diff --git a/google-cloud-network-security/pom.xml b/google-cloud-network-security/pom.xml
index cc6852d4..8ca6b5cb 100644
--- a/google-cloud-network-security/pom.xml
+++ b/google-cloud-network-security/pom.xml
@@ -37,10 +37,22 @@
       <groupId>com.google.protobuf</groupId>
       <artifactId>protobuf-java</artifactId>
     </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>grpc-google-common-protos</artifactId>
+    </dependency>
     <dependency>
       <groupId>com.google.api.grpc</groupId>
       <artifactId>proto-google-common-protos</artifactId>
     </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-iam-v1</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>grpc-google-iam-v1</artifactId>
+    </dependency>
 
     <dependency>
       <groupId>com.google.api.grpc</groupId>
@@ -62,6 +74,10 @@
       <groupId>com.google.api</groupId>
       <artifactId>gax-grpc</artifactId>
     </dependency>
+    <dependency>
+      <groupId>com.google.api</groupId>
+      <artifactId>gax-httpjson</artifactId>
+    </dependency>
     <dependency>
       <groupId>org.threeten</groupId>
       <artifactId>threetenbp</artifactId>
@@ -86,12 +102,24 @@
       <scope>test</scope>
     </dependency>
     <!-- Need testing utility classes for generated gRPC clients tests -->
+    <dependency>
+      <groupId>com.google.api</groupId>
+      <artifactId>gax</artifactId>
+      <classifier>testlib</classifier>
+      <scope>test</scope>
+    </dependency>
     <dependency>
       <groupId>com.google.api</groupId>
       <artifactId>gax-grpc</artifactId>
       <classifier>testlib</classifier>
       <scope>test</scope>
     </dependency>
+    <dependency>
+    <groupId>com.google.api</groupId>
+      <artifactId>gax-httpjson</artifactId>
+      <classifier>testlib</classifier>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 
   <profiles>
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClient.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClient.java
index 07ac0804..cf60672e 100644
--- a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClient.java
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClient.java
@@ -20,6 +20,7 @@
 import com.google.api.core.ApiFutures;
 import com.google.api.core.BetaApi;
 import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.httpjson.longrunning.OperationsClient;
 import com.google.api.gax.longrunning.OperationFuture;
 import com.google.api.gax.paging.AbstractFixedSizeCollection;
 import com.google.api.gax.paging.AbstractPage;
@@ -27,11 +28,19 @@
 import com.google.api.gax.rpc.OperationCallable;
 import com.google.api.gax.rpc.PageContext;
 import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
 import com.google.cloud.networksecurity.v1beta1.stub.NetworkSecurityStub;
 import com.google.cloud.networksecurity.v1beta1.stub.NetworkSecurityStubSettings;
 import com.google.common.util.concurrent.MoreExecutors;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
 import com.google.longrunning.Operation;
-import com.google.longrunning.OperationsClient;
 import com.google.protobuf.Empty;
 import com.google.protobuf.FieldMask;
 import java.io.IOException;
@@ -108,6 +117,21 @@
  *     NetworkSecurityClient.create(networkSecuritySettings);
  * }</pre>
  *
+ * <p>To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over
+ * the wire:
+ *
+ * <pre>{@code
+ * // This snippet has been automatically generated for illustrative purposes only.
+ * // It may require modifications to work in your environment.
+ * NetworkSecuritySettings networkSecuritySettings =
+ *     NetworkSecuritySettings.newBuilder()
+ *         .setTransportChannelProvider(
+ *             NetworkSecuritySettings.defaultHttpJsonTransportProviderBuilder().build())
+ *         .build();
+ * NetworkSecurityClient networkSecurityClient =
+ *     NetworkSecurityClient.create(networkSecuritySettings);
+ * }</pre>
+ *
  * <p>Please refer to the GitHub repository's samples for more quickstart code snippets.
  */
 @BetaApi
@@ -115,7 +139,8 @@
 public class NetworkSecurityClient implements BackgroundResource {
   private final NetworkSecuritySettings settings;
   private final NetworkSecurityStub stub;
-  private final OperationsClient operationsClient;
+  private final OperationsClient httpJsonOperationsClient;
+  private final com.google.longrunning.OperationsClient operationsClient;
 
   /** Constructs an instance of NetworkSecurityClient with default settings. */
   public static final NetworkSecurityClient create() throws IOException {
@@ -147,13 +172,17 @@ public static final NetworkSecurityClient create(NetworkSecurityStub stub) {
   protected NetworkSecurityClient(NetworkSecuritySettings settings) throws IOException {
     this.settings = settings;
     this.stub = ((NetworkSecurityStubSettings) settings.getStubSettings()).createStub();
-    this.operationsClient = OperationsClient.create(this.stub.getOperationsStub());
+    this.operationsClient =
+        com.google.longrunning.OperationsClient.create(this.stub.getOperationsStub());
+    this.httpJsonOperationsClient = OperationsClient.create(this.stub.getHttpJsonOperationsStub());
   }
 
   protected NetworkSecurityClient(NetworkSecurityStub stub) {
     this.settings = null;
     this.stub = stub;
-    this.operationsClient = OperationsClient.create(this.stub.getOperationsStub());
+    this.operationsClient =
+        com.google.longrunning.OperationsClient.create(this.stub.getOperationsStub());
+    this.httpJsonOperationsClient = OperationsClient.create(this.stub.getHttpJsonOperationsStub());
   }
 
   public final NetworkSecuritySettings getSettings() {
@@ -168,10 +197,19 @@ public NetworkSecurityStub getStub() {
    * Returns the OperationsClient that can be used to query the status of a long-running operation
    * returned by another API method call.
    */
-  public final OperationsClient getOperationsClient() {
+  public final com.google.longrunning.OperationsClient getOperationsClient() {
     return operationsClient;
   }
 
+  /**
+   * Returns the OperationsClient that can be used to query the status of a long-running operation
+   * returned by another API method call.
+   */
+  @BetaApi
+  public final OperationsClient getHttpJsonOperationsClient() {
+    return httpJsonOperationsClient;
+  }
+
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
    * Lists AuthorizationPolicies in a given project and location.
@@ -450,8 +488,7 @@ public final AuthorizationPolicy getAuthorizationPolicy(GetAuthorizationPolicyRe
    * // This snippet has been automatically generated for illustrative purposes only.
    * // It may require modifications to work in your environment.
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-   *   AuthorizationPolicyName parent =
-   *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
    *   AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
    *   String authorizationPolicyId = "authorizationPolicyId1314252166";
    *   AuthorizationPolicy response =
@@ -471,7 +508,7 @@ public final AuthorizationPolicy getAuthorizationPolicy(GetAuthorizationPolicyRe
    */
   public final OperationFuture<AuthorizationPolicy, OperationMetadata>
       createAuthorizationPolicyAsync(
-          AuthorizationPolicyName parent,
+          LocationName parent,
           AuthorizationPolicy authorizationPolicy,
           String authorizationPolicyId) {
     CreateAuthorizationPolicyRequest request =
@@ -493,9 +530,7 @@ public final AuthorizationPolicy getAuthorizationPolicy(GetAuthorizationPolicyRe
    * // This snippet has been automatically generated for illustrative purposes only.
    * // It may require modifications to work in your environment.
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-   *   String parent =
-   *       AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-   *           .toString();
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
    *   AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
    *   String authorizationPolicyId = "authorizationPolicyId1314252166";
    *   AuthorizationPolicy response =
@@ -537,9 +572,7 @@ public final AuthorizationPolicy getAuthorizationPolicy(GetAuthorizationPolicyRe
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateAuthorizationPolicyRequest request =
    *       CreateAuthorizationPolicyRequest.newBuilder()
-   *           .setParent(
-   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setAuthorizationPolicyId("authorizationPolicyId1314252166")
    *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
    *           .build();
@@ -568,9 +601,7 @@ public final AuthorizationPolicy getAuthorizationPolicy(GetAuthorizationPolicyRe
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateAuthorizationPolicyRequest request =
    *       CreateAuthorizationPolicyRequest.newBuilder()
-   *           .setParent(
-   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setAuthorizationPolicyId("authorizationPolicyId1314252166")
    *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
    *           .build();
@@ -599,9 +630,7 @@ public final AuthorizationPolicy getAuthorizationPolicy(GetAuthorizationPolicyRe
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateAuthorizationPolicyRequest request =
    *       CreateAuthorizationPolicyRequest.newBuilder()
-   *           .setParent(
-   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setAuthorizationPolicyId("authorizationPolicyId1314252166")
    *           .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
    *           .build();
@@ -1153,8 +1182,7 @@ public final ServerTlsPolicy getServerTlsPolicy(GetServerTlsPolicyRequest reques
    * // This snippet has been automatically generated for illustrative purposes only.
    * // It may require modifications to work in your environment.
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-   *   ServerTlsPolicyName parent =
-   *       ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
    *   ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
    *   String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
    *   ServerTlsPolicy response =
@@ -1173,7 +1201,7 @@ public final ServerTlsPolicy getServerTlsPolicy(GetServerTlsPolicyRequest reques
    * @throws com.google.api.gax.rpc.ApiException if the remote call fails
    */
   public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTlsPolicyAsync(
-      ServerTlsPolicyName parent, ServerTlsPolicy serverTlsPolicy, String serverTlsPolicyId) {
+      LocationName parent, ServerTlsPolicy serverTlsPolicy, String serverTlsPolicyId) {
     CreateServerTlsPolicyRequest request =
         CreateServerTlsPolicyRequest.newBuilder()
             .setParent(parent == null ? null : parent.toString())
@@ -1193,8 +1221,7 @@ public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTls
    * // This snippet has been automatically generated for illustrative purposes only.
    * // It may require modifications to work in your environment.
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-   *   String parent =
-   *       ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString();
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
    *   ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
    *   String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
    *   ServerTlsPolicy response =
@@ -1235,9 +1262,7 @@ public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTls
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateServerTlsPolicyRequest request =
    *       CreateServerTlsPolicyRequest.newBuilder()
-   *           .setParent(
-   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
    *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
    *           .build();
@@ -1265,9 +1290,7 @@ public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTls
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateServerTlsPolicyRequest request =
    *       CreateServerTlsPolicyRequest.newBuilder()
-   *           .setParent(
-   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
    *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
    *           .build();
@@ -1295,9 +1318,7 @@ public final OperationFuture<ServerTlsPolicy, OperationMetadata> createServerTls
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateServerTlsPolicyRequest request =
    *       CreateServerTlsPolicyRequest.newBuilder()
-   *           .setParent(
-   *               ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
    *           .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
    *           .build();
@@ -1842,8 +1863,7 @@ public final ClientTlsPolicy getClientTlsPolicy(GetClientTlsPolicyRequest reques
    * // This snippet has been automatically generated for illustrative purposes only.
    * // It may require modifications to work in your environment.
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-   *   ClientTlsPolicyName parent =
-   *       ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+   *   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
    *   ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
    *   String clientTlsPolicyId = "clientTlsPolicyId-188933315";
    *   ClientTlsPolicy response =
@@ -1862,7 +1882,7 @@ public final ClientTlsPolicy getClientTlsPolicy(GetClientTlsPolicyRequest reques
    * @throws com.google.api.gax.rpc.ApiException if the remote call fails
    */
   public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTlsPolicyAsync(
-      ClientTlsPolicyName parent, ClientTlsPolicy clientTlsPolicy, String clientTlsPolicyId) {
+      LocationName parent, ClientTlsPolicy clientTlsPolicy, String clientTlsPolicyId) {
     CreateClientTlsPolicyRequest request =
         CreateClientTlsPolicyRequest.newBuilder()
             .setParent(parent == null ? null : parent.toString())
@@ -1882,8 +1902,7 @@ public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTls
    * // This snippet has been automatically generated for illustrative purposes only.
    * // It may require modifications to work in your environment.
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-   *   String parent =
-   *       ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString();
+   *   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
    *   ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
    *   String clientTlsPolicyId = "clientTlsPolicyId-188933315";
    *   ClientTlsPolicy response =
@@ -1924,9 +1943,7 @@ public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTls
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateClientTlsPolicyRequest request =
    *       CreateClientTlsPolicyRequest.newBuilder()
-   *           .setParent(
-   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setClientTlsPolicyId("clientTlsPolicyId-188933315")
    *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
    *           .build();
@@ -1954,9 +1971,7 @@ public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTls
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateClientTlsPolicyRequest request =
    *       CreateClientTlsPolicyRequest.newBuilder()
-   *           .setParent(
-   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setClientTlsPolicyId("clientTlsPolicyId-188933315")
    *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
    *           .build();
@@ -1984,9 +1999,7 @@ public final OperationFuture<ClientTlsPolicy, OperationMetadata> createClientTls
    * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
    *   CreateClientTlsPolicyRequest request =
    *       CreateClientTlsPolicyRequest.newBuilder()
-   *           .setParent(
-   *               ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
-   *                   .toString())
+   *           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
    *           .setClientTlsPolicyId("clientTlsPolicyId-188933315")
    *           .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
    *           .build();
@@ -2256,6 +2269,332 @@ public final OperationFuture<Empty, OperationMetadata> deleteClientTlsPolicyAsyn
     return stub.deleteClientTlsPolicyCallable();
   }
 
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists information about the supported locations for this service.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListLocationsRequest request =
+   *       ListLocationsRequest.newBuilder()
+   *           .setName("name3373707")
+   *           .setFilter("filter-1274492040")
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   for (Location element : networkSecurityClient.listLocations(request).iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final ListLocationsPagedResponse listLocations(ListLocationsRequest request) {
+    return listLocationsPagedCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists information about the supported locations for this service.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListLocationsRequest request =
+   *       ListLocationsRequest.newBuilder()
+   *           .setName("name3373707")
+   *           .setFilter("filter-1274492040")
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   ApiFuture<Location> future =
+   *       networkSecurityClient.listLocationsPagedCallable().futureCall(request);
+   *   // Do something.
+   *   for (Location element : future.get().iterateAll()) {
+   *     // doThingsWith(element);
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<ListLocationsRequest, ListLocationsPagedResponse>
+      listLocationsPagedCallable() {
+    return stub.listLocationsPagedCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Lists information about the supported locations for this service.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   ListLocationsRequest request =
+   *       ListLocationsRequest.newBuilder()
+   *           .setName("name3373707")
+   *           .setFilter("filter-1274492040")
+   *           .setPageSize(883849137)
+   *           .setPageToken("pageToken873572522")
+   *           .build();
+   *   while (true) {
+   *     ListLocationsResponse response =
+   *         networkSecurityClient.listLocationsCallable().call(request);
+   *     for (Location element : response.getLocationsList()) {
+   *       // doThingsWith(element);
+   *     }
+   *     String nextPageToken = response.getNextPageToken();
+   *     if (!Strings.isNullOrEmpty(nextPageToken)) {
+   *       request = request.toBuilder().setPageToken(nextPageToken).build();
+   *     } else {
+   *       break;
+   *     }
+   *   }
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<ListLocationsRequest, ListLocationsResponse> listLocationsCallable() {
+    return stub.listLocationsCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets information about a location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetLocationRequest request = GetLocationRequest.newBuilder().setName("name3373707").build();
+   *   Location response = networkSecurityClient.getLocation(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final Location getLocation(GetLocationRequest request) {
+    return getLocationCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets information about a location.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetLocationRequest request = GetLocationRequest.newBuilder().setName("name3373707").build();
+   *   ApiFuture<Location> future = networkSecurityClient.getLocationCallable().futureCall(request);
+   *   // Do something.
+   *   Location response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<GetLocationRequest, Location> getLocationCallable() {
+    return stub.getLocationCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Sets the access control policy on the specified resource. Replacesany existing policy.
+   *
+   * <p>Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`errors.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   SetIamPolicyRequest request =
+   *       SetIamPolicyRequest.newBuilder()
+   *           .setResource(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .setPolicy(Policy.newBuilder().build())
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .build();
+   *   Policy response = networkSecurityClient.setIamPolicy(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final Policy setIamPolicy(SetIamPolicyRequest request) {
+    return setIamPolicyCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Sets the access control policy on the specified resource. Replacesany existing policy.
+   *
+   * <p>Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`errors.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   SetIamPolicyRequest request =
+   *       SetIamPolicyRequest.newBuilder()
+   *           .setResource(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .setPolicy(Policy.newBuilder().build())
+   *           .setUpdateMask(FieldMask.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Policy> future = networkSecurityClient.setIamPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Policy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<SetIamPolicyRequest, Policy> setIamPolicyCallable() {
+    return stub.setIamPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets the access control policy for a resource. Returns an empty policyif the resource exists
+   * and does not have a policy set.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetIamPolicyRequest request =
+   *       GetIamPolicyRequest.newBuilder()
+   *           .setResource(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .setOptions(GetPolicyOptions.newBuilder().build())
+   *           .build();
+   *   Policy response = networkSecurityClient.getIamPolicy(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final Policy getIamPolicy(GetIamPolicyRequest request) {
+    return getIamPolicyCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Gets the access control policy for a resource. Returns an empty policyif the resource exists
+   * and does not have a policy set.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   GetIamPolicyRequest request =
+   *       GetIamPolicyRequest.newBuilder()
+   *           .setResource(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .setOptions(GetPolicyOptions.newBuilder().build())
+   *           .build();
+   *   ApiFuture<Policy> future = networkSecurityClient.getIamPolicyCallable().futureCall(request);
+   *   // Do something.
+   *   Policy response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<GetIamPolicyRequest, Policy> getIamPolicyCallable() {
+    return stub.getIamPolicyCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Returns permissions that a caller has on the specified resource. If theresource does not exist,
+   * this will return an empty set ofpermissions, not a `NOT_FOUND` error.
+   *
+   * <p>Note: This operation is designed to be used for buildingpermission-aware UIs and
+   * command-line tools, not for authorizationchecking. This operation may "fail open" without
+   * warning.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   TestIamPermissionsRequest request =
+   *       TestIamPermissionsRequest.newBuilder()
+   *           .setResource(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .addAllPermissions(new ArrayList<String>())
+   *           .build();
+   *   TestIamPermissionsResponse response = networkSecurityClient.testIamPermissions(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final TestIamPermissionsResponse testIamPermissions(TestIamPermissionsRequest request) {
+    return testIamPermissionsCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Returns permissions that a caller has on the specified resource. If theresource does not exist,
+   * this will return an empty set ofpermissions, not a `NOT_FOUND` error.
+   *
+   * <p>Note: This operation is designed to be used for buildingpermission-aware UIs and
+   * command-line tools, not for authorizationchecking. This operation may "fail open" without
+   * warning.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated for illustrative purposes only.
+   * // It may require modifications to work in your environment.
+   * try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+   *   TestIamPermissionsRequest request =
+   *       TestIamPermissionsRequest.newBuilder()
+   *           .setResource(
+   *               AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+   *                   .toString())
+   *           .addAllPermissions(new ArrayList<String>())
+   *           .build();
+   *   ApiFuture<TestIamPermissionsResponse> future =
+   *       networkSecurityClient.testIamPermissionsCallable().futureCall(request);
+   *   // Do something.
+   *   TestIamPermissionsResponse response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsCallable() {
+    return stub.testIamPermissionsCallable();
+  }
+
   @Override
   public final void close() {
     stub.close();
@@ -2549,4 +2888,80 @@ protected ListClientTlsPoliciesFixedSizeCollection createCollection(
       return new ListClientTlsPoliciesFixedSizeCollection(pages, collectionSize);
     }
   }
+
+  public static class ListLocationsPagedResponse
+      extends AbstractPagedListResponse<
+          ListLocationsRequest,
+          ListLocationsResponse,
+          Location,
+          ListLocationsPage,
+          ListLocationsFixedSizeCollection> {
+
+    public static ApiFuture<ListLocationsPagedResponse> createAsync(
+        PageContext<ListLocationsRequest, ListLocationsResponse, Location> context,
+        ApiFuture<ListLocationsResponse> futureResponse) {
+      ApiFuture<ListLocationsPage> futurePage =
+          ListLocationsPage.createEmptyPage().createPageAsync(context, futureResponse);
+      return ApiFutures.transform(
+          futurePage,
+          input -> new ListLocationsPagedResponse(input),
+          MoreExecutors.directExecutor());
+    }
+
+    private ListLocationsPagedResponse(ListLocationsPage page) {
+      super(page, ListLocationsFixedSizeCollection.createEmptyCollection());
+    }
+  }
+
+  public static class ListLocationsPage
+      extends AbstractPage<
+          ListLocationsRequest, ListLocationsResponse, Location, ListLocationsPage> {
+
+    private ListLocationsPage(
+        PageContext<ListLocationsRequest, ListLocationsResponse, Location> context,
+        ListLocationsResponse response) {
+      super(context, response);
+    }
+
+    private static ListLocationsPage createEmptyPage() {
+      return new ListLocationsPage(null, null);
+    }
+
+    @Override
+    protected ListLocationsPage createPage(
+        PageContext<ListLocationsRequest, ListLocationsResponse, Location> context,
+        ListLocationsResponse response) {
+      return new ListLocationsPage(context, response);
+    }
+
+    @Override
+    public ApiFuture<ListLocationsPage> createPageAsync(
+        PageContext<ListLocationsRequest, ListLocationsResponse, Location> context,
+        ApiFuture<ListLocationsResponse> futureResponse) {
+      return super.createPageAsync(context, futureResponse);
+    }
+  }
+
+  public static class ListLocationsFixedSizeCollection
+      extends AbstractFixedSizeCollection<
+          ListLocationsRequest,
+          ListLocationsResponse,
+          Location,
+          ListLocationsPage,
+          ListLocationsFixedSizeCollection> {
+
+    private ListLocationsFixedSizeCollection(List<ListLocationsPage> pages, int collectionSize) {
+      super(pages, collectionSize);
+    }
+
+    private static ListLocationsFixedSizeCollection createEmptyCollection() {
+      return new ListLocationsFixedSizeCollection(null, 0);
+    }
+
+    @Override
+    protected ListLocationsFixedSizeCollection createCollection(
+        List<ListLocationsPage> pages, int collectionSize) {
+      return new ListLocationsFixedSizeCollection(pages, collectionSize);
+    }
+  }
 }
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecuritySettings.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecuritySettings.java
index 795e1e78..9d121096 100644
--- a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecuritySettings.java
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/NetworkSecuritySettings.java
@@ -18,6 +18,7 @@
 
