strongdm 16.14.0 → 16.17.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f1cb5b98d22a160cdb56417fc56de70c09a5a15bd5726ac20c442d911b1000da
-  data.tar.gz: 31821b46e8c479dd8c25d9709315e326a8ec40a6854bd57ab5274c37ea0166ef
+  metadata.gz: c61afd0bf1bdd9a76a3b7d47a2f48d01bef9e7e39f97c10d9863460258a9c81f
+  data.tar.gz: e8d637fdc27842b7c65a6aab2c13a5c93f75b03ac05465c534ddf42636a888d1
 SHA512:
-  metadata.gz: b61546fc9802d2aa2f992f73631165c55881666726a4c346a1f9bd17bb0977f057f1a2c2f044d07402980b83f717542e0467b669d906cca7c72b25c18931a0e8
-  data.tar.gz: 51a8f2282fce9c2962e8265469b6bbd13c54dd9958276699647c53fa9e87e61e026ba7297c5e3010e1af3ca2b0f9e7a7d8c0d49e2d0071faec931c0015319447
+  metadata.gz: fa0e5754e54a717ace0c4faedbe9517b4d76fffc08aa4e4e9cdafa92c106c3dada4ccdf9b43586eb584c58ae94ba4afb44feab12b4a918ea11dc7ae050d457df
+  data.tar.gz: fdec7043b1027fb4821f4830061fe93fd5c21f91c9adc133fa3f990860bf29571e2ab811877369bc2df020dd3b941db9f402ce71151f30b02757bf70cb3fb5f8

data/.git/ORIG_HEAD

@@ -1 +1 @@
-2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3
+3a90d7e58d3311757817bb558d755e7ee36528f3

data/.git/logs/HEAD

@@ -1,3 +1,3 @@
-0000000000000000000000000000000000000000 2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 root <root@e42767baa66c.(none)> 1772192857 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
-2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 root <root@e42767baa66c.(none)> 1772192857 +0000	checkout: moving from master to master
-2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 0c150dec9c7f8e236df4f8a65dc373193b73991f root <root@e42767baa66c.(none)> 1772192857 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 3a90d7e58d3311757817bb558d755e7ee36528f3 root <root@034e1c37c0a8.(none)> 1772738407 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+3a90d7e58d3311757817bb558d755e7ee36528f3 3a90d7e58d3311757817bb558d755e7ee36528f3 root <root@034e1c37c0a8.(none)> 1772738407 +0000	checkout: moving from master to master
+3a90d7e58d3311757817bb558d755e7ee36528f3 faf9218bcf932aa16115ce5bdad98cf7e1c26e35 root <root@034e1c37c0a8.(none)> 1772738407 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/heads/master

@@ -1,2 +1,2 @@
-0000000000000000000000000000000000000000 2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 root <root@e42767baa66c.(none)> 1772192857 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
-2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 0c150dec9c7f8e236df4f8a65dc373193b73991f root <root@e42767baa66c.(none)> 1772192857 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 3a90d7e58d3311757817bb558d755e7ee36528f3 root <root@034e1c37c0a8.(none)> 1772738407 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+3a90d7e58d3311757817bb558d755e7ee36528f3 faf9218bcf932aa16115ce5bdad98cf7e1c26e35 root <root@034e1c37c0a8.(none)> 1772738407 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/remotes/origin/HEAD

@@ -1 +1 @@
-0000000000000000000000000000000000000000 2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 root <root@e42767baa66c.(none)> 1772192857 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+0000000000000000000000000000000000000000 3a90d7e58d3311757817bb558d755e7ee36528f3 root <root@034e1c37c0a8.(none)> 1772738407 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git

data/.git/packed-refs

@@ -1,6 +1,6 @@
 # pack-refs with: peeled fully-peeled sorted 
-0c150dec9c7f8e236df4f8a65dc373193b73991f refs/remotes/origin/development
-2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 refs/remotes/origin/master
+faf9218bcf932aa16115ce5bdad98cf7e1c26e35 refs/remotes/origin/development
+3a90d7e58d3311757817bb558d755e7ee36528f3 refs/remotes/origin/master
 2e4fe8087177ddea9b3991ca499f758384839c89 refs/tags/untagged-84fd83a4484c785cce63
 04f604866214fab4d5663b5171a3e596331577bd refs/tags/v0.9.4
 6f9a7b75b345c65fb554884907b7060680c807b7 refs/tags/v0.9.5
@@ -143,6 +143,8 @@ c3b0eeef356ddf0cf408d1305fd766791121803f refs/tags/v15.46.0
 99fbe594d2068aedeaf1616d5dc24cdaa5674d55 refs/tags/v16.11.0
 2e067a01b90cfd6cce4b1bde6395a2f0019ef29e refs/tags/v16.12.0
 2021ebc52e6f975f3eedbd795c3a0a9dadc2caa3 refs/tags/v16.13.0
+0c150dec9c7f8e236df4f8a65dc373193b73991f refs/tags/v16.14.0
+3a90d7e58d3311757817bb558d755e7ee36528f3 refs/tags/v16.16.0
 3f2a99e1a4296cf5b4937d57b901051b9381c209 refs/tags/v16.3.0
 eb2c5388eb894fce71666148224e02d977c87baa refs/tags/v16.4.0
 6450bdc10119fb8a00123c4262d6f245a70ed06a refs/tags/v16.5.0

data/.git/refs/heads/master

@@ -1 +1 @@
-0c150dec9c7f8e236df4f8a65dc373193b73991f
+faf9218bcf932aa16115ce5bdad98cf7e1c26e35

data/lib/grpc/account_grants_pb.rb

@@ -65,6 +65,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :start_from, :message, 4, "google.protobuf.Timestamp"
       optional :valid_until, :message, 5, "google.protobuf.Timestamp"
       optional :access_rule, :string, 6
+      optional :access_request_id, :string, 7
     end
   end
 end

data/lib/grpc/authorization_policies_pb.rb

@@ -18,22 +18,80 @@
 require "google/protobuf"
 
 require "options_pb"
+require "spec_pb"
+require "tags_pb"
+require "resourcetypes_pb"
+require "location_enums_pb"
 
