@valkey/valkey-glide 2.1.2 → 2.2.0-rc2

package/build-ts/BaseClient.d.ts

@@ -112,8 +112,27 @@ export type ReturnTypeXinfoStream = Record<string, StreamEntries | Record<string
  * See {@link ReturnTypeXinfoStream}.
  */
 export type StreamEntries = GlideString | number | (GlideString | number | GlideString[])[][];
+/** Represents the types of services that can be used for IAM authentication. */
+export declare enum ServiceType {
+    Elasticache = "Elasticache",
+    MemoryDB = "MemoryDB"
+}
+/** Configuration settings for IAM authentication. */
+export interface IamAuthConfig {
+    /** The name of the ElastiCache/MemoryDB cluster. */
+    clusterName: string;
+    /** The type of service being used (ElastiCache or MemoryDB). */
+    service: ServiceType;
+    /** The AWS region where the ElastiCache/MemoryDB cluster is located. */
+    region: string;
+    /**
+     * Optional refresh interval in seconds for renewing IAM authentication tokens.
+     * If not provided, defaults to 300 seconds (5 min).
+     */
+    refreshIntervalSeconds?: number;
+}
 /** Represents the credentials for connecting to a server. */
-export interface ServerCredentials {
+export type ServerCredentials = {
     /**
      * The username that will be used for authenticating connections to the Valkey servers.
      * If not supplied, "default" will be used.
@@ -121,9 +140,18 @@ export interface ServerCredentials {
     username?: string;
     /**
      * The password that will be used for authenticating connections to the Valkey servers.
+     * (mutually exclusive with iamConfig).
      */
     password: string;
-}
+} | {
+    /** Username is REQUIRED for IAM (Valkey AUTH <username> <token>). */
+    username: string;
+    /**
+     * IAM config (mutually exclusive with password).
+     * The client will automatically generate and refresh the authentication token based on the provided configuration.
+     */
+    iamConfig: IamAuthConfig;
+};
 /** Represents the client's read from strategy. */
 export type ReadFrom = 
 /** Always get from primary, in order to get the freshest data.*/
@@ -453,6 +481,17 @@ export interface AdvancedBaseClientConfiguration {
          * - Default: false (verification is enforced).
          */
         insecure?: boolean;
+        /**
+         * Custom root certificate data for TLS connections.
+         *
+         * - When provided, these certificates will be used instead of the system's default trust store.
+         *   If not provided, the system's default certificate trust store will be used.
+         *
+         * - The certificate data should be in PEM format as a string or Buffer.
+         *
+         * - This is useful when connecting to servers with self-signed certificates or custom certificate authorities.
+         */
+        rootCertificates?: string | Buffer;
     };
 }
 /**
@@ -505,6 +544,7 @@ export declare class BaseClient {
     private writeBufferedRequestsToSocket;
     protected ensureClientIsOpen(): void;
     protected createUpdateConnectionPasswordPromise(command: command_request.UpdateConnectionPassword): Promise<GlideString>;
+    protected createRefreshIamTokenPromise(command: command_request.RefreshIamToken): Promise<GlideString>;
     protected createScriptInvocationPromise<T = GlideString>(command: command_request.ScriptInvocation, options?: {
         keys?: GlideString[];
         args?: GlideString[];
@@ -6380,6 +6420,19 @@ export declare class BaseClient {
      * ```
      */
     updateConnectionPassword(password: string | null, immediateAuth?: boolean): Promise<GlideString>;
+    /**
+     * Manually refresh the IAM token for the current connection.
+     *
+     * This method is only available if the client was created with IAM authentication.
+     * It triggers an immediate refresh of the IAM token and updates the connection.
+     *
+     * @throws ConfigurationError if the client is not using IAM authentication.
+     * @example
+     * ```typescript
+     * await client.refreshToken();
+     * ```
+     */
+    refreshIamToken(): Promise<GlideString>;
     /**
      * Return a statistics
      *

package/build-ts/BaseClient.js

@@ -39,7 +39,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.BaseClient = exports.ObjectType = exports.Decoder = exports.ProtocolVersion = void 0;
+exports.BaseClient = exports.ObjectType = exports.ServiceType = exports.Decoder = exports.ProtocolVersion = void 0;
 exports.convertGlideRecord = convertGlideRecord;
 exports.convertGlideRecordToRecord = convertGlideRecordToRecord;
 exports.isGlideRecord = isGlideRecord;
@@ -159,6 +159,12 @@ class PointerResponse {
         this.low = low;
     }
 }
+/** Represents the types of services that can be used for IAM authentication. */
+var ServiceType;
+(function (ServiceType) {
+    ServiceType["Elasticache"] = "Elasticache";
+    ServiceType["MemoryDB"] = "MemoryDB";
+})(ServiceType || (exports.ServiceType = ServiceType = {}));
 /**
  * Enum of Valkey data types
  * `STRING`
@@ -513,6 +519,19 @@ class BaseClient {
             });
         });
     }
+    createRefreshIamTokenPromise(command) {
+        this.ensureClientIsOpen();
+        return new Promise((resolve, reject) => {
+            const callbackIdx = this.getCallbackIndex();
+            this.promiseCallbackFunctions[callbackIdx] = [resolve, reject];
+            this.writeOrBufferRequest(new ProtobufMessage_1.command_request.CommandRequest({
+                callbackIdx,
+                refreshIamToken: command,
+            }), (message, writer) => {
+                ProtobufMessage_1.command_request.CommandRequest.encodeDelimited(message, writer);
+            });
+        });
+    }
     createScriptInvocationPromise(command, options = {}) {
         this.ensureClientIsOpen();
         return new Promise((resolve, reject) => {
@@ -6942,13 +6961,42 @@ class BaseClient {
         const readFrom = options.readFrom
             ? this.MAP_READ_FROM_STRATEGY[options.readFrom]
             : ProtobufMessage_1.connection_request.ReadFrom.Primary;
-        const authenticationInfo = options.credentials !== undefined &&
-            "password" in options.credentials
-            ? {
-                password: options.credentials.password,
