HEX
Server: Apache/2.4.65 (Ubuntu)
System: Linux ielts-store-v2 6.8.0-1036-gcp #38~22.04.1-Ubuntu SMP Thu Aug 14 01:19:18 UTC 2025 x86_64
User: root (0)
PHP: 7.2.34-54+ubuntu20.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /snap/google-cloud-cli/current/help/man/man1/
Upload Files
File: //snap/google-cloud-cli/current/help/man/man1/gcloud_pam_entitlements.1
.TH "GCLOUD_PAM_ENTITLEMENTS" 1



.SH "NAME"
.HP
gcloud pam entitlements \- manage Privileged Access Manager entitlements



.SH "SYNOPSIS"
.HP
\f5gcloud pam entitlements\fR \fICOMMAND\fR [\fIGCLOUD_WIDE_FLAG\ ...\fR]



.SH "DESCRIPTION"

The \f5gcloud pam entitlements\fR command group lets you manage Privileged
Access Manager (PAM) entitlements.



.SH "EXAMPLES"

To create a new entitlement with a name of \f5sample\-entitlement\fR, in a
project named \f5sample\-project\fR, in location \f5global\fR, and the
entitlement configuration stored in a file named \f5sample\-entitlement.yaml\fR,
run:

.RS 2m
$ gcloud pam entitlements create sample\-entitlement \e
  \-\-project=sample\-project \-\-location=global \e
  \-\-entitlement\-file=sample\-entitlement.yaml
.RE

To create a new entitlement with a name of \f5sample\-entitlement\fR, in a
folder with ID \f5\fIFOLDER_ID\fR\fR, in location \f5global\fR, and the
entitlement configuration stored in a file named \f5sample\-entitlement.yaml\fR,
run:

.RS 2m
$ gcloud pam entitlements create sample\-entitlement \e
  \-\-folder=FOLDER_ID \-\-location=global \e
  \-\-entitlement\-file=sample\-entitlement.yaml
.RE

To create a new entitlement with a name of \f5sample\-entitlement\fR, in an
organization with ID \f5\fIORGANIZATION_ID\fR\fR, in location \f5global\fR, and
the entitlement configuration stored in a file named
\f5sample\-entitlement.yaml\fR, run:

.RS 2m
$ gcloud pam entitlements create sample\-entitlement \e
  \-\-organization=ORGANIZATION_ID \-\-location=global \e
  \-\-entitlement\-file=sample\-entitlement.yaml
.RE

To update an entitlement with a name of \f5sample\-entitlement\fR, in a project
named \f5sample\-project\fR, in location \f5global\fR, and the new entitlement
configuration stored in a file named \f5sample\-entitlement.yaml\fR, run:

.RS 2m
$ gcloud pam entitlements update sample\-entitlement \e
  \-\-project=sample\-project \-\-location=global \e
  \-\-entitlement\-file=sample\-entitlement.yaml
.RE

To update an entitlement with a name of \f5sample\-entitlement\fR, in a folder
with ID \f5\fIFOLDER_ID\fR\fR, in location \f5global\fR, and the new entitlement
configuration stored in a file named \f5sample\-entitlement.yaml\fR, run:

.RS 2m
$ gcloud pam entitlements update sample\-entitlement \e
  \-\-folder=FOLDER_ID \-\-location=global \e
  \-\-entitlement\-file=sample\-entitlement.yaml
.RE

To update an entitlement with a name of \f5sample\-entitlement\fR, in an
organization with ID \f5\fIORGANIZATION_ID\fR\fR, in location \f5global\fR, and
the new entitlement configuration stored in a file named
\f5sample\-entitlement.yaml\fR, run:

.RS 2m
$ gcloud pam entitlements update sample\-entitlement \e
  \-\-organization=ORGANIZATION_ID \-\-location=global \e
  \-\-entitlement\-file=sample\-entitlement.yaml
.RE

To describe an entitlement with a name of \f5sample\-entitlement\fR, in a
project named \f5sample\-project\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements describe sample\-entitlement \e
  \-\-project=sample\-project \-\-location=global
.RE

To describe an entitlement with a name of \f5sample\-entitlement\fR, in a folder
with ID \f5\fIFOLDER_ID\fR\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements describe sample\-entitlement \e
  \-\-folder=FOLDER_ID \-\-location=global
.RE

To describe an entitlement with a name of \f5sample\-entitlement\fR, in an
organization with ID \f5\fIORGANIZATION_ID\fR\fR, and in location \f5global\fR,
run:

.RS 2m
$ gcloud pam entitlements describe sample\-entitlement \e
  \-\-organization=ORGANIZATION_ID \-\-location=global
.RE

To search for and list all entitlements for which you are a requester, in a
project named \f5sample\-project\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements search \-\-project=sample\-project \e
  \-\-location=global \-\-caller\-access\-type=grant\-requester
.RE

To search for and list all entitlements for which you are an approver, in a
project named \f5sample\-project\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements search \-\-project=sample\-project \e
  \-\-location=global \-\-caller\-access\-type=grant\-approver
.RE

