Configura la detección de recursos mediante la API de Security Command Center
Organiza tus páginas con colecciones
Guarda y categoriza el contenido según tus preferencias.
La API de Security Command Center te permite controlar si se activa o desactiva la detección de recursos de Security Command Center en una organización. En esta guía, se muestra cómo obtener la configuración actual de una organización y cómo usar la API para activar la detección de recursos.
No se requiere la detección de recursos, a menos que uses la función de recursos obsoletos de la API de Security Command Center o los comandos de Security Command Center relacionados con los recursos de Google Cloud CLI. El descubrimiento de recursos
no afecta los recursos que se muestran en la página Recursos.
Los roles de IAM de Security Command Center se pueden otorgar a nivel de organización, carpeta o proyecto. Tu capacidad para ver, editar, crear o actualizar resultados, recursos y fuentes de seguridad depende del nivel al que se te otorga acceso. Para obtener más información sobre los roles de Security Command Center, consulta Control de acceso.
fromgoogle.cloudimportsecuritycenterclient=securitycenter.SecurityCenterClient()# organization_id is numeric ID for the organization. e.g.# organization_id = "111112223333"org_settings_name=client.organization_settings_path(organization_id)org_settings=client.get_organization_settings(request={"name":org_settings_name})print(org_settings)
Java
staticOrganizationSettingsgetOrganizationSettings(OrganizationNameorganizationName){try(SecurityCenterClientclient=SecurityCenterClient.create()){// Start setting up a request to get OrganizationSettings for.// OrganizationName organizationName = OrganizationName.of(/*organizationId=*/"123234324");GetOrganizationSettingsRequest.Builderrequest=GetOrganizationSettingsRequest.newBuilder().setName(organizationName.toString()+"/organizationSettings");// Call the API.OrganizationSettingsresponse=client.getOrganizationSettings(request.build());System.out.println("Organization Settings:");System.out.println(response);returnresponse;}catch(IOExceptione){thrownewRuntimeException("Couldn't create client.",e);}}
Go
import("context""fmt""io"securitycenter"cloud.google.com/go/securitycenter/apiv1""cloud.google.com/go/securitycenter/apiv1/securitycenterpb")// getOrgSettings gets and prints the current organization asset discovery// settings to w. orgID is the numeric Organization ID.funcgetOrgSettings(wio.Writer,orgIDstring)error{// orgID := "12321311"// Instantiate a context and a security service client to make API calls.ctx:=context.Background()client,err:=securitycenter.NewClient(ctx)iferr!=nil{returnfmt.Errorf("securitycenter.NewClient: %w",err)}deferclient.Close()// Closing the client safely cleans up background resources.req:=&securitycenterpb.GetOrganizationSettingsRequest{Name:fmt.Sprintf("organizations/%s/organizationSettings",orgID),}settings,err:=client.GetOrganizationSettings(ctx,req)iferr!=nil{returnfmt.Errorf("GetOrganizationSettings: %w",err)}fmt.Fprintf(w,"Retrieved Settings for: %s\n",settings.Name)fmt.Fprintf(w,"Asset Discovery on? %v",settings.EnableAssetDiscovery)returnnil}
Node.js
// Imports the Google Cloud client library.const{SecurityCenterClient}=require('@google-cloud/security-center');// Creates a new client.constclient=newSecurityCenterClient();asyncfunctiongetOrgSettings(){// organizationId is the numeric ID of the organization./* * TODO(developer): Uncomment the following lines */// const organizaionId = "111122222444";constorgName=client.organizationPath(organizationId);const[settings]=awaitclient.getOrganizationSettings({name:`${orgName}/organizationSettings`,});console.log('Current settings: %j',settings);}getOrgSettings();
Activa la detección de recursos
La llamada a la API a continuación usa una máscara de campo, por lo que solo se activa o desactiva la configuración para el descubrimiento de recursos.