-                username: options.credentials.username,
+        const creds = options.credentials;
+        // Build a protobuf AuthenticationInfo
+        let authenticationInfo;
+        if (creds) {
+            if ("iamConfig" in creds) {
+                if (!creds.username) {
+                    throw new _1.ConfigurationError("IAM authentication requires a username.");
+                }
+                const iamCredentials = ProtobufMessage_1.connection_request.IamCredentials.create({
+                    clusterName: creds.iamConfig.clusterName,
+                    region: creds.iamConfig.region,
+                    serviceType: creds.iamConfig.service === ServiceType.Elasticache
+                        ? ProtobufMessage_1.connection_request.ServiceType.ELASTICACHE
+                        : ProtobufMessage_1.connection_request.ServiceType.MEMORYDB,
+                    // leave undefined if not provided (optional field)
+                    refreshIntervalSeconds: creds.iamConfig.refreshIntervalSeconds,
+                });
+                authenticationInfo =
+                    ProtobufMessage_1.connection_request.AuthenticationInfo.create({
+                        username: creds.username, // REQUIRED for IAM
+                        iamCredentials,
+                        // do NOT set password in IAM mode
+                    });
+            }
+            else if ("password" in creds) {
+                // Password branch
+                authenticationInfo =
+                    ProtobufMessage_1.connection_request.AuthenticationInfo.create({
+                        username: creds.username ?? "", // optional
+                        password: creds.password ?? "", // empty means “no password”
+                    });
             }
-            : undefined;
+            else {
+                authenticationInfo = undefined;
+            }
+        }
         const protocol = options.protocol;
         // Validate that clientAz is set when using AZ affinity strategies
         if ((options.readFrom === "AZAffinity" ||
@@ -6982,12 +7030,21 @@ class BaseClient {
             options.connectionTimeout ??
                 _1.DEFAULT_CONNECTION_TIMEOUT_IN_MILLISECONDS;
         // Apply TLS configuration if present
-        if (options.tlsAdvancedConfiguration?.insecure) {
-            if (request.tlsMode === ProtobufMessage_1.connection_request.TlsMode.SecureTls) {
+        if (options.tlsAdvancedConfiguration) {
+            // request.tlsMode is either SecureTls or InsecureTls here
+            if (request.tlsMode === ProtobufMessage_1.connection_request.TlsMode.NoTls) {
+                throw new _1.ConfigurationError("TLS advanced configuration cannot be set when useTLS is disabled.");
+            }
+            // If options.tlsAdvancedConfiguration.insecure is true then use InsecureTls mode
+            if (options.tlsAdvancedConfiguration.insecure) {
                 request.tlsMode = ProtobufMessage_1.connection_request.TlsMode.InsecureTls;
             }
-            else if (request.tlsMode === ProtobufMessage_1.connection_request.TlsMode.NoTls) {
-                throw new _1.ConfigurationError("InsecureTls cannot be enabled when useTLS is disabled.");
+            if (options.tlsAdvancedConfiguration.rootCertificates) {
+                const certData = typeof options.tlsAdvancedConfiguration.rootCertificates ===
+                    "string"
+                    ? Buffer.from(options.tlsAdvancedConfiguration.rootCertificates, "utf-8")
+                    : options.tlsAdvancedConfiguration.rootCertificates;
+                request.rootCerts = [new Uint8Array(certData)];
             }
         }
     }
@@ -7029,8 +7086,10 @@ class BaseClient {
      */
     static async __createClientInternal(options, connectedSocket, constructor) {
         const connection = constructor(connectedSocket, options);
+        const connectStart = Date.now();
         await connection.connectToServer(options);
-        _1.Logger.log("info", "Client lifetime", "connected to server");
+        const connectTime = Date.now() - connectStart;
+        _1.Logger.log("info", "Client lifetime", `connected to server in ${connectTime}ms`);
         return connection;
     }
     /**
@@ -7049,10 +7108,17 @@ class BaseClient {
      * @internal
      */
     static async createClientInternal(options, constructor) {
+        const overallStart = Date.now();
         const path = await (0, _1.StartSocketConnection)();
+        const socketStart = Date.now();
         const socket = await this.GetSocket(path);
+        const socketTime = Date.now() - socketStart;
+        _1.Logger.log("info", "Client lifetime", `socket connection established in ${socketTime}ms`);
         try {
-            return await this.__createClientInternal(options, socket, constructor);
+            const client = await this.__createClientInternal(options, socket, constructor);
+            const totalTime = Date.now() - overallStart;
+            _1.Logger.log("info", "Client lifetime", `total client creation time: ${totalTime}ms`);
+            return client;
         }
         catch (err) {
             // Ensure socket is closed
@@ -7081,6 +7147,12 @@ class BaseClient {
      * ```
      */
     async updateConnectionPassword(password, immediateAuth = false) {
+        // If we’re on IAM, forbid password updates to avoid confusion.
+        const creds = this.config?.credentials;
+        const usingIam = !!creds && "iamConfig" in creds;
+        if (usingIam) {
+            throw new _1.ConfigurationError("updateConnectionPassword is not supported when IAM authentication is enabled.");
+        }
         const updateConnectionPassword = ProtobufMessage_1.command_request.UpdateConnectionPassword.create({
             password,
             immediateAuth,
@@ -7097,6 +7169,27 @@ class BaseClient {
         }
         return response;
     }
+    /**
+     * Manually refresh the IAM token for the current connection.
+     *
+     * This method is only available if the client was created with IAM authentication.
+     * It triggers an immediate refresh of the IAM token and updates the connection.
+     *
+     * @throws ConfigurationError if the client is not using IAM authentication.
