diff --git a/contrib/pg_tde/expected/access_control.out b/contrib/pg_tde/expected/access_control.out
index c6a5594bc9bf9..aba529c212fa3 100644
--- a/contrib/pg_tde/expected/access_control.out
+++ b/contrib/pg_tde/expected/access_control.out
@@ -19,6 +19,12 @@ SELECT pg_tde_grant_key_viewer_to_role('regress_pg_tde_access_control');
  
 (1 row)
 
+select pg_tde_grant_grant_management_to_role('regress_pg_tde_access_control');
+ pg_tde_grant_grant_management_to_role 
+---------------------------------------
+ 
+(1 row)
+
 SET ROLE regress_pg_tde_access_control;
 -- should now be allowed
 SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/pg_tde_test_keyring.per');
diff --git a/contrib/pg_tde/sql/access_control.sql b/contrib/pg_tde/sql/access_control.sql
index f992304b1b590..5aca3c6bdf001 100644
--- a/contrib/pg_tde/sql/access_control.sql
+++ b/contrib/pg_tde/sql/access_control.sql
@@ -12,6 +12,7 @@ RESET ROLE;
 
 SELECT pg_tde_grant_database_key_management_to_role('regress_pg_tde_access_control');
 SELECT pg_tde_grant_key_viewer_to_role('regress_pg_tde_access_control');
+SELECT pg_tde_grant_grant_management_to_role('regress_pg_tde_access_control');
 
 SET ROLE regress_pg_tde_access_control;