gcloud beta pam grants revoke

NAME
gcloud beta pam grants revoke - revoke a Privileged Access Manager grant
SYNOPSIS
gcloud beta pam grants revoke (GRANT : --entitlement=ENTITLEMENT --folder=FOLDER --location=LOCATION --organization=ORGANIZATION) [--async] [--reason=REASON] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(BETA) Revoke a Privileged Access Manager (PAM) grant with a reason.
EXAMPLES
The following command revokes a grant with the full name GRANT_NAME and a reason of revoke reason: 
gcloud beta pam grants revoke GRANT_NAME --reason="revoke reason"
POSITIONAL ARGUMENTS
Grant resource - Name of the grant to revoke. The arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

To set the project attribute:

  • provide the argument grant on the command line with a fully specified name;
  • provide the argument --project on the command line;
  • set the property core/project. This resource can be one of the following types: [privilegedaccessmanager.projects.locations.entitlements.grants, privilegedaccessmanager.folders.locations.entitlements.grants, privilegedaccessmanager.organizations.locations.entitlements.grants].

This must be specified.

GRANT
ID of the grant or fully qualified identifier for the grant.

To set the grant attribute:

  • provide the argument grant on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--entitlement=ENTITLEMENT
The entitlement id

To set the entitlement attribute:

  • provide the argument grant on the command line with a fully specified name;
  • provide the argument --entitlement on the command line.
--folder=FOLDER
The name of the folder

To set the folder attribute:

  • provide the argument grant on the command line with a fully specified name;
  • provide the argument --folder on the command line. Must be specified for resource of type [privilegedaccessmanager.folders.locations.entitlements.grants].
--location=LOCATION
The resource location

To set the location attribute:

  • provide the argument grant on the command line with a fully specified name;
  • provide the argument --location on the command line.
--organization=ORGANIZATION
The name of the organization

To set the organization attribute:

  • provide the argument grant on the command line with a fully specified name;
  • provide the argument --organization on the command line. Must be specified for resource of type [privilegedaccessmanager.organizations.locations.entitlements.grants].
FLAGS
--async
Return immediately, without waiting for the operation in progress to complete.
--reason=REASON
Reason for revoking the grant.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

API REFERENCE
This command uses the privilegedaccessmanager/v1beta API. The full documentation for this API can be found at: https://cloud.google.com/iam/docs/pam-overview
NOTES
This command is currently in beta and might change without notice. These variants are also available: 
gcloud pam grants revoke
 
gcloud alpha pam grants revoke