+     * @example
+     * ```typescript
+     * await client.refreshToken();
+     * ```
+     */
+    async refreshIamToken() {
+        if (!this.config?.credentials ||
+            !("iamConfig" in this.config.credentials)) {
+            throw new _1.ConfigurationError("refreshIamToken is only available when IAM authentication is enabled.");
+        }
+        const refresh = ProtobufMessage_1.command_request.RefreshIamToken.create({});
+        const response = await this.createRefreshIamTokenPromise(refresh);
+        return response; // "OK"
+    }
     /**
      * Return a statistics
      *

package/build-ts/GlideClusterClient.d.ts

@@ -142,10 +142,22 @@ export type GlideClusterClientConfiguration = BaseClientConfiguration & {
  *   tlsAdvancedConfiguration: {
  *     insecure: true, // Skip TLS certificate verification (use only in development)
  *   },
+ *   refreshTopologyFromInitialNodes: true, // Refresh topology from initial seed nodes
  * };
  * ```
  */
-export type AdvancedGlideClusterClientConfiguration = AdvancedBaseClientConfiguration & {};
+export type AdvancedGlideClusterClientConfiguration = AdvancedBaseClientConfiguration & {
+    /**
+     * Enables refreshing the cluster topology using only the initial nodes.
+     *
+     * When this option is enabled, all topology updates (both the periodic checks and on-demand
+     * refreshes triggered by topology changes) will query only the initial nodes provided when
+     * creating the client, rather than using the internal cluster view.
+     *
+     * If not set, defaults to `false` (uses internal cluster view for topology refresh).
+     */
+    refreshTopologyFromInitialNodes?: boolean;
+};
 /**
  * If the command's routing is to one node we will get T as a response type,
  * otherwise, we will get a dictionary of address: nodeResponse, address is of type string and nodeResponse is of type T.

package/build-ts/GlideClusterClient.js

@@ -80,6 +80,12 @@ class GlideClusterClient extends BaseClient_1.BaseClient {
         this.configurePubsub(options, configuration);
         if (options.advancedConfiguration) {
             this.configureAdvancedConfigurationBase(options.advancedConfiguration, configuration);
+            // Set refresh topology from initial nodes
+            if (options.advancedConfiguration
+                .refreshTopologyFromInitialNodes !== undefined) {
+                configuration.refreshTopologyFromInitialNodes =
+                    options.advancedConfiguration.refreshTopologyFromInitialNodes;
+            }
         }
         return configuration;
     }

package/build-ts/ProtobufMessage.d.ts

@@ -1338,6 +1338,69 @@ export namespace command_request {
         public static getTypeUrl(typeUrlPrefix?: string): string;
     }
 
+    /** Properties of a RefreshIamToken. */
+    interface IRefreshIamToken {
+    }
+
+    /** Represents a RefreshIamToken. */
+    class RefreshIamToken implements IRefreshIamToken {
+
+        /**
+         * Constructs a new RefreshIamToken.
+         * @param [properties] Properties to set
+         */
+        constructor(properties?: command_request.IRefreshIamToken);
+
+        /**
+         * Creates a new RefreshIamToken instance using the specified properties.
+         * @param [properties] Properties to set
+         * @returns RefreshIamToken instance
+         */
+        public static create(properties?: command_request.IRefreshIamToken): command_request.RefreshIamToken;
+
+        /**
+         * Encodes the specified RefreshIamToken message. Does not implicitly {@link command_request.RefreshIamToken.verify|verify} messages.
+         * @param message RefreshIamToken message or plain object to encode
+         * @param [writer] Writer to encode to
+         * @returns Writer
+         */
+        public static encode(message: command_request.IRefreshIamToken, writer?: $protobuf.Writer): $protobuf.Writer;
+
+        /**
+         * Encodes the specified RefreshIamToken message, length delimited. Does not implicitly {@link command_request.RefreshIamToken.verify|verify} messages.
+         * @param message RefreshIamToken message or plain object to encode
+         * @param [writer] Writer to encode to
+         * @returns Writer
+         */
+        public static encodeDelimited(message: command_request.IRefreshIamToken, writer?: $protobuf.Writer): $protobuf.Writer;
+
+        /**
+         * Decodes a RefreshIamToken message from the specified reader or buffer.
+         * @param reader Reader or buffer to decode from
+         * @param [length] Message length if known beforehand
+         * @returns RefreshIamToken
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): command_request.RefreshIamToken;
+
+        /**
+         * Decodes a RefreshIamToken message from the specified reader or buffer, length delimited.
+         * @param reader Reader or buffer to decode from
+         * @returns RefreshIamToken
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): command_request.RefreshIamToken;
+
+        /**
+         * Gets the default type url for RefreshIamToken
+         * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com")
+         * @returns The default type url
+         */
+        public static getTypeUrl(typeUrlPrefix?: string): string;
+    }
+
     /** Properties of a CommandRequest. */
     interface ICommandRequest {
 
@@ -1362,6 +1425,9 @@ export namespace command_request {
         /** CommandRequest updateConnectionPassword */
         updateConnectionPassword?: (command_request.IUpdateConnectionPassword|null);
 
+        /** CommandRequest refreshIamToken */
+        refreshIamToken?: (command_request.IRefreshIamToken|null);
+
         /** CommandRequest route */
         route?: (command_request.IRoutes|null);
 
@@ -1399,6 +1465,9 @@ export namespace command_request {
         /** CommandRequest updateConnectionPassword. */
         public updateConnectionPassword?: (command_request.IUpdateConnectionPassword|null);
 
+        /** CommandRequest refreshIamToken. */
+        public refreshIamToken?: (command_request.IRefreshIamToken|null);
+
         /** CommandRequest route. */
         public route?: (command_request.IRoutes|null);
 
@@ -1406,7 +1475,7 @@ export namespace command_request {
         public rootSpanPtr?: (number|Long|null);
 
         /** CommandRequest command. */
-        public command?: ("singleCommand"|"batch"|"scriptInvocation"|"scriptInvocationPointers"|"clusterScan"|"updateConnectionPassword");
+        public command?: ("singleCommand"|"batch"|"scriptInvocation"|"scriptInvocationPointers"|"clusterScan"|"updateConnectionPassword"|"refreshIamToken");
 
         /** CommandRequest _rootSpanPtr. */
         public _rootSpanPtr?: "rootSpanPtr";
@@ -1564,6 +1633,9 @@ export namespace connection_request {
 
         /** AuthenticationInfo username */
         username?: (string|null);
+
+        /** AuthenticationInfo iamCredentials */
+        iamCredentials?: (connection_request.IIamCredentials|null);
     }
 
     /** Represents an AuthenticationInfo. */
@@ -1581,6 +1653,12 @@ export namespace connection_request {
         /** AuthenticationInfo username. */
         public username: string;
 
+        /** AuthenticationInfo iamCredentials. */
+        public iamCredentials?: (connection_request.IIamCredentials|null);
+
+        /** AuthenticationInfo _iamCredentials. */
+        public _iamCredentials?: "iamCredentials";
+
         /**
          * Creates a new AuthenticationInfo instance using the specified properties.