To search for and list all entitlements for which you are a requester, in a
folder with ID \f5\fIFOLDER_ID\fR\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements search \-\-folder=FOLDER_ID \e
  \-\-location=global \-\-caller\-access\-type=grant\-requester
.RE

To search for and list all entitlements for which you are an approver, in a
folder with ID \f5\fIFOLDER_ID\fR\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements search \-\-folder=FOLDER_ID \e
  \-\-location=global \-\-caller\-access\-type=grant\-approver
.RE

To search for and list all entitlements for which you are a requester, in an
organization with ID \f5\fIORGANIZATION_ID\fR\fR, and in location \f5global\fR,
run:

.RS 2m
$ gcloud pam entitlements search \-\-organization=ORGANIZATION_ID \e
  \-\-location=global \-\-caller\-access\-type=grant\-requester
.RE

To search for and list all entitlements for which you are an approver, in an
organization with ID \f5\fIORGANIZATION_ID\fR\fR, and in location \f5global\fR,
run:

.RS 2m
$ gcloud pam entitlements search \-\-organization=ORGANIZATION_ID \e
  \-\-location=global \-\-caller\-access\-type=grant\-approver
.RE

To list all entitlements in a project named \f5sample\-project\fR and in
location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements list \-\-project=sample\-project \e
  \-\-location=global
.RE

To list all entitlements in a folder with ID \f5\fIFOLDER_ID\fR\fR and in
location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements list \-\-folder=FOLDER_ID \-\-location=global
.RE

To list all entitlements in an organization with ID \f5\fIORGANIZATION_ID\fR\fR
and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements list \-\-organization=ORGANIZATION_ID \e
  \-\-location=global
.RE

To delete an entitlement with a name of \f5sample\-entitlement\fR, in a project
named \f5sample\-project\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements delete sample\-entitlement \e
  \-\-project=sample\-project \-\-location=global
.RE

To delete an entitlement with a name of \f5sample\-entitlement\fR, in a folder
with ID \f5\fIFOLDER_ID\fR\fR, and in location \f5global\fR, run:

.RS 2m
$ gcloud pam entitlements delete sample\-entitlement \e
  \-\-folder=FOLDER_ID \-\-location=global
.RE

To delete an entitlement with a name of \f5sample\-entitlement\fR, in an
organization with ID \f5\fIORGANIZATION_ID\fR\fR, and in location \f5global\fR,
run:

.RS 2m
$ gcloud pam entitlements delete sample\-entitlement \e
  \-\-organization=ORGANIZATION_ID \-\-location=global
.RE

To export an entitlement with a name of \f5sample\-entitlement\fR, in a project
named \f5sample\-project\fR, and in location \f5global\fR to a local YAML file
named \f5sample\-entitlement.yaml\fR, run:

.RS 2m
$ gcloud pam entitlements export sample\-entitlement \e
  \-\-project=sample\-project \-\-location=global \e
  \-\-destination=sample\-entitlement.yaml
.RE

To export an entitlement with a name of \f5sample\-entitlement\fR, in a folder
with ID \f5\fIFOLDER_ID\fR\fR, and in location \f5global\fR to a local YAML file
named \f5sample\-entitlement.yaml\fR, run:

.RS 2m
$ gcloud pam entitlements export sample\-entitlement \e
  \-\-folder=FOLDER_ID \-\-location=global \e
  \-\-destination=sample\-entitlement.yaml
.RE

To export an entitlement with a name of \f5sample\-entitlement\fR, in an
organization with ID \f5\fIORGANIZATION_ID\fR\fR, and in location \f5global\fR
to a local YAML file named \f5sample\-entitlement.yaml\fR, run:

.RS 2m
$ gcloud pam entitlements export sample\-entitlement \e
  \-\-organization=ORGANIZATION_ID \-\-location=global \e
  \-\-destination=sample\-entitlement.yaml
.RE



.SH "GCLOUD WIDE FLAGS"

These flags are available to all commands: \-\-help.

Run \fB$ gcloud help\fR for details.



.SH "COMMANDS"

\f5\fICOMMAND\fR\fR is one of the following:

.RS 2m
.TP 2m
\fBcreate\fR

Create a new Privileged Access Manager (PAM) entitlement.

.TP 2m
\fBdelete\fR

Delete a Privileged Access Manager (PAM) entitlement.

.TP 2m
\fBdescribe\fR

Show details of a Privileged Access Manager (PAM) entitlement.

.TP 2m
\fBexport\fR

Export a Privileged Access Manager (PAM) entitlement into a local YAML file.

.TP 2m
\fBlist\fR

List all Privileged Access Manager (PAM) entitlements under a parent.

.TP 2m
\fBsearch\fR

Search and list all Privileged Access Manager (PAM) entitlements in a parent for
which you are a requester/approver.

.TP 2m
\fBupdate\fR

Update an existing Privileged Access Manager (PAM) entitlement.


.RE
.sp

.SH "NOTES"

These variants are also available:

.RS 2m
$ gcloud alpha pam entitlements
.RE

.RS 2m
$ gcloud beta pam entitlements
.RE
@ Telegram