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListLocationsPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
 
 import com.google.api.core.ApiFunction;
@@ -25,6 +26,7 @@
 import com.google.api.gax.core.GoogleCredentialsProvider;
 import com.google.api.gax.core.InstantiatingExecutorProvider;
 import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider;
+import com.google.api.gax.httpjson.InstantiatingHttpJsonChannelProvider;
 import com.google.api.gax.rpc.ApiClientHeaderProvider;
 import com.google.api.gax.rpc.ClientContext;
 import com.google.api.gax.rpc.ClientSettings;
@@ -32,7 +34,16 @@
 import com.google.api.gax.rpc.PagedCallSettings;
 import com.google.api.gax.rpc.TransportChannelProvider;
 import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
 import com.google.cloud.networksecurity.v1beta1.stub.NetworkSecurityStubSettings;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
 import com.google.longrunning.Operation;
 import com.google.protobuf.Empty;
 import java.io.IOException;
@@ -242,6 +253,33 @@ public class NetworkSecuritySettings extends ClientSettings<NetworkSecuritySetti
         .deleteClientTlsPolicyOperationSettings();
   }
 
+  /** Returns the object with the settings used for calls to listLocations. */
+  public PagedCallSettings<ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>
+      listLocationsSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).listLocationsSettings();
+  }
+
+  /** Returns the object with the settings used for calls to getLocation. */
+  public UnaryCallSettings<GetLocationRequest, Location> getLocationSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).getLocationSettings();
+  }
+
+  /** Returns the object with the settings used for calls to setIamPolicy. */
+  public UnaryCallSettings<SetIamPolicyRequest, Policy> setIamPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).setIamPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to getIamPolicy. */
+  public UnaryCallSettings<GetIamPolicyRequest, Policy> getIamPolicySettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).getIamPolicySettings();
+  }
+
+  /** Returns the object with the settings used for calls to testIamPermissions. */
+  public UnaryCallSettings<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsSettings() {
+    return ((NetworkSecurityStubSettings) getStubSettings()).testIamPermissionsSettings();
+  }
+
   public static final NetworkSecuritySettings create(NetworkSecurityStubSettings stub)
       throws IOException {
     return new NetworkSecuritySettings.Builder(stub.toBuilder()).build();
@@ -267,11 +305,18 @@ public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilde
     return NetworkSecurityStubSettings.defaultCredentialsProviderBuilder();
   }
 
-  /** Returns a builder for the default ChannelProvider for this service. */
+  /** Returns a builder for the default gRPC ChannelProvider for this service. */
   public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() {
     return NetworkSecurityStubSettings.defaultGrpcTransportProviderBuilder();
   }
 
+  /** Returns a builder for the default REST ChannelProvider for this service. */
+  @BetaApi
+  public static InstantiatingHttpJsonChannelProvider.Builder
+      defaultHttpJsonTransportProviderBuilder() {
+    return NetworkSecurityStubSettings.defaultHttpJsonTransportProviderBuilder();
+  }
+
   public static TransportChannelProvider defaultTransportChannelProvider() {
     return NetworkSecurityStubSettings.defaultTransportChannelProvider();
   }
@@ -281,11 +326,17 @@ public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuil
     return NetworkSecurityStubSettings.defaultApiClientHeaderProviderBuilder();
   }
 
-  /** Returns a new builder for this class. */
+  /** Returns a new gRPC builder for this class. */
   public static Builder newBuilder() {
     return Builder.createDefault();
   }
 
+  /** Returns a new REST builder for this class. */
+  @BetaApi
+  public static Builder newHttpJsonBuilder() {
+    return Builder.createHttpJsonDefault();
+  }
+
   /** Returns a new builder for this class. */
   public static Builder newBuilder(ClientContext clientContext) {
     return new Builder(clientContext);
@@ -323,6 +374,11 @@ private static Builder createDefault() {
       return new Builder(NetworkSecurityStubSettings.newBuilder());
     }
 
+    @BetaApi
+    private static Builder createHttpJsonDefault() {
+      return new Builder(NetworkSecurityStubSettings.newHttpJsonBuilder());
+    }
+
     public NetworkSecurityStubSettings.Builder getStubSettingsBuilder() {
       return ((NetworkSecurityStubSettings.Builder) getStubSettings());
     }
@@ -498,6 +554,34 @@ public Builder applyToAllUnaryMethods(
       return getStubSettingsBuilder().deleteClientTlsPolicyOperationSettings();
     }
 
+    /** Returns the builder for the settings used for calls to listLocations. */
+    public PagedCallSettings.Builder<
+            ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>
+        listLocationsSettings() {
+      return getStubSettingsBuilder().listLocationsSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to getLocation. */
+    public UnaryCallSettings.Builder<GetLocationRequest, Location> getLocationSettings() {
+      return getStubSettingsBuilder().getLocationSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to setIamPolicy. */
+    public UnaryCallSettings.Builder<SetIamPolicyRequest, Policy> setIamPolicySettings() {
+      return getStubSettingsBuilder().setIamPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to getIamPolicy. */
+    public UnaryCallSettings.Builder<GetIamPolicyRequest, Policy> getIamPolicySettings() {
+      return getStubSettingsBuilder().getIamPolicySettings();
+    }
+
+    /** Returns the builder for the settings used for calls to testIamPermissions. */
+    public UnaryCallSettings.Builder<TestIamPermissionsRequest, TestIamPermissionsResponse>
+        testIamPermissionsSettings() {
+      return getStubSettingsBuilder().testIamPermissionsSettings();
+    }
+
     @Override
     public NetworkSecuritySettings build() throws IOException {
       return new NetworkSecuritySettings(this);
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/gapic_metadata.json b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/gapic_metadata.json
index b7b8623f..ab16ffdf 100644
--- a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/gapic_metadata.json
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/gapic_metadata.json
@@ -34,6 +34,12 @@
             "GetClientTlsPolicy": {
               "methods": ["getClientTlsPolicy", "getClientTlsPolicy", "getClientTlsPolicy", "getClientTlsPolicyCallable"]
             },
+            "GetIamPolicy": {
+              "methods": ["getIamPolicy", "getIamPolicyCallable"]
+            },
+            "GetLocation": {
+              "methods": ["getLocation", "getLocationCallable"]
+            },
             "GetServerTlsPolicy": {
               "methods": ["getServerTlsPolicy", "getServerTlsPolicy", "getServerTlsPolicy", "getServerTlsPolicyCallable"]
             },
@@ -43,9 +49,18 @@
             "ListClientTlsPolicies": {
               "methods": ["listClientTlsPolicies", "listClientTlsPolicies", "listClientTlsPolicies", "listClientTlsPoliciesPagedCallable", "listClientTlsPoliciesCallable"]
             },
+            "ListLocations": {
+              "methods": ["listLocations", "listLocationsPagedCallable", "listLocationsCallable"]
+            },
             "ListServerTlsPolicies": {
               "methods": ["listServerTlsPolicies", "listServerTlsPolicies", "listServerTlsPolicies", "listServerTlsPoliciesPagedCallable", "listServerTlsPoliciesCallable"]
             },
+            "SetIamPolicy": {
+              "methods": ["setIamPolicy", "setIamPolicyCallable"]
+            },
+            "TestIamPermissions": {
+              "methods": ["testIamPermissions", "testIamPermissionsCallable"]
+            },
             "UpdateAuthorizationPolicy": {
               "methods": ["updateAuthorizationPolicyAsync", "updateAuthorizationPolicyAsync", "updateAuthorizationPolicyOperationCallable", "updateAuthorizationPolicyCallable"]
             },
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/package-info.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/package-info.java
index 5935a4ae..d31f1e36 100644
--- a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/package-info.java
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/package-info.java
@@ -15,7 +15,9 @@
  */
 
 /**
- * The interfaces provided are listed below, along with usage samples.
+ * A client to Network Security API
+ *
+ * <p>The interfaces provided are listed below, along with usage samples.
  *
  * <p>======================= NetworkSecurityClient =======================
  *
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/GrpcNetworkSecurityStub.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/GrpcNetworkSecurityStub.java
index cc67eb55..5f7fb26b 100644
--- a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/GrpcNetworkSecurityStub.java
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/GrpcNetworkSecurityStub.java
@@ -18,6 +18,7 @@
 
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListLocationsPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
 
 import com.google.api.core.BetaApi;
@@ -28,6 +29,10 @@
 import com.google.api.gax.rpc.ClientContext;
 import com.google.api.gax.rpc.OperationCallable;
 import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
 import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
@@ -51,6 +56,11 @@
 import com.google.cloud.networksecurity.v1beta1.UpdateClientTlsPolicyRequest;
 import com.google.cloud.networksecurity.v1beta1.UpdateServerTlsPolicyRequest;
 import com.google.common.collect.ImmutableMap;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
 import com.google.longrunning.Operation;
 import com.google.longrunning.stub.GrpcOperationsStub;
 import com.google.protobuf.Empty;
@@ -240,6 +250,52 @@ public class GrpcNetworkSecurityStub extends NetworkSecurityStub {
               .setResponseMarshaller(ProtoUtils.marshaller(Operation.getDefaultInstance()))
               .build();
 
+  private static final MethodDescriptor<ListLocationsRequest, ListLocationsResponse>
+      listLocationsMethodDescriptor =
+          MethodDescriptor.<ListLocationsRequest, ListLocationsResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName("google.cloud.location.Locations/ListLocations")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(ListLocationsRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(ListLocationsResponse.getDefaultInstance()))
+              .build();
+
+  private static final MethodDescriptor<GetLocationRequest, Location> getLocationMethodDescriptor =
+      MethodDescriptor.<GetLocationRequest, Location>newBuilder()
+          .setType(MethodDescriptor.MethodType.UNARY)
+          .setFullMethodName("google.cloud.location.Locations/GetLocation")
+          .setRequestMarshaller(ProtoUtils.marshaller(GetLocationRequest.getDefaultInstance()))
+          .setResponseMarshaller(ProtoUtils.marshaller(Location.getDefaultInstance()))
+          .build();
+
+  private static final MethodDescriptor<SetIamPolicyRequest, Policy> setIamPolicyMethodDescriptor =
+      MethodDescriptor.<SetIamPolicyRequest, Policy>newBuilder()
+          .setType(MethodDescriptor.MethodType.UNARY)
+          .setFullMethodName("google.iam.v1.IAMPolicy/SetIamPolicy")
+          .setRequestMarshaller(ProtoUtils.marshaller(SetIamPolicyRequest.getDefaultInstance()))
+          .setResponseMarshaller(ProtoUtils.marshaller(Policy.getDefaultInstance()))
+          .build();
+
+  private static final MethodDescriptor<GetIamPolicyRequest, Policy> getIamPolicyMethodDescriptor =
+      MethodDescriptor.<GetIamPolicyRequest, Policy>newBuilder()
+          .setType(MethodDescriptor.MethodType.UNARY)
+          .setFullMethodName("google.iam.v1.IAMPolicy/GetIamPolicy")
+          .setRequestMarshaller(ProtoUtils.marshaller(GetIamPolicyRequest.getDefaultInstance()))
+          .setResponseMarshaller(ProtoUtils.marshaller(Policy.getDefaultInstance()))
+          .build();
+
+  private static final MethodDescriptor<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsMethodDescriptor =
+          MethodDescriptor.<TestIamPermissionsRequest, TestIamPermissionsResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName("google.iam.v1.IAMPolicy/TestIamPermissions")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(TestIamPermissionsRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(TestIamPermissionsResponse.getDefaultInstance()))
+              .build();
+
   private final UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
       listAuthorizationPoliciesCallable;
   private final UnaryCallable<
@@ -297,6 +353,14 @@ public class GrpcNetworkSecurityStub extends NetworkSecurityStub {
       deleteClientTlsPolicyCallable;
   private final OperationCallable<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
       deleteClientTlsPolicyOperationCallable;
+  private final UnaryCallable<ListLocationsRequest, ListLocationsResponse> listLocationsCallable;
+  private final UnaryCallable<ListLocationsRequest, ListLocationsPagedResponse>
+      listLocationsPagedCallable;
+  private final UnaryCallable<GetLocationRequest, Location> getLocationCallable;
+  private final UnaryCallable<SetIamPolicyRequest, Policy> setIamPolicyCallable;
+  private final UnaryCallable<GetIamPolicyRequest, Policy> getIamPolicyCallable;
+  private final UnaryCallable<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsCallable;
 
   private final BackgroundResource backgroundResources;
   private final GrpcOperationsStub operationsStub;
@@ -516,6 +580,57 @@ protected GrpcNetworkSecurityStub(
                       return params.build();
                     })
                 .build();
+    GrpcCallSettings<ListLocationsRequest, ListLocationsResponse> listLocationsTransportSettings =
+        GrpcCallSettings.<ListLocationsRequest, ListLocationsResponse>newBuilder()
+            .setMethodDescriptor(listLocationsMethodDescriptor)
+            .setParamsExtractor(
+                request -> {
+                  ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                  params.put("name", String.valueOf(request.getName()));
+                  return params.build();
+                })
+            .build();
+    GrpcCallSettings<GetLocationRequest, Location> getLocationTransportSettings =
+        GrpcCallSettings.<GetLocationRequest, Location>newBuilder()
+            .setMethodDescriptor(getLocationMethodDescriptor)
+            .setParamsExtractor(
+                request -> {
+                  ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                  params.put("name", String.valueOf(request.getName()));
+                  return params.build();
+                })
+            .build();
+    GrpcCallSettings<SetIamPolicyRequest, Policy> setIamPolicyTransportSettings =
+        GrpcCallSettings.<SetIamPolicyRequest, Policy>newBuilder()
+            .setMethodDescriptor(setIamPolicyMethodDescriptor)
+            .setParamsExtractor(
+                request -> {
+                  ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                  params.put("resource", String.valueOf(request.getResource()));
+                  return params.build();
+                })
+            .build();
+    GrpcCallSettings<GetIamPolicyRequest, Policy> getIamPolicyTransportSettings =
+        GrpcCallSettings.<GetIamPolicyRequest, Policy>newBuilder()
+            .setMethodDescriptor(getIamPolicyMethodDescriptor)
+            .setParamsExtractor(
+                request -> {
+                  ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                  params.put("resource", String.valueOf(request.getResource()));
+                  return params.build();
+                })
+            .build();
+    GrpcCallSettings<TestIamPermissionsRequest, TestIamPermissionsResponse>
+        testIamPermissionsTransportSettings =
+            GrpcCallSettings.<TestIamPermissionsRequest, TestIamPermissionsResponse>newBuilder()
+                .setMethodDescriptor(testIamPermissionsMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("resource", String.valueOf(request.getResource()));
+                      return params.build();
+                    })
+                .build();
 
     this.listAuthorizationPoliciesCallable =
         callableFactory.createUnaryCallable(
@@ -661,6 +776,26 @@ protected GrpcNetworkSecurityStub(
             settings.deleteClientTlsPolicyOperationSettings(),
             clientContext,
             operationsStub);
+    this.listLocationsCallable =
+        callableFactory.createUnaryCallable(
+            listLocationsTransportSettings, settings.listLocationsSettings(), clientContext);
+    this.listLocationsPagedCallable =
+        callableFactory.createPagedCallable(
+            listLocationsTransportSettings, settings.listLocationsSettings(), clientContext);
+    this.getLocationCallable =
+        callableFactory.createUnaryCallable(
+            getLocationTransportSettings, settings.getLocationSettings(), clientContext);
+    this.setIamPolicyCallable =
+        callableFactory.createUnaryCallable(
+            setIamPolicyTransportSettings, settings.setIamPolicySettings(), clientContext);
+    this.getIamPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getIamPolicyTransportSettings, settings.getIamPolicySettings(), clientContext);
+    this.testIamPermissionsCallable =
+        callableFactory.createUnaryCallable(
+            testIamPermissionsTransportSettings,
+            settings.testIamPermissionsSettings(),
+            clientContext);
 
     this.backgroundResources =
         new BackgroundResourceAggregation(clientContext.getBackgroundResources());
@@ -824,6 +959,38 @@ public UnaryCallable<DeleteClientTlsPolicyRequest, Operation> deleteClientTlsPol
     return deleteClientTlsPolicyOperationCallable;
   }
 
