Enable asset discovery

Stay organized with collections Save and categorize content based on your preferences.

Demonstrates how to enable or disable asset discovery

Explore further

For detailed documentation that includes this code sample, see the following:

Code sample


import (

	securitycenter "cloud.google.com/go/securitycenter/apiv1"

// Turns on asset discovery for orgID and prints out updated settings to w.
// settings. orgID is the numeric Organization ID.
func enableAssetDiscovery(w io.Writer, orgID string) error {
	// orgID := "12321311"
	// Instantiate a context and a security service client to make API calls.
	ctx := context.Background()
	client, err := securitycenter.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("securitycenter.NewClient: %v", err)
	defer client.Close() // Closing the client safely cleans up background resources.

	req := &securitycenterpb.UpdateOrganizationSettingsRequest{
		OrganizationSettings: &securitycenterpb.OrganizationSettings{
			Name:                 fmt.Sprintf("organizations/%s/organizationSettings", orgID),
			EnableAssetDiscovery: true,
		// Only update the asset discovery setting.
		UpdateMask: &field_mask.FieldMask{
			Paths: []string{"enable_asset_discovery"},
	settings, err := client.UpdateOrganizationSettings(ctx, req)
	if err != nil {
		return fmt.Errorf("UpdateOrganizationSettings: %v", err)
	fmt.Fprintf(w, "Updated Settings for: %s\n", settings.Name)
	fmt.Fprintf(w, "Asset discovery on? %v\n", settings.EnableAssetDiscovery)
	return nil


static OrganizationSettings updateOrganizationSettings(OrganizationName organizationName) {
  try (SecurityCenterClient client = SecurityCenterClient.create()) {
    // Start setting up a request to update OrganizationSettings for.
    // OrganizationName organizationName = OrganizationName.of(/*organizationId=*/"123234324");
    OrganizationSettings organizationSettings =
            .setName(organizationName.toString() + "/organizationSettings")
    FieldMask updateMask = FieldMask.newBuilder().addPaths("enable_asset_discovery").build();

    UpdateOrganizationSettingsRequest.Builder request =

    // Call the API.
    OrganizationSettings response = client.updateOrganizationSettings(request.build());

    System.out.println("Organization Settings have been updated:");
    return response;
  } catch (IOException e) {
    throw new RuntimeException("Couldn't create client.", e);


// Imports the Google Cloud client library.
const {SecurityCenterClient} = require('@google-cloud/security-center');

// Creates a new client.
const client = new SecurityCenterClient();

async function updateOrgSettings() {
  //  organizationId is the numeric ID of the organization.
   * TODO(developer): Uncomment the following lines
  // const organizationId = "111122222444";
  const orgName = client.organizationPath(organizationId);
  const [newSettings] = await client.updateOrganizationSettings({
    organizationSettings: {
      name: `${orgName}/organizationSettings`,
      enableAssetDiscovery: true,
    // Only update the enableAssetDiscovery field.
    updateMask: {paths: ['enable_asset_discovery']},

  console.log('New settings: %j', newSettings);


from google.cloud import securitycenter
from google.protobuf import field_mask_pb2

# Create the client
client = securitycenter.SecurityCenterClient()
# organization_id is numeric ID for the organization. e.g.
# organization_id = "111112223333"
org_settings_name = "organizations/{org_id}/organizationSettings".format(
# Only update the enable_asset_discovery_value (leave others untouched).
field_mask = field_mask_pb2.FieldMask(paths=["enable_asset_discovery"])
# Call the service.
updated = client.update_organization_settings(
        "organization_settings": {
            "name": org_settings_name,
            "enable_asset_discovery": True,
        "update_mask": field_mask,
print("Asset Discovery Enabled? {}".format(updated.enable_asset_discovery))

What's next

To search and filter code samples for other Google Cloud products, see the Google Cloud sample browser.