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("authorization_policies.proto", :syntax => :proto3) do
+    add_message "v1.AuthorizationPolicyCreateRequest" do
+      optional :meta, :message, 1, "v1.CreateRequestMetadata"
+      optional :authorization_policy, :message, 2, "v1.AuthorizationPolicy"
+    end
+    add_message "v1.AuthorizationPolicyCreateResponse" do
+      optional :meta, :message, 1, "v1.CreateResponseMetadata"
+      optional :authorization_policy, :message, 2, "v1.AuthorizationPolicy"
+      optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
+    end
+    add_message "v1.AuthorizationPolicyGetRequest" do
+      optional :meta, :message, 1, "v1.GetRequestMetadata"
+      optional :id, :string, 2
+    end
+    add_message "v1.AuthorizationPolicyGetResponse" do
+      optional :meta, :message, 1, "v1.GetResponseMetadata"
+      optional :authorization_policy, :message, 2, "v1.AuthorizationPolicy"
+      optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
+    end
+    add_message "v1.AuthorizationPolicyUpdateRequest" do
+      optional :meta, :message, 1, "v1.UpdateRequestMetadata"
+      optional :id, :string, 2
+      optional :authorization_policy, :message, 3, "v1.AuthorizationPolicy"
+    end
+    add_message "v1.AuthorizationPolicyUpdateResponse" do
+      optional :meta, :message, 1, "v1.UpdateResponseMetadata"
+      optional :authorization_policy, :message, 2, "v1.AuthorizationPolicy"
+      optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
+    end
+    add_message "v1.AuthorizationPolicyDeleteRequest" do
+      optional :meta, :message, 1, "v1.DeleteRequestMetadata"
+      optional :id, :string, 2
+    end
+    add_message "v1.AuthorizationPolicyDeleteResponse" do
+      optional :meta, :message, 1, "v1.DeleteResponseMetadata"
+      optional :rate_limit, :message, 2, "v1.RateLimitMetadata"
+    end
+    add_message "v1.AuthorizationPolicyListRequest" do
+      optional :meta, :message, 1, "v1.ListRequestMetadata"
+      optional :filter, :string, 2
+    end
+    add_message "v1.AuthorizationPolicyListResponse" do
+      optional :meta, :message, 1, "v1.ListResponseMetadata"
+      repeated :authorization_policies, :message, 2, "v1.AuthorizationPolicy"
+      optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
+    end
     add_message "v1.AuthorizationPolicy" do
       optional :id, :string, 1
       optional :name, :string, 2
       optional :description, :string, 3
       repeated :items, :message, 4, "v1.AuthorizationPolicyItem"
+      optional :state, :enum, 5, "v1.AuthorizationPolicyState"
     end
     add_message "v1.AuthorizationPolicyItem" do
-      oneof :item do
-        optional :principal_all, :message, 1, "v1.AuthorizationPolicyItemPrincipalAll"
-        optional :principal_by_ids, :message, 2, "v1.AuthorizationPolicyItemPrincipalByIds"
-        optional :resources_all, :message, 3, "v1.AuthorizationPolicyItemResourcesAll"
-        optional :resource_by_ids, :message, 4, "v1.AuthorizationPolicyItemResourceByIds"
-      end
+      optional :principal_all, :message, 1, "v1.AuthorizationPolicyItemPrincipalAll"
+      optional :principal_by_ids, :message, 2, "v1.AuthorizationPolicyItemPrincipalByIds"
+      optional :resources_all, :message, 3, "v1.AuthorizationPolicyItemResourcesAll"
+      optional :resource_by_ids, :message, 4, "v1.AuthorizationPolicyItemResourceByIds"
+      optional :resource_by_type_and_tags, :message, 5, "v1.AuthorizationPolicyItemResourceByTypeAndTags"
+      optional :resource_by_type_tags_and_kubernetes_groups, :message, 6, "v1.AuthorizationPolicyItemResourceByTypeTagsAndKubernetesGroups"
+      optional :resource_by_okta_with_groups, :message, 7, "v1.AuthorizationPolicyItemResourceByOktaWithGroups"
+      optional :resource_by_entra_with_groups, :message, 8, "v1.AuthorizationPolicyItemResourceByEntraWithGroups"
+      optional :condition_mfa, :message, 9, "v1.AuthorizationPolicyItemConditionMFA"
+      optional :condition_device_trust, :message, 10, "v1.AuthorizationPolicyItemConditionDeviceTrust"
+      optional :condition_location, :message, 11, "v1.AuthorizationPolicyItemConditionLocation"
+      optional :condition_ip, :message, 12, "v1.AuthorizationPolicyItemConditionIP"
+      optional :condition_time, :message, 13, "v1.AuthorizationPolicyItemConditionTime"
+      optional :condition_approval_flow, :message, 14, "v1.AuthorizationPolicyItemConditionApprovalFlow"
     end
     add_message "v1.AuthorizationPolicyItemPrincipalAll" do
     end
@@ -45,14 +103,186 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "v1.AuthorizationPolicyItemResourceByIds" do
       repeated :ids, :string, 1
     end
+    add_message "v1.AuthorizationPolicyItemResourceByTypeAndTags" do
+      optional :type, :enum, 1, "v1.ResourceType"
+      repeated :tags, :message, 2, "v1.Tag"
+    end
+    add_message "v1.AuthorizationPolicyItemResourceByTypeTagsAndKubernetesGroups" do
+      optional :type, :enum, 1, "v1.ResourceType"
+      repeated :tags, :message, 2, "v1.Tag"
+      repeated :kubernetes_groups, :string, 3
+    end
+    add_message "v1.AuthorizationPolicyItemResourceByOktaWithGroups" do
+      optional :id, :string, 1
+      repeated :groups, :string, 2
+    end
+    add_message "v1.AuthorizationPolicyItemResourceByEntraWithGroups" do
+      optional :id, :string, 1
+      repeated :groups, :string, 2
+    end
+    add_message "v1.AuthorizationPolicyItemConditionMFA" do
+      optional :reason, :string, 1
+      optional :cache_timeout_seconds, :int32, 2
+    end
+    add_message "v1.AuthorizationPolicyItemConditionDeviceTrust" do
+      optional :operator, :enum, 1, "v1.AuthorizationPolicyDeviceTrustOperator"
+      optional :level, :enum, 2, "v1.AuthorizationPolicyDeviceTrustLevel"
+    end
+    add_message "v1.AuthorizationPolicyItemConditionLocation" do
+      repeated :rules, :message, 1, "v1.AuthorizationPolicyLocationRule"
+    end
+    add_message "v1.AuthorizationPolicyLocationRule" do
+      oneof :rule do
+        optional :continent, :message, 1, "v1.AuthorizationPolicyContinentRule"
+        optional :country, :message, 2, "v1.AuthorizationPolicyCountryRule"
+        optional :subdivision, :message, 3, "v1.AuthorizationPolicySubdivisionRule"
+      end
+    end
+    add_message "v1.AuthorizationPolicyContinentRule" do
+      optional :operator, :enum, 1, "v1.LocationOperator"
+      repeated :continents, :enum, 2, "v1.LocationContinent"
+    end
+    add_message "v1.AuthorizationPolicyCountryRule" do
+      optional :operator, :enum, 1, "v1.LocationOperator"
+      repeated :countries, :enum, 2, "v1.LocationCountry"
+    end
+    add_message "v1.AuthorizationPolicySubdivisionRule" do
+      optional :operator, :enum, 1, "v1.LocationOperator"
+      repeated :subdivisions, :string, 2
+    end
+    add_message "v1.AuthorizationPolicyItemConditionIP" do
+      repeated :rules, :message, 1, "v1.AuthorizationPolicyIPRule"
+    end
+    add_message "v1.AuthorizationPolicyIPRule" do
+      optional :operator, :enum, 1, "v1.AuthorizationPolicyIPOperator"
+      optional :network, :enum, 2, "v1.AuthorizationPolicyIPNetwork"
+      optional :cidr, :string, 3
+    end
+    add_message "v1.AuthorizationPolicyItemConditionTime" do
+      repeated :rules, :message, 1, "v1.AuthorizationPolicyTimeRule"
+    end
+    add_message "v1.AuthorizationPolicyTimeRule" do
+      oneof :rule do
+        optional :day_of_week, :message, 1, "v1.AuthorizationPolicyTimeRuleDayOfWeek"
+        optional :time_of_day, :message, 2, "v1.AuthorizationPolicyTimeRuleTimeOfDay"
+        optional :month, :message, 3, "v1.AuthorizationPolicyTimeRuleMonth"
+        optional :days_of_month, :message, 4, "v1.AuthorizationPolicyTimeRuleDaysOfMonth"
+      end
+    end
+    add_message "v1.AuthorizationPolicyTimeRuleDayOfWeek" do
+      optional :operator, :enum, 1, "v1.AuthorizationPolicyTimeOperator"
+      repeated :days, :enum, 2, "v1.AuthorizationPolicyDayOfWeek"
+    end
+    add_message "v1.AuthorizationPolicyTimeRuleTimeOfDay" do
+      optional :start_hour, :int32, 1
+      optional :start_minutes, :int32, 2
+      optional :end_hour, :int32, 3
+      optional :end_minutes, :int32, 4
+    end
+    add_message "v1.AuthorizationPolicyTimeRuleMonth" do
+      repeated :months, :int32, 1
+    end
+    add_message "v1.AuthorizationPolicyTimeRuleDaysOfMonth" do
+      repeated :days, :int32, 1
+    end
+    add_message "v1.AuthorizationPolicyItemConditionApprovalFlow" do
+      optional :approval_flow_id, :string, 1
+    end
+    add_enum "v1.AuthorizationPolicyState" do
+      value :AUTHORIZATION_POLICY_STATE_UNSPECIFIED, 0
+      value :AUTHORIZATION_POLICY_STATE_ACTIVE, 1
+      value :AUTHORIZATION_POLICY_STATE_INACTIVE, 2
+    end
+    add_enum "v1.AuthorizationPolicyDeviceTrustOperator" do
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_OPERATOR_UNSPECIFIED, 0
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_OPERATOR_IS, 1
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_OPERATOR_IS_NOT, 2
+    end
+    add_enum "v1.AuthorizationPolicyDeviceTrustLevel" do
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_LEVEL_UNSPECIFIED, 0
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_LEVEL_HIGH, 1
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_LEVEL_LOW, 2
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_LEVEL_EXEMPT, 3
+      value :AUTHORIZATION_POLICY_DEVICE_TRUST_LEVEL_UNKNOWN, 4
+    end
+    add_enum "v1.LocationOperator" do
+      value :LOCATION_OPERATOR_UNSPECIFIED, 0
+      value :LOCATION_OPERATOR_IN, 1
+      value :LOCATION_OPERATOR_NOT_IN, 2
+    end
+    add_enum "v1.AuthorizationPolicyIPOperator" do
+      value :AUTHORIZATION_POLICY_IP_OPERATOR_UNSPECIFIED, 0
+      value :AUTHORIZATION_POLICY_IP_OPERATOR_IN, 1
+      value :AUTHORIZATION_POLICY_IP_OPERATOR_NOT_IN, 2
+      value :AUTHORIZATION_POLICY_IP_OPERATOR_EQUALS, 3
+    end
+    add_enum "v1.AuthorizationPolicyIPNetwork" do
+      value :AUTHORIZATION_POLICY_IP_NETWORK_UNSPECIFIED, 0
+      value :AUTHORIZATION_POLICY_IP_NETWORK_CLIENT_IP, 1
+      value :AUTHORIZATION_POLICY_IP_NETWORK_REQUEST_IP, 2
+      value :AUTHORIZATION_POLICY_IP_NETWORK_DESTINATION_IP, 3
+    end
+    add_enum "v1.AuthorizationPolicyTimeOperator" do
+      value :AUTHORIZATION_POLICY_TIME_OPERATOR_UNSPECIFIED, 0
+      value :AUTHORIZATION_POLICY_TIME_OPERATOR_IS, 1
+      value :AUTHORIZATION_POLICY_TIME_OPERATOR_IS_NOT, 2
+    end
+    add_enum "v1.AuthorizationPolicyDayOfWeek" do
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_UNSPECIFIED, 0
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_SUNDAY, 1
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_MONDAY, 2
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_TUESDAY, 3
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_WEDNESDAY, 4
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_THURSDAY, 5
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_FRIDAY, 6
+      value :AUTHORIZATION_POLICY_DAY_OF_WEEK_SATURDAY, 7
+    end
   end
 end
 