+  @Override
+  public UnaryCallable<ListLocationsRequest, ListLocationsResponse> listLocationsCallable() {
+    return listLocationsCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListLocationsRequest, ListLocationsPagedResponse>
+      listLocationsPagedCallable() {
+    return listLocationsPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetLocationRequest, Location> getLocationCallable() {
+    return getLocationCallable;
+  }
+
+  @Override
+  public UnaryCallable<SetIamPolicyRequest, Policy> setIamPolicyCallable() {
+    return setIamPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetIamPolicyRequest, Policy> getIamPolicyCallable() {
+    return getIamPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsCallable() {
+    return testIamPermissionsCallable;
+  }
+
   @Override
   public final void close() {
     try {
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/HttpJsonNetworkSecurityCallableFactory.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/HttpJsonNetworkSecurityCallableFactory.java
new file mode 100644
index 00000000..d1b697c6
--- /dev/null
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/HttpJsonNetworkSecurityCallableFactory.java
@@ -0,0 +1,105 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.stub;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.httpjson.HttpJsonCallSettings;
+import com.google.api.gax.httpjson.HttpJsonCallableFactory;
+import com.google.api.gax.httpjson.HttpJsonOperationSnapshotCallable;
+import com.google.api.gax.httpjson.HttpJsonStubCallableFactory;
+import com.google.api.gax.httpjson.longrunning.stub.OperationsStub;
+import com.google.api.gax.rpc.BatchingCallSettings;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.OperationCallSettings;
+import com.google.api.gax.rpc.OperationCallable;
+import com.google.api.gax.rpc.PagedCallSettings;
+import com.google.api.gax.rpc.ServerStreamingCallSettings;
+import com.google.api.gax.rpc.ServerStreamingCallable;
+import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.longrunning.Operation;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * REST callable factory implementation for the NetworkSecurity service API.
+ *
+ * <p>This class is for advanced usage.
+ */
+@BetaApi
+@Generated("by gapic-generator-java")
+public class HttpJsonNetworkSecurityCallableFactory
+    implements HttpJsonStubCallableFactory<Operation, OperationsStub> {
+
+  @Override
+  public <RequestT, ResponseT> UnaryCallable<RequestT, ResponseT> createUnaryCallable(
+      HttpJsonCallSettings<RequestT, ResponseT> httpJsonCallSettings,
+      UnaryCallSettings<RequestT, ResponseT> callSettings,
+      ClientContext clientContext) {
+    return HttpJsonCallableFactory.createUnaryCallable(
+        httpJsonCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT, PagedListResponseT>
+      UnaryCallable<RequestT, PagedListResponseT> createPagedCallable(
+          HttpJsonCallSettings<RequestT, ResponseT> httpJsonCallSettings,
+          PagedCallSettings<RequestT, ResponseT, PagedListResponseT> callSettings,
+          ClientContext clientContext) {
+    return HttpJsonCallableFactory.createPagedCallable(
+        httpJsonCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT> UnaryCallable<RequestT, ResponseT> createBatchingCallable(
+      HttpJsonCallSettings<RequestT, ResponseT> httpJsonCallSettings,
+      BatchingCallSettings<RequestT, ResponseT> callSettings,
+      ClientContext clientContext) {
+    return HttpJsonCallableFactory.createBatchingCallable(
+        httpJsonCallSettings, callSettings, clientContext);
+  }
+
+  @BetaApi(
+      "The surface for long-running operations is not stable yet and may change in the future.")
+  @Override
+  public <RequestT, ResponseT, MetadataT>
+      OperationCallable<RequestT, ResponseT, MetadataT> createOperationCallable(
+          HttpJsonCallSettings<RequestT, Operation> httpJsonCallSettings,
+          OperationCallSettings<RequestT, ResponseT, MetadataT> callSettings,
+          ClientContext clientContext,
+          OperationsStub operationsStub) {
+    UnaryCallable<RequestT, Operation> innerCallable =
+        HttpJsonCallableFactory.createBaseUnaryCallable(
+            httpJsonCallSettings, callSettings.getInitialCallSettings(), clientContext);
+    HttpJsonOperationSnapshotCallable<RequestT, Operation> initialCallable =
+        new HttpJsonOperationSnapshotCallable<RequestT, Operation>(
+            innerCallable,
+            httpJsonCallSettings.getMethodDescriptor().getOperationSnapshotFactory());
+    return HttpJsonCallableFactory.createOperationCallable(
+        callSettings, clientContext, operationsStub.longRunningClient(), initialCallable);
+  }
+
+  @Override
+  public <RequestT, ResponseT>
+      ServerStreamingCallable<RequestT, ResponseT> createServerStreamingCallable(
+          HttpJsonCallSettings<RequestT, ResponseT> httpJsonCallSettings,
+          ServerStreamingCallSettings<RequestT, ResponseT> callSettings,
+          ClientContext clientContext) {
+    return HttpJsonCallableFactory.createServerStreamingCallable(
+        httpJsonCallSettings, callSettings, clientContext);
+  }
+}
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/HttpJsonNetworkSecurityStub.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/HttpJsonNetworkSecurityStub.java
new file mode 100644
index 00000000..8a129fbd
--- /dev/null
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/HttpJsonNetworkSecurityStub.java
@@ -0,0 +1,1518 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.stub;
+
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListLocationsPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
+
+import com.google.api.core.BetaApi;
+import com.google.api.core.InternalApi;
+import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.core.BackgroundResourceAggregation;
+import com.google.api.gax.httpjson.ApiMethodDescriptor;
+import com.google.api.gax.httpjson.HttpJsonCallSettings;
+import com.google.api.gax.httpjson.HttpJsonOperationSnapshot;
+import com.google.api.gax.httpjson.HttpJsonStubCallableFactory;
+import com.google.api.gax.httpjson.ProtoMessageRequestFormatter;
+import com.google.api.gax.httpjson.ProtoMessageResponseParser;
+import com.google.api.gax.httpjson.ProtoRestSerializer;
+import com.google.api.gax.httpjson.longrunning.stub.HttpJsonOperationsStub;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.OperationCallable;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
+import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.DeleteAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.DeleteClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.DeleteServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.GetAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.GetClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.GetServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.ListAuthorizationPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.ListAuthorizationPoliciesResponse;
+import com.google.cloud.networksecurity.v1beta1.ListClientTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.ListClientTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1beta1.ListServerTlsPoliciesRequest;
+import com.google.cloud.networksecurity.v1beta1.ListServerTlsPoliciesResponse;
+import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
+import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
+import com.google.cloud.networksecurity.v1beta1.UpdateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.UpdateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.UpdateServerTlsPolicyRequest;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
+import com.google.longrunning.Operation;
+import com.google.protobuf.Empty;
+import com.google.protobuf.TypeRegistry;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS.
+/**
+ * REST stub implementation for the NetworkSecurity service API.
+ *
+ * <p>This class is for advanced usage and reflects the underlying API directly.
+ */
+@BetaApi
+@Generated("by gapic-generator-java")
+public class HttpJsonNetworkSecurityStub extends NetworkSecurityStub {
+  private static final TypeRegistry typeRegistry =
+      TypeRegistry.newBuilder()
+          .add(Empty.getDescriptor())
+          .add(ServerTlsPolicy.getDescriptor())
+          .add(OperationMetadata.getDescriptor())
+          .add(AuthorizationPolicy.getDescriptor())
+          .add(ClientTlsPolicy.getDescriptor())
+          .build();
+
+  private static final ApiMethodDescriptor<
+          ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesMethodDescriptor =
+          ApiMethodDescriptor
+              .<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/ListAuthorizationPolicies")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<ListAuthorizationPoliciesRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{parent=projects/*/locations/*}/authorizationPolicies",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<ListAuthorizationPoliciesRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "parent", request.getParent());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<ListAuthorizationPoliciesRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(fields, "pageSize", request.getPageSize());
+                            serializer.putQueryParam(fields, "pageToken", request.getPageToken());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<ListAuthorizationPoliciesResponse>newBuilder()
+                      .setDefaultInstance(ListAuthorizationPoliciesResponse.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyMethodDescriptor =
+          ApiMethodDescriptor.<GetAuthorizationPolicyRequest, AuthorizationPolicy>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/GetAuthorizationPolicy")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<GetAuthorizationPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*/locations/*/authorizationPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<GetAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<GetAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<AuthorizationPolicy>newBuilder()
+                      .setDefaultInstance(AuthorizationPolicy.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyMethodDescriptor =
+          ApiMethodDescriptor.<CreateAuthorizationPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/CreateAuthorizationPolicy")
+              .setHttpMethod("POST")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<CreateAuthorizationPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{parent=projects/*/locations/*}/authorizationPolicies",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<CreateAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "parent", request.getParent());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<CreateAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(
+                                fields,
+                                "authorizationPolicyId",
+                                request.getAuthorizationPolicyId());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("authorizationPolicy", request.getAuthorizationPolicy()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (CreateAuthorizationPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyMethodDescriptor =
+          ApiMethodDescriptor.<UpdateAuthorizationPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/UpdateAuthorizationPolicy")
+              .setHttpMethod("PATCH")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<UpdateAuthorizationPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{authorizationPolicy.name=projects/*/locations/*/authorizationPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<UpdateAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(
+                                fields,
+                                "authorizationPolicy.name",
+                                request.getAuthorizationPolicy().getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<UpdateAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(fields, "updateMask", request.getUpdateMask());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("authorizationPolicy", request.getAuthorizationPolicy()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (UpdateAuthorizationPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyMethodDescriptor =
+          ApiMethodDescriptor.<DeleteAuthorizationPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/DeleteAuthorizationPolicy")
+              .setHttpMethod("DELETE")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<DeleteAuthorizationPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*/locations/*/authorizationPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<DeleteAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<DeleteAuthorizationPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (DeleteAuthorizationPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<
+          ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesMethodDescriptor =
+          ApiMethodDescriptor
+              .<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/ListServerTlsPolicies")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<ListServerTlsPoliciesRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{parent=projects/*/locations/*}/serverTlsPolicies",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<ListServerTlsPoliciesRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "parent", request.getParent());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<ListServerTlsPoliciesRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(fields, "pageSize", request.getPageSize());
+                            serializer.putQueryParam(fields, "pageToken", request.getPageToken());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<ListServerTlsPoliciesResponse>newBuilder()
+                      .setDefaultInstance(ListServerTlsPoliciesResponse.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<GetServerTlsPolicyRequest, ServerTlsPolicy>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/GetServerTlsPolicy")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<GetServerTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*/locations/*/serverTlsPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<GetServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<GetServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<ServerTlsPolicy>newBuilder()
+                      .setDefaultInstance(ServerTlsPolicy.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<CreateServerTlsPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/CreateServerTlsPolicy")
+              .setHttpMethod("POST")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<CreateServerTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{parent=projects/*/locations/*}/serverTlsPolicies",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<CreateServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "parent", request.getParent());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<CreateServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(
+                                fields, "serverTlsPolicyId", request.getServerTlsPolicyId());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("serverTlsPolicy", request.getServerTlsPolicy()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (CreateServerTlsPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<UpdateServerTlsPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/UpdateServerTlsPolicy")
+              .setHttpMethod("PATCH")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<UpdateServerTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{serverTlsPolicy.name=projects/*/locations/*/serverTlsPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<UpdateServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(
+                                fields,
+                                "serverTlsPolicy.name",
+                                request.getServerTlsPolicy().getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<UpdateServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(fields, "updateMask", request.getUpdateMask());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("serverTlsPolicy", request.getServerTlsPolicy()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (UpdateServerTlsPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<DeleteServerTlsPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/DeleteServerTlsPolicy")
+              .setHttpMethod("DELETE")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<DeleteServerTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*/locations/*/serverTlsPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<DeleteServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<DeleteServerTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (DeleteServerTlsPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<
+          ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesMethodDescriptor =
+          ApiMethodDescriptor
+              .<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/ListClientTlsPolicies")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<ListClientTlsPoliciesRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{parent=projects/*/locations/*}/clientTlsPolicies",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<ListClientTlsPoliciesRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "parent", request.getParent());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<ListClientTlsPoliciesRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(fields, "pageSize", request.getPageSize());
+                            serializer.putQueryParam(fields, "pageToken", request.getPageToken());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<ListClientTlsPoliciesResponse>newBuilder()
+                      .setDefaultInstance(ListClientTlsPoliciesResponse.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<GetClientTlsPolicyRequest, ClientTlsPolicy>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/GetClientTlsPolicy")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<GetClientTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*/locations/*/clientTlsPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<GetClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<GetClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<ClientTlsPolicy>newBuilder()
+                      .setDefaultInstance(ClientTlsPolicy.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<CreateClientTlsPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/CreateClientTlsPolicy")
+              .setHttpMethod("POST")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<CreateClientTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{parent=projects/*/locations/*}/clientTlsPolicies",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<CreateClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "parent", request.getParent());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<CreateClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(
+                                fields, "clientTlsPolicyId", request.getClientTlsPolicyId());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("clientTlsPolicy", request.getClientTlsPolicy()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (CreateClientTlsPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<UpdateClientTlsPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/UpdateClientTlsPolicy")
+              .setHttpMethod("PATCH")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<UpdateClientTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{clientTlsPolicy.name=projects/*/locations/*/clientTlsPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<UpdateClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(
+                                fields,
+                                "clientTlsPolicy.name",
+                                request.getClientTlsPolicy().getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<UpdateClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putQueryParam(fields, "updateMask", request.getUpdateMask());
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("clientTlsPolicy", request.getClientTlsPolicy()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (UpdateClientTlsPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicyMethodDescriptor =
+          ApiMethodDescriptor.<DeleteClientTlsPolicyRequest, Operation>newBuilder()
+              .setFullMethodName(
+                  "google.cloud.networksecurity.v1beta1.NetworkSecurity/DeleteClientTlsPolicy")
+              .setHttpMethod("DELETE")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<DeleteClientTlsPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*/locations/*/clientTlsPolicies/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<DeleteClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<DeleteClientTlsPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Operation>newBuilder()
+                      .setDefaultInstance(Operation.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .setOperationSnapshotFactory(
+                  (DeleteClientTlsPolicyRequest request, Operation response) ->
+                      HttpJsonOperationSnapshot.create(response))
+              .build();
+
+  private static final ApiMethodDescriptor<ListLocationsRequest, ListLocationsResponse>
+      listLocationsMethodDescriptor =
+          ApiMethodDescriptor.<ListLocationsRequest, ListLocationsResponse>newBuilder()
+              .setFullMethodName("google.cloud.location.Locations/ListLocations")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<ListLocationsRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*}/locations",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<ListLocationsRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<ListLocationsRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<ListLocationsResponse>newBuilder()
+                      .setDefaultInstance(ListLocationsResponse.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<GetLocationRequest, Location>
+      getLocationMethodDescriptor =
+          ApiMethodDescriptor.<GetLocationRequest, Location>newBuilder()
+              .setFullMethodName("google.cloud.location.Locations/GetLocation")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<GetLocationRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{name=projects/*/locations/*}",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<GetLocationRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "name", request.getName());
+                            return fields;
+                          })
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<GetLocationRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Location>newBuilder()
+                      .setDefaultInstance(Location.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<SetIamPolicyRequest, Policy>
+      setIamPolicyMethodDescriptor =
+          ApiMethodDescriptor.<SetIamPolicyRequest, Policy>newBuilder()
+              .setFullMethodName("google.iam.v1.IAMPolicy/SetIamPolicy")
+              .setHttpMethod("POST")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<SetIamPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{resource=projects/*/locations/*/authorizationPolicies/*}:setIamPolicy",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<SetIamPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "resource", request.getResource());
+                            return fields;
+                          })
+                      .setAdditionalPaths(
+                          "/v1beta1/{resource=projects/*/locations/*/serverTlsPolicies/*}:setIamPolicy",
+                          "/v1beta1/{resource=projects/*/locations/*/clientTlsPolicies/*}:setIamPolicy")
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<SetIamPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("*", request.toBuilder().clearResource().build()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Policy>newBuilder()
+                      .setDefaultInstance(Policy.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<GetIamPolicyRequest, Policy>
+      getIamPolicyMethodDescriptor =
+          ApiMethodDescriptor.<GetIamPolicyRequest, Policy>newBuilder()
+              .setFullMethodName("google.iam.v1.IAMPolicy/GetIamPolicy")
+              .setHttpMethod("GET")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<GetIamPolicyRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{resource=projects/*/locations/*/authorizationPolicies/*}:getIamPolicy",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<GetIamPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "resource", request.getResource());
+                            return fields;
+                          })
+                      .setAdditionalPaths(
+                          "/v1beta1/{resource=projects/*/locations/*/serverTlsPolicies/*}:getIamPolicy",
+                          "/v1beta1/{resource=projects/*/locations/*/clientTlsPolicies/*}:getIamPolicy")
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<GetIamPolicyRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(request -> null)
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<Policy>newBuilder()
+                      .setDefaultInstance(Policy.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private static final ApiMethodDescriptor<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsMethodDescriptor =
+          ApiMethodDescriptor.<TestIamPermissionsRequest, TestIamPermissionsResponse>newBuilder()
+              .setFullMethodName("google.iam.v1.IAMPolicy/TestIamPermissions")
+              .setHttpMethod("POST")
+              .setType(ApiMethodDescriptor.MethodType.UNARY)
+              .setRequestFormatter(
+                  ProtoMessageRequestFormatter.<TestIamPermissionsRequest>newBuilder()
+                      .setPath(
+                          "/v1beta1/{resource=projects/*/locations/*/authorizationPolicies/*}:testIamPermissions",
+                          request -> {
+                            Map<String, String> fields = new HashMap<>();
+                            ProtoRestSerializer<TestIamPermissionsRequest> serializer =
+                                ProtoRestSerializer.create();
+                            serializer.putPathParam(fields, "resource", request.getResource());
+                            return fields;
+                          })
+                      .setAdditionalPaths(
+                          "/v1beta1/{resource=projects/*/locations/*/serverTlsPolicies/*}:testIamPermissions",
+                          "/v1beta1/{resource=projects/*/locations/*/clientTlsPolicies/*}:testIamPermissions")
+                      .setQueryParamsExtractor(
+                          request -> {
+                            Map<String, List<String>> fields = new HashMap<>();
+                            ProtoRestSerializer<TestIamPermissionsRequest> serializer =
+                                ProtoRestSerializer.create();
+                            return fields;
+                          })
+                      .setRequestBodyExtractor(
+                          request ->
+                              ProtoRestSerializer.create()
+                                  .toBody("*", request.toBuilder().clearResource().build()))
+                      .build())
+              .setResponseParser(
+                  ProtoMessageResponseParser.<TestIamPermissionsResponse>newBuilder()
+                      .setDefaultInstance(TestIamPermissionsResponse.getDefaultInstance())
+                      .setDefaultTypeRegistry(typeRegistry)
+                      .build())
+              .build();
+
+  private final UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesCallable;
+  private final UnaryCallable<
+          ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesPagedCallable;
+  private final UnaryCallable<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyCallable;
+  private final UnaryCallable<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyCallable;
+  private final OperationCallable<
+          CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationCallable;
+  private final UnaryCallable<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyCallable;
+  private final OperationCallable<
+          UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationCallable;
+  private final UnaryCallable<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyCallable;
+  private final OperationCallable<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationCallable;
+  private final UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesCallable;
+  private final UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesPagedCallable;
+  private final UnaryCallable<GetServerTlsPolicyRequest, ServerTlsPolicy>
+      getServerTlsPolicyCallable;
+  private final UnaryCallable<CreateServerTlsPolicyRequest, Operation>
+      createServerTlsPolicyCallable;
+  private final OperationCallable<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationCallable;
+  private final UnaryCallable<UpdateServerTlsPolicyRequest, Operation>
+      updateServerTlsPolicyCallable;
+  private final OperationCallable<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationCallable;
+  private final UnaryCallable<DeleteServerTlsPolicyRequest, Operation>
+      deleteServerTlsPolicyCallable;
+  private final OperationCallable<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationCallable;
+  private final UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesCallable;
+  private final UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesPagedCallable;
+  private final UnaryCallable<GetClientTlsPolicyRequest, ClientTlsPolicy>
+      getClientTlsPolicyCallable;
+  private final UnaryCallable<CreateClientTlsPolicyRequest, Operation>
+      createClientTlsPolicyCallable;
+  private final OperationCallable<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationCallable;
+  private final UnaryCallable<UpdateClientTlsPolicyRequest, Operation>
+      updateClientTlsPolicyCallable;
+  private final OperationCallable<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationCallable;
+  private final UnaryCallable<DeleteClientTlsPolicyRequest, Operation>
+      deleteClientTlsPolicyCallable;
+  private final OperationCallable<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationCallable;
+  private final UnaryCallable<ListLocationsRequest, ListLocationsResponse> listLocationsCallable;
+  private final UnaryCallable<ListLocationsRequest, ListLocationsPagedResponse>
+      listLocationsPagedCallable;
+  private final UnaryCallable<GetLocationRequest, Location> getLocationCallable;
+  private final UnaryCallable<SetIamPolicyRequest, Policy> setIamPolicyCallable;
+  private final UnaryCallable<GetIamPolicyRequest, Policy> getIamPolicyCallable;
+  private final UnaryCallable<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsCallable;
+
+  private final BackgroundResource backgroundResources;
+  private final HttpJsonOperationsStub httpJsonOperationsStub;
+  private final HttpJsonStubCallableFactory callableFactory;
+
+  public static final HttpJsonNetworkSecurityStub create(NetworkSecurityStubSettings settings)
+      throws IOException {
+    return new HttpJsonNetworkSecurityStub(settings, ClientContext.create(settings));
+  }
+
+  public static final HttpJsonNetworkSecurityStub create(ClientContext clientContext)
+      throws IOException {
+    return new HttpJsonNetworkSecurityStub(
+        NetworkSecurityStubSettings.newHttpJsonBuilder().build(), clientContext);
+  }
+
+  public static final HttpJsonNetworkSecurityStub create(
+      ClientContext clientContext, HttpJsonStubCallableFactory callableFactory) throws IOException {
+    return new HttpJsonNetworkSecurityStub(
+        NetworkSecurityStubSettings.newHttpJsonBuilder().build(), clientContext, callableFactory);
+  }
+
+  /**
+   * Constructs an instance of HttpJsonNetworkSecurityStub, using the given settings. This is
+   * protected so that it is easy to make a subclass, but otherwise, the static factory methods
+   * should be preferred.
+   */
+  protected HttpJsonNetworkSecurityStub(
+      NetworkSecurityStubSettings settings, ClientContext clientContext) throws IOException {
+    this(settings, clientContext, new HttpJsonNetworkSecurityCallableFactory());
+  }
+
+  /**
+   * Constructs an instance of HttpJsonNetworkSecurityStub, using the given settings. This is
+   * protected so that it is easy to make a subclass, but otherwise, the static factory methods
+   * should be preferred.
+   */
+  protected HttpJsonNetworkSecurityStub(
+      NetworkSecurityStubSettings settings,
+      ClientContext clientContext,
+      HttpJsonStubCallableFactory callableFactory)
+      throws IOException {
+    this.callableFactory = callableFactory;
+    this.httpJsonOperationsStub =
+        HttpJsonOperationsStub.create(clientContext, callableFactory, typeRegistry);
+
+    HttpJsonCallSettings<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+        listAuthorizationPoliciesTransportSettings =
+            HttpJsonCallSettings
+                .<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>newBuilder()
+                .setMethodDescriptor(listAuthorizationPoliciesMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+        getAuthorizationPolicyTransportSettings =
+            HttpJsonCallSettings.<GetAuthorizationPolicyRequest, AuthorizationPolicy>newBuilder()
+                .setMethodDescriptor(getAuthorizationPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<CreateAuthorizationPolicyRequest, Operation>
+        createAuthorizationPolicyTransportSettings =
+            HttpJsonCallSettings.<CreateAuthorizationPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(createAuthorizationPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<UpdateAuthorizationPolicyRequest, Operation>
+        updateAuthorizationPolicyTransportSettings =
+            HttpJsonCallSettings.<UpdateAuthorizationPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(updateAuthorizationPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<DeleteAuthorizationPolicyRequest, Operation>
+        deleteAuthorizationPolicyTransportSettings =
+            HttpJsonCallSettings.<DeleteAuthorizationPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(deleteAuthorizationPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+        listServerTlsPoliciesTransportSettings =
+            HttpJsonCallSettings
+                .<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>newBuilder()
+                .setMethodDescriptor(listServerTlsPoliciesMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<GetServerTlsPolicyRequest, ServerTlsPolicy>
+        getServerTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<GetServerTlsPolicyRequest, ServerTlsPolicy>newBuilder()
+                .setMethodDescriptor(getServerTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<CreateServerTlsPolicyRequest, Operation>
+        createServerTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<CreateServerTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(createServerTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<UpdateServerTlsPolicyRequest, Operation>
+        updateServerTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<UpdateServerTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(updateServerTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<DeleteServerTlsPolicyRequest, Operation>
+        deleteServerTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<DeleteServerTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(deleteServerTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+        listClientTlsPoliciesTransportSettings =
+            HttpJsonCallSettings
+                .<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>newBuilder()
+                .setMethodDescriptor(listClientTlsPoliciesMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<GetClientTlsPolicyRequest, ClientTlsPolicy>
+        getClientTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<GetClientTlsPolicyRequest, ClientTlsPolicy>newBuilder()
+                .setMethodDescriptor(getClientTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<CreateClientTlsPolicyRequest, Operation>
+        createClientTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<CreateClientTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(createClientTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<UpdateClientTlsPolicyRequest, Operation>
+        updateClientTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<UpdateClientTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(updateClientTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<DeleteClientTlsPolicyRequest, Operation>
+        deleteClientTlsPolicyTransportSettings =
+            HttpJsonCallSettings.<DeleteClientTlsPolicyRequest, Operation>newBuilder()
+                .setMethodDescriptor(deleteClientTlsPolicyMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<ListLocationsRequest, ListLocationsResponse>
+        listLocationsTransportSettings =
+            HttpJsonCallSettings.<ListLocationsRequest, ListLocationsResponse>newBuilder()
+                .setMethodDescriptor(listLocationsMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+    HttpJsonCallSettings<GetLocationRequest, Location> getLocationTransportSettings =
+        HttpJsonCallSettings.<GetLocationRequest, Location>newBuilder()
+            .setMethodDescriptor(getLocationMethodDescriptor)
+            .setTypeRegistry(typeRegistry)
+            .build();
+    HttpJsonCallSettings<SetIamPolicyRequest, Policy> setIamPolicyTransportSettings =
+        HttpJsonCallSettings.<SetIamPolicyRequest, Policy>newBuilder()
+            .setMethodDescriptor(setIamPolicyMethodDescriptor)
+            .setTypeRegistry(typeRegistry)
+            .build();
+    HttpJsonCallSettings<GetIamPolicyRequest, Policy> getIamPolicyTransportSettings =
+        HttpJsonCallSettings.<GetIamPolicyRequest, Policy>newBuilder()
+            .setMethodDescriptor(getIamPolicyMethodDescriptor)
+            .setTypeRegistry(typeRegistry)
+            .build();
+    HttpJsonCallSettings<TestIamPermissionsRequest, TestIamPermissionsResponse>
+        testIamPermissionsTransportSettings =
+            HttpJsonCallSettings.<TestIamPermissionsRequest, TestIamPermissionsResponse>newBuilder()
+                .setMethodDescriptor(testIamPermissionsMethodDescriptor)
+                .setTypeRegistry(typeRegistry)
+                .build();
+
+    this.listAuthorizationPoliciesCallable =
+        callableFactory.createUnaryCallable(
+            listAuthorizationPoliciesTransportSettings,
+            settings.listAuthorizationPoliciesSettings(),
+            clientContext);
+    this.listAuthorizationPoliciesPagedCallable =
+        callableFactory.createPagedCallable(
+            listAuthorizationPoliciesTransportSettings,
+            settings.listAuthorizationPoliciesSettings(),
+            clientContext);
+    this.getAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getAuthorizationPolicyTransportSettings,
+            settings.getAuthorizationPolicySettings(),
+            clientContext);
+    this.createAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            createAuthorizationPolicyTransportSettings,
+            settings.createAuthorizationPolicySettings(),
+            clientContext);
+    this.createAuthorizationPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            createAuthorizationPolicyTransportSettings,
+            settings.createAuthorizationPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.updateAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            updateAuthorizationPolicyTransportSettings,
+            settings.updateAuthorizationPolicySettings(),
+            clientContext);
+    this.updateAuthorizationPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            updateAuthorizationPolicyTransportSettings,
+            settings.updateAuthorizationPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.deleteAuthorizationPolicyCallable =
+        callableFactory.createUnaryCallable(
+            deleteAuthorizationPolicyTransportSettings,
+            settings.deleteAuthorizationPolicySettings(),
+            clientContext);
+    this.deleteAuthorizationPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            deleteAuthorizationPolicyTransportSettings,
+            settings.deleteAuthorizationPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.listServerTlsPoliciesCallable =
+        callableFactory.createUnaryCallable(
+            listServerTlsPoliciesTransportSettings,
+            settings.listServerTlsPoliciesSettings(),
+            clientContext);
+    this.listServerTlsPoliciesPagedCallable =
+        callableFactory.createPagedCallable(
+            listServerTlsPoliciesTransportSettings,
+            settings.listServerTlsPoliciesSettings(),
+            clientContext);
+    this.getServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getServerTlsPolicyTransportSettings,
+            settings.getServerTlsPolicySettings(),
+            clientContext);
+    this.createServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            createServerTlsPolicyTransportSettings,
+            settings.createServerTlsPolicySettings(),
+            clientContext);
+    this.createServerTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            createServerTlsPolicyTransportSettings,
+            settings.createServerTlsPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.updateServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            updateServerTlsPolicyTransportSettings,
+            settings.updateServerTlsPolicySettings(),
+            clientContext);
+    this.updateServerTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            updateServerTlsPolicyTransportSettings,
+            settings.updateServerTlsPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.deleteServerTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            deleteServerTlsPolicyTransportSettings,
+            settings.deleteServerTlsPolicySettings(),
+            clientContext);
+    this.deleteServerTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            deleteServerTlsPolicyTransportSettings,
+            settings.deleteServerTlsPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.listClientTlsPoliciesCallable =
+        callableFactory.createUnaryCallable(
+            listClientTlsPoliciesTransportSettings,
+            settings.listClientTlsPoliciesSettings(),
+            clientContext);
+    this.listClientTlsPoliciesPagedCallable =
+        callableFactory.createPagedCallable(
+            listClientTlsPoliciesTransportSettings,
+            settings.listClientTlsPoliciesSettings(),
+            clientContext);
+    this.getClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getClientTlsPolicyTransportSettings,
+            settings.getClientTlsPolicySettings(),
+            clientContext);
+    this.createClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            createClientTlsPolicyTransportSettings,
+            settings.createClientTlsPolicySettings(),
+            clientContext);
+    this.createClientTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            createClientTlsPolicyTransportSettings,
+            settings.createClientTlsPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.updateClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            updateClientTlsPolicyTransportSettings,
+            settings.updateClientTlsPolicySettings(),
+            clientContext);
+    this.updateClientTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            updateClientTlsPolicyTransportSettings,
+            settings.updateClientTlsPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.deleteClientTlsPolicyCallable =
+        callableFactory.createUnaryCallable(
+            deleteClientTlsPolicyTransportSettings,
+            settings.deleteClientTlsPolicySettings(),
+            clientContext);
+    this.deleteClientTlsPolicyOperationCallable =
+        callableFactory.createOperationCallable(
+            deleteClientTlsPolicyTransportSettings,
+            settings.deleteClientTlsPolicyOperationSettings(),
+            clientContext,
+            httpJsonOperationsStub);
+    this.listLocationsCallable =
+        callableFactory.createUnaryCallable(
+            listLocationsTransportSettings, settings.listLocationsSettings(), clientContext);
+    this.listLocationsPagedCallable =
+        callableFactory.createPagedCallable(
+            listLocationsTransportSettings, settings.listLocationsSettings(), clientContext);
+    this.getLocationCallable =
+        callableFactory.createUnaryCallable(
+            getLocationTransportSettings, settings.getLocationSettings(), clientContext);
+    this.setIamPolicyCallable =
+        callableFactory.createUnaryCallable(
+            setIamPolicyTransportSettings, settings.setIamPolicySettings(), clientContext);
+    this.getIamPolicyCallable =
+        callableFactory.createUnaryCallable(
+            getIamPolicyTransportSettings, settings.getIamPolicySettings(), clientContext);
+    this.testIamPermissionsCallable =
+        callableFactory.createUnaryCallable(
+            testIamPermissionsTransportSettings,
+            settings.testIamPermissionsSettings(),
+            clientContext);
+
+    this.backgroundResources =
+        new BackgroundResourceAggregation(clientContext.getBackgroundResources());
+  }
+
+  @InternalApi
+  public static List<ApiMethodDescriptor> getMethodDescriptors() {
+    List<ApiMethodDescriptor> methodDescriptors = new ArrayList<>();
+    methodDescriptors.add(listAuthorizationPoliciesMethodDescriptor);
+    methodDescriptors.add(getAuthorizationPolicyMethodDescriptor);
+    methodDescriptors.add(createAuthorizationPolicyMethodDescriptor);
+    methodDescriptors.add(updateAuthorizationPolicyMethodDescriptor);
+    methodDescriptors.add(deleteAuthorizationPolicyMethodDescriptor);
+    methodDescriptors.add(listServerTlsPoliciesMethodDescriptor);
+    methodDescriptors.add(getServerTlsPolicyMethodDescriptor);
+    methodDescriptors.add(createServerTlsPolicyMethodDescriptor);
+    methodDescriptors.add(updateServerTlsPolicyMethodDescriptor);
+    methodDescriptors.add(deleteServerTlsPolicyMethodDescriptor);
+    methodDescriptors.add(listClientTlsPoliciesMethodDescriptor);
+    methodDescriptors.add(getClientTlsPolicyMethodDescriptor);
+    methodDescriptors.add(createClientTlsPolicyMethodDescriptor);
+    methodDescriptors.add(updateClientTlsPolicyMethodDescriptor);
+    methodDescriptors.add(deleteClientTlsPolicyMethodDescriptor);
+    methodDescriptors.add(listLocationsMethodDescriptor);
+    methodDescriptors.add(getLocationMethodDescriptor);
+    methodDescriptors.add(setIamPolicyMethodDescriptor);
+    methodDescriptors.add(getIamPolicyMethodDescriptor);
+    methodDescriptors.add(testIamPermissionsMethodDescriptor);
+    return methodDescriptors;
+  }
+
+  public HttpJsonOperationsStub getHttpJsonOperationsStub() {
+    return httpJsonOperationsStub;
+  }
+
+  @Override
+  public UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse>
+      listAuthorizationPoliciesCallable() {
+    return listAuthorizationPoliciesCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesPagedResponse>
+      listAuthorizationPoliciesPagedCallable() {
+    return listAuthorizationPoliciesPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetAuthorizationPolicyRequest, AuthorizationPolicy>
+      getAuthorizationPolicyCallable() {
+    return getAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<CreateAuthorizationPolicyRequest, Operation>
+      createAuthorizationPolicyCallable() {
+    return createAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<CreateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      createAuthorizationPolicyOperationCallable() {
+    return createAuthorizationPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<UpdateAuthorizationPolicyRequest, Operation>
+      updateAuthorizationPolicyCallable() {
+    return updateAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<UpdateAuthorizationPolicyRequest, AuthorizationPolicy, OperationMetadata>
+      updateAuthorizationPolicyOperationCallable() {
+    return updateAuthorizationPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<DeleteAuthorizationPolicyRequest, Operation>
+      deleteAuthorizationPolicyCallable() {
+    return deleteAuthorizationPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<DeleteAuthorizationPolicyRequest, Empty, OperationMetadata>
+      deleteAuthorizationPolicyOperationCallable() {
+    return deleteAuthorizationPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesResponse>
+      listServerTlsPoliciesCallable() {
+    return listServerTlsPoliciesCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListServerTlsPoliciesRequest, ListServerTlsPoliciesPagedResponse>
+      listServerTlsPoliciesPagedCallable() {
+    return listServerTlsPoliciesPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetServerTlsPolicyRequest, ServerTlsPolicy> getServerTlsPolicyCallable() {
+    return getServerTlsPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<CreateServerTlsPolicyRequest, Operation> createServerTlsPolicyCallable() {
+    return createServerTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<CreateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      createServerTlsPolicyOperationCallable() {
+    return createServerTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<UpdateServerTlsPolicyRequest, Operation> updateServerTlsPolicyCallable() {
+    return updateServerTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<UpdateServerTlsPolicyRequest, ServerTlsPolicy, OperationMetadata>
+      updateServerTlsPolicyOperationCallable() {
+    return updateServerTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<DeleteServerTlsPolicyRequest, Operation> deleteServerTlsPolicyCallable() {
+    return deleteServerTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<DeleteServerTlsPolicyRequest, Empty, OperationMetadata>
+      deleteServerTlsPolicyOperationCallable() {
+    return deleteServerTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesResponse>
+      listClientTlsPoliciesCallable() {
+    return listClientTlsPoliciesCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListClientTlsPoliciesRequest, ListClientTlsPoliciesPagedResponse>
+      listClientTlsPoliciesPagedCallable() {
+    return listClientTlsPoliciesPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetClientTlsPolicyRequest, ClientTlsPolicy> getClientTlsPolicyCallable() {
+    return getClientTlsPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<CreateClientTlsPolicyRequest, Operation> createClientTlsPolicyCallable() {
+    return createClientTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<CreateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      createClientTlsPolicyOperationCallable() {
+    return createClientTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<UpdateClientTlsPolicyRequest, Operation> updateClientTlsPolicyCallable() {
+    return updateClientTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<UpdateClientTlsPolicyRequest, ClientTlsPolicy, OperationMetadata>
+      updateClientTlsPolicyOperationCallable() {
+    return updateClientTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<DeleteClientTlsPolicyRequest, Operation> deleteClientTlsPolicyCallable() {
+    return deleteClientTlsPolicyCallable;
+  }
+
+  @Override
+  public OperationCallable<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
+      deleteClientTlsPolicyOperationCallable() {
+    return deleteClientTlsPolicyOperationCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListLocationsRequest, ListLocationsResponse> listLocationsCallable() {
+    return listLocationsCallable;
+  }
+
+  @Override
+  public UnaryCallable<ListLocationsRequest, ListLocationsPagedResponse>
+      listLocationsPagedCallable() {
+    return listLocationsPagedCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetLocationRequest, Location> getLocationCallable() {
+    return getLocationCallable;
+  }
+
+  @Override
+  public UnaryCallable<SetIamPolicyRequest, Policy> setIamPolicyCallable() {
+    return setIamPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<GetIamPolicyRequest, Policy> getIamPolicyCallable() {
+    return getIamPolicyCallable;
+  }
+
+  @Override
+  public UnaryCallable<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsCallable() {
+    return testIamPermissionsCallable;
+  }
+
+  @Override
+  public final void close() {
+    try {
+      backgroundResources.close();
+    } catch (RuntimeException e) {
+      throw e;
+    } catch (Exception e) {
+      throw new IllegalStateException("Failed to close resource", e);
+    }
+  }
+
+  @Override
+  public void shutdown() {
+    backgroundResources.shutdown();
+  }
+
+  @Override
+  public boolean isShutdown() {
+    return backgroundResources.isShutdown();
+  }
+
+  @Override
+  public boolean isTerminated() {
+    return backgroundResources.isTerminated();
+  }
+
+  @Override
+  public void shutdownNow() {
+    backgroundResources.shutdownNow();
+  }
+
+  @Override
+  public boolean awaitTermination(long duration, TimeUnit unit) throws InterruptedException {
+    return backgroundResources.awaitTermination(duration, unit);
+  }
+}
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStub.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStub.java
index ae36993a..bd5b8925 100644
--- a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStub.java
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStub.java
@@ -18,12 +18,17 @@
 
