@opentdf/sdk 0.3.1 → 0.3.2-beta.1

package/src/platform/policy/objects_pb.ts

@@ -0,0 +1,1319 @@
+// @generated by protoc-gen-es v2.2.5 with parameter "target=ts,import_extension=.js"
+// @generated from file policy/objects.proto (package policy, syntax proto3)
+/* eslint-disable */
+
+import type { GenEnum, GenFile, GenMessage } from "@bufbuild/protobuf/codegenv1";
+import { enumDesc, fileDesc, messageDesc } from "@bufbuild/protobuf/codegenv1";
+import { file_buf_validate_validate } from "../buf/validate/validate_pb.js";
+import type { Metadata } from "../common/common_pb.js";
+import { file_common_common } from "../common/common_pb.js";
+import { file_google_protobuf_wrappers } from "@bufbuild/protobuf/wkt";
+import type { Message } from "@bufbuild/protobuf";
+
+/**
+ * Describes the file policy/objects.proto.
+ */
+export const file_policy_objects: GenFile = /*@__PURE__*/
+  fileDesc("ChRwb2xpY3kvb2JqZWN0cy5wcm90bxIGcG9saWN5ImYKEUtleVByb3ZpZGVyQ29uZmlnEgoKAmlkGAEgASgJEgwKBG5hbWUYAiABKAkSEwoLY29uZmlnX2pzb24YAyABKAwSIgoIbWV0YWRhdGEYZCABKAsyEC5jb21tb24uTWV0YWRhdGEizQEKCU5hbWVzcGFjZRIKCgJpZBgBIAEoCRIMCgRuYW1lGAIgASgJEgsKA2ZxbhgDIAEoCRIqCgZhY3RpdmUYBCABKAsyGi5nb29nbGUucHJvdG9idWYuQm9vbFZhbHVlEiIKCG1ldGFkYXRhGAUgASgLMhAuY29tbW9uLk1ldGFkYXRhEicKBmdyYW50cxgGIAMoCzIXLnBvbGljeS5LZXlBY2Nlc3NTZXJ2ZXISIAoIa2FzX2tleXMYByADKAsyDi5wb2xpY3kuS2FzS2V5IswCCglBdHRyaWJ1dGUSCgoCaWQYASABKAkSJAoJbmFtZXNwYWNlGAIgASgLMhEucG9saWN5Lk5hbWVzcGFjZRIMCgRuYW1lGAMgASgJEjgKBHJ1bGUYBCABKA4yHS5wb2xpY3kuQXR0cmlidXRlUnVsZVR5cGVFbnVtQgu6SAjIAQGCAQIQARIdCgZ2YWx1ZXMYBSADKAsyDS5wb2xpY3kuVmFsdWUSJwoGZ3JhbnRzGAYgAygLMhcucG9saWN5LktleUFjY2Vzc1NlcnZlchILCgNmcW4YByABKAkSKgoGYWN0aXZlGAggASgLMhouZ29vZ2xlLnByb3RvYnVmLkJvb2xWYWx1ZRIgCghrYXNfa2V5cxgJIAMoCzIOLnBvbGljeS5LYXNLZXkSIgoIbWV0YWRhdGEYZCABKAsyEC5jb21tb24uTWV0YWRhdGEisQIKBVZhbHVlEgoKAmlkGAEgASgJEiQKCWF0dHJpYnV0ZRgCIAEoCzIRLnBvbGljeS5BdHRyaWJ1dGUSDQoFdmFsdWUYAyABKAkSJwoGZ3JhbnRzGAUgAygLMhcucG9saWN5LktleUFjY2Vzc1NlcnZlchILCgNmcW4YBiABKAkSKgoGYWN0aXZlGAcgASgLMhouZ29vZ2xlLnByb3RvYnVmLkJvb2xWYWx1ZRIwChBzdWJqZWN0X21hcHBpbmdzGAggAygLMhYucG9saWN5LlN1YmplY3RNYXBwaW5nEiAKCGthc19rZXlzGAkgAygLMg4ucG9saWN5Lkthc0tleRIiCghtZXRhZGF0YRhkIAEoCzIQLmNvbW1vbi5NZXRhZGF0YUoECAQQBVIHbWVtYmVycyKCAgoGQWN0aW9uEgoKAmlkGAMgASgJEjEKCHN0YW5kYXJkGAEgASgOMh0ucG9saWN5LkFjdGlvbi5TdGFuZGFyZEFjdGlvbkgAEhAKBmN1c3RvbRgCIAEoCUgAEgwKBG5hbWUYBCABKAkSIgoIbWV0YWRhdGEYZCABKAsyEC5jb21tb24uTWV0YWRhdGEibAoOU3RhbmRhcmRBY3Rpb24SHwobU1RBTkRBUkRfQUNUSU9OX1VOU1BFQ0lGSUVEEAASGwoXU1RBTkRBUkRfQUNUSU9OX0RFQ1JZUFQQARIcChhTVEFOREFSRF9BQ1RJT05fVFJBTlNNSVQQAkIHCgV2YWx1ZSLFAQoOU3ViamVjdE1hcHBpbmcSCgoCaWQYASABKAkSJgoPYXR0cmlidXRlX3ZhbHVlGAIgASgLMg0ucG9saWN5LlZhbHVlEjoKFXN1YmplY3RfY29uZGl0aW9uX3NldBgDIAEoCzIbLnBvbGljeS5TdWJqZWN0Q29uZGl0aW9uU2V0Eh8KB2FjdGlvbnMYBCADKAsyDi5wb2xpY3kuQWN0aW9uEiIKCG1ldGFkYXRhGGQgASgLMhAuY29tbW9uLk1ldGFkYXRhIqoBCglDb25kaXRpb24SLwofc3ViamVjdF9leHRlcm5hbF9zZWxlY3Rvcl92YWx1ZRgBIAEoCUIGukgDyAEBEkEKCG9wZXJhdG9yGAIgASgOMiIucG9saWN5LlN1YmplY3RNYXBwaW5nT3BlcmF0b3JFbnVtQgu6SAjIAQGCAQIQARIpChdzdWJqZWN0X2V4dGVybmFsX3ZhbHVlcxgDIAMoCUIIukgFkgECCAEiigEKDkNvbmRpdGlvbkdyb3VwEi8KCmNvbmRpdGlvbnMYASADKAsyES5wb2xpY3kuQ29uZGl0aW9uQgi6SAWSAQIIARJHChBib29sZWFuX29wZXJhdG9yGAIgASgOMiAucG9saWN5LkNvbmRpdGlvbkJvb2xlYW5UeXBlRW51bUILukgIyAEBggECEAEiSAoKU3ViamVjdFNldBI6ChBjb25kaXRpb25fZ3JvdXBzGAEgAygLMhYucG9saWN5LkNvbmRpdGlvbkdyb3VwQgi6SAWSAQIIASJ5ChNTdWJqZWN0Q29uZGl0aW9uU2V0EgoKAmlkGAEgASgJEjIKDHN1YmplY3Rfc2V0cxgDIAMoCzISLnBvbGljeS5TdWJqZWN0U2V0Qgi6SAWSAQIIARIiCghtZXRhZGF0YRhkIAEoCzIQLmNvbW1vbi5NZXRhZGF0YSJWCg9TdWJqZWN0UHJvcGVydHkSKwoXZXh0ZXJuYWxfc2VsZWN0b3JfdmFsdWUYASABKAlCCrpIB8gBAXICEAESFgoOZXh0ZXJuYWxfdmFsdWUYAiABKAkiegoUUmVzb3VyY2VNYXBwaW5nR3JvdXASCgoCaWQYASABKAkSHAoMbmFtZXNwYWNlX2lkGAIgASgJQga6SAPIAQESFAoEbmFtZRgDIAEoCUIGukgDyAEBEiIKCG1ldGFkYXRhGGQgASgLMhAuY29tbW9uLk1ldGFkYXRhIq0BCg9SZXNvdXJjZU1hcHBpbmcSCgoCaWQYASABKAkSIgoIbWV0YWRhdGEYAiABKAsyEC5jb21tb24uTWV0YWRhdGESLgoPYXR0cmlidXRlX3ZhbHVlGAMgASgLMg0ucG9saWN5LlZhbHVlQga6SAPIAQESDQoFdGVybXMYBCADKAkSKwoFZ3JvdXAYBSABKAsyHC5wb2xpY3kuUmVzb3VyY2VNYXBwaW5nR3JvdXAixgQKD0tleUFjY2Vzc1NlcnZlchIKCgJpZBgBIAEoCRKCAwoDdXJpGAIgASgJQvQCukjwAroB7AIKCnVyaV9mb3JtYXQSzwFVUkkgbXVzdCBiZSBhIHZhbGlkIFVSTCAoZS5nLiwgJ2h0dHBzOi8vZGVtby5jb20vJykgZm9sbG93ZWQgYnkgYWRkaXRpb25hbCBzZWdtZW50cy4gRWFjaCBzZWdtZW50IG11c3Qgc3RhcnQgYW5kIGVuZCB3aXRoIGFuIGFscGhhbnVtZXJpYyBjaGFyYWN0ZXIsIGNhbiBjb250YWluIGh5cGhlbnMsIGFscGhhbnVtZXJpYyBjaGFyYWN0ZXJzLCBhbmQgc2xhc2hlcy4aiwF0aGlzLm1hdGNoZXMoJ15odHRwcz86Ly9bYS16QS1aMC05XShbYS16QS1aMC05XFwtXXswLDYxfVthLXpBLVowLTldKT8oXFwuW2EtekEtWjAtOV0oW2EtekEtWjAtOVxcLV17MCw2MX1bYS16QS1aMC05XSk/KSooOlswLTldKyk/KC8uKik/JCcpEiUKCnB1YmxpY19rZXkYAyABKAsyES5wb2xpY3kuUHVibGljS2V5EicKC3NvdXJjZV90eXBlGAQgASgOMhIucG9saWN5LlNvdXJjZVR5cGUSIAoIa2FzX2tleXMYBSADKAsyDi5wb2xpY3kuS2FzS2V5EgwKBG5hbWUYFCABKAkSIgoIbWV0YWRhdGEYZCABKAsyEC5jb21tb24uTWV0YWRhdGEi5AEKA0tleRIKCgJpZBgBIAEoCRItCglpc19hY3RpdmUYAiABKAsyGi5nb29nbGUucHJvdG9idWYuQm9vbFZhbHVlEi4KCndhc19tYXBwZWQYAyABKAsyGi5nb29nbGUucHJvdG9idWYuQm9vbFZhbHVlEigKCnB1YmxpY19rZXkYBCABKAsyFC5wb2xpY3kuS2FzUHVibGljS2V5EiQKA2thcxgFIAEoCzIXLnBvbGljeS5LZXlBY2Nlc3NTZXJ2ZXISIgoIbWV0YWRhdGEYZCABKAsyEC5jb21tb24uTWV0YWRhdGEidQoMS2FzUHVibGljS2V5EhcKA3BlbRgBIAEoCUIKukgHcgUQARiAQBIWCgNraWQYAiABKAlCCbpIBnIEEAEYIBI0CgNhbGcYAyABKA4yGy5wb2xpY3kuS2FzUHVibGljS2V5QWxnRW51bUIKukgHggEEEAEgACI1Cg9LYXNQdWJsaWNLZXlTZXQSIgoEa2V5cxgBIAMoCzIULnBvbGljeS5LYXNQdWJsaWNLZXki0AMKCVB1YmxpY0tleRL8AgoGcmVtb3RlGAEgASgJQukCukjlAroB4QIKCnVyaV9mb3JtYXQSzwFVUkkgbXVzdCBiZSBhIHZhbGlkIFVSTCAoZS5nLiwgJ2h0dHBzOi8vZGVtby5jb20vJykgZm9sbG93ZWQgYnkgYWRkaXRpb25hbCBzZWdtZW50cy4gRWFjaCBzZWdtZW50IG11c3Qgc3RhcnQgYW5kIGVuZCB3aXRoIGFuIGFscGhhbnVtZXJpYyBjaGFyYWN0ZXIsIGNhbiBjb250YWluIGh5cGhlbnMsIGFscGhhbnVtZXJpYyBjaGFyYWN0ZXJzLCBhbmQgc2xhc2hlcy4agAF0aGlzLm1hdGNoZXMoJ15odHRwczovL1thLXpBLVowLTldKFthLXpBLVowLTlcXC1dezAsNjF9W2EtekEtWjAtOV0pPyhcXC5bYS16QS1aMC05XShbYS16QS1aMC05XFwtXXswLDYxfVthLXpBLVowLTldKT8pKigvLiopPyQnKUgAEikKBmNhY2hlZBgDIAEoCzIXLnBvbGljeS5LYXNQdWJsaWNLZXlTZXRIAEIMCgpwdWJsaWNfa2V5SgQIAhADUgVsb2NhbCKDAQoSUmVnaXN0ZXJlZFJlc291cmNlEgoKAmlkGAEgASgJEgwKBG5hbWUYAiABKAkSLwoGdmFsdWVzGAMgAygLMh8ucG9saWN5LlJlZ2lzdGVyZWRSZXNvdXJjZVZhbHVlEiIKCG1ldGFkYXRhGGQgASgLMhAuY29tbW9uLk1ldGFkYXRhIoYBChdSZWdpc3RlcmVkUmVzb3VyY2