 module V1
+  AuthorizationPolicyCreateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyCreateRequest").msgclass
+  AuthorizationPolicyCreateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyCreateResponse").msgclass
+  AuthorizationPolicyGetRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyGetRequest").msgclass
+  AuthorizationPolicyGetResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyGetResponse").msgclass
+  AuthorizationPolicyUpdateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyUpdateRequest").msgclass
+  AuthorizationPolicyUpdateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyUpdateResponse").msgclass
+  AuthorizationPolicyDeleteRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyDeleteRequest").msgclass
+  AuthorizationPolicyDeleteResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyDeleteResponse").msgclass
+  AuthorizationPolicyListRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyListRequest").msgclass
+  AuthorizationPolicyListResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyListResponse").msgclass
   AuthorizationPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicy").msgclass
   AuthorizationPolicyItem = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItem").msgclass
   AuthorizationPolicyItemPrincipalAll = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemPrincipalAll").msgclass
   AuthorizationPolicyItemPrincipalByIds = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemPrincipalByIds").msgclass
   AuthorizationPolicyItemResourcesAll = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemResourcesAll").msgclass
   AuthorizationPolicyItemResourceByIds = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemResourceByIds").msgclass
+  AuthorizationPolicyItemResourceByTypeAndTags = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemResourceByTypeAndTags").msgclass
+  AuthorizationPolicyItemResourceByTypeTagsAndKubernetesGroups = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemResourceByTypeTagsAndKubernetesGroups").msgclass
+  AuthorizationPolicyItemResourceByOktaWithGroups = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemResourceByOktaWithGroups").msgclass
+  AuthorizationPolicyItemResourceByEntraWithGroups = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemResourceByEntraWithGroups").msgclass
+  AuthorizationPolicyItemConditionMFA = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemConditionMFA").msgclass
+  AuthorizationPolicyItemConditionDeviceTrust = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemConditionDeviceTrust").msgclass
+  AuthorizationPolicyItemConditionLocation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemConditionLocation").msgclass
+  AuthorizationPolicyLocationRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyLocationRule").msgclass
+  AuthorizationPolicyContinentRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyContinentRule").msgclass
+  AuthorizationPolicyCountryRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyCountryRule").msgclass
+  AuthorizationPolicySubdivisionRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicySubdivisionRule").msgclass
+  AuthorizationPolicyItemConditionIP = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemConditionIP").msgclass
+  AuthorizationPolicyIPRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyIPRule").msgclass
+  AuthorizationPolicyItemConditionTime = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemConditionTime").msgclass
+  AuthorizationPolicyTimeRule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyTimeRule").msgclass
+  AuthorizationPolicyTimeRuleDayOfWeek = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyTimeRuleDayOfWeek").msgclass
+  AuthorizationPolicyTimeRuleTimeOfDay = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyTimeRuleTimeOfDay").msgclass
+  AuthorizationPolicyTimeRuleMonth = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyTimeRuleMonth").msgclass
+  AuthorizationPolicyTimeRuleDaysOfMonth = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyTimeRuleDaysOfMonth").msgclass
+  AuthorizationPolicyItemConditionApprovalFlow = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyItemConditionApprovalFlow").msgclass
+  AuthorizationPolicyState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyState").enummodule
+  AuthorizationPolicyDeviceTrustOperator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyDeviceTrustOperator").enummodule
+  AuthorizationPolicyDeviceTrustLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyDeviceTrustLevel").enummodule
+  LocationOperator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.LocationOperator").enummodule
+  AuthorizationPolicyIPOperator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyIPOperator").enummodule
+  AuthorizationPolicyIPNetwork = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyIPNetwork").enummodule
+  AuthorizationPolicyTimeOperator = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyTimeOperator").enummodule
+  AuthorizationPolicyDayOfWeek = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.AuthorizationPolicyDayOfWeek").enummodule
 end

data/lib/grpc/authorization_policies_services_pb.rb

@@ -0,0 +1,49 @@
+# Copyright 2020 StrongDM Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: authorization_policies.proto for package 'v1'
+
+require "grpc"
+require "authorization_policies_pb"
+
+module V1
+  module AuthorizationPolicies
+    # ───────────────────────────────────────────────────────────────────
+    # Service
+    # ───────────────────────────────────────────────────────────────────
+    #
+    # AuthorizationPolicies provides CRUD operations for authorization policies.
+    class Service
+      include ::GRPC::GenericService
+
+      self.marshal_class_method = :encode
+      self.unmarshal_class_method = :decode
+      self.service_name = "v1.AuthorizationPolicies"
+
+      # Create creates a new AuthorizationPolicy.
+      rpc :Create, ::V1::AuthorizationPolicyCreateRequest, ::V1::AuthorizationPolicyCreateResponse
+      # Get reads one AuthorizationPolicy by ID.
+      rpc :Get, ::V1::AuthorizationPolicyGetRequest, ::V1::AuthorizationPolicyGetResponse
+      # Update replaces all fields of an existing AuthorizationPolicy.
+      rpc :Update, ::V1::AuthorizationPolicyUpdateRequest, ::V1::AuthorizationPolicyUpdateResponse
+      # Delete removes an existing AuthorizationPolicy by ID.
+      rpc :Delete, ::V1::AuthorizationPolicyDeleteRequest, ::V1::AuthorizationPolicyDeleteResponse
+      # List gets a list of AuthorizationPolicies matching a given set of criteria.
+      rpc :List, ::V1::AuthorizationPolicyListRequest, ::V1::AuthorizationPolicyListResponse
+    end
+
+    Stub = Service.rpc_stub_class
+  end
+end

