Principal Identifers¶
Overview¶
Follow is the core concept for IAM in Google Cloud Platform. This help to programmatically identifiers of principals that used in IAM policy and roles.
Principal Identifiers¶
Table of Principal Identifiers¶
| Principal Identifier | Description |
|---|---|
user:{USER_EMAIL} | A Google Account user identified by email. |
serviceAccount:{SERVICE_ACCOUNT_EMAIL} | A service account identified by email. |
group:{GROUP_EMAIL} | A Google Group identified by email. |
domain:{DOMAIN_NAME} | A Google Workspace domain identified by name. |
allAuthenticatedUsers | All principals authenticated with Google. |
allUsers | All principals, both authenticated and unauthenticated. |