VWYWx1ZRIKCgJpZBgBIAEoCRINCgV2YWx1ZRgCIAEoCRIsCghyZXNvdXJjZRgDIAEoCzIaLnBvbGljeS5SZWdpc3RlcmVkUmVzb3VyY2USIgoIbWV0YWRhdGEYZCABKAsyEC5jb21tb24uTWV0YWRhdGEiPAoGS2FzS2V5Eg4KBmthc19pZBgBIAEoCRIiCgNrZXkYAiABKAsyFS5wb2xpY3kuQXN5bW1ldHJpY0tleSKoAgoNQXN5bW1ldHJpY0tleRIKCgJpZBgBIAEoCRIOCgZrZXlfaWQYAiABKAkSKAoNa2V5X2FsZ29yaXRobRgDIAEoDjIRLnBvbGljeS5BbGdvcml0aG0SJQoKa2V5X3N0YXR1cxgEIAEoDjIRLnBvbGljeS5LZXlTdGF0dXMSIQoIa2V5X21vZGUYBSABKA4yDy5wb2xpY3kuS2V5TW9kZRIWCg5wdWJsaWNfa2V5X2N0eBgGIAEoDBIXCg9wcml2YXRlX2tleV9jdHgYByABKAwSMgoPcHJvdmlkZXJfY29uZmlnGAggASgLMhkucG9saWN5LktleVByb3ZpZGVyQ29uZmlnEiIKCG1ldGFkYXRhGGQgASgLMhAuY29tbW9uLk1ldGFkYXRhIt0BCgxTeW1tZXRyaWNLZXkSCgoCaWQYASABKAkSDgoGa2V5X2lkGAIgASgJEiUKCmtleV9zdGF0dXMYAyABKA4yES5wb2xpY3kuS2V5U3RhdHVzEiEKCGtleV9tb2RlGAQgASgOMg8ucG9saWN5LktleU1vZGUSDwoHa2V5X2N0eBgFIAEoDBIyCg9wcm92aWRlcl9jb25maWcYBiABKAsyGS5wb2xpY3kuS2V5UHJvdmlkZXJDb25maWcSIgoIbWV0YWRhdGEYZCABKAsyEC5jb21tb24uTWV0YWRhdGEqswEKFUF0dHJpYnV0ZVJ1bGVUeXBlRW51bRIoCiRBVFRSSUJVVEVfUlVMRV9UWVBFX0VOVU1fVU5TUEVDSUZJRUQQABIjCh9BVFRSSUJVVEVfUlVMRV9UWVBFX0VOVU1fQUxMX09GEAESIwofQVRUUklCVVRFX1JVTEVfVFlQRV9FTlVNX0FOWV9PRhACEiYKIkFUVFJJQlVURV9SVUxFX1RZUEVfRU5VTV9ISUVSQVJDSFkQAyrKAQoaU3ViamVjdE1hcHBpbmdPcGVyYXRvckVudW0SLQopU1VCSkVDVF9NQVBQSU5HX09QRVJBVE9SX0VOVU1fVU5TUEVDSUZJRUQQABIkCiBTVUJKRUNUX01BUFBJTkdfT1BFUkFUT1JfRU5VTV9JThABEigKJFNVQkpFQ1RfTUFQUElOR19PUEVSQVRPUl9FTlVNX05PVF9JThACEi0KKVNVQkpFQ1RfTUFQUElOR19PUEVSQVRPUl9FTlVNX0lOX0NPTlRBSU5TEAMqkAEKGENvbmRpdGlvbkJvb2xlYW5UeXBlRW51bRIrCidDT05ESVRJT05fQk9PTEVBTl9UWVBFX0VOVU1fVU5TUEVDSUZJRUQQABIjCh9DT05ESVRJT05fQk9PTEVBTl9UWVBFX0VOVU1fQU5EEAESIgoeQ09ORElUSU9OX0JPT0xFQU5fVFlQRV9FTlVNX09SEAIqXQoKU291cmNlVHlwZRIbChdTT1VSQ0VfVFlQRV9VTlNQRUNJRklFRBAAEhgKFFNPVVJDRV9UWVBFX0lOVEVSTkFMEAESGAoUU09VUkNFX1RZUEVfRVhURVJOQUwQAiqIAgoTS2FzUHVibGljS2V5QWxnRW51bRInCiNLQVNfUFVCTElDX0tFWV9BTEdfRU5VTV9VTlNQRUNJRklFRBAAEiQKIEtBU19QVUJMSUNfS0VZX0FMR19FTlVNX1JTQV8yMDQ4EAESJAogS0FTX1BVQkxJQ19LRVlfQUxHX0VOVU1fUlNBXzQwOTYQAhIoCiRLQVNfUFVCTElDX0tFWV9BTEdfRU5VTV9FQ19TRUNQMjU2UjEQBRIoCiRLQVNfUFVCTElDX0tFWV9BTEdfRU5VTV9FQ19TRUNQMzg0UjEQBhIoCiRLQVNfUFVCTElDX0tFWV9BTEdfRU5VTV9FQ19TRUNQNTIxUjEQByqbAQoJQWxnb3JpdGhtEhkKFUFMR09SSVRITV9VTlNQRUNJRklFRBAAEhYKEkFMR09SSVRITV9SU0FfMjA0OBABEhYKEkFMR09SSVRITV9SU0FfNDA5NhACEhUKEUFMR09SSVRITV9FQ19QMjU2EAMSFQoRQUxHT1JJVEhNX0VDX1AzODQQBBIVChFBTEdPUklUSE1fRUNfUDUyMRAFKnMKCUtleVN0YXR1cxIaChZLRVlfU1RBVFVTX1VOU1BFQ0lGSUVEEAASFQoRS0VZX1NUQVRVU19BQ1RJVkUQARIXChNLRVlfU1RBVFVTX0lOQUNUSVZFEAISGgoWS0VZX1NUQVRVU19DT01QUk9NSVNFRBADKkwKB0tleU1vZGUSGAoUS0VZX01PREVfVU5TUEVDSUZJRUQQABISCg5LRVlfTU9ERV9MT0NBTBABEhMKD0tFWV9NT0RFX1JFTU9URRACYgZwcm90bzM", [file_buf_validate_validate, file_common_common, file_google_protobuf_wrappers]);
+
+/**
+ * @generated from message policy.KeyProviderConfig
+ */
+export type KeyProviderConfig = Message<"policy.KeyProviderConfig"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: string name = 2;
+   */
+  name: string;
+
+  /**
+   * @generated from field: bytes config_json = 3;
+   */
+  configJson: Uint8Array;
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.KeyProviderConfig.