data/lib/grpc/drivers_pb.rb

@@ -97,6 +97,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
         optional :kubernetes_user_impersonation, :message, 812, "v1.KubernetesUserImpersonation"
         optional :mcp, :message, 4700, "v1.MCP"
         optional :mcpdcr, :message, 4701, "v1.MCPDCR"
+        optional :mcp_gateway_no_auth, :message, 4703, "v1.MCPGatewayNoAuth"
+        optional :mcp_gateway_pat, :message, 4702, "v1.MCPGatewayPAT"
         optional :mtls_mysql, :message, 1106, "v1.MTLSMysql"
         optional :mtls_postgres, :message, 1306, "v1.MTLSPostgres"
         optional :maria, :message, 1103, "v1.Maria"
@@ -1435,6 +1437,33 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :oauth_token_endpoint, :string, 9
       optional :port_override, :int32, 4
     end
+    add_message "v1.MCPGatewayNoAuth" do
+      optional :id, :string, 32768
+      optional :name, :string, 32769
+      optional :healthy, :bool, 32770
+      optional :tags, :message, 32771, "v1.Tags"
+      optional :secret_store_id, :string, 32772
+      optional :egress_filter, :string, 32773
+      optional :bind_interface, :string, 32774
+      optional :proxy_cluster_id, :string, 32776
+      optional :subdomain, :string, 32775
+      optional :hostname, :string, 1
+      optional :port_override, :int32, 4
+    end
+    add_message "v1.MCPGatewayPAT" do
+      optional :id, :string, 32768
+      optional :name, :string, 32769
+      optional :healthy, :bool, 32770
+      optional :tags, :message, 32771, "v1.Tags"
+      optional :secret_store_id, :string, 32772
+      optional :egress_filter, :string, 32773
+      optional :bind_interface, :string, 32774
+      optional :proxy_cluster_id, :string, 32776
+      optional :subdomain, :string, 32775
+      optional :hostname, :string, 1
+      optional :password, :string, 2
+      optional :port_override, :int32, 4
+    end
     add_message "v1.MTLSMysql" do
       optional :id, :string, 32768
       optional :name, :string, 32769
@@ -2301,6 +2330,8 @@ module V1
   KubernetesUserImpersonation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.KubernetesUserImpersonation").msgclass
   MCP = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.MCP").msgclass
   MCPDCR = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.MCPDCR").msgclass
+  MCPGatewayNoAuth = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.MCPGatewayNoAuth").msgclass
+  MCPGatewayPAT = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.MCPGatewayPAT").msgclass
   MTLSMysql = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.MTLSMysql").msgclass
   MTLSPostgres = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.MTLSPostgres").msgclass
   Maria = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.Maria").msgclass

