File: //snap/google-cloud-cli/current/help/man/man1/gcloud_alpha_scc_postures_update.1
.TH "GCLOUD_ALPHA_SCC_POSTURES_UPDATE" 1
.SH "NAME"
.HP
gcloud alpha scc postures update \- update the given Cloud Security Command Center posture
.SH "SYNOPSIS"
.HP
\f5gcloud alpha scc postures update\fR (\fIPOSTURE\fR\ :\ \fB\-\-location\fR=\fILOCATION\fR\ \fB\-\-organization\fR=\fIORGANIZATION\fR) \fB\-\-posture\-from\-file\fR=\fIPATH_TO_FILE\fR \fB\-\-revision\-id\fR=\fIREVISION_ID\fR [\fB\-\-async\fR] [\fB\-\-update\-mask\fR=\fIUPDATE_MASK\fR] [\fIGCLOUD_WIDE_FLAG\ ...\fR]
.SH "DESCRIPTION"
\fB(ALPHA)\fR Update a Cloud Security Command Center (SCC) posture.
Fields specified in update\-mask flag are updated. Updatable fields are state,
description and policy_sets. State of the posture can't be updated along with
update of other fields. An empty or "\fB" as field mask will result in update of
policy_sets and description. In case of the update of policy_sets, the value
mentioned in the update posture request overwrites the exisiting value of
policy_sets.
Valid state transitions are: a) ACTIVE to DRAFT b) ACTIVE to DEPRECATED c) DRAFT
to ACTIVE d) DEPRECATED to ACTIVE
The update operation will result in the update of the revision\-id specified in
the request, unless the posture revision is currently deployed on a workload. A
new revision is created for an already deployed posture revision.
\fR
.SH "EXAMPLES"
Update the revision\-id \f5abcdefgh\fR of the posture named \f5foo\-posture\fR
in the organization \f5organizations/123/locations/global\fR: Change State to
ACTIVE..RS 2m
$ gcloud alpha scc postures update \e
organizations/123/locations/global/postures/foo\-posture \e
\-\-posture\-from\-file=update_posture.yaml \-\-revision\-id=abcdefgh \e
update_mask=state
.RE
.RS 2m
Contents of update_posture.yaml are |
name: organizations/123/locations/global/postures/foo\-posture
state: ACTIVE
.RE
Update the revision\-id \f5abcdefgh\fR of the posture named \f5foo\-posture\fR
in the organization \f5organizations/123/locations/global\fR: Change description
and policy_sets to the values mentioned in update_posture.yaml.RS 2m
$ gcloud alpha scc postures update \e
organizations/123/locations/global/postures/foo\-posture \e
\-\-posture\-from\-file=update_posture.yaml \-\-revision\-id=abcdefgh \e
update_mask=description,policy_sets
.RE
.RS 2m
Contents of update_posture.yaml are |
name: organizations/123/locations/global/postures/foo\-posture
description: updated description
policy_sets:
\- policy_set_id: newPolicySet1
policies:
\- policy_id: newPolicy
constraint:
org_policy_canned_constraint:
canned_constraint_id: storage.uniformBucketLevelAccess
policy_rules:
enforce: false
\- policy_set_id: PolicySet2
policies:
\- policy_id: Policy3
constraint:
org_policy_custom_constraint:
custom_constraint:
name: organizations/9454078371/customConstraints/custom.newConstraint
resource_types: container.$$UNIVERSE_DOMAIN$$/NodePool
method_types: UPDATE
condition: resource.management.autoUpgrade == false
action_type: ALLOW
policy_rules:
enforce: true
.RE
.SH "POSITIONAL ARGUMENTS"
.RS 2m
.TP 2m
Posture resource \- Arguments and flags that specify the Posture instance to be
updated. The arguments in this group can be used to specify the attributes of
this resource.
This must be specified.
.RS 2m
.TP 2m
\fIPOSTURE\fR
ID of the posture or fully qualified identifier for the posture.
To set the \f5posture\fR attribute:
.RS 2m
.IP "\(bu" 2m
provide the argument \f5posture\fR on the command line.
.RE
.sp
This positional argument must be specified if any of the other arguments in this
group are specified.
.TP 2m
\fB\-\-location\fR=\fILOCATION\fR
ID of the location where the resource exists (for example, global).
To set the \f5location\fR attribute:
.RS 2m
.IP "\(bu" 2m
provide the argument \f5posture\fR on the command line with a fully specified
name;
.IP "\(bu" 2m
provide the argument \f5\-\-location\fR on the command line.
.RE
.sp
.TP 2m
\fB\-\-organization\fR=\fIORGANIZATION\fR
ID of the organization which is the parent of the resource.
To set the \f5organization\fR attribute:
.RS 2m
.IP "\(bu" 2m
provide the argument \f5posture\fR on the command line with a fully specified
name;
.IP "\(bu" 2m
provide the argument \f5\-\-organization\fR on the command line.
.RE
.sp
.RE
.RE
.sp
.SH "REQUIRED FLAGS"
.RS 2m
.TP 2m
\fB\-\-posture\-from\-file\fR=\fIPATH_TO_FILE\fR
Path of the file containing the details of the field to be updated. Contents
include the name of the posture to be updated and value of the fields to be
updated. Use a full or relative path to a local file containing the value of
posture.
.TP 2m
\fB\-\-revision\-id\fR=\fIREVISION_ID\fR
Revision ID of the posture to be updated. The same revision ID will be updated
in case the posture revision is not deployed on any workload. A new revision
will be created for a deployed posture.
.RE
.sp
.SH "OPTIONAL FLAGS"
.RS 2m
.TP 2m
\fB\-\-async\fR
Return immediately, without waiting for the operation in progress to complete.
.TP 2m
\fB\-\-update\-mask\fR=\fIUPDATE_MASK\fR
Comma separated string containing list of fields to be updated.
.RE
.sp
.SH "GCLOUD WIDE FLAGS"
These flags are available to all commands: \-\-access\-token\-file, \-\-account,
\-\-billing\-project, \-\-configuration, \-\-flags\-file, \-\-flatten,
\-\-format, \-\-help, \-\-impersonate\-service\-account, \-\-log\-http,
\-\-project, \-\-quiet, \-\-trace\-token, \-\-user\-output\-enabled,
\-\-verbosity.
Run \fB$ gcloud help\fR for details.
.SH "API REFERENCE"
This command uses the \fBsecurityposture/v1alpha\fR API. The full documentation
for this API can be found at: https://cloud.google.com/security\-command\-center
.SH "NOTES"
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation\-only early access
allowlist. This variant is also available:
.RS 2m
$ gcloud scc postures update
.RE