+ * Use `create(KeyProviderConfigSchema)` to create a new message.
+ */
+export const KeyProviderConfigSchema: GenMessage<KeyProviderConfig> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 0);
+
+/**
+ * @generated from message policy.Namespace
+ */
+export type Namespace = Message<"policy.Namespace"> & {
+  /**
+   * generated uuid in database
+   *
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * used to partition Attribute Definitions, support by namespace AuthN and
+   * enable federation
+   *
+   * @generated from field: string name = 2;
+   */
+  name: string;
+
+  /**
+   * @generated from field: string fqn = 3;
+   */
+  fqn: string;
+
+  /**
+   * active by default until explicitly deactivated
+   *
+   * @generated from field: google.protobuf.BoolValue active = 4;
+   */
+  active?: boolean;
+
+  /**
+   * @generated from field: common.Metadata metadata = 5;
+   */
+  metadata?: Metadata;
+
+  /**
+   * KAS grants for the namespace
+   *
+   * @generated from field: repeated policy.KeyAccessServer grants = 6;
+   */
+  grants: KeyAccessServer[];
+
+  /**
+   * Keys for the namespace
+   *
+   * @generated from field: repeated policy.KasKey kas_keys = 7;
+   */
+  kasKeys: KasKey[];
+};
+
+/**
+ * Describes the message policy.Namespace.
+ * Use `create(NamespaceSchema)` to create a new message.
+ */
+export const NamespaceSchema: GenMessage<Namespace> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 1);
+
+/**
+ * @generated from message policy.Attribute
+ */
+export type Attribute = Message<"policy.Attribute"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * namespace of the attribute
+   *
+   * @generated from field: policy.Namespace namespace = 2;
+   */
+  namespace?: Namespace;
+
+  /**
+   * attribute name
+   *
+   * @generated from field: string name = 3;
+   */
+  name: string;
+
+  /**
+   * attribute rule enum
+   *
+   * @generated from field: policy.AttributeRuleTypeEnum rule = 4;
+   */
+  rule: AttributeRuleTypeEnum;
+
+  /**
+   * @generated from field: repeated policy.Value values = 5;
+   */
+  values: Value[];
+
+  /**
+   * Deprecated
+   *
+   * @generated from field: repeated policy.KeyAccessServer grants = 6;
+   */
+  grants: KeyAccessServer[];
+
+  /**
+   * @generated from field: string fqn = 7;
+   */
+  fqn: string;
+
+  /**
+   * active by default until explicitly deactivated
+   *
+   * @generated from field: google.protobuf.BoolValue active = 8;
+   */
+  active?: boolean;
+
+  /**
+   * Keys associated with the attribute
+   *
+   * @generated from field: repeated policy.KasKey kas_keys = 9;
+   */
+  kasKeys: KasKey[];
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.Attribute.
+ * Use `create(AttributeSchema)` to create a new message.
+ */
+export const AttributeSchema: GenMessage<Attribute> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 2);
+
+/**
+ * @generated from message policy.Value
+ */
+export type Value = Message<"policy.Value"> & {
+  /**
+   * generated uuid in database
+   *
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: policy.Attribute attribute = 2;
+   */
+  attribute?: Attribute;
+
+  /**
+   * @generated from field: string value = 3;
+   */
+  value: string;
+
+  /**
+   * Deprecated
+   * list of key access servers
+   *
+   * @generated from field: repeated policy.KeyAccessServer grants = 5;
+   */
+  grants: KeyAccessServer[];
+
+  /**
+   * @generated from field: string fqn = 6;
+   */
+  fqn: string;
+
+  /**
+   * active by default until explicitly deactivated
+   *
+   * @generated from field: google.protobuf.BoolValue active = 7;
+   */
+  active?: boolean;
+
+  /**
+   * subject mapping
+   *
+   * @generated from field: repeated policy.SubjectMapping subject_mappings = 8;
+   */
+  subjectMappings: SubjectMapping[];
+
+  /**
+   * @generated from field: repeated policy.KasKey kas_keys = 9;
+   */
+  kasKeys: KasKey[];
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.Value.
+ * Use `create(ValueSchema)` to create a new message.
+ */
+export const ValueSchema: GenMessage<Value> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 3);
+
+/**
+ * An action an entity can take
+ *
+ * @generated from message policy.Action
+ */
+export type Action = Message<"policy.Action"> & {
+  /**
+   * Generated uuid in database
+   *
+   * @generated from field: string id = 3;
+   */
+  id: string;
+
+  /**
+   * Deprecated
+   *
+   * @generated from oneof policy.Action.value
+   */
+  value: {
+    /**
+     * Deprecated
+     *
+     * @generated from field: policy.Action.StandardAction standard = 1;
+     */
+    value: Action_StandardAction;
+    case: "standard";
+  } | {
+    /**
+     * Deprecated
+     *
+     * @generated from field: string custom = 2;
+     */
+    value: string;
+    case: "custom";
+  } | { case: undefined; value?: undefined };
+
+  /**
+   * @generated from field: string name = 4;
+   */
+  name: string;
+
+  /**
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.Action.
