Immutable. The resource name of the Policy, which must be unique. Format: policies/{attachmentPoint}/denypolicies/{policyId}
The attachment point is identified by its URL-encoded full resource name, which means that the forward-slash character, /, must be written as %2F. For example, policies/cloudresourcemanager.googleapis.com%2Fprojects%2Fmy-project/denypolicies/my-deny-policy.
For organizations and folders, use the numeric ID in the full resource name. For projects, requests can use the alphanumeric or the numeric ID. Responses always contain the numeric ID.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-21 UTC."],[[["\u003cp\u003eThis webpage details how to update a policy using a read-modify-write loop, which involves reading the policy, modifying it, and then writing the updated version.\u003c/p\u003e\n"],["\u003cp\u003eThe process uses a \u003ccode\u003ePUT\u003c/code\u003e request to the specified URL format: \u003ccode\u003ehttps://iam.googleapis.com/v2beta/{policy.name=policies/*/*/*}\u003c/code\u003e, employing gRPC Transcoding syntax.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003epolicy.name\u003c/code\u003e path parameter, detailed within the webpage, must be a unique string formatted as \u003ccode\u003epolicies/{attachmentPoint}/denypolicies/{policyId}\u003c/code\u003e, with forward-slashes encoded as \u003ccode\u003e%2F\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe request body for updating a policy must contain a \u003ccode\u003ePolicy\u003c/code\u003e instance, while the response body for a successful update will contain an \u003ccode\u003eOperation\u003c/code\u003e instance.\u003c/p\u003e\n"],["\u003cp\u003eUpdating a policy requires authorization scopes \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e or \u003ccode\u003ehttps://www.googleapis.com/auth/iam\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,["# Method: policies.update\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [Examples](#examples)\n- [Try it!](#try-it)\n\nUpdates the specified policy.\n\nYou can update only the rules and the display name for the policy.\n\nTo update a policy, you should use a read-modify-write loop:\n\n1. Use [policies.get](/iam/docs/reference/rest/v2beta/policies/get#google.iam.v2beta.Policies.GetPolicy) to read the current version of the policy.\n2. Modify the policy as needed.\n3. Use `policies.update` to write the updated policy.\n\nThis pattern helps prevent conflicts between concurrent updates.\n\n### HTTP request\n\n`PUT https://iam.googleapis.com/v2beta/{policy.name=policies/*/*/*}`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains an instance of [Policy](/iam/docs/reference/rest/v2beta/policies#Policy).\n\n### Response body\n\nIf successful, the response body contains an instance of [Operation](/iam/docs/reference/rest/Shared.Types/Operation).\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n- `\n https://www.googleapis.com/auth/iam`\n\nFor more information, see the [Authentication Overview](/docs/authentication#authorization-gcp)."]]