data/lib/grpc/location_enums_pb.rb

@@ -0,0 +1,292 @@
+# Copyright 2020 StrongDM Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: location_enums.proto
+
+require "google/protobuf"
+
+require "options_pb"
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("location_enums.proto", :syntax => :proto3) do
+    add_enum "v1.LocationContinent" do
+      value :LOCATION_CONTINENT_UNSPECIFIED, 0
+      value :LOCATION_CONTINENT_AF, 1
+      value :LOCATION_CONTINENT_AN, 2
+      value :LOCATION_CONTINENT_AS, 3
+      value :LOCATION_CONTINENT_EU, 4
+      value :LOCATION_CONTINENT_NA, 5
+      value :LOCATION_CONTINENT_OC, 6
+      value :LOCATION_CONTINENT_SA, 7
+    end
+    add_enum "v1.LocationCountry" do
+      value :LOCATION_COUNTRY_UNSPECIFIED, 0
+      value :LOCATION_COUNTRY_AD, 1
+      value :LOCATION_COUNTRY_AE, 2
+      value :LOCATION_COUNTRY_AF, 3
+      value :LOCATION_COUNTRY_AG, 4
+      value :LOCATION_COUNTRY_AI, 5
+      value :LOCATION_COUNTRY_AL, 6
+      value :LOCATION_COUNTRY_AM, 7
+      value :LOCATION_COUNTRY_AO, 8
+      value :LOCATION_COUNTRY_AQ, 9
+      value :LOCATION_COUNTRY_AR, 10
+      value :LOCATION_COUNTRY_AS, 11
+      value :LOCATION_COUNTRY_AT, 12
+      value :LOCATION_COUNTRY_AU, 13
+      value :LOCATION_COUNTRY_AW, 14
+      value :LOCATION_COUNTRY_AX, 15
+      value :LOCATION_COUNTRY_AZ, 16
+      value :LOCATION_COUNTRY_BA, 17
+      value :LOCATION_COUNTRY_BB, 18
+      value :LOCATION_COUNTRY_BD, 19
+      value :LOCATION_COUNTRY_BE, 20
+      value :LOCATION_COUNTRY_BF, 21
+      value :LOCATION_COUNTRY_BG, 22
+      value :LOCATION_COUNTRY_BH, 23
+      value :LOCATION_COUNTRY_BI, 24
+      value :LOCATION_COUNTRY_BJ, 25
+      value :LOCATION_COUNTRY_BL, 26
+      value :LOCATION_COUNTRY_BM, 27
+      value :LOCATION_COUNTRY_BN, 28
+      value :LOCATION_COUNTRY_BO, 29
+      value :LOCATION_COUNTRY_BQ, 30
+      value :LOCATION_COUNTRY_BR, 31
+      value :LOCATION_COUNTRY_BS, 32
+      value :LOCATION_COUNTRY_BT, 33
+      value :LOCATION_COUNTRY_BV, 34
+      value :LOCATION_COUNTRY_BW, 35
+      value :LOCATION_COUNTRY_BY, 36
+      value :LOCATION_COUNTRY_BZ, 37
+      value :LOCATION_COUNTRY_CA, 38
+      value :LOCATION_COUNTRY_CC, 39
+      value :LOCATION_COUNTRY_CD, 40
+      value :LOCATION_COUNTRY_CF, 41
+      value :LOCATION_COUNTRY_CG, 42
+      value :LOCATION_COUNTRY_CH, 43
+      value :LOCATION_COUNTRY_CI, 44
+      value :LOCATION_COUNTRY_CK, 45
+      value :LOCATION_COUNTRY_CL, 46
+      value :LOCATION_COUNTRY_CM, 47
+      value :LOCATION_COUNTRY_CN, 48
+      value :LOCATION_COUNTRY_CO, 49
+      value :LOCATION_COUNTRY_CR, 50
+      value :LOCATION_COUNTRY_CU, 51
+      value :LOCATION_COUNTRY_CV, 52
+      value :LOCATION_COUNTRY_CW, 53
+      value :LOCATION_COUNTRY_CX, 54
+      value :LOCATION_COUNTRY_CY, 55
+      value :LOCATION_COUNTRY_CZ, 56
+      value :LOCATION_COUNTRY_DE, 57
+      value :LOCATION_COUNTRY_DJ, 58
+      value :LOCATION_COUNTRY_DK, 59
+      value :LOCATION_COUNTRY_DM, 60
+      value :LOCATION_COUNTRY_DO, 61
+      value :LOCATION_COUNTRY_DZ, 62
+      value :LOCATION_COUNTRY_EC, 63
+      value :LOCATION_COUNTRY_EE, 64
+      value :LOCATION_COUNTRY_EG, 65
+      value :LOCATION_COUNTRY_EH, 66
+      value :LOCATION_COUNTRY_ER, 67
+      value :LOCATION_COUNTRY_ES, 68
+      value :LOCATION_COUNTRY_ET, 69
+      value :LOCATION_COUNTRY_FI, 70
+      value :LOCATION_COUNTRY_FJ, 71
+      value :LOCATION_COUNTRY_FK, 72
+      value :LOCATION_COUNTRY_FM, 73
+      value :LOCATION_COUNTRY_FO, 74
+      value :LOCATION_COUNTRY_FR, 75
+      value :LOCATION_COUNTRY_GA, 76
+      value :LOCATION_COUNTRY_GB, 77
+      value :LOCATION_COUNTRY_GD, 78
+      value :LOCATION_COUNTRY_GE, 79
+      value :LOCATION_COUNTRY_GF, 80
+      value :LOCATION_COUNTRY_GG, 81
+      value :LOCATION_COUNTRY_GH, 82
+      value :LOCATION_COUNTRY_GI, 83
+      value :LOCATION_COUNTRY_GL, 84
+      value :LOCATION_COUNTRY_GM, 85
+      value :LOCATION_COUNTRY_GN, 86
+      value :LOCATION_COUNTRY_GP, 87
+      value :LOCATION_COUNTRY_GQ, 88
+      value :LOCATION_COUNTRY_GR, 89
+      value :LOCATION_COUNTRY_GS, 90
+      value :LOCATION_COUNTRY_GT, 91
+      value :LOCATION_COUNTRY_GU, 92
+      value :LOCATION_COUNTRY_GW, 93
+      value :LOCATION_COUNTRY_GY, 94
+      value :LOCATION_COUNTRY_HK, 95
+      value :LOCATION_COUNTRY_HM, 96
+      value :LOCATION_COUNTRY_HN, 97
+      value :LOCATION_COUNTRY_HR, 98
+      value :LOCATION_COUNTRY_HT, 99
+      value :LOCATION_COUNTRY_HU, 100
+      value :LOCATION_COUNTRY_ID, 101
+      value :LOCATION_COUNTRY_IE, 102
+      value :LOCATION_COUNTRY_IL, 103
+      value :LOCATION_COUNTRY_IM, 104
+      value :LOCATION_COUNTRY_IN, 105
+      value :LOCATION_COUNTRY_IO, 106
+      value :LOCATION_COUNTRY_IQ, 107
+      value :LOCATION_COUNTRY_IR, 108
+      value :LOCATION_COUNTRY_IS, 109
+      value :LOCATION_COUNTRY_IT, 110
+      value :LOCATION_COUNTRY_JE, 111
+      value :LOCATION_COUNTRY_JM, 112
+      value :LOCATION_COUNTRY_JO, 113
+      value :LOCATION_COUNTRY_JP, 114
+      value :LOCATION_COUNTRY_KE, 115
+      value :LOCATION_COUNTRY_KG, 116
+      value :LOCATION_COUNTRY_KH, 117
+      value :LOCATION_COUNTRY_KI, 118
+      value :LOCATION_COUNTRY_KM, 119