+ * Use `create(ActionSchema)` to create a new message.
+ */
+export const ActionSchema: GenMessage<Action> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 4);
+
+/**
+ * @generated from enum policy.Action.StandardAction
+ */
+export enum Action_StandardAction {
+  /**
+   * @generated from enum value: STANDARD_ACTION_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * Deprecated
+   * Migrate to 'read' action name
+   *
+   * @generated from enum value: STANDARD_ACTION_DECRYPT = 1;
+   */
+  DECRYPT = 1,
+
+  /**
+   * Deprecated
+   * Migrate to 'create' action name
+   *
+   * @generated from enum value: STANDARD_ACTION_TRANSMIT = 2;
+   */
+  TRANSMIT = 2,
+}
+
+/**
+ * Describes the enum policy.Action.StandardAction.
+ */
+export const Action_StandardActionSchema: GenEnum<Action_StandardAction> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 4, 0);
+
+/**
+ *
+ * Subject Mapping: A Policy assigning Subject Set(s) to a permitted attribute
+ * value + action(s) combination
+ *
+ * @generated from message policy.SubjectMapping
+ */
+export type SubjectMapping = Message<"policy.SubjectMapping"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * the Attribute Value mapped to; aka: "The Entity Entitlement Attribute"
+   *
+   * @generated from field: policy.Value attribute_value = 2;
+   */
+  attributeValue?: Value;
+
+  /**
+   * the reusable SubjectConditionSet mapped to the given Attribute Value
+   *
+   * @generated from field: policy.SubjectConditionSet subject_condition_set = 3;
+   */
+  subjectConditionSet?: SubjectConditionSet;
+
+  /**
+   * The actions permitted by subjects in this mapping
+   *
+   * @generated from field: repeated policy.Action actions = 4;
+   */
+  actions: Action[];
+
+  /**
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.SubjectMapping.
+ * Use `create(SubjectMappingSchema)` to create a new message.
+ */
+export const SubjectMappingSchema: GenMessage<SubjectMapping> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 5);
+
+/**
+ * *
+ * A Condition defines a rule of <the value at the flattened 'selector value'
+ * location> <operator> <subject external values>
+ *
+ * @generated from message policy.Condition
+ */
+export type Condition = Message<"policy.Condition"> & {
+  /**
+   * a selector for a field value on a flattened Entity Representation (such as
+   * from idP/LDAP)
+   *
+   * @generated from field: string subject_external_selector_value = 1;
+   */
+  subjectExternalSelectorValue: string;
+
+  /**
+   * the evaluation operator of relation
+   *
+   * @generated from field: policy.SubjectMappingOperatorEnum operator = 2;
+   */
+  operator: SubjectMappingOperatorEnum;
+
+  /**
+   * list of comparison values for the result of applying the
+   * subject_external_selector_value on a flattened Entity Representation
+   * (Subject), evaluated by the operator
+   *
+   * @generated from field: repeated string subject_external_values = 3;
+   */
+  subjectExternalValues: string[];
+};
+
+/**
+ * Describes the message policy.Condition.
+ * Use `create(ConditionSchema)` to create a new message.
+ */
+export const ConditionSchema: GenMessage<Condition> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 6);
+
+/**
+ * A collection of Conditions evaluated by the boolean_operator provided
+ *
+ * @generated from message policy.ConditionGroup
+ */
+export type ConditionGroup = Message<"policy.ConditionGroup"> & {
+  /**
+   * @generated from field: repeated policy.Condition conditions = 1;
+   */
+  conditions: Condition[];
+
+  /**
+   * the boolean evaluation type across the conditions
+   *
+   * @generated from field: policy.ConditionBooleanTypeEnum boolean_operator = 2;
+   */
+  booleanOperator: ConditionBooleanTypeEnum;
+};
+
+/**
+ * Describes the message policy.ConditionGroup.
+ * Use `create(ConditionGroupSchema)` to create a new message.
+ */
+export const ConditionGroupSchema: GenMessage<ConditionGroup> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 7);
+
+/**
+ * A collection of Condition Groups
+ *
+ * @generated from message policy.SubjectSet
+ */
+export type SubjectSet = Message<"policy.SubjectSet"> & {
+  /**
+   * multiple Condition Groups are evaluated with AND logic
+   *
+   * @generated from field: repeated policy.ConditionGroup condition_groups = 1;
+   */
+  conditionGroups: ConditionGroup[];
+};
+
+/**
+ * Describes the message policy.SubjectSet.
+ * Use `create(SubjectSetSchema)` to create a new message.
+ */
+export const SubjectSetSchema: GenMessage<SubjectSet> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 8);
+
+/**
+ *
+ * A container for multiple Subject Sets, each containing Condition Groups, each
+ * containing Conditions. Multiple Subject Sets in a SubjectConditionSet are
+ * evaluated with AND logic. As each Subject Mapping has only one Attribute
+ * Value, the SubjectConditionSet is reusable across multiple Subject Mappings /
+ * Attribute Values and is an independent unit.
+ *
+ * @generated from message policy.SubjectConditionSet
+ */
+export type SubjectConditionSet = Message<"policy.SubjectConditionSet"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: repeated policy.SubjectSet subject_sets = 3;
+   */
+  subjectSets: SubjectSet[];
+
+  /**
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.SubjectConditionSet.
+ * Use `create(SubjectConditionSetSchema)` to create a new message.
+ */
+export const SubjectConditionSetSchema: GenMessage<SubjectConditionSet> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 9);
+
+/**
+ *
+ *
+ * A property of a Subject/Entity as its selector expression -> value result
+ * pair. This would mirror external user attributes retrieved from an
+ * authoritative source such as an IDP (Identity Provider) or User Store.
+ * Examples include such ADFS/LDAP, OKTA, etc. For now, a valid property must
+ * contain both a selector expression & a resulting value.
+ *
+ * The external_selector_value is a specifier to select a value from a flattened
+ * external representation of an Entity (such as from idP/LDAP), and the
+ * external_value is the value selected by the external_selector_value on that
+ * Entity Representation (Subject Context). These mirror the Condition.