          * @param [properties] Properties to set
@@ -1631,6 +1709,102 @@ export namespace connection_request {
         public static getTypeUrl(typeUrlPrefix?: string): string;
     }
 
+    /** ServiceType enum. */
+    enum ServiceType {
+        ELASTICACHE = 0,
+        MEMORYDB = 1
+    }
+
+    /** Properties of an IamCredentials. */
+    interface IIamCredentials {
+
+        /** IamCredentials clusterName */
+        clusterName?: (string|null);
+
+        /** IamCredentials region */
+        region?: (string|null);
+
+        /** IamCredentials serviceType */
+        serviceType?: (connection_request.ServiceType|null);
+
+        /** IamCredentials refreshIntervalSeconds */
+        refreshIntervalSeconds?: (number|null);
+    }
+
+    /** Represents an IamCredentials. */
+    class IamCredentials implements IIamCredentials {
+
+        /**
+         * Constructs a new IamCredentials.
+         * @param [properties] Properties to set
+         */
+        constructor(properties?: connection_request.IIamCredentials);
+
+        /** IamCredentials clusterName. */
+        public clusterName: string;
+
+        /** IamCredentials region. */
+        public region: string;
+
+        /** IamCredentials serviceType. */
+        public serviceType: connection_request.ServiceType;
+
+        /** IamCredentials refreshIntervalSeconds. */
+        public refreshIntervalSeconds?: (number|null);
+
+        /** IamCredentials _refreshIntervalSeconds. */
+        public _refreshIntervalSeconds?: "refreshIntervalSeconds";
+
+        /**
+         * Creates a new IamCredentials instance using the specified properties.
+         * @param [properties] Properties to set
+         * @returns IamCredentials instance
+         */
+        public static create(properties?: connection_request.IIamCredentials): connection_request.IamCredentials;
+
+        /**
+         * Encodes the specified IamCredentials message. Does not implicitly {@link connection_request.IamCredentials.verify|verify} messages.
+         * @param message IamCredentials message or plain object to encode
+         * @param [writer] Writer to encode to
+         * @returns Writer
+         */
+        public static encode(message: connection_request.IIamCredentials, writer?: $protobuf.Writer): $protobuf.Writer;
+
+        /**
+         * Encodes the specified IamCredentials message, length delimited. Does not implicitly {@link connection_request.IamCredentials.verify|verify} messages.
+         * @param message IamCredentials message or plain object to encode
+         * @param [writer] Writer to encode to
+         * @returns Writer
+         */
+        public static encodeDelimited(message: connection_request.IIamCredentials, writer?: $protobuf.Writer): $protobuf.Writer;
+
+        /**
+         * Decodes an IamCredentials message from the specified reader or buffer.
+         * @param reader Reader or buffer to decode from
+         * @param [length] Message length if known beforehand
+         * @returns IamCredentials
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): connection_request.IamCredentials;
+
+        /**
+         * Decodes an IamCredentials message from the specified reader or buffer, length delimited.
+         * @param reader Reader or buffer to decode from
+         * @returns IamCredentials
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): connection_request.IamCredentials;
+
+        /**
+         * Gets the default type url for IamCredentials
+         * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com")
+         * @returns The default type url
+         */
+        public static getTypeUrl(typeUrlPrefix?: string): string;
+    }
+
     /** ProtocolVersion enum. */
     enum ProtocolVersion {
         RESP3 = 0,
@@ -1967,6 +2141,15 @@ export namespace connection_request {
 
         /** ConnectionRequest lazyConnect */
         lazyConnect?: (boolean|null);
+
+        /** ConnectionRequest refreshTopologyFromInitialNodes */
+        refreshTopologyFromInitialNodes?: (boolean|null);
+
+        /** ConnectionRequest libName */
+        libName?: (string|null);
+
+        /** ConnectionRequest rootCerts */
+        rootCerts?: (Uint8Array[]|null);
     }
 
     /** Represents a ConnectionRequest. */
@@ -2029,6 +2212,15 @@ export namespace connection_request {
         /** ConnectionRequest lazyConnect. */
         public lazyConnect: boolean;
 
+        /** ConnectionRequest refreshTopologyFromInitialNodes. */
+        public refreshTopologyFromInitialNodes: boolean;
+
+        /** ConnectionRequest libName. */
+        public libName: string;
+
+        /** ConnectionRequest rootCerts. */
+        public rootCerts: Uint8Array[];
+
         /** ConnectionRequest periodicChecks. */
         public periodicChecks?: ("periodicChecksManualInterval"|"periodicChecksDisabled");
 

package/build-ts/ProtobufMessage.js

@@ -2870,6 +2870,131 @@ $root.command_request = (function() {
         return UpdateConnectionPassword;
     })();
 
+    command_request.RefreshIamToken = (function() {
+
+        /**
+         * Properties of a RefreshIamToken.
+         * @memberof command_request
+         * @interface IRefreshIamToken
+         */
+
+        /**
+         * Constructs a new RefreshIamToken.
+         * @memberof command_request
+         * @classdesc Represents a RefreshIamToken.