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListLocationsPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
 
 import com.google.api.core.BetaApi;
 import com.google.api.gax.core.BackgroundResource;
 import com.google.api.gax.rpc.OperationCallable;
 import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
 import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
@@ -46,6 +51,11 @@
 import com.google.cloud.networksecurity.v1beta1.UpdateAuthorizationPolicyRequest;
 import com.google.cloud.networksecurity.v1beta1.UpdateClientTlsPolicyRequest;
 import com.google.cloud.networksecurity.v1beta1.UpdateServerTlsPolicyRequest;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
 import com.google.longrunning.Operation;
 import com.google.longrunning.stub.OperationsStub;
 import com.google.protobuf.Empty;
@@ -62,7 +72,11 @@
 public abstract class NetworkSecurityStub implements BackgroundResource {
 
   public OperationsStub getOperationsStub() {
-    throw new UnsupportedOperationException("Not implemented: getOperationsStub()");
+    return null;
+  }
+
+  public com.google.api.gax.httpjson.longrunning.stub.OperationsStub getHttpJsonOperationsStub() {
+    return null;
   }
 
   public UnaryCallable<ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesPagedResponse>
@@ -204,6 +218,32 @@ public UnaryCallable<DeleteClientTlsPolicyRequest, Operation> deleteClientTlsPol
     throw new UnsupportedOperationException("Not implemented: deleteClientTlsPolicyCallable()");
   }
 
+  public UnaryCallable<ListLocationsRequest, ListLocationsPagedResponse>
+      listLocationsPagedCallable() {
+    throw new UnsupportedOperationException("Not implemented: listLocationsPagedCallable()");
+  }
+
+  public UnaryCallable<ListLocationsRequest, ListLocationsResponse> listLocationsCallable() {
+    throw new UnsupportedOperationException("Not implemented: listLocationsCallable()");
+  }
+
+  public UnaryCallable<GetLocationRequest, Location> getLocationCallable() {
+    throw new UnsupportedOperationException("Not implemented: getLocationCallable()");
+  }
+
+  public UnaryCallable<SetIamPolicyRequest, Policy> setIamPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: setIamPolicyCallable()");
+  }
+
+  public UnaryCallable<GetIamPolicyRequest, Policy> getIamPolicyCallable() {
+    throw new UnsupportedOperationException("Not implemented: getIamPolicyCallable()");
+  }
+
+  public UnaryCallable<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsCallable() {
+    throw new UnsupportedOperationException("Not implemented: testIamPermissionsCallable()");
+  }
+
   @Override
   public abstract void close();
 }
diff --git a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStubSettings.java b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStubSettings.java
index dba484ff..1541921e 100644
--- a/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStubSettings.java
+++ b/google-cloud-network-security/src/main/java/com/google/cloud/networksecurity/v1beta1/stub/NetworkSecurityStubSettings.java
@@ -18,6 +18,7 @@
 
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListLocationsPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
 
 import com.google.api.core.ApiFunction;
@@ -30,6 +31,9 @@
 import com.google.api.gax.grpc.GrpcTransportChannel;
 import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider;
 import com.google.api.gax.grpc.ProtoOperationTransformers;
+import com.google.api.gax.httpjson.GaxHttpJsonProperties;
+import com.google.api.gax.httpjson.HttpJsonTransportChannel;
+import com.google.api.gax.httpjson.InstantiatingHttpJsonChannelProvider;
 import com.google.api.gax.longrunning.OperationSnapshot;
 import com.google.api.gax.longrunning.OperationTimedPollAlgorithm;
 import com.google.api.gax.retrying.RetrySettings;
@@ -46,6 +50,10 @@
 import com.google.api.gax.rpc.TransportChannelProvider;
 import com.google.api.gax.rpc.UnaryCallSettings;
 import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
 import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
@@ -72,6 +80,11 @@
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Lists;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
 import com.google.longrunning.Operation;
 import com.google.protobuf.Empty;
 import java.io.IOException;
@@ -184,6 +197,14 @@ public class NetworkSecurityStubSettings extends StubSettings<NetworkSecurityStu
       deleteClientTlsPolicySettings;
   private final OperationCallSettings<DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
       deleteClientTlsPolicyOperationSettings;
+  private final PagedCallSettings<
+          ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>
+      listLocationsSettings;
+  private final UnaryCallSettings<GetLocationRequest, Location> getLocationSettings;
+  private final UnaryCallSettings<SetIamPolicyRequest, Policy> setIamPolicySettings;
+  private final UnaryCallSettings<GetIamPolicyRequest, Policy> getIamPolicySettings;
+  private final UnaryCallSettings<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsSettings;
 
   private static final PagedListDescriptor<
           ListAuthorizationPoliciesRequest, ListAuthorizationPoliciesResponse, AuthorizationPolicy>
@@ -314,6 +335,42 @@ public Iterable<ClientTlsPolicy> extractResources(
             }
           };
 
+  private static final PagedListDescriptor<ListLocationsRequest, ListLocationsResponse, Location>
+      LIST_LOCATIONS_PAGE_STR_DESC =
+          new PagedListDescriptor<ListLocationsRequest, ListLocationsResponse, Location>() {
+            @Override
+            public String emptyToken() {
+              return "";
+            }
+
+            @Override
+            public ListLocationsRequest injectToken(ListLocationsRequest payload, String token) {
+              return ListLocationsRequest.newBuilder(payload).setPageToken(token).build();
+            }
+
+            @Override
+            public ListLocationsRequest injectPageSize(ListLocationsRequest payload, int pageSize) {
+              return ListLocationsRequest.newBuilder(payload).setPageSize(pageSize).build();
+            }
+
+            @Override
+            public Integer extractPageSize(ListLocationsRequest payload) {
+              return payload.getPageSize();
+            }
+
+            @Override
+            public String extractNextToken(ListLocationsResponse payload) {
+              return payload.getNextPageToken();
+            }
+
+            @Override
+            public Iterable<Location> extractResources(ListLocationsResponse payload) {
+              return payload.getLocationsList() == null
+                  ? ImmutableList.<Location>of()
+                  : payload.getLocationsList();
+            }
+          };
+
   private static final PagedListResponseFactory<
           ListAuthorizationPoliciesRequest,
           ListAuthorizationPoliciesResponse,
@@ -390,6 +447,23 @@ public ApiFuture<ListClientTlsPoliciesPagedResponse> getFuturePagedResponse(
             }
           };
 