+ *
+ * @generated from message policy.SubjectProperty
+ */
+export type SubjectProperty = Message<"policy.SubjectProperty"> & {
+  /**
+   * @generated from field: string external_selector_value = 1;
+   */
+  externalSelectorValue: string;
+
+  /**
+   * @generated from field: string external_value = 2;
+   */
+  externalValue: string;
+};
+
+/**
+ * Describes the message policy.SubjectProperty.
+ * Use `create(SubjectPropertySchema)` to create a new message.
+ */
+export const SubjectPropertySchema: GenMessage<SubjectProperty> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 10);
+
+/**
+ *
+ * Resource Mapping Groups are namespaced collections of Resource Mappings
+ * associated under a common group name.
+ *
+ * @generated from message policy.ResourceMappingGroup
+ */
+export type ResourceMappingGroup = Message<"policy.ResourceMappingGroup"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * the namespace containing the group of resource mappings
+   *
+   * @generated from field: string namespace_id = 2;
+   */
+  namespaceId: string;
+
+  /**
+   * the common name for the group of resource mappings, which must be unique
+   * per namespace
+   *
+   * @generated from field: string name = 3;
+   */
+  name: string;
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.ResourceMappingGroup.
+ * Use `create(ResourceMappingGroupSchema)` to create a new message.
+ */
+export const ResourceMappingGroupSchema: GenMessage<ResourceMappingGroup> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 11);
+
+/**
+ *
+ * Resource Mappings (aka Access Control Resource Encodings aka ACRE) are
+ * structures supporting the mapping of Resources and Attribute Values
+ *
+ * @generated from message policy.ResourceMapping
+ */
+export type ResourceMapping = Message<"policy.ResourceMapping"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: common.Metadata metadata = 2;
+   */
+  metadata?: Metadata;
+
+  /**
+   * @generated from field: policy.Value attribute_value = 3;
+   */
+  attributeValue?: Value;
+
+  /**
+   * @generated from field: repeated string terms = 4;
+   */
+  terms: string[];
+
+  /**
+   * @generated from field: policy.ResourceMappingGroup group = 5;
+   */
+  group?: ResourceMappingGroup;
+};
+
+/**
+ * Describes the message policy.ResourceMapping.
+ * Use `create(ResourceMappingSchema)` to create a new message.
+ */
+export const ResourceMappingSchema: GenMessage<ResourceMapping> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 12);
+
+/**
+ *
+ * Key Access Server Registry
+ *
+ * @generated from message policy.KeyAccessServer
+ */
+export type KeyAccessServer = Message<"policy.KeyAccessServer"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * Address of a KAS instance
+   *
+   * @generated from field: string uri = 2;
+   */
+  uri: string;
+
+  /**
+   * Deprecated
+   *
+   * @generated from field: policy.PublicKey public_key = 3;
+   */
+  publicKey?: PublicKey;
+
+  /**
+   * The source of the KAS: (INTERNAL, EXTERNAL)
+   *
+   * @generated from field: policy.SourceType source_type = 4;
+   */
+  sourceType: SourceType;
+
+  /**
+   * Kas keys associated with this KAS
+   *
+   * @generated from field: repeated policy.KasKey kas_keys = 5;
+   */
+  kasKeys: KasKey[];
+
+  /**
+   * Optional
+   * Unique name of the KAS instance
+   *
+   * @generated from field: string name = 20;
+   */
+  name: string;
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.KeyAccessServer.
+ * Use `create(KeyAccessServerSchema)` to create a new message.
+ */
+export const KeyAccessServerSchema: GenMessage<KeyAccessServer> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 13);
+
+/**
+ * @generated from message policy.Key
+ */
+export type Key = Message<"policy.Key"> & {
+  /**
+   * the database record ID, not the key ID (`kid`)
+   *
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: google.protobuf.BoolValue is_active = 2;
+   */
+  isActive?: boolean;
+
+  /**
+   * @generated from field: google.protobuf.BoolValue was_mapped = 3;
+   */
+  wasMapped?: boolean;
+
+  /**
+   * @generated from field: policy.KasPublicKey public_key = 4;
+   */
+  publicKey?: KasPublicKey;
+
+  /**
+   * @generated from field: policy.KeyAccessServer kas = 5;
+   */
+  kas?: KeyAccessServer;
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.Key.
+ * Use `create(KeySchema)` to create a new message.
+ */
+export const KeySchema: GenMessage<Key> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 14);
+
+/**
+ * Deprecated
+ * A KAS public key and some associated metadata for further identifcation
+ *
+ * @generated from message policy.KasPublicKey
+ */
+export type KasPublicKey = Message<"policy.KasPublicKey"> & {
+  /**
+   * x509 ASN.1 content in PEM envelope, usually
+   *
+   * @generated from field: string pem = 1;
+   */
+  pem: string;
+
+  /**
+   * A unique string identifier for this key
+   *
+   * @generated from field: string kid = 2;
+   */
+  kid: string;
+
+  /**
+   * A known algorithm type with any additional parameters encoded.
+   * To start, these may be `rsa:2048` for encrypting ZTDF files and
+   * `ec:secp256r1` for nanoTDF, but more formats may be added as needed.
+   *
+   * @generated from field: policy.KasPublicKeyAlgEnum alg = 3;
+   */
+  alg: KasPublicKeyAlgEnum;
+};
+
+/**
+ * Describes the message policy.KasPublicKey.
+ * Use `create(KasPublicKeySchema)` to create a new message.
+ */
+export const KasPublicKeySchema: GenMessage<KasPublicKey> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 15);
+
+/**
+ * Deprecated
+ * A list of known KAS public keys
+ *
+ * @generated from message policy.KasPublicKeySet
+ */
+export type KasPublicKeySet = Message<"policy.KasPublicKeySet"> & {
+  /**
+   * @generated from field: repeated policy.KasPublicKey keys = 1;
+   */
+  keys: KasPublicKey[];
+};
+
+/**
+ * Describes the message policy.KasPublicKeySet.
+ * Use `create(KasPublicKeySetSchema)` to create a new message.