+         * @implements IRefreshIamToken
+         * @constructor
+         * @param {command_request.IRefreshIamToken=} [properties] Properties to set
+         */
+        function RefreshIamToken(properties) {
+            if (properties)
+                for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i)
+                    if (properties[keys[i]] != null)
+                        this[keys[i]] = properties[keys[i]];
+        }
+
+        /**
+         * Creates a new RefreshIamToken instance using the specified properties.
+         * @function create
+         * @memberof command_request.RefreshIamToken
+         * @static
+         * @param {command_request.IRefreshIamToken=} [properties] Properties to set
+         * @returns {command_request.RefreshIamToken} RefreshIamToken instance
+         */
+        RefreshIamToken.create = function create(properties) {
+            return new RefreshIamToken(properties);
+        };
+
+        /**
+         * Encodes the specified RefreshIamToken message. Does not implicitly {@link command_request.RefreshIamToken.verify|verify} messages.
+         * @function encode
+         * @memberof command_request.RefreshIamToken
+         * @static
+         * @param {command_request.IRefreshIamToken} message RefreshIamToken message or plain object to encode
+         * @param {$protobuf.Writer} [writer] Writer to encode to
+         * @returns {$protobuf.Writer} Writer
+         */
+        RefreshIamToken.encode = function encode(message, writer) {
+            if (!writer)
+                writer = $Writer.create();
+            return writer;
+        };
+
+        /**
+         * Encodes the specified RefreshIamToken message, length delimited. Does not implicitly {@link command_request.RefreshIamToken.verify|verify} messages.
+         * @function encodeDelimited
+         * @memberof command_request.RefreshIamToken
+         * @static
+         * @param {command_request.IRefreshIamToken} message RefreshIamToken message or plain object to encode
+         * @param {$protobuf.Writer} [writer] Writer to encode to
+         * @returns {$protobuf.Writer} Writer
+         */
+        RefreshIamToken.encodeDelimited = function encodeDelimited(message, writer) {
+            return this.encode(message, writer && writer.len ? writer.fork() : writer).ldelim();
+        };
+
+        /**
+         * Decodes a RefreshIamToken message from the specified reader or buffer.
+         * @function decode
+         * @memberof command_request.RefreshIamToken
+         * @static
+         * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+         * @param {number} [length] Message length if known beforehand
+         * @returns {command_request.RefreshIamToken} RefreshIamToken
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        RefreshIamToken.decode = function decode(reader, length, error) {
+            if (!(reader instanceof $Reader))
+                reader = $Reader.create(reader);
+            var end = length === undefined ? reader.len : reader.pos + length, message = new $root.command_request.RefreshIamToken();
+            while (reader.pos < end) {
+                var tag = reader.uint32();
+                if (tag === error)
+                    break;
+                switch (tag >>> 3) {
+                default:
+                    reader.skipType(tag & 7);
+                    break;
+                }
+            }
+            return message;
+        };
+
+        /**
+         * Decodes a RefreshIamToken message from the specified reader or buffer, length delimited.
+         * @function decodeDelimited
+         * @memberof command_request.RefreshIamToken
+         * @static
+         * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+         * @returns {command_request.RefreshIamToken} RefreshIamToken
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        RefreshIamToken.decodeDelimited = function decodeDelimited(reader) {
+            if (!(reader instanceof $Reader))
+                reader = new $Reader(reader);
+            return this.decode(reader, reader.uint32());
+        };
+
+        /**
+         * Gets the default type url for RefreshIamToken
+         * @function getTypeUrl
+         * @memberof command_request.RefreshIamToken
+         * @static
+         * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com")
+         * @returns {string} The default type url
+         */
+        RefreshIamToken.getTypeUrl = function getTypeUrl(typeUrlPrefix) {
+            if (typeUrlPrefix === undefined) {
+                typeUrlPrefix = "type.googleapis.com";
+            }
+            return typeUrlPrefix + "/command_request.RefreshIamToken";
+        };
+
+        return RefreshIamToken;
+    })();
+
     command_request.CommandRequest = (function() {
 
         /**
@@ -2883,6 +3008,7 @@ $root.command_request = (function() {
          * @property {command_request.IScriptInvocationPointers|null} [scriptInvocationPointers] CommandRequest scriptInvocationPointers
          * @property {command_request.IClusterScan|null} [clusterScan] CommandRequest clusterScan
          * @property {command_request.IUpdateConnectionPassword|null} [updateConnectionPassword] CommandRequest updateConnectionPassword
+         * @property {command_request.IRefreshIamToken|null} [refreshIamToken] CommandRequest refreshIamToken
          * @property {command_request.IRoutes|null} [route] CommandRequest route
          * @property {number|Long|null} [rootSpanPtr] CommandRequest rootSpanPtr
          */
@@ -2958,6 +3084,14 @@ $root.command_request = (function() {
          */
         CommandRequest.prototype.updateConnectionPassword = null;
 
+        /**
+         * CommandRequest refreshIamToken.
+         * @member {command_request.IRefreshIamToken|null|undefined} refreshIamToken
+         * @memberof command_request.CommandRequest
+         * @instance
+         */
+        CommandRequest.prototype.refreshIamToken = null;
+
         /**
          * CommandRequest route.
          * @member {command_request.IRoutes|null|undefined} route
@@ -2979,12 +3113,12 @@ $root.command_request = (function() {
 
         /**
          * CommandRequest command.
