zed permission expand <permission> <resource:id> [flags]

      --consistency-at-exactly string   evaluate at the provided zedtoken
      --consistency-at-least string     evaluate at least as consistent as the provided zedtoken
      --consistency-full                evaluate at the newest zedtoken in the database
      --consistency-min-latency         evaluate at the zedtoken preferred by the database
  -h, --help                            help for expand
      --json                            output as JSON
      --revision string                 optional revision at which to check

      --certificate-path string     path to certificate authority used to verify secure connections
      --endpoint string             spicedb gRPC API endpoint
      --hostname-override string    override the hostname used in the connection to the endpoint
      --insecure                    connect over a plaintext connection
      --log-format string           format of logs ("auto", "console", "json") (default "auto")
      --log-level string            verbosity of logging ("trace", "debug", "info", "warn", "error") (default "info")
      --max-message-size int        maximum size *in bytes* (defaults to 4_194_304 bytes ~= 4MB) of a gRPC message that can be sent or received by zed
      --no-verify-ca                do not attempt to verify the server's certificate chain and host name
      --permissions-system string   permissions system to query
      --request-id string           optional id to send along with SpiceDB requests for tracing
      --skip-version-check          if true, no version check is performed against the server
      --token string                token used to authenticate to SpiceDB