+      value :LOCATION_COUNTRY_KN, 120
+      value :LOCATION_COUNTRY_KP, 121
+      value :LOCATION_COUNTRY_KR, 122
+      value :LOCATION_COUNTRY_KW, 123
+      value :LOCATION_COUNTRY_KY, 124
+      value :LOCATION_COUNTRY_KZ, 125
+      value :LOCATION_COUNTRY_LA, 126
+      value :LOCATION_COUNTRY_LB, 127
+      value :LOCATION_COUNTRY_LC, 128
+      value :LOCATION_COUNTRY_LI, 129
+      value :LOCATION_COUNTRY_LK, 130
+      value :LOCATION_COUNTRY_LR, 131
+      value :LOCATION_COUNTRY_LS, 132
+      value :LOCATION_COUNTRY_LT, 133
+      value :LOCATION_COUNTRY_LU, 134
+      value :LOCATION_COUNTRY_LV, 135
+      value :LOCATION_COUNTRY_LY, 136
+      value :LOCATION_COUNTRY_MA, 137
+      value :LOCATION_COUNTRY_MC, 138
+      value :LOCATION_COUNTRY_MD, 139
+      value :LOCATION_COUNTRY_ME, 140
+      value :LOCATION_COUNTRY_MF, 141
+      value :LOCATION_COUNTRY_MG, 142
+      value :LOCATION_COUNTRY_MH, 143
+      value :LOCATION_COUNTRY_MK, 144
+      value :LOCATION_COUNTRY_ML, 145
+      value :LOCATION_COUNTRY_MM, 146
+      value :LOCATION_COUNTRY_MN, 147
+      value :LOCATION_COUNTRY_MO, 148
+      value :LOCATION_COUNTRY_MP, 149
+      value :LOCATION_COUNTRY_MQ, 150
+      value :LOCATION_COUNTRY_MR, 151
+      value :LOCATION_COUNTRY_MS, 152
+      value :LOCATION_COUNTRY_MT, 153
+      value :LOCATION_COUNTRY_MU, 154
+      value :LOCATION_COUNTRY_MV, 155
+      value :LOCATION_COUNTRY_MW, 156
+      value :LOCATION_COUNTRY_MX, 157
+      value :LOCATION_COUNTRY_MY, 158
+      value :LOCATION_COUNTRY_MZ, 159
+      value :LOCATION_COUNTRY_NA, 160
+      value :LOCATION_COUNTRY_NC, 161
+      value :LOCATION_COUNTRY_NE, 162
+      value :LOCATION_COUNTRY_NF, 163
+      value :LOCATION_COUNTRY_NG, 164
+      value :LOCATION_COUNTRY_NI, 165
+      value :LOCATION_COUNTRY_NL, 166
+      value :LOCATION_COUNTRY_NO, 167
+      value :LOCATION_COUNTRY_NP, 168
+      value :LOCATION_COUNTRY_NR, 169
+      value :LOCATION_COUNTRY_NU, 170
+      value :LOCATION_COUNTRY_NZ, 171
+      value :LOCATION_COUNTRY_OM, 172
+      value :LOCATION_COUNTRY_PA, 173
+      value :LOCATION_COUNTRY_PE, 174
+      value :LOCATION_COUNTRY_PF, 175
+      value :LOCATION_COUNTRY_PG, 176
+      value :LOCATION_COUNTRY_PH, 177
+      value :LOCATION_COUNTRY_PK, 178
+      value :LOCATION_COUNTRY_PL, 179
+      value :LOCATION_COUNTRY_PM, 180
+      value :LOCATION_COUNTRY_PN, 181
+      value :LOCATION_COUNTRY_PR, 182
+      value :LOCATION_COUNTRY_PS, 183
+      value :LOCATION_COUNTRY_PT, 184
+      value :LOCATION_COUNTRY_PW, 185
+      value :LOCATION_COUNTRY_PY, 186
+      value :LOCATION_COUNTRY_QA, 187
+      value :LOCATION_COUNTRY_RE, 188
+      value :LOCATION_COUNTRY_RO, 189
+      value :LOCATION_COUNTRY_RS, 190
+      value :LOCATION_COUNTRY_RU, 191
+      value :LOCATION_COUNTRY_RW, 192
+      value :LOCATION_COUNTRY_SA, 193
+      value :LOCATION_COUNTRY_SB, 194
+      value :LOCATION_COUNTRY_SC, 195
+      value :LOCATION_COUNTRY_SD, 196
+      value :LOCATION_COUNTRY_SE, 197
+      value :LOCATION_COUNTRY_SG, 198
+      value :LOCATION_COUNTRY_SH, 199
+      value :LOCATION_COUNTRY_SI, 200
+      value :LOCATION_COUNTRY_SJ, 201
+      value :LOCATION_COUNTRY_SK, 202
+      value :LOCATION_COUNTRY_SL, 203
+      value :LOCATION_COUNTRY_SM, 204
+      value :LOCATION_COUNTRY_SN, 205
+      value :LOCATION_COUNTRY_SO, 206
+      value :LOCATION_COUNTRY_SR, 207
+      value :LOCATION_COUNTRY_SS, 208
+      value :LOCATION_COUNTRY_ST, 209
+      value :LOCATION_COUNTRY_SV, 210
+      value :LOCATION_COUNTRY_SX, 211
+      value :LOCATION_COUNTRY_SY, 212
+      value :LOCATION_COUNTRY_SZ, 213
+      value :LOCATION_COUNTRY_TC, 214
+      value :LOCATION_COUNTRY_TD, 215
+      value :LOCATION_COUNTRY_TF, 216
+      value :LOCATION_COUNTRY_TG, 217
+      value :LOCATION_COUNTRY_TH, 218
+      value :LOCATION_COUNTRY_TJ, 219
+      value :LOCATION_COUNTRY_TK, 220
+      value :LOCATION_COUNTRY_TL, 221
+      value :LOCATION_COUNTRY_TM, 222
+      value :LOCATION_COUNTRY_TN, 223
+      value :LOCATION_COUNTRY_TO, 224
+      value :LOCATION_COUNTRY_TR, 225
+      value :LOCATION_COUNTRY_TT, 226
+      value :LOCATION_COUNTRY_TV, 227
+      value :LOCATION_COUNTRY_TW, 228
+      value :LOCATION_COUNTRY_TZ, 229
+      value :LOCATION_COUNTRY_UA, 230
+      value :LOCATION_COUNTRY_UG, 231
+      value :LOCATION_COUNTRY_UM, 232
+      value :LOCATION_COUNTRY_US, 233
+      value :LOCATION_COUNTRY_UY, 234
+      value :LOCATION_COUNTRY_UZ, 235
+      value :LOCATION_COUNTRY_VA, 236
+      value :LOCATION_COUNTRY_VC, 237
+      value :LOCATION_COUNTRY_VE, 238
+      value :LOCATION_COUNTRY_VG, 239
+      value :LOCATION_COUNTRY_VI, 240
+      value :LOCATION_COUNTRY_VN, 241
+      value :LOCATION_COUNTRY_VU, 242
+      value :LOCATION_COUNTRY_WF, 243
+      value :LOCATION_COUNTRY_WS, 244
+      value :LOCATION_COUNTRY_YE, 245
+      value :LOCATION_COUNTRY_YT, 246
+      value :LOCATION_COUNTRY_ZA, 247
+      value :LOCATION_COUNTRY_ZM, 248
+      value :LOCATION_COUNTRY_ZW, 249
+    end
+  end
+end
+
+module V1
+  LocationContinent = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.LocationContinent").enummodule
+  LocationCountry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.LocationCountry").enummodule
+end

