The specific fix for the incorrect HREF (https://github.com/ManageIQ/manageiq-api/pull/319) is being targeted for 5.9, the potential RFE request for a new API endpoint will be left to a new RFE BZ.

FIXED. Verified on 5.10.1.2.20190219165527_7a4a22b.

Steps taken to verify the BZ:
1. Create a compliance policy, and create a policy profile and assign the newly created compliance policy to it.
2. Assign the new policy profile to a VM.
3. Query the VM.
GET /api/vms/:id?attributes=compliances

Response: {
  "href": "https://<ip_address>/api/vms/8",
  "id": "8",
  "vendor": "vmware",
  "name": "v2v-rhel8-mini",
    ...
  "compliances": [
    {
      "id": "1",
      "resource_id": "8",
      "resource_type": "VmOrTemplate",
      "compliant": true,
      "timestamp": "2019-03-06T09:48:55Z",
      "updated_on": "2019-03-06T09:48:55Z",
      "event_type": "vm_compliance_check"
    }
  ],
    ...
}