gcloud alpha pam entitlements

NAME
gcloud alpha pam entitlements - manage Privileged Access Manager entitlements
SYNOPSIS
gcloud alpha pam entitlements COMMAND [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) The gcloud pam entitlements command group lets you manage Privileged Access Manager (PAM) entitlements.
EXAMPLES
To create a new entitlement with a name of sample-entitlement, in a project named sample-project, in location global, and the entitlement configuration stored in a file named sample-entitlement.yaml, run:
gcloud alpha pam entitlements create sample-entitlement --project=sample-project --location=global --entitlement-file=sample-entitlement.yaml

To create a new entitlement with a name of sample-entitlement, in a folder with ID FOLDER_ID, in location global, and the entitlement configuration stored in a file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements create sample-entitlement --folder=FOLDER_ID --location=global --entitlement-file=sample-entitlement.yaml

To create a new entitlement with a name of sample-entitlement, in an organization with ID ORGANIZATION_ID, in location global, and the entitlement configuration stored in a file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements create sample-entitlement --organization=ORGANIZATION_ID --location=global --entitlement-file=sample-entitlement.yaml

To update an entitlement with a name of sample-entitlement, in a project named sample-project, in location global, and the new entitlement configuration stored in a file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements update sample-entitlement --project=sample-project --location=global --entitlement-file=sample-entitlement.yaml

To update an entitlement with a name of sample-entitlement, in a folder with ID FOLDER_ID, in location global, and the new entitlement configuration stored in a file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements update sample-entitlement --folder=FOLDER_ID --location=global --entitlement-file=sample-entitlement.yaml

To update an entitlement with a name of sample-entitlement, in an organization with ID ORGANIZATION_ID, in location global, and the new entitlement configuration stored in a file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements update sample-entitlement --organization=ORGANIZATION_ID --location=global --entitlement-file=sample-entitlement.yaml

To describe an entitlement with a name of sample-entitlement, in a project named sample-project, and in location global, run:

gcloud alpha pam entitlements describe sample-entitlement --project=sample-project --location=global

To describe an entitlement with a name of sample-entitlement, in a folder with ID FOLDER_ID, and in location global, run:

gcloud alpha pam entitlements describe sample-entitlement --folder=FOLDER_ID --location=global

To describe an entitlement with a name of sample-entitlement, in an organization with ID ORGANIZATION_ID, and in location global, run:

gcloud alpha pam entitlements describe sample-entitlement --organization=ORGANIZATION_ID --location=global

To search for and list all entitlements for which you are a requester, in a project named sample-project, and in location global, run:

gcloud alpha pam entitlements search --project=sample-project --location=global --caller-access-type=grant-requester

To search for and list all entitlements for which you are an approver, in a project named sample-project, and in location global, run:

gcloud alpha pam entitlements search --project=sample-project --location=global --caller-access-type=grant-approver

To search for and list all entitlements for which you are a requester, in a folder with ID FOLDER_ID, and in location global, run:

gcloud alpha pam entitlements search --folder=FOLDER_ID --location=global --caller-access-type=grant-requester

To search for and list all entitlements for which you are an approver, in a folder with ID FOLDER_ID, and in location global, run:

gcloud alpha pam entitlements search --folder=FOLDER_ID --location=global --caller-access-type=grant-approver

To search for and list all entitlements for which you are a requester, in an organization with ID ORGANIZATION_ID, and in location global, run:

gcloud alpha pam entitlements search --organization=ORGANIZATION_ID --location=global --caller-access-type=grant-requester

To search for and list all entitlements for which you are an approver, in an organization with ID ORGANIZATION_ID, and in location global, run:

gcloud alpha pam entitlements search --organization=ORGANIZATION_ID --location=global --caller-access-type=grant-approver

To list all entitlements in a project named sample-project and in location global, run:

gcloud alpha pam entitlements list --project=sample-project --location=global

To list all entitlements in a folder with ID FOLDER_ID and in location global, run:

gcloud alpha pam entitlements list --folder=FOLDER_ID --location=global

To list all entitlements in an organization with ID ORGANIZATION_ID and in location global, run:

gcloud alpha pam entitlements list --organization=ORGANIZATION_ID --location=global

To delete an entitlement with a name of sample-entitlement, in a project named sample-project, and in location global, run:

gcloud alpha pam entitlements delete sample-entitlement --project=sample-project --location=global

To delete an entitlement with a name of sample-entitlement, in a folder with ID FOLDER_ID, and in location global, run:

gcloud alpha pam entitlements delete sample-entitlement --folder=FOLDER_ID --location=global

To delete an entitlement with a name of sample-entitlement, in an organization with ID ORGANIZATION_ID, and in location global, run:

gcloud alpha pam entitlements delete sample-entitlement --organization=ORGANIZATION_ID --location=global

To export an entitlement with a name of sample-entitlement, in a project named sample-project, and in location global to a local YAML file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements export sample-entitlement --project=sample-project --location=global --destination=sample-entitlement.yaml

To export an entitlement with a name of sample-entitlement, in a folder with ID FOLDER_ID, and in location global to a local YAML file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements export sample-entitlement --folder=FOLDER_ID --location=global --destination=sample-entitlement.yaml

To export an entitlement with a name of sample-entitlement, in an organization with ID ORGANIZATION_ID, and in location global to a local YAML file named sample-entitlement.yaml, run:

gcloud alpha pam entitlements export sample-entitlement --organization=ORGANIZATION_ID --location=global --destination=sample-entitlement.yaml
GCLOUD WIDE FLAGS
These flags are available to all commands: --help.

Run $ gcloud help for details.

COMMANDS
COMMAND is one of the following:
create
(ALPHA) Create a new Privileged Access Manager (PAM) entitlement.
delete
(ALPHA) Delete a Privileged Access Manager (PAM) entitlement.
describe
(ALPHA) Show details of a Privileged Access Manager (PAM) entitlement.
export
(ALPHA) Export a Privileged Access Manager (PAM) entitlement into a local YAML file.
list
(ALPHA) List all Privileged Access Manager (PAM) entitlements under a parent.
(ALPHA) Search and list all Privileged Access Manager (PAM) entitlements in a parent for which you are a requester/approver.
update
(ALPHA) Update an existing Privileged Access Manager (PAM) entitlement.
NOTES
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:
gcloud pam entitlements
gcloud beta pam entitlements