data/lib/grpc/plumbing.rb

@@ -44,6 +44,8 @@ require_relative "./approval_workflow_steps_pb"
 require_relative "./approval_workflow_steps_history_pb"
 require_relative "./approval_workflows_pb"
 require_relative "./approval_workflows_history_pb"
+require_relative "./resourcetypes_pb"
+require_relative "./location_enums_pb"
 require_relative "./authorization_policies_pb"
 require_relative "./control_panel_pb"
 require_relative "./discovery_connectors_pb"
@@ -79,7 +81,6 @@ require_relative "./remote_identity_groups_history_pb"
 require_relative "./replays_pb"
 require_relative "./resources_pb"
 require_relative "./resources_history_pb"
-require_relative "./resourcetypes_pb"
 require_relative "./role_resources_pb"
 require_relative "./role_resources_history_pb"
 require_relative "./roles_history_pb"
@@ -385,6 +386,10 @@ module SDM
         return SDM::ResourceType::RESOURCE_TYPE_MCP
       when V1::ResourceType::RESOURCE_TYPE_MCPDCR
         return SDM::ResourceType::RESOURCE_TYPE_MCPDCR
+      when V1::ResourceType::RESOURCE_TYPE_MCP_NO_AUTH
+        return SDM::ResourceType::RESOURCE_TYPE_MCP_NO_AUTH
+      when V1::ResourceType::RESOURCE_TYPE_MCPPAT
+        return SDM::ResourceType::RESOURCE_TYPE_MCPPAT
       when V1::ResourceType::RESOURCE_TYPE_MTLS_MY_SQL
         return SDM::ResourceType::RESOURCE_TYPE_MTLS_MY_SQL
       when V1::ResourceType::RESOURCE_TYPE_MTLS_POSTGRES
@@ -639,6 +644,10 @@ module SDM
         value = V1::ResourceType::RESOURCE_TYPE_MCP
       when SDM::ResourceType::RESOURCE_TYPE_MCPDCR, "RESOURCE_TYPE_MCPDCR"
         value = V1::ResourceType::RESOURCE_TYPE_MCPDCR
+      when SDM::ResourceType::RESOURCE_TYPE_MCP_NO_AUTH, "RESOURCE_TYPE_MCP_NO_AUTH"
+        value = V1::ResourceType::RESOURCE_TYPE_MCP_NO_AUTH
+      when SDM::ResourceType::RESOURCE_TYPE_MCPPAT, "RESOURCE_TYPE_MCPPAT"
+        value = V1::ResourceType::RESOURCE_TYPE_MCPPAT
       when SDM::ResourceType::RESOURCE_TYPE_MTLS_MY_SQL, "RESOURCE_TYPE_MTLS_MY_SQL"
         value = V1::ResourceType::RESOURCE_TYPE_MTLS_MY_SQL
       when SDM::ResourceType::RESOURCE_TYPE_MTLS_POSTGRES, "RESOURCE_TYPE_MTLS_POSTGRES"
@@ -2192,6 +2201,7 @@ module SDM
         return nil
       end
       porcelain = AccountGrant.new()
+      porcelain.access_request_id = (plumbing.access_request_id)
       porcelain.access_rule = convert_access_rule_to_porcelain(plumbing.access_rule)
       porcelain.account_id = (plumbing.account_id)
       porcelain.id = (plumbing.id)
@@ -2206,6 +2216,7 @@ module SDM
         return nil
       end
       plumbing = V1::AccountGrant.new()
+      plumbing.access_request_id = (porcelain.access_request_id)
       plumbing.access_rule = convert_access_rule_to_plumbing(porcelain.access_rule)
       plumbing.account_id = (porcelain.account_id)
       plumbing.id = (porcelain.id)
@@ -11210,6 +11221,116 @@ module SDM
       end
       items
     end
+    def self.convert_mcp_gateway_no_auth_to_porcelain(plumbing)
+      if plumbing == nil
+        return nil
+      end
+      porcelain = MCPGatewayNoAuth.new()
+      porcelain.bind_interface = (plumbing.bind_interface)
+      porcelain.egress_filter = (plumbing.egress_filter)
+      porcelain.healthy = (plumbing.healthy)
+      porcelain.hostname = (plumbing.hostname)
+      porcelain.id = (plumbing.id)
+      porcelain.name = (plumbing.name)
+      porcelain.port_override = (plumbing.port_override)
+      porcelain.proxy_cluster_id = (plumbing.proxy_cluster_id)
+      porcelain.secret_store_id = (plumbing.secret_store_id)
+      porcelain.subdomain = (plumbing.subdomain)
+      porcelain.tags = convert_tags_to_porcelain(plumbing.tags)
+      porcelain
+    end
+
+    def self.convert_mcp_gateway_no_auth_to_plumbing(porcelain)
+      if porcelain == nil
+        return nil
+      end
+      plumbing = V1::MCPGatewayNoAuth.new()
+      plumbing.bind_interface = (porcelain.bind_interface)
+      plumbing.egress_filter = (porcelain.egress_filter)
+      plumbing.healthy = (porcelain.healthy)
+      plumbing.hostname = (porcelain.hostname)
+      plumbing.id = (porcelain.id)
+      plumbing.name = (porcelain.name)
+      plumbing.port_override = (porcelain.port_override)
+      plumbing.proxy_cluster_id = (porcelain.proxy_cluster_id)
+      plumbing.secret_store_id = (porcelain.secret_store_id)
+      plumbing.subdomain = (porcelain.subdomain)
+      plumbing.tags = convert_tags_to_plumbing(porcelain.tags)
+      plumbing
+    end
+    def self.convert_repeated_mcp_gateway_no_auth_to_plumbing(porcelains)
+      items = Array.new
+      porcelains.each do |porcelain|
+        plumbing = convert_mcp_gateway_no_auth_to_plumbing(porcelain)
+        items.append(plumbing)
+      end
+      items
+    end
+
+    def self.convert_repeated_mcp_gateway_no_auth_to_porcelain(plumbings)
+      items = Array.new
+      plumbings.each do |plumbing|
+        porcelain = convert_mcp_gateway_no_auth_to_porcelain(plumbing)
+        items.append(porcelain)
+      end
+      items
+    end
+    def self.convert_mcp_gateway_pat_to_porcelain(plumbing)
+      if plumbing == nil
+        return nil
+      end
+      porcelain = MCPGatewayPAT.new()
+      porcelain.bind_interface = (plumbing.bind_interface)
+      porcelain.egress_filter = (plumbing.egress_filter)
+      porcelain.healthy = (plumbing.healthy)
+      porcelain.hostname = (plumbing.hostname)
+      porcelain.id = (plumbing.id)
+      porcelain.name = (plumbing.name)
+      porcelain.password = (plumbing.password)
+      porcelain.port_override = (plumbing.port_override)
+      porcelain.proxy_cluster_id = (plumbing.proxy_cluster_id)
+      porcelain.secret_store_id = (plumbing.secret_store_id)
+      porcelain.subdomain = (plumbing.subdomain)
+      porcelain.tags = convert_tags_to_porcelain(plumbing.tags)
+      porcelain
+    end
+
+    def self.convert_mcp_gateway_pat_to_plumbing(porcelain)
+      if porcelain == nil
+        return nil
+      end
+      plumbing = V1::MCPGatewayPAT.new()
+      plumbing.bind_interface = (porcelain.bind_interface)
+      plumbing.egress_filter = (porcelain.egress_filter)
+      plumbing.healthy = (porcelain.healthy)
+      plumbing.hostname = (porcelain.hostname)
+      plumbing.id = (porcelain.id)
+      plumbing.name = (porcelain.name)
+      plumbing.password = (porcelain.password)
+      plumbing.port_override = (porcelain.port_override)
+      plumbing.proxy_cluster_id = (porcelain.proxy_cluster_id)
+      plumbing.secret_store_id = (porcelain.secret_store_id)
+      plumbing.subdomain = (porcelain.subdomain)
+      plumbing.tags = convert_tags_to_plumbing(porcelain.tags)
+      plumbing
+    end
+    def self.convert_repeated_mcp_gateway_pat_to_plumbing(porcelains)
+      items = Array.new
+      porcelains.each do |porcelain|
+        plumbing = convert_mcp_gateway_pat_to_plumbing(porcelain)
+        items.append(plumbing)
+      end
+      items
+    end
+
+    def self.convert_repeated_mcp_gateway_pat_to_porcelain(plumbings)
+      items = Array.new
+      plumbings.each do |plumbing|
+        porcelain = convert_mcp_gateway_pat_to_porcelain(plumbing)
+        items.append(porcelain)
+      end
+      items
+    end
     def self.convert_mtls_mysql_to_porcelain(plumbing)
       if plumbing == nil
         return nil
@@ -16456,6 +16577,12 @@ module SDM
       if porcelain.instance_of? MCP
         plumbing.mcp = convert_mcp_to_plumbing(porcelain)
       end
+      if porcelain.instance_of? MCPGatewayNoAuth
+        plumbing.mcp_gateway_no_auth = convert_mcp_gateway_no_auth_to_plumbing(porcelain)
+      end
+      if porcelain.instance_of? MCPGatewayPAT
+        plumbing.mcp_gateway_pat = convert_mcp_gateway_pat_to_plumbing(porcelain)
+      end
       if porcelain.instance_of? MCPDCR
         plumbing.mcpdcr = convert_mcpdcr_to_plumbing(porcelain)
       end
@@ -16808,6 +16935,12 @@ module SDM
       if plumbing.mcp != nil
         return convert_mcp_to_porcelain(plumbing.mcp)
       end
+      if plumbing.mcp_gateway_no_auth != nil
+        return convert_mcp_gateway_no_auth_to_porcelain(plumbing.mcp_gateway_no_auth)
+      end
+      if plumbing.mcp_gateway_pat != nil
+        return convert_mcp_gateway_pat_to_porcelain(plumbing.mcp_gateway_pat)
+      end
       if plumbing.mcpdcr != nil
         return convert_mcpdcr_to_porcelain(plumbing.mcpdcr)
       end

data/lib/grpc/resourcetypes_pb.rb

@@ -95,6 +95,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :RESOURCE_TYPE_KUBERNETES_USER_IMPERSONATION, 812
       value :RESOURCE_TYPE_MCP, 4700
       value :RESOURCE_TYPE_MCPDCR, 4701
+      value :RESOURCE_TYPE_MCP_NO_AUTH, 4703
+      value :RESOURCE_TYPE_MCPPAT, 4702
       value :RESOURCE_TYPE_MTLS_MY_SQL, 1106
       value :RESOURCE_TYPE_MTLS_POSTGRES, 1306
       value :RESOURCE_TYPE_MARIA, 1103

data/lib/models/porcelain.rb

@@ -167,6 +167,10 @@ module SDM
 
     MCPDCR = "RESOURCE_TYPE_MCPDCR"
 
+    MCP_NO_AUTH = "RESOURCE_TYPE_MCP_NO_AUTH"
+
+    MCPPAT = "RESOURCE_TYPE_MCPPAT"
+
     MTLS_MY_SQL = "RESOURCE_TYPE_MTLS_MY_SQL"
 
     MTLS_POSTGRES = "RESOURCE_TYPE_MTLS_POSTGRES"
@@ -1703,6 +1707,8 @@ module SDM
 
   # AccountGrants connect a resource directly to an account, giving the account the permission to connect to that resource.
   class AccountGrant
+    # The access request ID that created this AccountGrant, if any.
+    attr_accessor :access_request_id
     # The access rule associated with this AccountGrant.
     attr_accessor :access_rule
     # The account ID of this AccountGrant.
@@ -1717,6 +1723,7 @@ module SDM
     attr_accessor :valid_until
 
     def initialize(
+      access_request_id: nil,
       access_rule: nil,
       account_id: nil,
       id: nil,
@@ -1724,6 +1731,7 @@ module SDM
       start_from: nil,
       valid_until: nil
     )
+      @access_request_id = access_request_id == nil ? "" : access_request_id
       @access_rule = access_rule == nil ? SDM::_porcelain_zero_value_access_rule() : access_rule
       @account_id = account_id == nil ? "" : account_id
       @id = id == nil ? "" : id
@@ -6314,7 +6322,6 @@ module SDM
     end
   end
 
-  # Databricks is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class Databricks
     # Databricks Personal Access Token (PAT)
     attr_accessor :access_token
@@ -10480,6 +10487,130 @@ module SDM
     end
   end
 
