## UpdateOrganizationPolicies

`client.Organizations.Policies.Update(ctx, body) (*OrganizationPolicyUpdateResponse, error)`

**post** `/gitpod.v1.OrganizationService/UpdateOrganizationPolicies`

Updates organization policy settings.

Use this method to:

- Configure editor restrictions
- Set environment resource limits
- Define project creation permissions
- Customize default configurations

### Examples

- Update editor policies:

  Restricts available editors and sets a default.

  ```yaml
  organizationId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
  allowedEditorIds:
    - "vscode"
    - "jetbrains"
  defaultEditorId: "vscode"
  ```

- Set environment limits:

  Configures limits for environment usage.

  ```yaml
  organizationId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
  maximumEnvironmentTimeout: "3600s"
  maximumRunningEnvironmentsPerUser: "5"
  maximumEnvironmentsPerUser: "20"
  ```

### Parameters

- `body OrganizationPolicyUpdateParams`

  - `OrganizationID param.Field[string]`

    organization_id is the ID of the organization to update policies for

  - `AgentPolicy param.Field[OrganizationPolicyUpdateParamsAgentPolicy]`

    agent_policy contains agent-specific policy settings

    - `CommandDenyList []string`

      command_deny_list contains a list of commands that agents are not allowed to execute

    - `ConversationSharingPolicy ConversationSharingPolicy`

      conversation_sharing_policy controls whether agent conversations can be shared

      - `const ConversationSharingPolicyUnspecified ConversationSharingPolicy = "CONVERSATION_SHARING_POLICY_UNSPECIFIED"`

      - `const ConversationSharingPolicyDisabled ConversationSharingPolicy = "CONVERSATION_SHARING_POLICY_DISABLED"`

      - `const ConversationSharingPolicyOrganization ConversationSharingPolicy = "CONVERSATION_SHARING_POLICY_ORGANIZATION"`

    - `MaxSubagentsPerEnvironment int64`

      max_subagents_per_environment limits the number of non-terminal sub-agents
      a parent can have running simultaneously in the same environment.
      Valid range: 0-10. Zero means use the default (5).

    - `McpDisabled bool`

      mcp_disabled controls whether MCP (Model Context Protocol) is disabled for agents

    - `ScmToolsAllowedGroupID string`

      scm_tools_allowed_group_id restricts SCM tools access to members of this group.
      Empty means no restriction (all users can use SCM tools if not disabled).

    - `ScmToolsDisabled bool`

      scm_tools_disabled controls whether SCM (Source Control Management) tools are disabled for agents

  - `AllowedEditorIDs param.Field[[]string]`

    allowed_editor_ids is the list of editor IDs that are allowed to be used in the organization

  - `AllowLocalRunners param.Field[bool]`

    allow_local_runners controls whether local runners are allowed to be used in the organization

  - `DefaultEditorID param.Field[string]`

    default_editor_id is the default editor ID to be used when a user doesn't specify one

  - `DefaultEnvironmentImage param.Field[string]`

    default_environment_image is the default container image when none is defined in repo

  - `DeleteArchivedEnvironmentsAfter param.Field[string]`

    delete_archived_environments_after controls how long archived environments are kept before automatic deletion.
    0 means no automatic deletion. Maximum duration is 4 weeks (2419200 seconds).

  - `EditorVersionRestrictions param.Field[map[string, OrganizationPolicyUpdateParamsEditorVersionRestrictions]]`

    editor_version_restrictions restricts which editor versions can be used.
    Maps editor ID to version policy with allowed major versions.

    - `AllowedVersions []string`

      allowed_versions lists the versions that are allowed
      If empty, we will use the latest version of the editor

      Examples for JetBrains: `["2025.2", "2025.1", "2024.3"]`

  - `MaximumEnvironmentLifetime param.Field[string]`

    maximum_environment_lifetime controls for how long environments are allowed to be reused.
    0 means no maximum lifetime. Maximum duration is 180 days (15552000 seconds).

  - `MaximumEnvironmentsPerUser param.Field[string]`

    maximum_environments_per_user limits total environments (running or stopped) per user

  - `MaximumEnvironmentTimeout param.Field[string]`

    maximum_environment_timeout controls the maximum timeout allowed for environments in seconds.
    0 means no limit (never). Minimum duration is 30 minutes (1800 seconds).
    value must be 0s (no limit) or at least 1800s (30 minutes):

    ```
    this == duration('0s') || this >= duration('1800s')
    ```

  - `MaximumRunningEnvironmentsPerUser param.Field[string]`

    maximum_running_environments_per_user limits simultaneously running environments per user

  - `MembersCreateProjects param.Field[bool]`

    members_create_projects controls whether members can create projects

  - `MembersRequireProjects param.Field[bool]`

    members_require_projects controls whether environments can only be created from projects by non-admin users

  - `PortSharingDisabled param.Field[bool]`

    port_sharing_disabled controls whether user-initiated port sharing is disabled in the organization.
    System ports (VS Code Browser, agents) are always exempt from this policy.

  - `RequireCustomDomainAccess param.Field[bool]`

    require_custom_domain_access controls whether users must access via custom domain
    when one is configured. When true, access via app.gitpod.io is blocked.

  - `RestrictAccountCreationToScim param.Field[bool]`

    restrict_account_creation_to_scim controls whether account creation is restricted to SCIM-provisioned users only.
    When true and SCIM is configured for the organization, only users provisioned via SCIM can create accounts.

  - `SecurityAgentPolicy param.Field[OrganizationPolicyUpdateParamsSecurityAgentPolicy]`

    security_agent_policy contains security agent configuration updates

    - `Crowdstrike OrganizationPolicyUpdateParamsSecurityAgentPolicyCrowdstrike`

      crowdstrike contains CrowdStrike Falcon configuration updates

      - `AdditionalOptions map[string, string]`

        additional_options contains additional FALCONCTL_OPT_* options as key-value pairs

      - `CidSecretID string`

        cid_secret_id references an organization secret containing the Customer ID (CID)

      - `Enabled bool`

        enabled controls whether CrowdStrike Falcon is deployed to environments

      - `Image string`

        image is the CrowdStrike Falcon sensor container image reference

      - `Tags string`

        tags are optional tags to apply to the Falcon sensor

  - `VetoExecPolicy param.Field[VetoExecPolicy]`

    veto_exec_policy contains the veto exec policy for environments.

### Returns

- `type OrganizationPolicyUpdateResponse interface{…}`

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/gitpod-io/gitpod-sdk-go"
  "github.com/gitpod-io/gitpod-sdk-go/option"
)

func main() {
  client := gitpod.NewClient(
    option.WithBearerToken("My Bearer Token"),
  )
  policy, err := client.Organizations.Policies.Update(context.TODO(), gitpod.OrganizationPolicyUpdateParams{
    OrganizationID: gitpod.F("b0e12f6c-4c67-429d-a4a6-d9838b5da047"),
    MaximumEnvironmentsPerUser: gitpod.F("20"),
    MaximumEnvironmentTimeout: gitpod.F("3600s"),
    MaximumRunningEnvironmentsPerUser: gitpod.F("5"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", policy)
}
```

#### Response

```json
{}
```