File: //snap/google-cloud-cli/current/help/man/man1/gcloud_org-policies_set-policy.1
.TH "GCLOUD_ORG\-POLICIES_SET\-POLICY" 1
.SH "NAME"
.HP
gcloud org\-policies set\-policy \- set an organization policy from a JSON or YAML file
.SH "SYNOPSIS"
.HP
\f5gcloud org\-policies set\-policy\fR \fIPOLICY_FILE\fR [\fB\-\-update\-mask\fR=\fIUPDATE_MASK\fR] [\fIGCLOUD_WIDE_FLAG\ ...\fR]
.SH "DESCRIPTION"
Sets an organization policy from a JSON or YAML file. The policy will be created
if it does not exist, or updated if it already exists.
.SH "EXAMPLES"
Organization policy list constraint YAML file example:
.RS 2m
name: projects/PROJECT_ID/policies/CONSTRAINT_NAME
spec:
rules:
\- values:
denied_values:
\- VALUE_A
.RE
Organization policy list constraint JSON file example:
.RS 2m
{
"name": "projects/PROJECT_ID/policies/CONSTRAINT_NAME",
"spec": {
"rules": [
{
"values": {
"deniedValues": ["VALUE_A"]
}
}
]
}
}
.RE
To set the policy from the file on the path './sample_path', run:
.RS 2m
$ gcloud org\-policies set\-policy ./sample_path
.RE
.SH "POSITIONAL ARGUMENTS"
.RS 2m
.TP 2m
\fIPOLICY_FILE\fR
Path to JSON or YAML file that contains the organization policy.
.RE
.sp
.SH "FLAGS"
.RS 2m
.TP 2m
\fB\-\-update\-mask\fR=\fIUPDATE_MASK\fR
Field mask used to specify the fields to be overwritten in the policy by the
set. The fields specified in the update_mask are relative to the policy, not the
full request. The update\-mask flag can be empty, or have values
\f5policy.spec\fR, \f5policy.dry_run_spec\fR or \f5*\fR. If the policy does not
contain the dry_run_spec and update\-mask flag is not provided, then it defaults
to \f5policy.spec\fR.
.RE
.sp
.SH "GCLOUD WIDE FLAGS"
These flags are available to all commands: \-\-access\-token\-file, \-\-account,
\-\-billing\-project, \-\-configuration, \-\-flags\-file, \-\-flatten,
\-\-format, \-\-help, \-\-impersonate\-service\-account, \-\-log\-http,
\-\-project, \-\-quiet, \-\-trace\-token, \-\-user\-output\-enabled,
\-\-verbosity.
Run \fB$ gcloud help\fR for details.