+  # MCPGatewayNoAuth is currently unstable, and its API may change, or it may be removed, without a major version bump.
+  class MCPGatewayNoAuth
+    # The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided and may also be set to one of the ResourceIPAllocationMode constants to select between VNM, loopback, or default allocation.
+    attr_accessor :bind_interface
+    # A filter applied to the routing logic to pin datasource to nodes.
+    attr_accessor :egress_filter
+    # True if the datasource is reachable and the credentials are valid.
+    attr_accessor :healthy
+    # The host to dial to initiate a connection from the egress node to this resource.
+    attr_accessor :hostname
+    # Unique identifier of the Resource.
+    attr_accessor :id
+    # Unique human-readable name of the Resource.
+    attr_accessor :name
+    # The local port used by clients to connect to this resource. It is automatically generated if not provided on create and may be re-generated on update by specifying a value of -1.
+    attr_accessor :port_override
+    # ID of the proxy cluster for this resource, if any.
+    attr_accessor :proxy_cluster_id
+    # ID of the secret store containing credentials for this resource, if any.
+    attr_accessor :secret_store_id
+    # DNS subdomain through which this resource may be accessed on clients.  (e.g. "app-prod1" allows the resource to be accessed at "app-prod1.your-org-name.sdm-proxy-domain"). Only applicable to HTTP-based resources or resources using virtual networking mode.
+    attr_accessor :subdomain
+    # Tags is a map of key, value pairs.
+    attr_accessor :tags
+
+    def initialize(
+      bind_interface: nil,
+      egress_filter: nil,
+      healthy: nil,
+      hostname: nil,
+      id: nil,
+      name: nil,
+      port_override: nil,
+      proxy_cluster_id: nil,
+      secret_store_id: nil,
+      subdomain: nil,
+      tags: nil
+    )
+      @bind_interface = bind_interface == nil ? "" : bind_interface
+      @egress_filter = egress_filter == nil ? "" : egress_filter
+      @healthy = healthy == nil ? false : healthy
+      @hostname = hostname == nil ? "" : hostname
+      @id = id == nil ? "" : id
+      @name = name == nil ? "" : name
+      @port_override = port_override == nil ? 0 : port_override
+      @proxy_cluster_id = proxy_cluster_id == nil ? "" : proxy_cluster_id
+      @secret_store_id = secret_store_id == nil ? "" : secret_store_id
+      @subdomain = subdomain == nil ? "" : subdomain
+      @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
+  # MCPGatewayPAT is currently unstable, and its API may change, or it may be removed, without a major version bump.
+  class MCPGatewayPAT
+    # The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided and may also be set to one of the ResourceIPAllocationMode constants to select between VNM, loopback, or default allocation.
+    attr_accessor :bind_interface
+    # A filter applied to the routing logic to pin datasource to nodes.
+    attr_accessor :egress_filter
+    # True if the datasource is reachable and the credentials are valid.
+    attr_accessor :healthy
+    # The host to dial to initiate a connection from the egress node to this resource.
+    attr_accessor :hostname
+    # Unique identifier of the Resource.
+    attr_accessor :id
+    # Unique human-readable name of the Resource.
+    attr_accessor :name
+    # The password to authenticate with.
+    attr_accessor :password
+    # The local port used by clients to connect to this resource. It is automatically generated if not provided on create and may be re-generated on update by specifying a value of -1.
+    attr_accessor :port_override
+    # ID of the proxy cluster for this resource, if any.
+    attr_accessor :proxy_cluster_id
+    # ID of the secret store containing credentials for this resource, if any.
+    attr_accessor :secret_store_id
+    # DNS subdomain through which this resource may be accessed on clients.  (e.g. "app-prod1" allows the resource to be accessed at "app-prod1.your-org-name.sdm-proxy-domain"). Only applicable to HTTP-based resources or resources using virtual networking mode.
+    attr_accessor :subdomain
+    # Tags is a map of key, value pairs.
+    attr_accessor :tags
+
+    def initialize(
+      bind_interface: nil,
+      egress_filter: nil,
+      healthy: nil,
+      hostname: nil,
+      id: nil,
+      name: nil,
+      password: nil,
+      port_override: nil,
+      proxy_cluster_id: nil,
+      secret_store_id: nil,
+      subdomain: nil,
+      tags: nil
+    )
+      @bind_interface = bind_interface == nil ? "" : bind_interface
+      @egress_filter = egress_filter == nil ? "" : egress_filter
+      @healthy = healthy == nil ? false : healthy
+      @hostname = hostname == nil ? "" : hostname
+      @id = id == nil ? "" : id
+      @name = name == nil ? "" : name
+      @password = password == nil ? "" : password
+      @port_override = port_override == nil ? 0 : port_override
+      @proxy_cluster_id = proxy_cluster_id == nil ? "" : proxy_cluster_id
+      @secret_store_id = secret_store_id == nil ? "" : secret_store_id
+      @subdomain = subdomain == nil ? "" : subdomain
+      @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
   class MTLSMysql
     # The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided and may also be set to one of the ResourceIPAllocationMode constants to select between VNM, loopback, or default allocation.
     attr_accessor :bind_interface

data/lib/strongdm.rb

@@ -31,7 +31,7 @@ module SDM #:nodoc:
     DEFAULT_RETRY_FACTOR = 1.6
     DEFAULT_RETRY_JITTER = 0.2
     API_VERSION = "2025-04-14"
-    USER_AGENT = "strongdm-sdk-ruby/16.14.0"
+    USER_AGENT = "strongdm-sdk-ruby/16.17.0"
     private_constant :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :DEFAULT_RETRY_FACTOR, :DEFAULT_RETRY_JITTER, :API_VERSION, :USER_AGENT
 
     # Creates a new strongDM API client.

data/lib/svc.rb

@@ -7042,6 +7042,8 @@ module SDM #:nodoc:
   # {KubernetesUserImpersonation}
   # {Maria}
   # {MCP}
+  # {MCPGatewayNoAuth}
+  # {MCPGatewayPAT}
   # {MCPDCR}
   # {Memcached}
   # {Memsql}

data/lib/version

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "16.14.0"
+  VERSION = "16.17.0"
 end

data/lib/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "16.14.0"
+  VERSION = "16.17.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strongdm
 version: !ruby/object:Gem::Version
-  version: 16.14.0
+  version: 16.17.0
 platform: ruby
 authors:
 - strongDM Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2026-02-27 00:00:00.000000000 Z
+date: 2026-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -81,8 +81,8 @@ files:
 - "./.git/logs/HEAD"
 - "./.git/logs/refs/heads/master"
 - "./.git/logs/refs/remotes/origin/HEAD"
-- "./.git/objects/pack/pack-02ae59c259b83a24c0fc9b94a7921489cd0c8abe.idx"
-- "./.git/objects/pack/pack-02ae59c259b83a24c0fc9b94a7921489cd0c8abe.pack"
+- "./.git/objects/pack/pack-29a576bf5eeceeafb7a1deb5b467a4e7ab602057.idx"
+- "./.git/objects/pack/pack-29a576bf5eeceeafb7a1deb5b467a4e7ab602057.pack"
 - "./.git/packed-refs"
 - "./.git/refs/heads/master"
 - "./.git/refs/remotes/origin/HEAD"
@@ -135,6 +135,7 @@ files:
 - "./lib/grpc/approval_workflows_pb.rb"
 - "./lib/grpc/approval_workflows_services_pb.rb"
 - "./lib/grpc/authorization_policies_pb.rb"
+- "./lib/grpc/authorization_policies_services_pb.rb"
 - "./lib/grpc/control_panel_pb.rb"
 - "./lib/grpc/control_panel_services_pb.rb"
 - "./lib/grpc/custom_headers_pb.rb"
@@ -165,6 +166,7 @@ files:
 - "./lib/grpc/identity_sets_history_services_pb.rb"
 - "./lib/grpc/identity_sets_pb.rb"
 - "./lib/grpc/identity_sets_services_pb.rb"
+- "./lib/grpc/location_enums_pb.rb"
 - "./lib/grpc/managed_secrets_pb.rb"
 - "./lib/grpc/managed_secrets_services_pb.rb"
 - "./lib/grpc/nodes_history_pb.rb"