceAccount.

    features object[]

    Features to be enabled and/ or disabled. To get a list of all the supported features, see Fetch Supported Features endpoint

  • Array [
  • defaultMemberState string

    Possible values: [enabled, disabled]

    Enable or disable the feature for all the member accounts linked to this organization. You can enable or disable the defaultMemberState only if the feature state is enabled for the organization. Applicable only for Serverless Function Scanning and Agentless Workload Scanning features.

    name string

    Feature name obtained from Fetch Supported Features endpoint

    state string

    Possible values: [enabled, disabled]

    Feature state. Whether to be enabled or disabled

  • ]
  • flowLogStorageBucket string

    Cloud Storage Bucket name that is used store the flow logs.

    hierarchySelection object[]

    Applicable only if accountType is organization.

    Include/Exclude a list of GCP folders, GCP projects under the organization.

  • Array [
  • displayName string

    To get the display name of resource, Refer List Children of Parent.

    aws: List Children of Parent (AWS)

    gcp: List Children of Parent (GCP). Display name is the organization name if nodeType is ORG

    azure: List Children of Parent (Azure)

    nodeType string


    Member account node type. Supported values based on cloud type:

    aws: ORG, OU, or ACCOUNT

    gcp: ORG, FOLDER, or PROJECT


    resourceId string

    To get the list of resource IDs and its details, Refer List Children of Parent.

    aws: List Children of Parent (AWS)

    gcp: List Children of Parent (GCP)

    azure: List Children of Parent (Azure)

    selectionType string

    Possible values: [ALL, INCLUDE, EXCLUDE]

    Organization Member accounts Selection type.

    ALL: Include the resource and all its children

    INCLUDE: Include the specified resource

    EXCLUDE: Exclude the specified resource

  • ]
  • organizationName string

    GCP Organization name


successful operation

  • Array [
  • id string
    name string
    status string
    statusMessage object
    message string
    staticMessage boolean
  • ]