+  private static final PagedListResponseFactory<
+          ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>
+      LIST_LOCATIONS_PAGE_STR_FACT =
+          new PagedListResponseFactory<
+              ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>() {
+            @Override
+            public ApiFuture<ListLocationsPagedResponse> getFuturePagedResponse(
+                UnaryCallable<ListLocationsRequest, ListLocationsResponse> callable,
+                ListLocationsRequest request,
+                ApiCallContext context,
+                ApiFuture<ListLocationsResponse> futureResponse) {
+              PageContext<ListLocationsRequest, ListLocationsResponse, Location> pageContext =
+                  PageContext.create(callable, LIST_LOCATIONS_PAGE_STR_DESC, request, context);
+              return ListLocationsPagedResponse.createAsync(pageContext, futureResponse);
+            }
+          };
+
   /** Returns the object with the settings used for calls to listAuthorizationPolicies. */
   public PagedCallSettings<
           ListAuthorizationPoliciesRequest,
@@ -545,12 +619,44 @@ public ApiFuture<ListClientTlsPoliciesPagedResponse> getFuturePagedResponse(
     return deleteClientTlsPolicyOperationSettings;
   }
 
+  /** Returns the object with the settings used for calls to listLocations. */
+  public PagedCallSettings<ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>
+      listLocationsSettings() {
+    return listLocationsSettings;
+  }
+
+  /** Returns the object with the settings used for calls to getLocation. */
+  public UnaryCallSettings<GetLocationRequest, Location> getLocationSettings() {
+    return getLocationSettings;
+  }
+
+  /** Returns the object with the settings used for calls to setIamPolicy. */
+  public UnaryCallSettings<SetIamPolicyRequest, Policy> setIamPolicySettings() {
+    return setIamPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to getIamPolicy. */
+  public UnaryCallSettings<GetIamPolicyRequest, Policy> getIamPolicySettings() {
+    return getIamPolicySettings;
+  }
+
+  /** Returns the object with the settings used for calls to testIamPermissions. */
+  public UnaryCallSettings<TestIamPermissionsRequest, TestIamPermissionsResponse>
+      testIamPermissionsSettings() {
+    return testIamPermissionsSettings;
+  }
+
   public NetworkSecurityStub createStub() throws IOException {
     if (getTransportChannelProvider()
         .getTransportName()
         .equals(GrpcTransportChannel.getGrpcTransportName())) {
       return GrpcNetworkSecurityStub.create(this);
     }
+    if (getTransportChannelProvider()
+        .getTransportName()
+        .equals(HttpJsonTransportChannel.getHttpJsonTransportName())) {
+      return HttpJsonNetworkSecurityStub.create(this);
+    }
     throw new UnsupportedOperationException(
         String.format(
             "Transport not supported: %s", getTransportChannelProvider().getTransportName()));
@@ -583,18 +689,25 @@ public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilde
         .setUseJwtAccessWithScope(true);
   }
 
-  /** Returns a builder for the default ChannelProvider for this service. */
+  /** Returns a builder for the default gRPC ChannelProvider for this service. */
   public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() {
     return InstantiatingGrpcChannelProvider.newBuilder()
         .setMaxInboundMessageSize(Integer.MAX_VALUE);
   }
 
+  /** Returns a builder for the default REST ChannelProvider for this service. */
+  @BetaApi
+  public static InstantiatingHttpJsonChannelProvider.Builder
+      defaultHttpJsonTransportProviderBuilder() {
+    return InstantiatingHttpJsonChannelProvider.newBuilder();
+  }
+
   public static TransportChannelProvider defaultTransportChannelProvider() {
     return defaultGrpcTransportProviderBuilder().build();
   }
 
   @BetaApi("The surface for customizing headers is not stable yet and may change in the future.")
-  public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() {
+  public static ApiClientHeaderProvider.Builder defaultGrpcApiClientHeaderProviderBuilder() {
     return ApiClientHeaderProvider.newBuilder()
         .setGeneratedLibToken(
             "gapic", GaxProperties.getLibraryVersion(NetworkSecurityStubSettings.class))
@@ -602,11 +715,30 @@ public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuil
             GaxGrpcProperties.getGrpcTokenName(), GaxGrpcProperties.getGrpcVersion());
   }
 
-  /** Returns a new builder for this class. */
+  @BetaApi("The surface for customizing headers is not stable yet and may change in the future.")
+  public static ApiClientHeaderProvider.Builder defaultHttpJsonApiClientHeaderProviderBuilder() {
+    return ApiClientHeaderProvider.newBuilder()
+        .setGeneratedLibToken(
+            "gapic", GaxProperties.getLibraryVersion(NetworkSecurityStubSettings.class))
+        .setTransportToken(
+            GaxHttpJsonProperties.getHttpJsonTokenName(),
+            GaxHttpJsonProperties.getHttpJsonVersion());
+  }
+
+  public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() {
+    return NetworkSecurityStubSettings.defaultGrpcApiClientHeaderProviderBuilder();
+  }
+
+  /** Returns a new gRPC builder for this class. */
   public static Builder newBuilder() {
     return Builder.createDefault();
   }
 
+  /** Returns a new REST builder for this class. */
+  public static Builder newHttpJsonBuilder() {
+    return Builder.createHttpJsonDefault();
+  }
+
   /** Returns a new builder for this class. */
   public static Builder newBuilder(ClientContext clientContext) {
     return new Builder(clientContext);
@@ -653,6 +785,11 @@ protected NetworkSecurityStubSettings(Builder settingsBuilder) throws IOExceptio
     deleteClientTlsPolicySettings = settingsBuilder.deleteClientTlsPolicySettings().build();
     deleteClientTlsPolicyOperationSettings =
         settingsBuilder.deleteClientTlsPolicyOperationSettings().build();
+    listLocationsSettings = settingsBuilder.listLocationsSettings().build();
+    getLocationSettings = settingsBuilder.getLocationSettings().build();
+    setIamPolicySettings = settingsBuilder.setIamPolicySettings().build();
+    getIamPolicySettings = settingsBuilder.getIamPolicySettings().build();
+    testIamPermissionsSettings = settingsBuilder.testIamPermissionsSettings().build();
   }
 
   /** Builder for NetworkSecurityStubSettings. */
@@ -724,6 +861,14 @@ public static class Builder extends StubSettings.Builder<NetworkSecurityStubSett
     private final OperationCallSettings.Builder<
             DeleteClientTlsPolicyRequest, Empty, OperationMetadata>
         deleteClientTlsPolicyOperationSettings;
+    private final PagedCallSettings.Builder<
+            ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>
+        listLocationsSettings;
+    private final UnaryCallSettings.Builder<GetLocationRequest, Location> getLocationSettings;
+    private final UnaryCallSettings.Builder<SetIamPolicyRequest, Policy> setIamPolicySettings;
+    private final UnaryCallSettings.Builder<GetIamPolicyRequest, Policy> getIamPolicySettings;
+    private final UnaryCallSettings.Builder<TestIamPermissionsRequest, TestIamPermissionsResponse>
+        testIamPermissionsSettings;
     private static final ImmutableMap<String, ImmutableSet<StatusCode.Code>>
         RETRYABLE_CODE_DEFINITIONS;
 
@@ -785,6 +930,11 @@ protected Builder(ClientContext clientContext) {
       updateClientTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
       deleteClientTlsPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
       deleteClientTlsPolicyOperationSettings = OperationCallSettings.newBuilder();
+      listLocationsSettings = PagedCallSettings.newBuilder(LIST_LOCATIONS_PAGE_STR_FACT);
+      getLocationSettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      setIamPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      getIamPolicySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+      testIamPermissionsSettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
 
       unaryMethodSettingsBuilders =
           ImmutableList.<UnaryCallSettings.Builder<?, ?>>of(
@@ -802,7 +952,12 @@ protected Builder(ClientContext clientContext) {
               getClientTlsPolicySettings,
               createClientTlsPolicySettings,
               updateClientTlsPolicySettings,
-              deleteClientTlsPolicySettings);
+              deleteClientTlsPolicySettings,
+              listLocationsSettings,
+              getLocationSettings,
+              setIamPolicySettings,
+              getIamPolicySettings,
+              testIamPermissionsSettings);
       initDefaults(this);
     }
 
@@ -842,6 +997,11 @@ protected Builder(NetworkSecurityStubSettings settings) {
       deleteClientTlsPolicySettings = settings.deleteClientTlsPolicySettings.toBuilder();
       deleteClientTlsPolicyOperationSettings =
           settings.deleteClientTlsPolicyOperationSettings.toBuilder();
+      listLocationsSettings = settings.listLocationsSettings.toBuilder();
+      getLocationSettings = settings.getLocationSettings.toBuilder();
+      setIamPolicySettings = settings.setIamPolicySettings.toBuilder();
+      getIamPolicySettings = settings.getIamPolicySettings.toBuilder();
+      testIamPermissionsSettings = settings.testIamPermissionsSettings.toBuilder();
 
       unaryMethodSettingsBuilders =
           ImmutableList.<UnaryCallSettings.Builder<?, ?>>of(
@@ -859,7 +1019,12 @@ protected Builder(NetworkSecurityStubSettings settings) {
               getClientTlsPolicySettings,
               createClientTlsPolicySettings,
               updateClientTlsPolicySettings,
-              deleteClientTlsPolicySettings);
+              deleteClientTlsPolicySettings,
+              listLocationsSettings,
+              getLocationSettings,
+              setIamPolicySettings,
+              getIamPolicySettings,
+              testIamPermissionsSettings);
     }
 
     private static Builder createDefault() {
@@ -875,6 +1040,19 @@ private static Builder createDefault() {
       return initDefaults(builder);
     }
 
+    private static Builder createHttpJsonDefault() {
+      Builder builder = new Builder(((ClientContext) null));
+
+      builder.setTransportChannelProvider(defaultHttpJsonTransportProviderBuilder().build());
+      builder.setCredentialsProvider(defaultCredentialsProviderBuilder().build());
+      builder.setInternalHeaderProvider(defaultHttpJsonApiClientHeaderProviderBuilder().build());
+      builder.setEndpoint(getDefaultEndpoint());
+      builder.setMtlsEndpoint(getDefaultMtlsEndpoint());
+      builder.setSwitchToMtlsEndpointAllowed(true);
+
+      return initDefaults(builder);
+    }
+
     private static Builder initDefaults(Builder builder) {
       builder
           .listAuthorizationPoliciesSettings()
@@ -951,6 +1129,31 @@ private static Builder initDefaults(Builder builder) {
           .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
           .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
 
+      builder
+          .listLocationsSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .getLocationSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .setIamPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .getIamPolicySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
+      builder
+          .testIamPermissionsSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
+
       builder
           .createAuthorizationPolicyOperationSettings()
           .setInitialCallSettings(
@@ -1365,6 +1568,34 @@ public Builder applyToAllUnaryMethods(
       return deleteClientTlsPolicyOperationSettings;
     }
 
