- NAME
-
- gcloud org-policies set-policy - set an organization policy from a JSON or YAML file
- SYNOPSIS
-
-
gcloud org-policies set-policyPOLICY_FILE[--update-mask=UPDATE_MASK] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
- Sets an organization policy from a JSON or YAML file. The policy will be created if it does not exist, or updated if it already exists.
- EXAMPLES
- Organization policy list constraint YAML file example:
name: projects/PROJECT_ID/policies/CONSTRAINT_NAME spec: rules: - values: denied_values: - VALUE_A
Organization policy list constraint JSON file example:
{ "name" : "projects/PROJECT_ID/policies/CONSTRAINT_NAME" , "spec" : { "rules" : [ { "values" : { "deniedValues" : [ "VALUE_A" ] } } ] } }
To set the policy from the file on the path './sample_path', run:
gcloud org-policies set-policy ./sample_path - POSITIONAL ARGUMENTS
-
-
POLICY_FILE - Path to JSON or YAML file that contains the organization policy.
-
- FLAGS
-
-
--update-mask=UPDATE_MASK - Field mask used to specify the fields to be overwritten in the policy by the
set. The fields specified in the update_mask are relative to the policy, not the
full request. The update-mask flag can be empty, or have values
policy.spec,policy.dry_run_specor*. If the policy does not contain the dry_run_spec and update-mask flag is not provided, then it defaults topolicy.spec.
-
- GCLOUD WIDE FLAGS
- These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details.
gcloud org-policies set-policy
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-05-27 UTC.
