A Principal represents something to which permissions are assigned, often but not always a user or group of some kind. It is most appropriate for use in ACLs and authorization checks. Callers should prefer to use the wrapper classes in google3/security/credentials/public/principal.h google3/java/com/google/security/credentials/Principal.java google3/security/credentials/go/principal.go unless direct proto access is essential. If you update this protocol buffer, please update the wrapper classes as well. LINT.IfChange

Attributes

• allAuthenticatedUsers (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsAllAuthenticatedUsersProto.t, default: nil) - scope = ALL_AUTHENTICATED_USERS
• capTokenHolder (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsCapTokenHolderProto.t, default: nil) - scope = CAP_TOKEN_HOLDER
• chat (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsChatProto.t, default: nil) - scope = CHAT
• circle (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsCircleProto.t, default: nil) - scope = CIRCLE
• cloudPrincipal (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsCloudPrincipalProto.t, default: nil) - scope = CLOUD_PRINCIPAL
• contactGroup (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsContactGroupProto.t, default: nil) - scope = CONTACT_GROUP
• emailOwner (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsEmailOwnerProto.t, default: nil) - scope = EMAIL_OWNER
• event (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsEventProto.t, default: nil) - scope = EVENT
• gaiaGroup (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsGaiaGroupProto.t, default: nil) - scope = GAIA_GROUP
• gaiaUser (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsGaiaUserProto.t, default: nil) - scope = GAIA_USER
• host (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsHostProto.t, default: nil) - scope = HOST
• ldapGroup (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsLdapGroupProto.t, default: nil) - scope = LDAP_GROUP
• ldapUser (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsLdapUserProto.t, default: nil) - scope = LDAP_USER
• mdbGroup (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsMdbGroupProto.t, default: nil) - scope = MDB_GROUP
• mdbUser (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsMdbUserProto.t, default: nil) - scope = MDB_USER
• oauthConsumer (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsOAuthConsumerProto.t, default: nil) - scope = OAUTH_CONSUMER;
• postiniUser (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsPostiniUserProto.t, default: nil) - scope = POSTINI_USER
• rbacRole (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsRbacRoleProto.t, default: nil) - scope = RBAC_ROLE
• rbacSubject (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsRbacSubjectProto.t, default: nil) - scope = RBAC_SUBJECT
• resourceRole (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsResourceRoleProto.t, default: nil) - scope = RESOURCE_ROLE
• scope (type: String.t, default: nil) - This is only optional because required enums cannot be extended. Currently required.
• signingKeyPossessor (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsSigningKeyPossessorProto.t, default: nil) - scope = SIGNING_KEY_POSSESSOR
• simpleSecretHolder (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsSimpleSecretHolderProto.t, default: nil) - scope = SIMPLE_SECRET_HOLDER
• socialGraphNode (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsSocialGraphNodeProto.t, default: nil) - scope = SOCIAL_GRAPH_NODE
• square (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsSquareProto.t, default: nil) - scope = SQUARE
• youtubeUser (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsYoutubeUserProto.t, default: nil) - scope = YOUTUBE_USER
• zwiebackSession (type: GoogleApi.ContentWarehouse.V1.Model.SecurityCredentialsZwiebackSessionProto.t, default: nil) - scope = ZWIEBACK_SESSION