Edit FalconDeviceControlPolicy - CrowdStrike/psfalcon GitHub Wiki

Edit-FalconDeviceControlPolicy

SYNOPSIS

Modify Falcon Device Control policies

DESCRIPTION

Requires 'Device control policies: Write'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
InputObject Object[] One or more policies to modify in a single request X
Name String Policy name
Description String Policy description
UsbSetting Object USB settings
BluetoothSetting Object Bluetooth settings
Propagated Boolean Propagate policy to child environments
Id String Policy identifier

SYNTAX

Edit-FalconDeviceControlPolicy [[-Name] <String>] [[-Description] <String>] [[-UsbSetting] <Object>] [[-BluetoothSetting] <Object>] [[-Propagated] <Boolean>] -Id <String> [-WhatIf] [-Confirm] [<CommonParameters>]
Edit-FalconDeviceControlPolicy -InputObject <Object[]> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

PATCH /policy/entities/device-control/v2

falconpy

patchDeviceControlPoliciesV2

USAGE

NOTE: As of PSFalcon v2.2.9, Edit-FalconDeviceControlPolicy is no longer used to manage exceptions. Update your code to use Edit-FalconDeviceControlClass instead.

Enable policy settings

$Setting = @{
    enforcement_mode = 'MONITOR_ENFORCE'
    end_user_notifications = 'NOTIFY_USER'
    classes = @(
        @{
            id = 'AUDIO_VIDEO'
            action = 'BLOCK_ALL'
        },
        @{
            id = 'MASS_STORAGE'
            action = 'BLOCK_ALL'
        }
    )
}
Edit-FalconDeviceControlPolicy -Id <id> -Setting $Setting

2026-06-29: PSFalcon v2.2.9

⚠️ **GitHub.com Fallback** ⚠️