- release_tracks: [ALPHA, GA] help_text: brief: Update the given Cloud Security Command Center (SCC) posture. description: | Update a Cloud Security Command Center (SCC) posture. Fields specified in update-mask flag are updated. Updatable fields are state, description and policy_sets. State of the posture can't be updated along with update of other fields. An empty or "*" as field mask will result in update of policy_sets and description. In case of the update of policy_sets, the value mentioned in the update posture request overwrites the exisiting value of policy_sets. Valid state transitions are: a) ACTIVE to DRAFT b) ACTIVE to DEPRECATED c) DRAFT to ACTIVE d) DEPRECATED to ACTIVE The update operation will result in the update of the revision-id specified in the request, unless the posture revision is currently deployed on a workload. A new revision is created for an already deployed posture revision. examples: | Update the revision-id `abcdefgh` of the posture named `foo-posture` in the organization `organizations/123/locations/global`: Change State to ACTIVE. $ {command} organizations/123/locations/global/postures/foo-posture --posture-from-file=update_posture.yaml --revision-id=abcdefgh update_mask=state Contents of update_posture.yaml are | name: organizations/123/locations/global/postures/foo-posture state: ACTIVE Update the revision-id `abcdefgh` of the posture named `foo-posture` in the organization `organizations/123/locations/global`: Change description and policy_sets to the values mentioned in update_posture.yaml $ {command} organizations/123/locations/global/postures/foo-posture --posture-from-file=update_posture.yaml --revision-id=abcdefgh update_mask=description,policy_sets Contents of update_posture.yaml are | name: organizations/123/locations/global/postures/foo-posture description: updated description policy_sets: - policy_set_id: newPolicySet1 policies: - policy_id: newPolicy constraint: org_policy_canned_constraint: canned_constraint_id: storage.uniformBucketLevelAccess policy_rules: enforce: false - policy_set_id: PolicySet2 policies: - policy_id: Policy3 constraint: org_policy_custom_constraint: custom_constraint: name: organizations/9454078371/customConstraints/custom.newConstraint resource_types: container.$$UNIVERSE_DOMAIN$$/NodePool method_types: UPDATE condition: resource.management.autoUpgrade == false action_type: ALLOW policy_rules: enforce: true request: collection: securityposture.organizations.locations.postures api_version: v1alpha method: patch GA: api_version: v1 arguments: resource: spec: !REF googlecloudsdk.command_lib.scc.resources:posture help_text: | Arguments and flags that specify the Posture instance to be updated. params: - arg_name: posture-from-file api_field: posture required: true type: "googlecloudsdk.calliope.arg_parsers:FileContents:" processor: googlecloudsdk.core.yaml:load help_text: | Path of the file containing the details of the field to be updated. Contents include the name of the posture to be updated and value of the fields to be updated. - arg_name: revision-id api_field: revisionId required: true help_text: | Revision ID of the posture to be updated. The same revision ID will be updated in case the posture revision is not deployed on any workload. A new revision will be created for a deployed posture. - arg_name: update-mask api_field: updateMask help_text: | Comma separated string containing list of fields to be updated. async: collection: securityposture.organizations.locations.operations output: format: yaml