-         * @member {"singleCommand"|"batch"|"scriptInvocation"|"scriptInvocationPointers"|"clusterScan"|"updateConnectionPassword"|undefined} command
+         * @member {"singleCommand"|"batch"|"scriptInvocation"|"scriptInvocationPointers"|"clusterScan"|"updateConnectionPassword"|"refreshIamToken"|undefined} command
          * @memberof command_request.CommandRequest
          * @instance
          */
         Object.defineProperty(CommandRequest.prototype, "command", {
-            get: $util.oneOfGetter($oneOfFields = ["singleCommand", "batch", "scriptInvocation", "scriptInvocationPointers", "clusterScan", "updateConnectionPassword"]),
+            get: $util.oneOfGetter($oneOfFields = ["singleCommand", "batch", "scriptInvocation", "scriptInvocationPointers", "clusterScan", "updateConnectionPassword", "refreshIamToken"]),
             set: $util.oneOfSetter($oneOfFields)
         });
 
@@ -3037,10 +3171,12 @@ $root.command_request = (function() {
                 $root.command_request.ClusterScan.encode(message.clusterScan, writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim();
             if (message.updateConnectionPassword != null && Object.hasOwnProperty.call(message, "updateConnectionPassword"))
                 $root.command_request.UpdateConnectionPassword.encode(message.updateConnectionPassword, writer.uint32(/* id 7, wireType 2 =*/58).fork()).ldelim();
+            if (message.refreshIamToken != null && Object.hasOwnProperty.call(message, "refreshIamToken"))
+                $root.command_request.RefreshIamToken.encode(message.refreshIamToken, writer.uint32(/* id 8, wireType 2 =*/66).fork()).ldelim();
             if (message.route != null && Object.hasOwnProperty.call(message, "route"))
-                $root.command_request.Routes.encode(message.route, writer.uint32(/* id 8, wireType 2 =*/66).fork()).ldelim();
+                $root.command_request.Routes.encode(message.route, writer.uint32(/* id 9, wireType 2 =*/74).fork()).ldelim();
             if (message.rootSpanPtr != null && Object.hasOwnProperty.call(message, "rootSpanPtr"))
-                writer.uint32(/* id 9, wireType 0 =*/72).uint64(message.rootSpanPtr);
+                writer.uint32(/* id 10, wireType 0 =*/80).uint64(message.rootSpanPtr);
             return writer;
         };
 
@@ -3106,10 +3242,14 @@ $root.command_request = (function() {
                         break;
                     }
                 case 8: {
-                        message.route = $root.command_request.Routes.decode(reader, reader.uint32());
+                        message.refreshIamToken = $root.command_request.RefreshIamToken.decode(reader, reader.uint32());
                         break;
                     }
                 case 9: {
+                        message.route = $root.command_request.Routes.decode(reader, reader.uint32());
+                        break;
+                    }
+                case 10: {
                         message.rootSpanPtr = reader.uint64();
                         break;
                     }
@@ -3366,6 +3506,7 @@ $root.connection_request = (function() {
          * @interface IAuthenticationInfo
          * @property {string|null} [password] AuthenticationInfo password
          * @property {string|null} [username] AuthenticationInfo username
+         * @property {connection_request.IIamCredentials|null} [iamCredentials] AuthenticationInfo iamCredentials
          */
 
         /**
@@ -3399,6 +3540,28 @@ $root.connection_request = (function() {
          */
         AuthenticationInfo.prototype.username = "";
 
+        /**
+         * AuthenticationInfo iamCredentials.
+         * @member {connection_request.IIamCredentials|null|undefined} iamCredentials
+         * @memberof connection_request.AuthenticationInfo
+         * @instance
+         */
+        AuthenticationInfo.prototype.iamCredentials = null;
+
+        // OneOf field names bound to virtual getters and setters
+        var $oneOfFields;
+
+        /**
+         * AuthenticationInfo _iamCredentials.
+         * @member {"iamCredentials"|undefined} _iamCredentials
+         * @memberof connection_request.AuthenticationInfo
+         * @instance
+         */
+        Object.defineProperty(AuthenticationInfo.prototype, "_iamCredentials", {
+            get: $util.oneOfGetter($oneOfFields = ["iamCredentials"]),
+            set: $util.oneOfSetter($oneOfFields)
+        });
+
         /**
          * Creates a new AuthenticationInfo instance using the specified properties.
          * @function create
@@ -3427,6 +3590,8 @@ $root.connection_request = (function() {
                 writer.uint32(/* id 1, wireType 2 =*/10).string(message.password);
             if (message.username != null && Object.hasOwnProperty.call(message, "username"))
                 writer.uint32(/* id 2, wireType 2 =*/18).string(message.username);
+            if (message.iamCredentials != null && Object.hasOwnProperty.call(message, "iamCredentials"))
+                $root.connection_request.IamCredentials.encode(message.iamCredentials, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim();
             return writer;
         };
 
@@ -3471,6 +3636,10 @@ $root.connection_request = (function() {
                         message.username = reader.string();
                         break;
                     }
+                case 3: {
+                        message.iamCredentials = $root.connection_request.IamCredentials.decode(reader, reader.uint32());
+                        break;
+                    }
                 default:
                     reader.skipType(tag & 7);
                     break;
@@ -3513,6 +3682,219 @@ $root.connection_request = (function() {
         return AuthenticationInfo;
     })();
 
+    /**
+     * ServiceType enum.
+     * @name connection_request.ServiceType
+     * @enum {number}
+     * @property {number} ELASTICACHE=0 ELASTICACHE value
+     * @property {number} MEMORYDB=1 MEMORYDB value
+     */
+    connection_request.ServiceType = (function() {
+        var valuesById = {}, values = Object.create(valuesById);
+        values[valuesById[0] = "ELASTICACHE"] = 0;
+        values[valuesById[1] = "MEMORYDB"] = 1;
+        return values;
+    })();
+
+    connection_request.IamCredentials = (function() {
+
+        /**
+         * Properties of an IamCredentials.
+         * @memberof connection_request
+         * @interface IIamCredentials
+         * @property {string|null} [clusterName] IamCredentials clusterName
+         * @property {string|null} [region] IamCredentials region
+         * @property {connection_request.ServiceType|null} [serviceType] IamCredentials serviceType
+         * @property {number|null} [refreshIntervalSeconds] IamCredentials refreshIntervalSeconds
+         */
+
+        /**
+         * Constructs a new IamCredentials.
+         * @memberof connection_request
+         * @classdesc Represents an IamCredentials.
