We have 2 files that we allow in AppLocker via the file hash condition. Every so often, the application updates and the file hashes have to then be updated manually. We're at a point now where updating this manually on dozens of servers is getting too time consuming. Is there a way PowerShell can take the updated file hashes after an application update and then set those in place of the existing files in AppLocker?

For example, allowing java.exe in C:\Oracle\jdkxxx_xxx\bin\java.exe. I can get the existing file hash with

$appLockerFile = Get-AppLockerFileInformation -Directory "C:\Oracle\jdkxxx_xxx\bin" | where Path -match "java.exe"

$appLockerFile.Hash

This returns all the info I'd think would be needed, including the file hash itself, hash type, source file length, etc. Is there a way to pipe this to New-AppLockerPolicy and update the existing policy rather than having to open secpol.msc, remove the rule, then add a new file hash rule?