HEX
Server: Apache/2.4.65 (Ubuntu)
System: Linux ielts-store-v2 6.8.0-1036-gcp #38~22.04.1-Ubuntu SMP Thu Aug 14 01:19:18 UTC 2025 x86_64
User: root (0)
PHP: 7.2.34-54+ubuntu20.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /snap/google-cloud-cli/394/help/man/man1/
Upload Files
File: //snap/google-cloud-cli/394/help/man/man1/gcloud_pam_grants.1
.TH "GCLOUD_PAM_GRANTS" 1



.SH "NAME"
.HP
gcloud pam grants \- manage Privileged Access Manager grants



.SH "SYNOPSIS"
.HP
\f5gcloud pam grants\fR \fICOMMAND\fR [\fIGCLOUD_WIDE_FLAG\ ...\fR]



.SH "DESCRIPTION"

The \f5gcloud pam grants\fR command group lets you manage Privileged Access
Manager (PAM) grants.



.SH "EXAMPLES"

To create a new grant against an entitlement with the full name
\f5\fIENTITLEMENT_NAME\fR\fR, a requested duration of \f51 hour 30 minutes\fR, a
justification of \f5some justification\fR, and two additional email recipients
\f5abc@example.com\fR and \f5xyz@example.com\fR, run:

.RS 2m
$ gcloud pam grants create \-\-entitlement=ENTITLEMENT_NAME \e
  \-\-requested\-duration=5400s \e
  \-\-justification="some justification" \e
  \-\-additional\-email\-recipients=abc@example.com,xyz@example.com
.RE

To describe a grant with the full name \f5\fIGRANT_NAME\fR\fR, run:

.RS 2m
$ gcloud pam grants describe GRANT_NAME
.RE

To list all grants associated with an entitlement with the full name
\f5\fIENTITLEMENT_NAME\fR\fR, run:

.RS 2m
$ gcloud pam grants list \-\-entitlement=ENTITLEMENT_NAME
.RE

To deny a grant with the full name \f5\fIGRANT_NAME\fR\fR and a reason \f5denial
reason\fR, run:

.RS 2m
$ gcloud pam grants deny GRANT_NAME \-\-reason="denial reason"
.RE

To approve a grant with the full name \f5\fIGRANT_NAME\fR\fR and a reason
\f5approval reason\fR, run:

.RS 2m
$ gcloud pam grants approve GRANT_NAME \-\-reason="approval reason"
.RE

To revoke a grant with the full name \f5\fIGRANT_NAME\fR\fR and a reason
\f5revoke reason\fR, run:

.RS 2m
$ gcloud pam grants revoke GRANT_NAME \-\-reason="revoke reason"
.RE

To search for and list all grants that you have created that are associated with
an entitlement with the full name \f5\fIENTITLEMENT_NAME\fR\fR, run:

.RS 2m
$ gcloud pam grants search \-\-entitlement=ENTITLEMENT_NAME \e
  \-\-caller\-relationship=had\-created
.RE

To search for and list all grants that you have approved or denied, that are
associated with an entitlement with the full name \f5\fIENTITLEMENT_NAME\fR\fR,
run:

.RS 2m
$ gcloud pam grants search \-\-entitlement=ENTITLEMENT_NAME \e
  \-\-caller\-relationship=had\-approved
.RE

To search for and list all grants that you can approve that are associated with
an entitlement with the full name \f5\fIENTITLEMENT_NAME\fR\fR, run:

.RS 2m
$ gcloud pam grants search \-\-entitlement=ENTITLEMENT_NAME \e
  \-\-caller\-relationship=can\-approve
.RE



.SH "GCLOUD WIDE FLAGS"

These flags are available to all commands: \-\-help.

Run \fB$ gcloud help\fR for details.



.SH "COMMANDS"

\f5\fICOMMAND\fR\fR is one of the following:

.RS 2m
.TP 2m
\fBapprove\fR

Approve a Privileged Access Manager (PAM) grant.

.TP 2m
\fBcreate\fR

Create a new Privileged Access Manager (PAM) grant.

.TP 2m
\fBdeny\fR

Deny a Privileged Access Manager (PAM) grant.

.TP 2m
\fBdescribe\fR

Show details of a Privileged Access Manager (PAM) grant.

.TP 2m
\fBlist\fR

List all Privileged Access Manager (PAM) grants associated with an entitlement.

.TP 2m
\fBrevoke\fR

Revoke a Privileged Access Manager (PAM) grant.

.TP 2m
\fBsearch\fR

Search for and list all Privileged Access Manager (PAM) grants you have created,
have approved, or can approve.


.RE
.sp

.SH "NOTES"

These variants are also available:

.RS 2m
$ gcloud alpha pam grants
.RE

.RS 2m
$ gcloud beta pam grants
.RE
@ Telegram