+         * @implements IIamCredentials
+         * @constructor
+         * @param {connection_request.IIamCredentials=} [properties] Properties to set
+         */
+        function IamCredentials(properties) {
+            if (properties)
+                for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i)
+                    if (properties[keys[i]] != null)
+                        this[keys[i]] = properties[keys[i]];
+        }
+
+        /**
+         * IamCredentials clusterName.
+         * @member {string} clusterName
+         * @memberof connection_request.IamCredentials
+         * @instance
+         */
+        IamCredentials.prototype.clusterName = "";
+
+        /**
+         * IamCredentials region.
+         * @member {string} region
+         * @memberof connection_request.IamCredentials
+         * @instance
+         */
+        IamCredentials.prototype.region = "";
+
+        /**
+         * IamCredentials serviceType.
+         * @member {connection_request.ServiceType} serviceType
+         * @memberof connection_request.IamCredentials
+         * @instance
+         */
+        IamCredentials.prototype.serviceType = 0;
+
+        /**
+         * IamCredentials refreshIntervalSeconds.
+         * @member {number|null|undefined} refreshIntervalSeconds
+         * @memberof connection_request.IamCredentials
+         * @instance
+         */
+        IamCredentials.prototype.refreshIntervalSeconds = null;
+
+        // OneOf field names bound to virtual getters and setters
+        var $oneOfFields;
+
+        /**
+         * IamCredentials _refreshIntervalSeconds.
+         * @member {"refreshIntervalSeconds"|undefined} _refreshIntervalSeconds
+         * @memberof connection_request.IamCredentials
+         * @instance
+         */
+        Object.defineProperty(IamCredentials.prototype, "_refreshIntervalSeconds", {
+            get: $util.oneOfGetter($oneOfFields = ["refreshIntervalSeconds"]),
+            set: $util.oneOfSetter($oneOfFields)
+        });
+
+        /**
+         * Creates a new IamCredentials instance using the specified properties.
+         * @function create
+         * @memberof connection_request.IamCredentials
+         * @static
+         * @param {connection_request.IIamCredentials=} [properties] Properties to set
+         * @returns {connection_request.IamCredentials} IamCredentials instance
+         */
+        IamCredentials.create = function create(properties) {
+            return new IamCredentials(properties);
+        };
+
+        /**
+         * Encodes the specified IamCredentials message. Does not implicitly {@link connection_request.IamCredentials.verify|verify} messages.
+         * @function encode
+         * @memberof connection_request.IamCredentials
+         * @static
+         * @param {connection_request.IIamCredentials} message IamCredentials message or plain object to encode
+         * @param {$protobuf.Writer} [writer] Writer to encode to
+         * @returns {$protobuf.Writer} Writer
+         */
+        IamCredentials.encode = function encode(message, writer) {
+            if (!writer)
+                writer = $Writer.create();
+            if (message.clusterName != null && Object.hasOwnProperty.call(message, "clusterName"))
+                writer.uint32(/* id 1, wireType 2 =*/10).string(message.clusterName);
+            if (message.region != null && Object.hasOwnProperty.call(message, "region"))
+                writer.uint32(/* id 2, wireType 2 =*/18).string(message.region);
+            if (message.serviceType != null && Object.hasOwnProperty.call(message, "serviceType"))
+                writer.uint32(/* id 3, wireType 0 =*/24).int32(message.serviceType);
+            if (message.refreshIntervalSeconds != null && Object.hasOwnProperty.call(message, "refreshIntervalSeconds"))
+                writer.uint32(/* id 4, wireType 0 =*/32).uint32(message.refreshIntervalSeconds);
+            return writer;
+        };
+
+        /**
+         * Encodes the specified IamCredentials message, length delimited. Does not implicitly {@link connection_request.IamCredentials.verify|verify} messages.
+         * @function encodeDelimited
+         * @memberof connection_request.IamCredentials
+         * @static
+         * @param {connection_request.IIamCredentials} message IamCredentials message or plain object to encode
+         * @param {$protobuf.Writer} [writer] Writer to encode to
+         * @returns {$protobuf.Writer} Writer
+         */
+        IamCredentials.encodeDelimited = function encodeDelimited(message, writer) {
+            return this.encode(message, writer && writer.len ? writer.fork() : writer).ldelim();
+        };
+
+        /**
+         * Decodes an IamCredentials message from the specified reader or buffer.
+         * @function decode
+         * @memberof connection_request.IamCredentials
+         * @static
+         * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+         * @param {number} [length] Message length if known beforehand
+         * @returns {connection_request.IamCredentials} IamCredentials
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        IamCredentials.decode = function decode(reader, length, error) {
+            if (!(reader instanceof $Reader))
+                reader = $Reader.create(reader);
+            var end = length === undefined ? reader.len : reader.pos + length, message = new $root.connection_request.IamCredentials();
+            while (reader.pos < end) {
+                var tag = reader.uint32();
+                if (tag === error)
+                    break;
+                switch (tag >>> 3) {
+                case 1: {
+                        message.clusterName = reader.string();
+                        break;
+                    }
+                case 2: {
+                        message.region = reader.string();
+                        break;
+                    }
+                case 3: {
+                        message.serviceType = reader.int32();
+                        break;
+                    }
+                case 4: {
+                        message.refreshIntervalSeconds = reader.uint32();
+                        break;
+                    }
+                default:
+                    reader.skipType(tag & 7);
+                    break;
+                }
+            }
+            return message;
+        };
+
+        /**
+         * Decodes an IamCredentials message from the specified reader or buffer, length delimited.
