Subject

A subject is the entity that gets a role assigned to it on a resource. A subject can be a user or a service account.

Subjects don't have to be created explicitly. They are created implicitly when they get assigned as a member to a resource or become part of a group.