+    /** Returns the builder for the settings used for calls to listLocations. */
+    public PagedCallSettings.Builder<
+            ListLocationsRequest, ListLocationsResponse, ListLocationsPagedResponse>
+        listLocationsSettings() {
+      return listLocationsSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to getLocation. */
+    public UnaryCallSettings.Builder<GetLocationRequest, Location> getLocationSettings() {
+      return getLocationSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to setIamPolicy. */
+    public UnaryCallSettings.Builder<SetIamPolicyRequest, Policy> setIamPolicySettings() {
+      return setIamPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to getIamPolicy. */
+    public UnaryCallSettings.Builder<GetIamPolicyRequest, Policy> getIamPolicySettings() {
+      return getIamPolicySettings;
+    }
+
+    /** Returns the builder for the settings used for calls to testIamPermissions. */
+    public UnaryCallSettings.Builder<TestIamPermissionsRequest, TestIamPermissionsResponse>
+        testIamPermissionsSettings() {
+      return testIamPermissionsSettings;
+    }
+
     @Override
     public NetworkSecurityStubSettings build() throws IOException {
       return new NetworkSecurityStubSettings(this);
diff --git a/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockIAMPolicy.java b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockIAMPolicy.java
new file mode 100644
index 00000000..f1a9c766
--- /dev/null
+++ b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockIAMPolicy.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.grpc.testing.MockGrpcService;
+import com.google.protobuf.AbstractMessage;
+import io.grpc.ServerServiceDefinition;
+import java.util.List;
+import javax.annotation.Generated;
+
+@BetaApi
+@Generated("by gapic-generator-java")
+public class MockIAMPolicy implements MockGrpcService {
+  private final MockIAMPolicyImpl serviceImpl;
+
+  public MockIAMPolicy() {
+    serviceImpl = new MockIAMPolicyImpl();
+  }
+
+  @Override
+  public List<AbstractMessage> getRequests() {
+    return serviceImpl.getRequests();
+  }
+
+  @Override
+  public void addResponse(AbstractMessage response) {
+    serviceImpl.addResponse(response);
+  }
+
+  @Override
+  public void addException(Exception exception) {
+    serviceImpl.addException(exception);
+  }
+
+  @Override
+  public ServerServiceDefinition getServiceDefinition() {
+    return serviceImpl.bindService();
+  }
+
+  @Override
+  public void reset() {
+    serviceImpl.reset();
+  }
+}
diff --git a/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockIAMPolicyImpl.java b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockIAMPolicyImpl.java
new file mode 100644
index 00000000..1546aef0
--- /dev/null
+++ b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockIAMPolicyImpl.java
@@ -0,0 +1,127 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1;
+
+import com.google.api.core.BetaApi;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.IAMPolicyGrpc.IAMPolicyImplBase;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
+import com.google.protobuf.AbstractMessage;
+import io.grpc.stub.StreamObserver;
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Queue;
+import javax.annotation.Generated;
+
+@BetaApi
+@Generated("by gapic-generator-java")
+public class MockIAMPolicyImpl extends IAMPolicyImplBase {
+  private List<AbstractMessage> requests;
+  private Queue<Object> responses;
+
+  public MockIAMPolicyImpl() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  public List<AbstractMessage> getRequests() {
+    return requests;
+  }
+
+  public void addResponse(AbstractMessage response) {
+    responses.add(response);
+  }
+
+  public void setResponses(List<AbstractMessage> responses) {
+    this.responses = new LinkedList<Object>(responses);
+  }
+
+  public void addException(Exception exception) {
+    responses.add(exception);
+  }
+
+  public void reset() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  @Override
+  public void testIamPermissions(
+      TestIamPermissionsRequest request,
+      StreamObserver<TestIamPermissionsResponse> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof TestIamPermissionsResponse) {
+      requests.add(request);
+      responseObserver.onNext(((TestIamPermissionsResponse) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method TestIamPermissions, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  TestIamPermissionsResponse.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void setIamPolicy(SetIamPolicyRequest request, StreamObserver<Policy> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Policy) {
+      requests.add(request);
+      responseObserver.onNext(((Policy) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method SetIamPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Policy.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void getIamPolicy(GetIamPolicyRequest request, StreamObserver<Policy> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Policy) {
+      requests.add(request);
+      responseObserver.onNext(((Policy) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method GetIamPolicy, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Policy.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+}
diff --git a/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockLocations.java b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockLocations.java
new file mode 100644
index 00000000..e9ff238b
--- /dev/null
+++ b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockLocations.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.grpc.testing.MockGrpcService;
+import com.google.protobuf.AbstractMessage;
+import io.grpc.ServerServiceDefinition;
+import java.util.List;
+import javax.annotation.Generated;
+
+@BetaApi
+@Generated("by gapic-generator-java")
+public class MockLocations implements MockGrpcService {
+  private final MockLocationsImpl serviceImpl;
+
+  public MockLocations() {
+    serviceImpl = new MockLocationsImpl();
+  }
+
+  @Override
+  public List<AbstractMessage> getRequests() {
+    return serviceImpl.getRequests();
+  }
+
+  @Override
+  public void addResponse(AbstractMessage response) {
+    serviceImpl.addResponse(response);
+  }
+
+  @Override
+  public void addException(Exception exception) {
+    serviceImpl.addException(exception);
+  }
+
+  @Override
+  public ServerServiceDefinition getServiceDefinition() {
+    return serviceImpl.bindService();
+  }
+
+  @Override
+  public void reset() {
+    serviceImpl.reset();
+  }
+}
diff --git a/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockLocationsImpl.java b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockLocationsImpl.java
new file mode 100644
index 00000000..ba75e18d
--- /dev/null
+++ b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/MockLocationsImpl.java
@@ -0,0 +1,105 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1;
+
+import com.google.api.core.BetaApi;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
+import com.google.cloud.location.LocationsGrpc.LocationsImplBase;
+import com.google.protobuf.AbstractMessage;
+import io.grpc.stub.StreamObserver;
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Queue;
+import javax.annotation.Generated;
+
+@BetaApi
+@Generated("by gapic-generator-java")
+public class MockLocationsImpl extends LocationsImplBase {
+  private List<AbstractMessage> requests;
+  private Queue<Object> responses;
+
+  public MockLocationsImpl() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  public List<AbstractMessage> getRequests() {
+    return requests;
+  }
+
+  public void addResponse(AbstractMessage response) {
+    responses.add(response);
+  }
+
+  public void setResponses(List<AbstractMessage> responses) {
+    this.responses = new LinkedList<Object>(responses);
+  }
+
+  public void addException(Exception exception) {
+    responses.add(exception);
+  }
+
+  public void reset() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  @Override
+  public void listLocations(
+      ListLocationsRequest request, StreamObserver<ListLocationsResponse> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof ListLocationsResponse) {
+      requests.add(request);
+      responseObserver.onNext(((ListLocationsResponse) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method ListLocations, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  ListLocationsResponse.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
+  @Override
+  public void getLocation(GetLocationRequest request, StreamObserver<Location> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof Location) {
+      requests.add(request);
+      responseObserver.onNext(((Location) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method GetLocation, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  Location.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+}
diff --git a/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClientHttpJsonTest.java b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClientHttpJsonTest.java
new file mode 100644
index 00000000..6ceb4a72
--- /dev/null
+++ b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClientHttpJsonTest.java
@@ -0,0 +1,1920 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1;
+
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListLocationsPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
+
+import com.google.api.gax.core.NoCredentialsProvider;
+import com.google.api.gax.httpjson.GaxHttpJsonProperties;
+import com.google.api.gax.httpjson.testing.MockHttpService;
+import com.google.api.gax.rpc.ApiClientHeaderProvider;
+import com.google.api.gax.rpc.ApiException;
+import com.google.api.gax.rpc.ApiExceptionFactory;
+import com.google.api.gax.rpc.InvalidArgumentException;
+import com.google.api.gax.rpc.StatusCode;
+import com.google.api.gax.rpc.testing.FakeStatusCode;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
+import com.google.cloud.networksecurity.v1beta1.stub.HttpJsonNetworkSecurityStub;
+import com.google.common.collect.Lists;
+import com.google.iam.v1.AuditConfig;
+import com.google.iam.v1.Binding;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.GetPolicyOptions;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
+import com.google.longrunning.Operation;
+import com.google.protobuf.Any;
+import com.google.protobuf.ByteString;
+import com.google.protobuf.Empty;
+import com.google.protobuf.FieldMask;
+import com.google.protobuf.Timestamp;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.concurrent.ExecutionException;
+import javax.annotation.Generated;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+@Generated("by gapic-generator-java")
+public class NetworkSecurityClientHttpJsonTest {
+  private static MockHttpService mockService;
+  private static NetworkSecurityClient client;
+
+  @BeforeClass
+  public static void startStaticServer() throws IOException {
+    mockService =
+        new MockHttpService(
+            HttpJsonNetworkSecurityStub.getMethodDescriptors(),
+            NetworkSecuritySettings.getDefaultEndpoint());
+    NetworkSecuritySettings settings =
+        NetworkSecuritySettings.newHttpJsonBuilder()
+            .setTransportChannelProvider(
+                NetworkSecuritySettings.defaultHttpJsonTransportProviderBuilder()
+                    .setHttpTransport(mockService)
+                    .build())
+            .setCredentialsProvider(NoCredentialsProvider.create())
+            .build();
+    client = NetworkSecurityClient.create(settings);
+  }
+
+  @AfterClass
+  public static void stopServer() {
+    client.close();
+  }
+
+  @Before
+  public void setUp() {}
+
+  @After
+  public void tearDown() throws Exception {
+    mockService.reset();
+  }
+
+  @Test
+  public void listAuthorizationPoliciesTest() throws Exception {
+    AuthorizationPolicy responsesElement = AuthorizationPolicy.newBuilder().build();
+    ListAuthorizationPoliciesResponse expectedResponse =
+        ListAuthorizationPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllAuthorizationPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+
+    ListAuthorizationPoliciesPagedResponse pagedListResponse =
+        client.listAuthorizationPolicies(parent);
+
+    List<AuthorizationPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getAuthorizationPoliciesList().get(0), resources.get(0));
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void listAuthorizationPoliciesExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      client.listAuthorizationPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void listAuthorizationPoliciesTest2() throws Exception {
+    AuthorizationPolicy responsesElement = AuthorizationPolicy.newBuilder().build();
+    ListAuthorizationPoliciesResponse expectedResponse =
+        ListAuthorizationPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllAuthorizationPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    String parent = "projects/project-5833/locations/location-5833";
+
+    ListAuthorizationPoliciesPagedResponse pagedListResponse =
+        client.listAuthorizationPolicies(parent);
+
+    List<AuthorizationPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getAuthorizationPoliciesList().get(0), resources.get(0));
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void listAuthorizationPoliciesExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String parent = "projects/project-5833/locations/location-5833";
+      client.listAuthorizationPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getAuthorizationPolicyTest() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    AuthorizationPolicyName name =
+        AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+
+    AuthorizationPolicy actualResponse = client.getAuthorizationPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getAuthorizationPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      AuthorizationPolicyName name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      client.getAuthorizationPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getAuthorizationPolicyTest2() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    String name =
+        "projects/project-7969/locations/location-7969/authorizationPolicies/authorizationPolicie-7969";
+
+    AuthorizationPolicy actualResponse = client.getAuthorizationPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getAuthorizationPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String name =
+          "projects/project-7969/locations/location-7969/authorizationPolicies/authorizationPolicie-7969";
+      client.getAuthorizationPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void createAuthorizationPolicyTest() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+    AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+    String authorizationPolicyId = "authorizationPolicyId1314252166";
+
+    AuthorizationPolicy actualResponse =
+        client
+            .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+            .get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void createAuthorizationPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      String authorizationPolicyId = "authorizationPolicyId1314252166";
+      client
+          .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+          .get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void createAuthorizationPolicyTest2() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    String parent = "projects/project-5833/locations/location-5833";
+    AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+    String authorizationPolicyId = "authorizationPolicyId1314252166";
+
+    AuthorizationPolicy actualResponse =
+        client
+            .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+            .get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void createAuthorizationPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String parent = "projects/project-5833/locations/location-5833";
+      AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
+      String authorizationPolicyId = "authorizationPolicyId1314252166";
+      client
+          .createAuthorizationPolicyAsync(parent, authorizationPolicy, authorizationPolicyId)
+          .get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void updateAuthorizationPolicyTest() throws Exception {
+    AuthorizationPolicy expectedResponse =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("updateAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    AuthorizationPolicy authorizationPolicy =
+        AuthorizationPolicy.newBuilder()
+            .setName(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+            .build();
+    FieldMask updateMask = FieldMask.newBuilder().build();
+
+    AuthorizationPolicy actualResponse =
+        client.updateAuthorizationPolicyAsync(authorizationPolicy, updateMask).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void updateAuthorizationPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      AuthorizationPolicy authorizationPolicy =
+          AuthorizationPolicy.newBuilder()
+              .setName(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setDescription("description-1724546052")
+              .setCreateTime(Timestamp.newBuilder().build())
+              .setUpdateTime(Timestamp.newBuilder().build())
+              .putAllLabels(new HashMap<String, String>())
+              .addAllRules(new ArrayList<AuthorizationPolicy.Rule>())
+              .build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      client.updateAuthorizationPolicyAsync(authorizationPolicy, updateMask).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyTest() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    AuthorizationPolicyName name =
+        AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+
+    client.deleteAuthorizationPolicyAsync(name).get();
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      AuthorizationPolicyName name =
+          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      client.deleteAuthorizationPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyTest2() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteAuthorizationPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    String name =
+        "projects/project-7969/locations/location-7969/authorizationPolicies/authorizationPolicie-7969";
+
+    client.deleteAuthorizationPolicyAsync(name).get();
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void deleteAuthorizationPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String name =
+          "projects/project-7969/locations/location-7969/authorizationPolicies/authorizationPolicie-7969";
+      client.deleteAuthorizationPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void listServerTlsPoliciesTest() throws Exception {
+    ServerTlsPolicy responsesElement = ServerTlsPolicy.newBuilder().build();
+    ListServerTlsPoliciesResponse expectedResponse =
+        ListServerTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllServerTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+
+    ListServerTlsPoliciesPagedResponse pagedListResponse = client.listServerTlsPolicies(parent);
+
+    List<ServerTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getServerTlsPoliciesList().get(0), resources.get(0));
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void listServerTlsPoliciesExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      client.listServerTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void listServerTlsPoliciesTest2() throws Exception {
+    ServerTlsPolicy responsesElement = ServerTlsPolicy.newBuilder().build();
+    ListServerTlsPoliciesResponse expectedResponse =
+        ListServerTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllServerTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    String parent = "projects/project-5833/locations/location-5833";
+
+    ListServerTlsPoliciesPagedResponse pagedListResponse = client.listServerTlsPolicies(parent);
+
+    List<ServerTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getServerTlsPoliciesList().get(0), resources.get(0));
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void listServerTlsPoliciesExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String parent = "projects/project-5833/locations/location-5833";
+      client.listServerTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getServerTlsPolicyTest() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    ServerTlsPolicyName name =
+        ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+
+    ServerTlsPolicy actualResponse = client.getServerTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getServerTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      ServerTlsPolicyName name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      client.getServerTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getServerTlsPolicyTest2() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    String name =
+        "projects/project-7730/locations/location-7730/serverTlsPolicies/serverTlsPolicie-7730";
+
+    ServerTlsPolicy actualResponse = client.getServerTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getServerTlsPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String name =
+          "projects/project-7730/locations/location-7730/serverTlsPolicies/serverTlsPolicie-7730";
+      client.getServerTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void createServerTlsPolicyTest() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+    ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+    String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+
+    ServerTlsPolicy actualResponse =
+        client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void createServerTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+      client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void createServerTlsPolicyTest2() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    String parent = "projects/project-5833/locations/location-5833";
+    ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+    String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+
+    ServerTlsPolicy actualResponse =
+        client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void createServerTlsPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String parent = "projects/project-5833/locations/location-5833";
+      ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
+      String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
+      client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void updateServerTlsPolicyTest() throws Exception {
+    ServerTlsPolicy expectedResponse =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("updateServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    ServerTlsPolicy serverTlsPolicy =
+        ServerTlsPolicy.newBuilder()
+            .setName(
+                ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setAllowOpen(true)
+            .setServerCertificate(CertificateProvider.newBuilder().build())
+            .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+            .build();
+    FieldMask updateMask = FieldMask.newBuilder().build();
+
+    ServerTlsPolicy actualResponse =
+        client.updateServerTlsPolicyAsync(serverTlsPolicy, updateMask).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void updateServerTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      ServerTlsPolicy serverTlsPolicy =
+          ServerTlsPolicy.newBuilder()
+              .setName(
+                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
+                      .toString())
+              .setDescription("description-1724546052")
+              .setCreateTime(Timestamp.newBuilder().build())
+              .setUpdateTime(Timestamp.newBuilder().build())
+              .putAllLabels(new HashMap<String, String>())
+              .setAllowOpen(true)
+              .setServerCertificate(CertificateProvider.newBuilder().build())
+              .setMtlsPolicy(ServerTlsPolicy.MTLSPolicy.newBuilder().build())
+              .build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      client.updateServerTlsPolicyAsync(serverTlsPolicy, updateMask).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void deleteServerTlsPolicyTest() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    ServerTlsPolicyName name =
+        ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+
+    client.deleteServerTlsPolicyAsync(name).get();
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void deleteServerTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      ServerTlsPolicyName name =
+          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      client.deleteServerTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void deleteServerTlsPolicyTest2() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteServerTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    String name =
+        "projects/project-7730/locations/location-7730/serverTlsPolicies/serverTlsPolicie-7730";
+
+    client.deleteServerTlsPolicyAsync(name).get();
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void deleteServerTlsPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String name =
+          "projects/project-7730/locations/location-7730/serverTlsPolicies/serverTlsPolicie-7730";
+      client.deleteServerTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void listClientTlsPoliciesTest() throws Exception {
+    ClientTlsPolicy responsesElement = ClientTlsPolicy.newBuilder().build();
+    ListClientTlsPoliciesResponse expectedResponse =
+        ListClientTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllClientTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+
+    ListClientTlsPoliciesPagedResponse pagedListResponse = client.listClientTlsPolicies(parent);
+
+    List<ClientTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getClientTlsPoliciesList().get(0), resources.get(0));
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void listClientTlsPoliciesExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      client.listClientTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void listClientTlsPoliciesTest2() throws Exception {
+    ClientTlsPolicy responsesElement = ClientTlsPolicy.newBuilder().build();
+    ListClientTlsPoliciesResponse expectedResponse =
+        ListClientTlsPoliciesResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllClientTlsPolicies(Arrays.asList(responsesElement))
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    String parent = "projects/project-5833/locations/location-5833";
+
+    ListClientTlsPoliciesPagedResponse pagedListResponse = client.listClientTlsPolicies(parent);
+
+    List<ClientTlsPolicy> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getClientTlsPoliciesList().get(0), resources.get(0));
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void listClientTlsPoliciesExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String parent = "projects/project-5833/locations/location-5833";
+      client.listClientTlsPolicies(parent);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getClientTlsPolicyTest() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    ClientTlsPolicyName name =
+        ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+
+    ClientTlsPolicy actualResponse = client.getClientTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getClientTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      ClientTlsPolicyName name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      client.getClientTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getClientTlsPolicyTest2() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    String name =
+        "projects/project-6614/locations/location-6614/clientTlsPolicies/clientTlsPolicie-6614";
+
+    ClientTlsPolicy actualResponse = client.getClientTlsPolicy(name);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getClientTlsPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String name =
+          "projects/project-6614/locations/location-6614/clientTlsPolicies/clientTlsPolicie-6614";
+      client.getClientTlsPolicy(name);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void createClientTlsPolicyTest() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+    ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+    String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+
+    ClientTlsPolicy actualResponse =
+        client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void createClientTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+      client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void createClientTlsPolicyTest2() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("createClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    String parent = "projects/project-5833/locations/location-5833";
+    ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+    String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+
+    ClientTlsPolicy actualResponse =
+        client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void createClientTlsPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String parent = "projects/project-5833/locations/location-5833";
+      ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
+      String clientTlsPolicyId = "clientTlsPolicyId-188933315";
+      client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void updateClientTlsPolicyTest() throws Exception {
+    ClientTlsPolicy expectedResponse =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("updateClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    ClientTlsPolicy clientTlsPolicy =
+        ClientTlsPolicy.newBuilder()
+            .setName(
+                ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString())
+            .setDescription("description-1724546052")
+            .setCreateTime(Timestamp.newBuilder().build())
+            .setUpdateTime(Timestamp.newBuilder().build())
+            .putAllLabels(new HashMap<String, String>())
+            .setSni("sni114030")
+            .setClientCertificate(CertificateProvider.newBuilder().build())
+            .addAllServerValidationCa(new ArrayList<ValidationCA>())
+            .build();
+    FieldMask updateMask = FieldMask.newBuilder().build();
+
+    ClientTlsPolicy actualResponse =
+        client.updateClientTlsPolicyAsync(clientTlsPolicy, updateMask).get();
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void updateClientTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      ClientTlsPolicy clientTlsPolicy =
+          ClientTlsPolicy.newBuilder()
+              .setName(
+                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
+                      .toString())
+              .setDescription("description-1724546052")
+              .setCreateTime(Timestamp.newBuilder().build())
+              .setUpdateTime(Timestamp.newBuilder().build())
+              .putAllLabels(new HashMap<String, String>())
+              .setSni("sni114030")
+              .setClientCertificate(CertificateProvider.newBuilder().build())
+              .addAllServerValidationCa(new ArrayList<ValidationCA>())
+              .build();
+      FieldMask updateMask = FieldMask.newBuilder().build();
+      client.updateClientTlsPolicyAsync(clientTlsPolicy, updateMask).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void deleteClientTlsPolicyTest() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    ClientTlsPolicyName name =
+        ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+
+    client.deleteClientTlsPolicyAsync(name).get();
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void deleteClientTlsPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      ClientTlsPolicyName name =
+          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      client.deleteClientTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void deleteClientTlsPolicyTest2() throws Exception {
+    Empty expectedResponse = Empty.newBuilder().build();
+    Operation resultOperation =
+        Operation.newBuilder()
+            .setName("deleteClientTlsPolicyTest")
+            .setDone(true)
+            .setResponse(Any.pack(expectedResponse))
+            .build();
+    mockService.addResponse(resultOperation);
+
+    String name =
+        "projects/project-6614/locations/location-6614/clientTlsPolicies/clientTlsPolicie-6614";
+
+    client.deleteClientTlsPolicyAsync(name).get();
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void deleteClientTlsPolicyExceptionTest2() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      String name =
+          "projects/project-6614/locations/location-6614/clientTlsPolicies/clientTlsPolicie-6614";
+      client.deleteClientTlsPolicyAsync(name).get();
+      Assert.fail("No exception raised");
+    } catch (ExecutionException e) {
+    }
+  }
+
+  @Test
+  public void listLocationsTest() throws Exception {
+    Location responsesElement = Location.newBuilder().build();
+    ListLocationsResponse expectedResponse =
+        ListLocationsResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllLocations(Arrays.asList(responsesElement))
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    ListLocationsRequest request =
+        ListLocationsRequest.newBuilder()
+            .setName("projects/project-3664")
+            .setFilter("filter-1274492040")
+            .setPageSize(883849137)
+            .setPageToken("pageToken873572522")
+            .build();
+
+    ListLocationsPagedResponse pagedListResponse = client.listLocations(request);
+
+    List<Location> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getLocationsList().get(0), resources.get(0));
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void listLocationsExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      ListLocationsRequest request =
+          ListLocationsRequest.newBuilder()
+              .setName("projects/project-3664")
+              .setFilter("filter-1274492040")
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      client.listLocations(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getLocationTest() throws Exception {
+    Location expectedResponse =
+        Location.newBuilder()
+            .setName("name3373707")
+            .setLocationId("locationId1541836720")
+            .setDisplayName("displayName1714148973")
+            .putAllLabels(new HashMap<String, String>())
+            .setMetadata(Any.newBuilder().build())
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    GetLocationRequest request =
+        GetLocationRequest.newBuilder()
+            .setName("projects/project-9062/locations/location-9062")
+            .build();
+
+    Location actualResponse = client.getLocation(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getLocationExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      GetLocationRequest request =
+          GetLocationRequest.newBuilder()
+              .setName("projects/project-9062/locations/location-9062")
+              .build();
+      client.getLocation(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void setIamPolicyTest() throws Exception {
+    Policy expectedResponse =
+        Policy.newBuilder()
+            .setVersion(351608024)
+            .addAllBindings(new ArrayList<Binding>())
+            .addAllAuditConfigs(new ArrayList<AuditConfig>())
+            .setEtag(ByteString.EMPTY)
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    SetIamPolicyRequest request =
+        SetIamPolicyRequest.newBuilder()
+            .setResource(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setPolicy(Policy.newBuilder().build())
+            .setUpdateMask(FieldMask.newBuilder().build())
+            .build();
+
+    Policy actualResponse = client.setIamPolicy(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void setIamPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      SetIamPolicyRequest request =
+          SetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setPolicy(Policy.newBuilder().build())
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .build();
+      client.setIamPolicy(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getIamPolicyTest() throws Exception {
+    Policy expectedResponse =
+        Policy.newBuilder()
+            .setVersion(351608024)
+            .addAllBindings(new ArrayList<Binding>())
+            .addAllAuditConfigs(new ArrayList<AuditConfig>())
+            .setEtag(ByteString.EMPTY)
+            .build();
+    mockService.addResponse(expectedResponse);
+
+    GetIamPolicyRequest request =
+        GetIamPolicyRequest.newBuilder()
+            .setResource(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setOptions(GetPolicyOptions.newBuilder().build())
+            .build();
+
+    Policy actualResponse = client.getIamPolicy(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void getIamPolicyExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      GetIamPolicyRequest request =
+          GetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setOptions(GetPolicyOptions.newBuilder().build())
+              .build();
+      client.getIamPolicy(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void testIamPermissionsTest() throws Exception {
+    TestIamPermissionsResponse expectedResponse =
+        TestIamPermissionsResponse.newBuilder().addAllPermissions(new ArrayList<String>()).build();
+    mockService.addResponse(expectedResponse);
+
+    TestIamPermissionsRequest request =
+        TestIamPermissionsRequest.newBuilder()
+            .setResource(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .addAllPermissions(new ArrayList<String>())
+            .build();
+
+    TestIamPermissionsResponse actualResponse = client.testIamPermissions(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<String> actualRequests = mockService.getRequestPaths();
+    Assert.assertEquals(1, actualRequests.size());
+
+    String apiClientHeaderKey =
+        mockService
+            .getRequestHeaders()
+            .get(ApiClientHeaderProvider.getDefaultApiClientHeaderKey())
+            .iterator()
+            .next();
+    Assert.assertTrue(
+        GaxHttpJsonProperties.getDefaultApiClientHeaderPattern()
+            .matcher(apiClientHeaderKey)
+            .matches());
+  }
+
+  @Test
+  public void testIamPermissionsExceptionTest() throws Exception {
+    ApiException exception =
+        ApiExceptionFactory.createException(
+            new Exception(), FakeStatusCode.of(StatusCode.Code.INVALID_ARGUMENT), false);
+    mockService.addException(exception);
+
+    try {
+      TestIamPermissionsRequest request =
+          TestIamPermissionsRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .addAllPermissions(new ArrayList<String>())
+              .build();
+      client.testIamPermissions(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+}
diff --git a/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClientTest.java b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClientTest.java
index bf7883c3..3863fc46 100644
--- a/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClientTest.java
+++ b/google-cloud-network-security/src/test/java/com/google/cloud/networksecurity/v1beta1/NetworkSecurityClientTest.java
@@ -18,6 +18,7 @@
 
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListAuthorizationPoliciesPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListClientTlsPoliciesPagedResponse;
+import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListLocationsPagedResponse;
 import static com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient.ListServerTlsPoliciesPagedResponse;
 
 import com.google.api.gax.core.NoCredentialsProvider;
@@ -28,10 +29,23 @@
 import com.google.api.gax.rpc.ApiClientHeaderProvider;
 import com.google.api.gax.rpc.InvalidArgumentException;
 import com.google.api.gax.rpc.StatusCode;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
 import com.google.common.collect.Lists;
+import com.google.iam.v1.AuditConfig;
+import com.google.iam.v1.Binding;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.GetPolicyOptions;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
 import com.google.longrunning.Operation;
 import com.google.protobuf.AbstractMessage;
 import com.google.protobuf.Any;
+import com.google.protobuf.ByteString;
 import com.google.protobuf.Empty;
 import com.google.protobuf.FieldMask;
 import com.google.protobuf.Timestamp;
@@ -53,6 +67,8 @@
 
 @Generated("by gapic-generator-java")
 public class NetworkSecurityClientTest {
+  private static MockIAMPolicy mockIAMPolicy;
+  private static MockLocations mockLocations;
   private static MockNetworkSecurity mockNetworkSecurity;
   private static MockServiceHelper mockServiceHelper;
   private LocalChannelProvider channelProvider;
@@ -61,9 +77,12 @@ public class NetworkSecurityClientTest {
   @BeforeClass
   public static void startStaticServer() {
     mockNetworkSecurity = new MockNetworkSecurity();
+    mockLocations = new MockLocations();
+    mockIAMPolicy = new MockIAMPolicy();
     mockServiceHelper =
         new MockServiceHelper(
-            UUID.randomUUID().toString(), Arrays.<MockGrpcService>asList(mockNetworkSecurity));
+            UUID.randomUUID().toString(),
+            Arrays.<MockGrpcService>asList(mockNetworkSecurity, mockLocations, mockIAMPolicy));
     mockServiceHelper.start();
   }
 
@@ -296,8 +315,7 @@ public void createAuthorizationPolicyTest() throws Exception {
             .build();
     mockNetworkSecurity.addResponse(resultOperation);
 
-    AuthorizationPolicyName parent =
-        AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
     AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
     String authorizationPolicyId = "authorizationPolicyId1314252166";
 
@@ -327,8 +345,7 @@ public void createAuthorizationPolicyExceptionTest() throws Exception {
     mockNetworkSecurity.addException(exception);
 
     try {
-      AuthorizationPolicyName parent =
-          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
       AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
       String authorizationPolicyId = "authorizationPolicyId1314252166";
       client
@@ -759,8 +776,7 @@ public void createServerTlsPolicyTest() throws Exception {
             .build();
     mockNetworkSecurity.addResponse(resultOperation);
 
-    ServerTlsPolicyName parent =
-        ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
     ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
     String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
 
@@ -788,8 +804,7 @@ public void createServerTlsPolicyExceptionTest() throws Exception {
     mockNetworkSecurity.addException(exception);
 
     try {
-      ServerTlsPolicyName parent =
-          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
       ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
       String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
       client.createServerTlsPolicyAsync(parent, serverTlsPolicy, serverTlsPolicyId).get();
@@ -1216,8 +1231,7 @@ public void createClientTlsPolicyTest() throws Exception {
             .build();
     mockNetworkSecurity.addResponse(resultOperation);
 