+         * @function decodeDelimited
+         * @memberof connection_request.IamCredentials
+         * @static
+         * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from
+         * @returns {connection_request.IamCredentials} IamCredentials
+         * @throws {Error} If the payload is not a reader or valid buffer
+         * @throws {$protobuf.util.ProtocolError} If required fields are missing
+         */
+        IamCredentials.decodeDelimited = function decodeDelimited(reader) {
+            if (!(reader instanceof $Reader))
+                reader = new $Reader(reader);
+            return this.decode(reader, reader.uint32());
+        };
+
+        /**
+         * Gets the default type url for IamCredentials
+         * @function getTypeUrl
+         * @memberof connection_request.IamCredentials
+         * @static
+         * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com")
+         * @returns {string} The default type url
+         */
+        IamCredentials.getTypeUrl = function getTypeUrl(typeUrlPrefix) {
+            if (typeUrlPrefix === undefined) {
+                typeUrlPrefix = "type.googleapis.com";
+            }
+            return typeUrlPrefix + "/connection_request.IamCredentials";
+        };
+
+        return IamCredentials;
+    })();
+
     /**
      * ProtocolVersion enum.
      * @name connection_request.ProtocolVersion
@@ -4138,6 +4520,9 @@ $root.connection_request = (function() {
          * @property {string|null} [clientAz] ConnectionRequest clientAz
          * @property {number|null} [connectionTimeout] ConnectionRequest connectionTimeout
          * @property {boolean|null} [lazyConnect] ConnectionRequest lazyConnect
+         * @property {boolean|null} [refreshTopologyFromInitialNodes] ConnectionRequest refreshTopologyFromInitialNodes
+         * @property {string|null} [libName] ConnectionRequest libName
+         * @property {Array.<Uint8Array>|null} [rootCerts] ConnectionRequest rootCerts
          */
 
         /**
@@ -4150,6 +4535,7 @@ $root.connection_request = (function() {
          */
         function ConnectionRequest(properties) {
             this.addresses = [];
+            this.rootCerts = [];
             if (properties)
                 for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i)
                     if (properties[keys[i]] != null)
@@ -4292,6 +4678,30 @@ $root.connection_request = (function() {
          */
         ConnectionRequest.prototype.lazyConnect = false;
 
+        /**
+         * ConnectionRequest refreshTopologyFromInitialNodes.
+         * @member {boolean} refreshTopologyFromInitialNodes
+         * @memberof connection_request.ConnectionRequest
+         * @instance
+         */
+        ConnectionRequest.prototype.refreshTopologyFromInitialNodes = false;
+
+        /**
+         * ConnectionRequest libName.
+         * @member {string} libName
+         * @memberof connection_request.ConnectionRequest
+         * @instance
+         */
+        ConnectionRequest.prototype.libName = "";
+
+        /**
+         * ConnectionRequest rootCerts.
+         * @member {Array.<Uint8Array>} rootCerts
+         * @memberof connection_request.ConnectionRequest
+         * @instance
+         */
+        ConnectionRequest.prototype.rootCerts = $util.emptyArray;
+
         // OneOf field names bound to virtual getters and setters
         var $oneOfFields;
 
@@ -4365,6 +4775,13 @@ $root.connection_request = (function() {
                 writer.uint32(/* id 16, wireType 0 =*/128).uint32(message.connectionTimeout);
             if (message.lazyConnect != null && Object.hasOwnProperty.call(message, "lazyConnect"))
                 writer.uint32(/* id 17, wireType 0 =*/136).bool(message.lazyConnect);
+            if (message.refreshTopologyFromInitialNodes != null && Object.hasOwnProperty.call(message, "refreshTopologyFromInitialNodes"))
+                writer.uint32(/* id 18, wireType 0 =*/144).bool(message.refreshTopologyFromInitialNodes);
+            if (message.libName != null && Object.hasOwnProperty.call(message, "libName"))
+                writer.uint32(/* id 19, wireType 2 =*/154).string(message.libName);
+            if (message.rootCerts != null && message.rootCerts.length)
+                for (var i = 0; i < message.rootCerts.length; ++i)
+                    writer.uint32(/* id 20, wireType 2 =*/162).bytes(message.rootCerts[i]);
             return writer;
         };
 
@@ -4471,6 +4888,20 @@ $root.connection_request = (function() {
                         message.lazyConnect = reader.bool();
                         break;
                     }
+                case 18: {
+                        message.refreshTopologyFromInitialNodes = reader.bool();
+                        break;
+                    }
+                case 19: {
+                        message.libName = reader.string();
+                        break;
+                    }
+                case 20: {
+                        if (!(message.rootCerts && message.rootCerts.length))
+                            message.rootCerts = [];
+                        message.rootCerts.push(reader.bytes());
+                        break;
+                    }
                 default:
                     reader.skipType(tag & 7);
                     break;

package/package.json

@@ -4,7 +4,7 @@
   "main": "build-ts/index.js",
   "module": "build-ts/index.js",
   "types": "build-ts/index.d.ts",
-  "version": "2.1.2",
+  "version": "2.2.0-rc2",
   "exports": {
     ".": {
       "import": {
@@ -89,7 +89,7 @@
     "@types/jest": "29",
     "@types/minimist": "1",
     "@types/semver": "7",
-    "@types/uuid": "10",
+    "@types/uuid": "11",
     "find-free-port": "2",
     "lint-staged": "16",
     "jest": "29",
@@ -134,11 +134,11 @@
     }
   },
   "optionalDependencies": {
-    "@valkey/valkey-glide-darwin-x64": "2.1.2",
-    "@valkey/valkey-glide-darwin-arm64": "2.1.2",
-    "@valkey/valkey-glide-linux-x64-gnu": "2.1.2",
-    "@valkey/valkey-glide-linux-arm64-gnu": "2.1.2",
-    "@valkey/valkey-glide-linux-x64-musl": "2.1.2",
-    "@valkey/valkey-glide-linux-arm64-musl": "2.1.2"
+    "@valkey/valkey-glide-darwin-x64": "2.2.0-rc2",
+    "@valkey/valkey-glide-darwin-arm64": "2.2.0-rc2",
+    "@valkey/valkey-glide-linux-x64-gnu": "2.2.0-rc2",
+    "@valkey/valkey-glide-linux-arm64-gnu": "2.2.0-rc2",
+    "@valkey/valkey-glide-linux-x64-musl": "2.2.0-rc2",
+    "@valkey/valkey-glide-linux-arm64-musl": "2.2.0-rc2"
   }
 }