+ */
+export const KasPublicKeySetSchema: GenMessage<KasPublicKeySet> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 16);
+
+/**
+ * Deprecated
+ *
+ * @generated from message policy.PublicKey
+ */
+export type PublicKey = Message<"policy.PublicKey"> & {
+  /**
+   * @generated from oneof policy.PublicKey.public_key
+   */
+  publicKey: {
+    /**
+     * kas public key url - optional since can also be retrieved via public key
+     *
+     * @generated from field: string remote = 1;
+     */
+    value: string;
+    case: "remote";
+  } | {
+    /**
+     * public key with additional information. Current preferred version
+     *
+     * @generated from field: policy.KasPublicKeySet cached = 3;
+     */
+    value: KasPublicKeySet;
+    case: "cached";
+  } | { case: undefined; value?: undefined };
+};
+
+/**
+ * Describes the message policy.PublicKey.
+ * Use `create(PublicKeySchema)` to create a new message.
+ */
+export const PublicKeySchema: GenMessage<PublicKey> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 17);
+
+/**
+ * @generated from message policy.RegisteredResource
+ */
+export type RegisteredResource = Message<"policy.RegisteredResource"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: string name = 2;
+   */
+  name: string;
+
+  /**
+   * @generated from field: repeated policy.RegisteredResourceValue values = 3;
+   */
+  values: RegisteredResourceValue[];
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.RegisteredResource.
+ * Use `create(RegisteredResourceSchema)` to create a new message.
+ */
+export const RegisteredResourceSchema: GenMessage<RegisteredResource> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 18);
+
+/**
+ * @generated from message policy.RegisteredResourceValue
+ */
+export type RegisteredResourceValue = Message<"policy.RegisteredResourceValue"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: string value = 2;
+   */
+  value: string;
+
+  /**
+   * @generated from field: policy.RegisteredResource resource = 3;
+   */
+  resource?: RegisteredResource;
+
+  /**
+   * Common metadata
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.RegisteredResourceValue.
+ * Use `create(RegisteredResourceValueSchema)` to create a new message.
+ */
+export const RegisteredResourceValueSchema: GenMessage<RegisteredResourceValue> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 19);
+
+/**
+ * @generated from message policy.KasKey
+ */
+export type KasKey = Message<"policy.KasKey"> & {
+  /**
+   * @generated from field: string kas_id = 1;
+   */
+  kasId: string;
+
+  /**
+   * @generated from field: policy.AsymmetricKey key = 2;
+   */
+  key?: AsymmetricKey;
+};
+
+/**
+ * Describes the message policy.KasKey.
+ * Use `create(KasKeySchema)` to create a new message.
+ */
+export const KasKeySchema: GenMessage<KasKey> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 20);
+
+/**
+ * @generated from message policy.AsymmetricKey
+ */
+export type AsymmetricKey = Message<"policy.AsymmetricKey"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: string key_id = 2;
+   */
+  keyId: string;
+
+  /**
+   * @generated from field: policy.Algorithm key_algorithm = 3;
+   */
+  keyAlgorithm: Algorithm;
+
+  /**
+   * @generated from field: policy.KeyStatus key_status = 4;
+   */
+  keyStatus: KeyStatus;
+
+  /**
+   * Specifies how the key is managed (local or remote)
+   *
+   * @generated from field: policy.KeyMode key_mode = 5;
+   */
+  keyMode: KeyMode;
+
+  /**
+   * Specific structure based on key provider implementation
+   *
+   * @generated from field: bytes public_key_ctx = 6;
+   */
+  publicKeyCtx: Uint8Array;
+
+  /**
+   * Specific structure based on key provider implementation
+   *
+   * @generated from field: bytes private_key_ctx = 7;
+   */
+  privateKeyCtx: Uint8Array;
+
+  /**
+   * Configuration for the key provider
+   *
+   * @generated from field: policy.KeyProviderConfig provider_config = 8;
+   */
+  providerConfig?: KeyProviderConfig;
+
+  /**
+   * Common metadata fields
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.AsymmetricKey.
+ * Use `create(AsymmetricKeySchema)` to create a new message.
+ */
+export const AsymmetricKeySchema: GenMessage<AsymmetricKey> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 21);
+
+/**
+ * @generated from message policy.SymmetricKey
+ */
+export type SymmetricKey = Message<"policy.SymmetricKey"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: string key_id = 2;
+   */
+  keyId: string;
+
+  /**
+   * @generated from field: policy.KeyStatus key_status = 3;
+   */
+  keyStatus: KeyStatus;
+
+  /**
+   * Specifies how the key is managed (local or remote)
+   *
+   * @generated from field: policy.KeyMode key_mode = 4;
+   */
+  keyMode: KeyMode;
+
+  /**
+   * Specific structure based on key provider implementation
+   *
+   * @generated from field: bytes key_ctx = 5;
+   */
+  keyCtx: Uint8Array;
+
+  /**
+   * Configuration for the key provider
+   *
+   * @generated from field: policy.KeyProviderConfig provider_config = 6;
+   */
+  providerConfig?: KeyProviderConfig;
+
+  /**
+   * Common metadata fields
+   *
+   * @generated from field: common.Metadata metadata = 100;
+   */
+  metadata?: Metadata;
+};
+
+/**
+ * Describes the message policy.SymmetricKey.
+ * Use `create(SymmetricKeySchema)` to create a new message.
+ */
+export const SymmetricKeySchema: GenMessage<SymmetricKey> = /*@__PURE__*/
+  messageDesc(file_policy_objects, 22);
+
+/**
+ * @generated from enum policy.AttributeRuleTypeEnum
+ */
+export enum AttributeRuleTypeEnum {
+  /**
+   * @generated from enum value: ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * @generated from enum value: ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF = 1;
+   */
+  ALL_OF = 1,
+
+  /**
+   * @generated from enum value: ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF = 2;
+   */
+  ANY_OF = 2,
+
+  /**
+   * @generated from enum value: ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY = 3;
+   */
+  HIERARCHY = 3,
+}
+
+/**
+ * Describes the enum policy.AttributeRuleTypeEnum.