Python
fromgoogle.cloudimportsecuritycenterfromgoogle.protobufimportfield_mask_pb2# Create the clientclient=securitycenter.SecurityCenterClient()# organization_id is numeric ID for the organization. e.g.# organization_id = "111112223333"org_settings_name="organizations/{org_id}/organizationSettings".format(org_id=organization_id)# Only update the enable_asset_discovery_value (leave others untouched).field_mask=field_mask_pb2.FieldMask(paths=["enable_asset_discovery"])# Call the service.updated=client.update_organization_settings(request={"organization_settings":{"name":org_settings_name,"enable_asset_discovery":True,},"update_mask":field_mask,})print(f"Asset Discovery Enabled? {updated.enable_asset_discovery}")
Java
staticOrganizationSettingsupdateOrganizationSettings(OrganizationNameorganizationName){try(SecurityCenterClientclient=SecurityCenterClient.create()){// Start setting up a request to update OrganizationSettings for.// OrganizationName organizationName = OrganizationName.of(/*organizationId=*/"123234324");OrganizationSettingsorganizationSettings=OrganizationSettings.newBuilder().setName(organizationName.toString()+"/organizationSettings").setEnableAssetDiscovery(true).build();FieldMaskupdateMask=FieldMask.newBuilder().addPaths("enable_asset_discovery").build();UpdateOrganizationSettingsRequest.Builderrequest=UpdateOrganizationSettingsRequest.newBuilder().setOrganizationSettings(organizationSettings).setUpdateMask(updateMask);// Call the API.OrganizationSettingsresponse=client.updateOrganizationSettings(request.build());System.out.println("Organization Settings have been updated:");System.out.println(response);returnresponse;}catch(IOExceptione){thrownewRuntimeException("Couldn't create client.",e);}}
Go
import("context""fmt""io"securitycenter"cloud.google.com/go/securitycenter/apiv1""cloud.google.com/go/securitycenter/apiv1/securitycenterpb""google.golang.org/genproto/protobuf/field_mask")// Turns on asset discovery for orgID and prints out updated settings to w.// settings. orgID is the numeric Organization ID.funcenableAssetDiscovery(wio.Writer,orgIDstring)error{// orgID := "12321311"// Instantiate a context and a security service client to make API calls.ctx:=context.Background()client,err:=securitycenter.NewClient(ctx)iferr!=nil{returnfmt.Errorf("securitycenter.NewClient: %w",err)}deferclient.Close()// Closing the client safely cleans up background resources.req:=&securitycenterpb.UpdateOrganizationSettingsRequest{OrganizationSettings:&securitycenterpb.OrganizationSettings{Name:fmt.Sprintf("organizations/%s/organizationSettings",orgID),EnableAssetDiscovery:true,},// Only update the asset discovery setting.UpdateMask:&field_mask.FieldMask{Paths:[]string{"enable_asset_discovery"},},}settings,err:=client.UpdateOrganizationSettings(ctx,req)iferr!=nil{returnfmt.Errorf("UpdateOrganizationSettings: %w",err)}fmt.Fprintf(w,"Updated Settings for: %s\n",settings.Name)fmt.Fprintf(w,"Asset discovery on? %v\n",settings.EnableAssetDiscovery)returnnil}
Node.js
// Imports the Google Cloud client library.const{SecurityCenterClient}=require('@google-cloud/security-center');// Creates a new client.constclient=newSecurityCenterClient();asyncfunctionupdateOrgSettings(){// organizationId is the numeric ID of the organization./* * TODO(developer): Uncomment the following lines */// const organizationId = "111122222444";constorgName=client.organizationPath(organizationId);const[newSettings]=awaitclient.updateOrganizationSettings({organizationSettings:{name:`${orgName}/organizationSettings`,enableAssetDiscovery:true,},// Only update the enableAssetDiscovery field.updateMask:{paths:['enable_asset_discovery']},});console.log('New settings: %j',newSettings);}updateOrgSettings();
[[["Fácil de comprender","easyToUnderstand","thumb-up"],["Resolvió mi problema","solvedMyProblem","thumb-up"],["Otro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Información o código de muestra incorrectos","incorrectInformationOrSampleCode","thumb-down"],["Faltan la información o los ejemplos que necesito","missingTheInformationSamplesINeed","thumb-down"],["Problema de traducción","translationIssue","thumb-down"],["Otro","otherDown","thumb-down"]],["Última actualización: 2025-04-03 (UTC)"],[],[]]