-    ClientTlsPolicyName parent =
-        ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+    LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
     ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
     String clientTlsPolicyId = "clientTlsPolicyId-188933315";
 
@@ -1245,8 +1259,7 @@ public void createClientTlsPolicyExceptionTest() throws Exception {
     mockNetworkSecurity.addException(exception);
 
     try {
-      ClientTlsPolicyName parent =
-          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
       ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
       String clientTlsPolicyId = "clientTlsPolicyId-188933315";
       client.createClientTlsPolicyAsync(parent, clientTlsPolicy, clientTlsPolicyId).get();
@@ -1466,4 +1479,265 @@ public void deleteClientTlsPolicyExceptionTest2() throws Exception {
       Assert.assertEquals(StatusCode.Code.INVALID_ARGUMENT, apiException.getStatusCode().getCode());
     }
   }
+
+  @Test
+  public void listLocationsTest() throws Exception {
+    Location responsesElement = Location.newBuilder().build();
+    ListLocationsResponse expectedResponse =
+        ListLocationsResponse.newBuilder()
+            .setNextPageToken("")
+            .addAllLocations(Arrays.asList(responsesElement))
+            .build();
+    mockLocations.addResponse(expectedResponse);
+
+    ListLocationsRequest request =
+        ListLocationsRequest.newBuilder()
+            .setName("name3373707")
+            .setFilter("filter-1274492040")
+            .setPageSize(883849137)
+            .setPageToken("pageToken873572522")
+            .build();
+
+    ListLocationsPagedResponse pagedListResponse = client.listLocations(request);
+
+    List<Location> resources = Lists.newArrayList(pagedListResponse.iterateAll());
+
+    Assert.assertEquals(1, resources.size());
+    Assert.assertEquals(expectedResponse.getLocationsList().get(0), resources.get(0));
+
+    List<AbstractMessage> actualRequests = mockLocations.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    ListLocationsRequest actualRequest = ((ListLocationsRequest) actualRequests.get(0));
+
+    Assert.assertEquals(request.getName(), actualRequest.getName());
+    Assert.assertEquals(request.getFilter(), actualRequest.getFilter());
+    Assert.assertEquals(request.getPageSize(), actualRequest.getPageSize());
+    Assert.assertEquals(request.getPageToken(), actualRequest.getPageToken());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void listLocationsExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockLocations.addException(exception);
+
+    try {
+      ListLocationsRequest request =
+          ListLocationsRequest.newBuilder()
+              .setName("name3373707")
+              .setFilter("filter-1274492040")
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      client.listLocations(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getLocationTest() throws Exception {
+    Location expectedResponse =
+        Location.newBuilder()
+            .setName("name3373707")
+            .setLocationId("locationId1541836720")
+            .setDisplayName("displayName1714148973")
+            .putAllLabels(new HashMap<String, String>())
+            .setMetadata(Any.newBuilder().build())
+            .build();
+    mockLocations.addResponse(expectedResponse);
+
+    GetLocationRequest request = GetLocationRequest.newBuilder().setName("name3373707").build();
+
+    Location actualResponse = client.getLocation(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockLocations.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetLocationRequest actualRequest = ((GetLocationRequest) actualRequests.get(0));
+
+    Assert.assertEquals(request.getName(), actualRequest.getName());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getLocationExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockLocations.addException(exception);
+
+    try {
+      GetLocationRequest request = GetLocationRequest.newBuilder().setName("name3373707").build();
+      client.getLocation(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void setIamPolicyTest() throws Exception {
+    Policy expectedResponse =
+        Policy.newBuilder()
+            .setVersion(351608024)
+            .addAllBindings(new ArrayList<Binding>())
+            .addAllAuditConfigs(new ArrayList<AuditConfig>())
+            .setEtag(ByteString.EMPTY)
+            .build();
+    mockIAMPolicy.addResponse(expectedResponse);
+
+    SetIamPolicyRequest request =
+        SetIamPolicyRequest.newBuilder()
+            .setResource(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setPolicy(Policy.newBuilder().build())
+            .setUpdateMask(FieldMask.newBuilder().build())
+            .build();
+
+    Policy actualResponse = client.setIamPolicy(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockIAMPolicy.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    SetIamPolicyRequest actualRequest = ((SetIamPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(request.getResource(), actualRequest.getResource());
+    Assert.assertEquals(request.getPolicy(), actualRequest.getPolicy());
+    Assert.assertEquals(request.getUpdateMask(), actualRequest.getUpdateMask());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void setIamPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockIAMPolicy.addException(exception);
+
+    try {
+      SetIamPolicyRequest request =
+          SetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setPolicy(Policy.newBuilder().build())
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .build();
+      client.setIamPolicy(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void getIamPolicyTest() throws Exception {
+    Policy expectedResponse =
+        Policy.newBuilder()
+            .setVersion(351608024)
+            .addAllBindings(new ArrayList<Binding>())
+            .addAllAuditConfigs(new ArrayList<AuditConfig>())
+            .setEtag(ByteString.EMPTY)
+            .build();
+    mockIAMPolicy.addResponse(expectedResponse);
+
+    GetIamPolicyRequest request =
+        GetIamPolicyRequest.newBuilder()
+            .setResource(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .setOptions(GetPolicyOptions.newBuilder().build())
+            .build();
+
+    Policy actualResponse = client.getIamPolicy(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockIAMPolicy.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GetIamPolicyRequest actualRequest = ((GetIamPolicyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(request.getResource(), actualRequest.getResource());
+    Assert.assertEquals(request.getOptions(), actualRequest.getOptions());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void getIamPolicyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockIAMPolicy.addException(exception);
+
+    try {
+      GetIamPolicyRequest request =
+          GetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setOptions(GetPolicyOptions.newBuilder().build())
+              .build();
+      client.getIamPolicy(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void testIamPermissionsTest() throws Exception {
+    TestIamPermissionsResponse expectedResponse =
+        TestIamPermissionsResponse.newBuilder().addAllPermissions(new ArrayList<String>()).build();
+    mockIAMPolicy.addResponse(expectedResponse);
+
+    TestIamPermissionsRequest request =
+        TestIamPermissionsRequest.newBuilder()
+            .setResource(
+                AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                    .toString())
+            .addAllPermissions(new ArrayList<String>())
+            .build();
+
+    TestIamPermissionsResponse actualResponse = client.testIamPermissions(request);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockIAMPolicy.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    TestIamPermissionsRequest actualRequest = ((TestIamPermissionsRequest) actualRequests.get(0));
+
+    Assert.assertEquals(request.getResource(), actualRequest.getResource());
+    Assert.assertEquals(request.getPermissionsList(), actualRequest.getPermissionsList());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void testIamPermissionsExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockIAMPolicy.addException(exception);
+
+    try {
+      TestIamPermissionsRequest request =
+          TestIamPermissionsRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .addAllPermissions(new ArrayList<String>())
+              .build();
+      client.testIamPermissions(request);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
 }
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicy.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicy.java
index 997517ad..a74cec82 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicy.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicy.java
@@ -377,10 +377,10 @@ public interface RuleOrBuilder
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -393,10 +393,10 @@ public interface RuleOrBuilder
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -408,10 +408,10 @@ public interface RuleOrBuilder
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -423,10 +423,10 @@ public interface RuleOrBuilder
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -441,10 +441,10 @@ public interface RuleOrBuilder
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -458,9 +458,9 @@ public interface RuleOrBuilder
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -475,9 +475,9 @@ public interface RuleOrBuilder
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -492,9 +492,9 @@ com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Destination ge
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -508,9 +508,9 @@ com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Destination ge
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -528,9 +528,9 @@ com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Destination ge
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -679,11 +679,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -696,11 +696,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -713,11 +713,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -731,11 +731,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -750,11 +750,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -766,11 +766,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -782,11 +782,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -799,11 +799,11 @@ public interface SourceOrBuilder
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -937,11 +937,11 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -956,11 +956,11 @@ public com.google.protobuf.ProtocolStringList getPrincipalsList() {
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -975,11 +975,11 @@ public int getPrincipalsCount() {
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -995,11 +995,11 @@ public java.lang.String getPrincipals(int index) {
        *
        *
        * <pre>
-       * Optional. List of peer identities to match for authorization. At least one
-       * principal should match. Each peer can be an exact match, or a prefix
-       * match (example, "namespace/&#42;") or a suffix match (example, //
-       * *&#47;service-account") or a presence match "*". Authorization based on the
-       * principal name without certificate validation (configured by
+       * Optional. List of peer identities to match for authorization. At least
+       * one principal should match. Each peer can be an exact match, or a
+       * prefix match (example, "namespace/&#42;") or a suffix match (example,
+       * "*&#47;service-account") or a presence match "*". Authorization based on
+       * the principal name without certificate validation (configured by
        * ServerTlsPolicy resource) is considered insecure.
        * </pre>
        *
@@ -1018,11 +1018,11 @@ public com.google.protobuf.ByteString getPrincipalsBytes(int index) {
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1036,11 +1036,11 @@ public com.google.protobuf.ProtocolStringList getIpBlocksList() {
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1054,11 +1054,11 @@ public int getIpBlocksCount() {
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1073,11 +1073,11 @@ public java.lang.String getIpBlocks(int index) {
        *
        *
        * <pre>
-       * Optional. List of CIDR ranges to match based on source IP address. At least one
-       * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-       * "1.2.3.0/24") are supported. Authorization based on source IP alone
-       * should be avoided. The IP addresses of any load balancers or proxies
-       * should be considered untrusted.
+       * Optional. List of CIDR ranges to match based on source IP address. At
+       * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+       * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+       * alone should be avoided. The IP addresses of any load balancers or
+       * proxies should be considered untrusted.
        * </pre>
        *
        * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1499,11 +1499,11 @@ private void ensurePrincipalsIsMutable() {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1518,11 +1518,11 @@ public com.google.protobuf.ProtocolStringList getPrincipalsList() {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1537,11 +1537,11 @@ public int getPrincipalsCount() {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1557,11 +1557,11 @@ public java.lang.String getPrincipals(int index) {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1577,11 +1577,11 @@ public com.google.protobuf.ByteString getPrincipalsBytes(int index) {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1604,11 +1604,11 @@ public Builder setPrincipals(int index, java.lang.String value) {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1630,11 +1630,11 @@ public Builder addPrincipals(java.lang.String value) {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1653,11 +1653,11 @@ public Builder addAllPrincipals(java.lang.Iterable<java.lang.String> values) {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1675,11 +1675,11 @@ public Builder clearPrincipals() {
          *
          *
          * <pre>
-         * Optional. List of peer identities to match for authorization. At least one
-         * principal should match. Each peer can be an exact match, or a prefix
-         * match (example, "namespace/&#42;") or a suffix match (example, //
-         * *&#47;service-account") or a presence match "*". Authorization based on the
-         * principal name without certificate validation (configured by
+         * Optional. List of peer identities to match for authorization. At least
+         * one principal should match. Each peer can be an exact match, or a
+         * prefix match (example, "namespace/&#42;") or a suffix match (example,
+         * "*&#47;service-account") or a presence match "*". Authorization based on
+         * the principal name without certificate validation (configured by
          * ServerTlsPolicy resource) is considered insecure.
          * </pre>
          *
@@ -1712,11 +1712,11 @@ private void ensureIpBlocksIsMutable() {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1730,11 +1730,11 @@ public com.google.protobuf.ProtocolStringList getIpBlocksList() {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1748,11 +1748,11 @@ public int getIpBlocksCount() {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1767,11 +1767,11 @@ public java.lang.String getIpBlocks(int index) {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1786,11 +1786,11 @@ public com.google.protobuf.ByteString getIpBlocksBytes(int index) {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1812,11 +1812,11 @@ public Builder setIpBlocks(int index, java.lang.String value) {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1837,11 +1837,11 @@ public Builder addIpBlocks(java.lang.String value) {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1859,11 +1859,11 @@ public Builder addAllIpBlocks(java.lang.Iterable<java.lang.String> values) {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1880,11 +1880,11 @@ public Builder clearIpBlocks() {
          *
          *
          * <pre>
-         * Optional. List of CIDR ranges to match based on source IP address. At least one
-         * IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-         * "1.2.3.0/24") are supported. Authorization based on source IP alone
-         * should be avoided. The IP addresses of any load balancers or proxies
-         * should be considered untrusted.
+         * Optional. List of CIDR ranges to match based on source IP address. At
+         * least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+         * (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+         * alone should be avoided. The IP addresses of any load balancers or
+         * proxies should be considered untrusted.
          * </pre>
          *
          * <code>repeated string ip_blocks = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1968,10 +1968,10 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -1983,10 +1983,10 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -1998,10 +1998,10 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -2014,10 +2014,10 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -2031,7 +2031,8 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Required. List of destination ports to match. At least one port should match.
+       * Required. List of destination ports to match. At least one port should
+       * match.
        * </pre>
        *
        * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -2043,7 +2044,8 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Required. List of destination ports to match. At least one port should match.
+       * Required. List of destination ports to match. At least one port should
+       * match.
        * </pre>
        *
        * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -2055,7 +2057,8 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Required. List of destination ports to match. At least one port should match.
+       * Required. List of destination ports to match. At least one port should
+       * match.
        * </pre>
        *
        * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -2124,11 +2127,11 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Optional. Match against key:value pair in http header. Provides a flexible match
-       * based on HTTP headers, for potentially advanced use cases. At least one
-       * header should match. Avoid using header matches to make authorization
-       * decisions unless there is a strong guarantee that requests arrive
-       * through a trusted client or proxy.
+       * Optional. Match against key:value pair in http header. Provides a
+       * flexible match based on HTTP headers, for potentially advanced use
+       * cases. At least one header should match. Avoid using header matches to
+       * make authorization decisions unless there is a strong guarantee that
+       * requests arrive through a trusted client or proxy.
        * </pre>
        *
        * <code>
@@ -2142,11 +2145,11 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Optional. Match against key:value pair in http header. Provides a flexible match
-       * based on HTTP headers, for potentially advanced use cases. At least one
-       * header should match. Avoid using header matches to make authorization
-       * decisions unless there is a strong guarantee that requests arrive
-       * through a trusted client or proxy.
+       * Optional. Match against key:value pair in http header. Provides a
+       * flexible match based on HTTP headers, for potentially advanced use
+       * cases. At least one header should match. Avoid using header matches to
+       * make authorization decisions unless there is a strong guarantee that
+       * requests arrive through a trusted client or proxy.
        * </pre>
        *
        * <code>
@@ -2161,11 +2164,11 @@ public interface DestinationOrBuilder
        *
        *
        * <pre>
-       * Optional. Match against key:value pair in http header. Provides a flexible match
-       * based on HTTP headers, for potentially advanced use cases. At least one
-       * header should match. Avoid using header matches to make authorization
-       * decisions unless there is a strong guarantee that requests arrive
-       * through a trusted client or proxy.
+       * Optional. Match against key:value pair in http header. Provides a
+       * flexible match based on HTTP headers, for potentially advanced use
+       * cases. At least one header should match. Avoid using header matches to
+       * make authorization decisions unless there is a strong guarantee that
+       * requests arrive through a trusted client or proxy.
        * </pre>
        *
        * <code>
@@ -2441,7 +2444,7 @@ public interface HttpHeaderMatchOrBuilder
        *
        *
        * <pre>
-       * Specification of HTTP header match atrributes.
+       * Specification of HTTP header match attributes.
        * </pre>
        *
        * Protobuf type {@code
@@ -2949,7 +2952,7 @@ protected Builder newBuilderForType(
          *
          *
          * <pre>
-         * Specification of HTTP header match atrributes.
+         * Specification of HTTP header match attributes.
          * </pre>
          *
          * Protobuf type {@code
@@ -3528,10 +3531,10 @@ public com.google.protobuf.Parser<HttpHeaderMatch> getParserForType() {
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -3545,10 +3548,10 @@ public com.google.protobuf.ProtocolStringList getHostsList() {
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -3562,10 +3565,10 @@ public int getHostsCount() {
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -3580,10 +3583,10 @@ public java.lang.String getHosts(int index) {
        *
        *
        * <pre>
-       * Required. List of host names to match. Matched against the ":authority" header in
-       * http requests. At least one host should match. Each host can be an
-       * exact match, or a prefix match (example "mydomain.*") or a suffix
-       * match (example // *.myorg.com") or a presence(any) match "*".
+       * Required. List of host names to match. Matched against the ":authority"
+       * header in http requests. At least one host should match. Each host can
+       * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+       * match (example "*.myorg.com") or a presence (any) match "*".
        * </pre>
        *
        * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -3601,7 +3604,8 @@ public com.google.protobuf.ByteString getHostsBytes(int index) {
        *
        *
        * <pre>
-       * Required. List of destination ports to match. At least one port should match.
+       * Required. List of destination ports to match. At least one port should
+       * match.
        * </pre>
        *
        * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -3616,7 +3620,8 @@ public java.util.List<java.lang.Integer> getPortsList() {
        *
        *
        * <pre>
-       * Required. List of destination ports to match. At least one port should match.
+       * Required. List of destination ports to match. At least one port should
+       * match.
        * </pre>
        *
        * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -3630,7 +3635,8 @@ public int getPortsCount() {
        *
        *
        * <pre>
-       * Required. List of destination ports to match. At least one port should match.
+       * Required. List of destination ports to match. At least one port should
+       * match.
        * </pre>
        *
        * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -3717,11 +3723,11 @@ public com.google.protobuf.ByteString getMethodsBytes(int index) {
        *
        *
        * <pre>
-       * Optional. Match against key:value pair in http header. Provides a flexible match
-       * based on HTTP headers, for potentially advanced use cases. At least one
-       * header should match. Avoid using header matches to make authorization
-       * decisions unless there is a strong guarantee that requests arrive
-       * through a trusted client or proxy.
+       * Optional. Match against key:value pair in http header. Provides a
+       * flexible match based on HTTP headers, for potentially advanced use
+       * cases. At least one header should match. Avoid using header matches to
+       * make authorization decisions unless there is a strong guarantee that
+       * requests arrive through a trusted client or proxy.
        * </pre>
        *
        * <code>
@@ -3738,11 +3744,11 @@ public boolean hasHttpHeaderMatch() {
        *
        *
        * <pre>
-       * Optional. Match against key:value pair in http header. Provides a flexible match
-       * based on HTTP headers, for potentially advanced use cases. At least one
-       * header should match. Avoid using header matches to make authorization
-       * decisions unless there is a strong guarantee that requests arrive
-       * through a trusted client or proxy.
+       * Optional. Match against key:value pair in http header. Provides a
+       * flexible match based on HTTP headers, for potentially advanced use
+       * cases. At least one header should match. Avoid using header matches to
+       * make authorization decisions unless there is a strong guarantee that
+       * requests arrive through a trusted client or proxy.
        * </pre>
        *
        * <code>
@@ -3764,11 +3770,11 @@ public boolean hasHttpHeaderMatch() {
        *
        *
        * <pre>
-       * Optional. Match against key:value pair in http header. Provides a flexible match
-       * based on HTTP headers, for potentially advanced use cases. At least one
-       * header should match. Avoid using header matches to make authorization
-       * decisions unless there is a strong guarantee that requests arrive
-       * through a trusted client or proxy.
+       * Optional. Match against key:value pair in http header. Provides a
+       * flexible match based on HTTP headers, for potentially advanced use
+       * cases. At least one header should match. Avoid using header matches to
+       * make authorization decisions unless there is a strong guarantee that
+       * requests arrive through a trusted client or proxy.
        * </pre>
        *
        * <code>
@@ -4270,10 +4276,10 @@ private void ensureHostsIsMutable() {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4287,10 +4293,10 @@ public com.google.protobuf.ProtocolStringList getHostsList() {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4304,10 +4310,10 @@ public int getHostsCount() {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4322,10 +4328,10 @@ public java.lang.String getHosts(int index) {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4340,10 +4346,10 @@ public com.google.protobuf.ByteString getHostsBytes(int index) {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4365,10 +4371,10 @@ public Builder setHosts(int index, java.lang.String value) {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4389,10 +4395,10 @@ public Builder addHosts(java.lang.String value) {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4410,10 +4416,10 @@ public Builder addAllHosts(java.lang.Iterable<java.lang.String> values) {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4430,10 +4436,10 @@ public Builder clearHosts() {