+ */
+export const AttributeRuleTypeEnumSchema: GenEnum<AttributeRuleTypeEnum> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 0);
+
+/**
+ * @generated from enum policy.SubjectMappingOperatorEnum
+ */
+export enum SubjectMappingOperatorEnum {
+  /**
+   * @generated from enum value: SUBJECT_MAPPING_OPERATOR_ENUM_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * operator that returns true if a value in a list matches the string
+   *
+   * @generated from enum value: SUBJECT_MAPPING_OPERATOR_ENUM_IN = 1;
+   */
+  IN = 1,
+
+  /**
+   * operator that returns true if a value is not in a list that is matched by
+   * string
+   *
+   * @generated from enum value: SUBJECT_MAPPING_OPERATOR_ENUM_NOT_IN = 2;
+   */
+  NOT_IN = 2,
+
+  /**
+   * operator that returns true if a value in a list contains the substring
+   *
+   * @generated from enum value: SUBJECT_MAPPING_OPERATOR_ENUM_IN_CONTAINS = 3;
+   */
+  IN_CONTAINS = 3,
+}
+
+/**
+ * Describes the enum policy.SubjectMappingOperatorEnum.
+ */
+export const SubjectMappingOperatorEnumSchema: GenEnum<SubjectMappingOperatorEnum> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 1);
+
+/**
+ * @generated from enum policy.ConditionBooleanTypeEnum
+ */
+export enum ConditionBooleanTypeEnum {
+  /**
+   * @generated from enum value: CONDITION_BOOLEAN_TYPE_ENUM_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * @generated from enum value: CONDITION_BOOLEAN_TYPE_ENUM_AND = 1;
+   */
+  AND = 1,
+
+  /**
+   * @generated from enum value: CONDITION_BOOLEAN_TYPE_ENUM_OR = 2;
+   */
+  OR = 2,
+}
+
+/**
+ * Describes the enum policy.ConditionBooleanTypeEnum.
+ */
+export const ConditionBooleanTypeEnumSchema: GenEnum<ConditionBooleanTypeEnum> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 2);
+
+/**
+ * Describes whether this kas is managed by the organization or if they imported
+ * the kas information from an external party. These two modes are necessary in order
+ * to encrypt a tdf dek with an external parties kas public key.
+ *
+ * @generated from enum policy.SourceType
+ */
+export enum SourceType {
+  /**
+   * @generated from enum value: SOURCE_TYPE_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * The kas is managed by the organization.
+   *
+   * @generated from enum value: SOURCE_TYPE_INTERNAL = 1;
+   */
+  INTERNAL = 1,
+
+  /**
+   * The kas is managed by an external party.
+   *
+   * @generated from enum value: SOURCE_TYPE_EXTERNAL = 2;
+   */
+  EXTERNAL = 2,
+}
+
+/**
+ * Describes the enum policy.SourceType.
+ */
+export const SourceTypeSchema: GenEnum<SourceType> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 3);
+
+/**
+ * @generated from enum policy.KasPublicKeyAlgEnum
+ */
+export enum KasPublicKeyAlgEnum {
+  /**
+   * @generated from enum value: KAS_PUBLIC_KEY_ALG_ENUM_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * @generated from enum value: KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048 = 1;
+   */
+  RSA_2048 = 1,
+
+  /**
+   * @generated from enum value: KAS_PUBLIC_KEY_ALG_ENUM_RSA_4096 = 2;
+   */
+  RSA_4096 = 2,
+
+  /**
+   * @generated from enum value: KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP256R1 = 5;
+   */
+  EC_SECP256R1 = 5,
+
+  /**
+   * @generated from enum value: KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP384R1 = 6;
+   */
+  EC_SECP384R1 = 6,
+
+  /**
+   * @generated from enum value: KAS_PUBLIC_KEY_ALG_ENUM_EC_SECP521R1 = 7;
+   */
+  EC_SECP521R1 = 7,
+}
+
+/**
+ * Describes the enum policy.KasPublicKeyAlgEnum.
+ */
+export const KasPublicKeyAlgEnumSchema: GenEnum<KasPublicKeyAlgEnum> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 4);
+
+/**
+ * Supported key algorithms.
+ *
+ * @generated from enum policy.Algorithm
+ */
+export enum Algorithm {
+  /**
+   * @generated from enum value: ALGORITHM_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * @generated from enum value: ALGORITHM_RSA_2048 = 1;
+   */
+  RSA_2048 = 1,
+
+  /**
+   * @generated from enum value: ALGORITHM_RSA_4096 = 2;
+   */
+  RSA_4096 = 2,
+
+  /**
+   * @generated from enum value: ALGORITHM_EC_P256 = 3;
+   */
+  EC_P256 = 3,
+
+  /**
+   * @generated from enum value: ALGORITHM_EC_P384 = 4;
+   */
+  EC_P384 = 4,
+
+  /**
+   * @generated from enum value: ALGORITHM_EC_P521 = 5;
+   */
+  EC_P521 = 5,
+}
+
+/**
+ * Describes the enum policy.Algorithm.
+ */
+export const AlgorithmSchema: GenEnum<Algorithm> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 5);
+
+/**
+ * The status of the key
+ *
+ * @generated from enum policy.KeyStatus
+ */
+export enum KeyStatus {
+  /**
+   * @generated from enum value: KEY_STATUS_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * @generated from enum value: KEY_STATUS_ACTIVE = 1;
+   */
+  ACTIVE = 1,
+
+  /**
+   * @generated from enum value: KEY_STATUS_INACTIVE = 2;
+   */
+  INACTIVE = 2,
+
+  /**
+   * @generated from enum value: KEY_STATUS_COMPROMISED = 3;
+   */
+  COMPROMISED = 3,
+}
+
+/**
+ * Describes the enum policy.KeyStatus.
+ */
+export const KeyStatusSchema: GenEnum<KeyStatus> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 6);
+
+/**
+ * Describe how the kas private key is managed.
+ * If the key mode is LOCAL, then the kas private key is stored in the database.
+ * This could be encrypted or unencrypted.
+ * Remote means that the kas private key is stored in a remote key system like KMS or HSM
+ * and all operations are done by the remote key system.
+ *
+ * @generated from enum policy.KeyMode
+ */
+export enum KeyMode {
+  /**
+   * @generated from enum value: KEY_MODE_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * @generated from enum value: KEY_MODE_LOCAL = 1;
+   */
+  LOCAL = 1,
+
+  /**
+   * @generated from enum value: KEY_MODE_REMOTE = 2;
+   */
+  REMOTE = 2,
+}
+
+/**
+ * Describes the enum policy.KeyMode.
+ */
+export const KeyModeSchema: GenEnum<KeyMode> = /*@__PURE__*/
+  enumDesc(file_policy_objects, 7);
+