          *
          *
          * <pre>
-         * Required. List of host names to match. Matched against the ":authority" header in
-         * http requests. At least one host should match. Each host can be an
-         * exact match, or a prefix match (example "mydomain.*") or a suffix
-         * match (example // *.myorg.com") or a presence(any) match "*".
+         * Required. List of host names to match. Matched against the ":authority"
+         * header in http requests. At least one host should match. Each host can
+         * be an exact match, or a prefix match (example "mydomain.*") or a suffix
+         * match (example "*.myorg.com") or a presence (any) match "*".
          * </pre>
          *
          * <code>repeated string hosts = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4464,7 +4470,8 @@ private void ensurePortsIsMutable() {
          *
          *
          * <pre>
-         * Required. List of destination ports to match. At least one port should match.
+         * Required. List of destination ports to match. At least one port should
+         * match.
          * </pre>
          *
          * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4480,7 +4487,8 @@ public java.util.List<java.lang.Integer> getPortsList() {
          *
          *
          * <pre>
-         * Required. List of destination ports to match. At least one port should match.
+         * Required. List of destination ports to match. At least one port should
+         * match.
          * </pre>
          *
          * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4494,7 +4502,8 @@ public int getPortsCount() {
          *
          *
          * <pre>
-         * Required. List of destination ports to match. At least one port should match.
+         * Required. List of destination ports to match. At least one port should
+         * match.
          * </pre>
          *
          * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4509,7 +4518,8 @@ public int getPorts(int index) {
          *
          *
          * <pre>
-         * Required. List of destination ports to match. At least one port should match.
+         * Required. List of destination ports to match. At least one port should
+         * match.
          * </pre>
          *
          * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4528,7 +4538,8 @@ public Builder setPorts(int index, int value) {
          *
          *
          * <pre>
-         * Required. List of destination ports to match. At least one port should match.
+         * Required. List of destination ports to match. At least one port should
+         * match.
          * </pre>
          *
          * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4546,7 +4557,8 @@ public Builder addPorts(int value) {
          *
          *
          * <pre>
-         * Required. List of destination ports to match. At least one port should match.
+         * Required. List of destination ports to match. At least one port should
+         * match.
          * </pre>
          *
          * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4564,7 +4576,8 @@ public Builder addAllPorts(java.lang.Iterable<? extends java.lang.Integer> value
          *
          *
          * <pre>
-         * Required. List of destination ports to match. At least one port should match.
+         * Required. List of destination ports to match. At least one port should
+         * match.
          * </pre>
          *
          * <code>repeated uint32 ports = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -4770,11 +4783,11 @@ public Builder addMethodsBytes(com.google.protobuf.ByteString value) {
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4790,11 +4803,11 @@ public boolean hasHttpHeaderMatch() {
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4819,11 +4832,11 @@ public boolean hasHttpHeaderMatch() {
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4850,11 +4863,11 @@ public Builder setHttpHeaderMatch(
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4878,11 +4891,11 @@ public Builder setHttpHeaderMatch(
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4914,11 +4927,11 @@ public Builder mergeHttpHeaderMatch(
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4940,11 +4953,11 @@ public Builder clearHttpHeaderMatch() {
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4962,11 +4975,11 @@ public Builder clearHttpHeaderMatch() {
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -4989,11 +5002,11 @@ public Builder clearHttpHeaderMatch() {
          *
          *
          * <pre>
-         * Optional. Match against key:value pair in http header. Provides a flexible match
-         * based on HTTP headers, for potentially advanced use cases. At least one
-         * header should match. Avoid using header matches to make authorization
-         * decisions unless there is a strong guarantee that requests arrive
-         * through a trusted client or proxy.
+         * Optional. Match against key:value pair in http header. Provides a
+         * flexible match based on HTTP headers, for potentially advanced use
+         * cases. At least one header should match. Avoid using header matches to
+         * make authorization decisions unless there is a strong guarantee that
+         * requests arrive through a trusted client or proxy.
          * </pre>
          *
          * <code>
@@ -5087,10 +5100,10 @@ public com.google.protobuf.Parser<Destination> getParserForType() {
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -5106,10 +5119,10 @@ public com.google.protobuf.Parser<Destination> getParserForType() {
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -5127,10 +5140,10 @@ public com.google.protobuf.Parser<Destination> getParserForType() {
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -5145,10 +5158,10 @@ public int getSourcesCount() {
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -5164,10 +5177,10 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Source
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic source. All of the sources must match.
-     * A source is a match if both principals and ip_blocks match. If not set,
-     * the action specified in the 'action' field will be applied without any
-     * rule checks for the source.
+     * Optional. List of attributes for the traffic source. All of the sources
+     * must match. A source is a match if both principals and ip_blocks match.
+     * If not set, the action specified in the 'action' field will be applied
+     * without any rule checks for the source.
      * </pre>
      *
      * <code>
@@ -5188,9 +5201,9 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Source
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -5209,9 +5222,9 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Source
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -5232,9 +5245,9 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Source
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -5251,9 +5264,9 @@ public int getDestinationsCount() {
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -5271,9 +5284,9 @@ public int getDestinationsCount() {
      *
      *
      * <pre>
-     * Optional. List of attributes for the traffic destination. All of the destinations
-     * must match. A destination is a match if a request matches all the
-     * specified hosts, ports, methods and headers. If not set, the
+     * Optional. List of attributes for the traffic destination. All of the
+     * destinations must match. A destination is a match if a request matches
+     * all the specified hosts, ports, methods and headers. If not set, the
      * action specified in the 'action' field will be applied without any rule
      * checks for the destination.
      * </pre>
@@ -5739,10 +5752,10 @@ private void ensureSourcesIsMutable() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5762,10 +5775,10 @@ private void ensureSourcesIsMutable() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5783,10 +5796,10 @@ public int getSourcesCount() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5805,10 +5818,10 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule.Source
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5834,10 +5847,10 @@ public Builder setSources(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5861,10 +5874,10 @@ public Builder setSources(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5889,10 +5902,10 @@ public Builder addSources(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5918,10 +5931,10 @@ public Builder addSources(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5944,10 +5957,10 @@ public Builder addSources(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5971,10 +5984,10 @@ public Builder addSources(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -5999,10 +6012,10 @@ public Builder addAllSources(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6023,10 +6036,10 @@ public Builder clearSources() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6047,10 +6060,10 @@ public Builder removeSources(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6065,10 +6078,10 @@ public Builder removeSources(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6087,10 +6100,10 @@ public Builder removeSources(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6111,10 +6124,10 @@ public Builder removeSources(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6132,10 +6145,10 @@ public Builder removeSources(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6154,10 +6167,10 @@ public Builder removeSources(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic source. All of the sources must match.
-       * A source is a match if both principals and ip_blocks match. If not set,
-       * the action specified in the 'action' field will be applied without any
-       * rule checks for the source.
+       * Optional. List of attributes for the traffic source. All of the sources
+       * must match. A source is a match if both principals and ip_blocks match.
+       * If not set, the action specified in the 'action' field will be applied
+       * without any rule checks for the source.
        * </pre>
        *
        * <code>
@@ -6213,9 +6226,9 @@ private void ensureDestinationsIsMutable() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6237,9 +6250,9 @@ private void ensureDestinationsIsMutable() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6259,9 +6272,9 @@ public int getDestinationsCount() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6282,9 +6295,9 @@ public int getDestinationsCount() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6312,9 +6325,9 @@ public Builder setDestinations(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6340,9 +6353,9 @@ public Builder setDestinations(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6369,9 +6382,9 @@ public Builder addDestinations(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6399,9 +6412,9 @@ public Builder addDestinations(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6426,9 +6439,9 @@ public Builder addDestinations(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6454,9 +6467,9 @@ public Builder addDestinations(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6483,9 +6496,9 @@ public Builder addAllDestinations(
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6508,9 +6521,9 @@ public Builder clearDestinations() {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6533,9 +6546,9 @@ public Builder removeDestinations(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6552,9 +6565,9 @@ public Builder removeDestinations(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6575,9 +6588,9 @@ public Builder removeDestinations(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6601,9 +6614,9 @@ public Builder removeDestinations(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6623,9 +6636,9 @@ public Builder removeDestinations(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6646,9 +6659,9 @@ public Builder removeDestinations(int index) {
        *
        *
        * <pre>
-       * Optional. List of attributes for the traffic destination. All of the destinations
-       * must match. A destination is a match if a request matches all the
-       * specified hosts, ports, methods and headers. If not set, the
+       * Optional. List of attributes for the traffic destination. All of the
+       * destinations must match. A destination is a match if a request matches
+       * all the specified hosts, ports, methods and headers. If not set, the
        * action specified in the 'action' field will be applied without any rule
        * checks for the destination.
        * </pre>
@@ -6968,7 +6981,8 @@ public int getLabelsCount() {
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -6990,7 +7004,8 @@ public java.util.Map<java.lang.String, java.lang.String> getLabels() {
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -7003,7 +7018,8 @@ public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -7020,7 +7036,8 @@ public java.lang.String getLabelsOrDefault(java.lang.String key, java.lang.Strin
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -7087,10 +7104,11 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Action getAc
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -7106,10 +7124,11 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Action getAc
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -7126,10 +7145,11 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Action getAc
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -7144,10 +7164,11 @@ public int getRulesCount() {
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -7162,10 +7183,11 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule getRule
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -8340,7 +8362,8 @@ public int getLabelsCount() {
      *
      *
      * <pre>
-     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * Optional. Set of label tags associated with the AuthorizationPolicy
+     * resource.
      * </pre>
      *
      * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -8362,7 +8385,8 @@ public java.util.Map<java.lang.String, java.lang.String> getLabels() {
      *
      *
      * <pre>
-     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * Optional. Set of label tags associated with the AuthorizationPolicy
+     * resource.
      * </pre>
      *
      * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -8375,7 +8399,8 @@ public java.util.Map<java.lang.String, java.lang.String> getLabelsMap() {
      *
      *
      * <pre>
-     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * Optional. Set of label tags associated with the AuthorizationPolicy
+     * resource.
      * </pre>
      *
      * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -8393,7 +8418,8 @@ public java.lang.String getLabelsOrDefault(
      *
      *
      * <pre>
-     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * Optional. Set of label tags associated with the AuthorizationPolicy
+     * resource.
      * </pre>
      *
      * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -8418,7 +8444,8 @@ public Builder clearLabels() {
      *
      *
      * <pre>
-     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * Optional. Set of label tags associated with the AuthorizationPolicy
+     * resource.
      * </pre>
      *
      * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -8439,7 +8466,8 @@ public java.util.Map<java.lang.String, java.lang.String> getMutableLabels() {
      *
      *
      * <pre>
-     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * Optional. Set of label tags associated with the AuthorizationPolicy
+     * resource.
      * </pre>
      *
      * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -8459,7 +8487,8 @@ public Builder putLabels(java.lang.String key, java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+     * Optional. Set of label tags associated with the AuthorizationPolicy
+     * resource.
      * </pre>
      *
      * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -8600,10 +8629,11 @@ private void ensureRulesIsMutable() {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8622,10 +8652,11 @@ private void ensureRulesIsMutable() {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8643,10 +8674,11 @@ public int getRulesCount() {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8664,10 +8696,11 @@ public com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy.Rule getRule
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8692,10 +8725,11 @@ public Builder setRules(
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8718,10 +8752,11 @@ public Builder setRules(
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8746,10 +8781,11 @@ public Builder addRules(
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8774,10 +8810,11 @@ public Builder addRules(
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8799,10 +8836,11 @@ public Builder addRules(
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8825,10 +8863,11 @@ public Builder addRules(
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8852,10 +8891,11 @@ public Builder addAllRules(
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8876,10 +8916,11 @@ public Builder clearRules() {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8900,10 +8941,11 @@ public Builder removeRules(int index) {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8918,10 +8960,11 @@ public Builder removeRules(int index) {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8940,10 +8983,11 @@ public Builder removeRules(int index) {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8963,10 +9007,11 @@ public Builder removeRules(int index) {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -8984,10 +9029,11 @@ public Builder removeRules(int index) {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
@@ -9006,10 +9052,11 @@ public Builder removeRules(int index) {
      *
      *
      * <pre>
-     * Optional. List of rules to match. Note that at least one of the rules must match in
-     * order for the action specified in the 'action' field to be taken. A rule is
-     * a match if there is a matching source and destination. If left blank, the
-     * action specified in the `action` field will be applied on every request.
+     * Optional. List of rules to match. Note that at least one of the rules must
+     * match in order for the action specified in the 'action' field to be taken.
+     * A rule is a match if there is a matching source and destination. If left
+     * blank, the action specified in the `action` field will be applied on every
+     * request.
      * </pre>
      *
      * <code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyOrBuilder.java
index fb8ebbfd..b4af2d77 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyOrBuilder.java
@@ -155,7 +155,8 @@ public interface AuthorizationPolicyOrBuilder
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -165,7 +166,8 @@ public interface AuthorizationPolicyOrBuilder
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -178,7 +180,8 @@ public interface AuthorizationPolicyOrBuilder
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -188,7 +191,8 @@ public interface AuthorizationPolicyOrBuilder
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -203,7 +207,8 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Set of label tags associated with the AuthorizationPolicy resource.
+   * Optional. Set of label tags associated with the AuthorizationPolicy
+   * resource.
    * </pre>
    *
    * <code>map&lt;string, string&gt; labels = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -245,10 +250,11 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -260,10 +266,11 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -275,10 +282,11 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -290,10 +298,11 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
@@ -307,10 +316,11 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. List of rules to match. Note that at least one of the rules must match in
-   * order for the action specified in the 'action' field to be taken. A rule is
-   * a match if there is a matching source and destination. If left blank, the
-   * action specified in the `action` field will be applied on every request.
+   * Optional. List of rules to match. Note that at least one of the rules must
+   * match in order for the action specified in the 'action' field to be taken.
+   * A rule is a match if there is a matching source and destination. If left
+   * blank, the action specified in the `action` field will be applied on every
+   * request.
    * </pre>
    *
    * <code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyProto.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyProto.java
index f365aff7..ac66c7a9 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyProto.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/AuthorizationPolicyProto.java
@@ -89,69 +89,69 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "networksecurity.v1beta1\032\037google/api/fiel"
           + "d_behavior.proto\032\031google/api/resource.pr"
           + "oto\032 google/protobuf/field_mask.proto\032\037g"
-          + "oogle/protobuf/timestamp.proto\032\034google/a"
-          + "pi/annotations.proto\"\317\t\n\023AuthorizationPo"
-          + "licy\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\030\n\013description\030\002"
-          + " \001(\tB\003\340A\001\0224\n\013create_time\030\003 \001(\0132\032.google."
-          + "protobuf.TimestampB\003\340A\003\0224\n\013update_time\030\004"
-          + " \001(\0132\032.google.protobuf.TimestampB\003\340A\003\022Z\n"
-          + "\006labels\030\005 \003(\0132E.google.cloud.networksecu"
-          + "rity.v1beta1.AuthorizationPolicy.LabelsE"
-          + "ntryB\003\340A\001\022U\n\006action\030\006 \001(\0162@.google.cloud"
-          + ".networksecurity.v1beta1.AuthorizationPo"
-          + "licy.ActionB\003\340A\002\022R\n\005rules\030\007 \003(\0132>.google"
-          + ".cloud.networksecurity.v1beta1.Authoriza"
-          + "tionPolicy.RuleB\003\340A\001\032\240\004\n\004Rule\022[\n\007sources"
-          + "\030\001 \003(\0132E.google.cloud.networksecurity.v1"
-          + "beta1.AuthorizationPolicy.Rule.SourceB\003\340"
-          + "A\001\022e\n\014destinations\030\002 \003(\0132J.google.cloud."
-          + "networksecurity.v1beta1.AuthorizationPol"
-          + "icy.Rule.DestinationB\003\340A\001\0329\n\006Source\022\027\n\np"
-          + "rincipals\030\001 \003(\tB\003\340A\001\022\026\n\tip_blocks\030\002 \003(\tB"
-          + "\003\340A\001\032\230\002\n\013Destination\022\022\n\005hosts\030\001 \003(\tB\003\340A\002"
-          + "\022\022\n\005ports\030\002 \003(\rB\003\340A\002\022\024\n\007methods\030\004 \003(\tB\003\340"
-          + "A\001\022z\n\021http_header_match\030\005 \001(\0132Z.google.c"
+          + "oogle/protobuf/timestamp.proto\"\317\t\n\023Autho"
+          + "rizationPolicy\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\030\n\013des"
+          + "cription\030\002 \001(\tB\003\340A\001\0224\n\013create_time\030\003 \001(\013"
+          + "2\032.google.protobuf.TimestampB\003\340A\003\0224\n\013upd"
+          + "ate_time\030\004 \001(\0132\032.google.protobuf.Timesta"
+          + "mpB\003\340A\003\022Z\n\006labels\030\005 \003(\0132E.google.cloud.n"
+          + "etworksecurity.v1beta1.AuthorizationPoli"
+          + "cy.LabelsEntryB\003\340A\001\022U\n\006action\030\006 \001(\0162@.go"
+          + "ogle.cloud.networksecurity.v1beta1.Autho"
+          + "rizationPolicy.ActionB\003\340A\002\022R\n\005rules\030\007 \003("
+          + "\0132>.google.cloud.networksecurity.v1beta1"
+          + ".AuthorizationPolicy.RuleB\003\340A\001\032\240\004\n\004Rule\022"
+          + "[\n\007sources\030\001 \003(\0132E.google.cloud.networks"
+          + "ecurity.v1beta1.AuthorizationPolicy.Rule"
+          + ".SourceB\003\340A\001\022e\n\014destinations\030\002 \003(\0132J.goo"
+          + "gle.cloud.networksecurity.v1beta1.Author"
+          + "izationPolicy.Rule.DestinationB\003\340A\001\0329\n\006S"
+          + "ource\022\027\n\nprincipals\030\001 \003(\tB\003\340A\001\022\026\n\tip_blo"
+          + "cks\030\002 \003(\tB\003\340A\001\032\230\002\n\013Destination\022\022\n\005hosts\030"
+          + "\001 \003(\tB\003\340A\002\022\022\n\005ports\030\002 \003(\rB\003\340A\002\022\024\n\007method"
+          + "s\030\004 \003(\tB\003\340A\001\022z\n\021http_header_match\030\005 \001(\0132"
+          + "Z.google.cloud.networksecurity.v1beta1.A"
+          + "uthorizationPolicy.Rule.Destination.Http"
+          + "HeaderMatchB\003\340A\001\032O\n\017HttpHeaderMatch\022\032\n\013r"
+          + "egex_match\030\002 \001(\tB\003\340A\002H\000\022\030\n\013header_name\030\001"
+          + " \001(\tB\003\340A\002B\006\n\004type\032-\n\013LabelsEntry\022\013\n\003key\030"
+          + "\001 \001(\t\022\r\n\005value\030\002 \001(\t:\0028\001\"5\n\006Action\022\026\n\022AC"
+          + "TION_UNSPECIFIED\020\000\022\t\n\005ALLOW\020\001\022\010\n\004DENY\020\002:"
+          + "\216\001\352A\212\001\n2networksecurity.googleapis.com/A"
+          + "uthorizationPolicy\022Tprojects/{project}/l"
+          + "ocations/{location}/authorizationPolicie"
+          + "s/{authorization_policy}\"\204\001\n ListAuthori"
+          + "zationPoliciesRequest\0229\n\006parent\030\001 \001(\tB)\340"
+          + "A\002\372A#\n!locations.googleapis.com/Location"
+          + "\022\021\n\tpage_size\030\002 \001(\005\022\022\n\npage_token\030\003 \001(\t\""
+          + "\227\001\n!ListAuthorizationPoliciesResponse\022Y\n"
+          + "\026authorization_policies\030\001 \003(\01329.google.c"
           + "loud.networksecurity.v1beta1.Authorizati"
-          + "onPolicy.Rule.Destination.HttpHeaderMatc"
-          + "hB\003\340A\001\032O\n\017HttpHeaderMatch\022\032\n\013regex_match"
-          + "\030\002 \001(\tB\003\340A\002H\000\022\030\n\013header_name\030\001 \001(\tB\003\340A\002B"
-          + "\006\n\004type\032-\n\013LabelsEntry\022\013\n\003key\030\001 \001(\t\022\r\n\005v"
-          + "alue\030\002 \001(\t:\0028\001\"5\n\006Action\022\026\n\022ACTION_UNSPE"
-          + "CIFIED\020\000\022\t\n\005ALLOW\020\001\022\010\n\004DENY\020\002:\216\001\352A\212\001\n2ne"
-          + "tworksecurity.googleapis.com/Authorizati"
-          + "onPolicy\022Tprojects/{project}/locations/{"
-          + "location}/authorizationPolicies/{authori"
-          + "zation_policy}\"\204\001\n ListAuthorizationPoli"
-          + "ciesRequest\0229\n\006parent\030\001 \001(\tB)\340A\002\372A#\n!loc"
-          + "ations.googleapis.com/Location\022\021\n\tpage_s"
-          + "ize\030\002 \001(\005\022\022\n\npage_token\030\003 \001(\t\"\227\001\n!ListAu"
-          + "thorizationPoliciesResponse\022Y\n\026authoriza"
-          + "tion_policies\030\001 \003(\01329.google.cloud.netwo"
-          + "rksecurity.v1beta1.AuthorizationPolicy\022\027"
-          + "\n\017next_page_token\030\002 \001(\t\"i\n\035GetAuthorizat"
-          + "ionPolicyRequest\022H\n\004name\030\001 \001(\tB:\340A\002\372A4\n2"
-          + "networksecurity.googleapis.com/Authoriza"
-          + "tionPolicy\"\362\001\n CreateAuthorizationPolicy"
-          + "Request\022J\n\006parent\030\001 \001(\tB:\340A\002\372A4\n2network"
-          + "security.googleapis.com/AuthorizationPol"
-          + "icy\022$\n\027authorization_policy_id\030\002 \001(\tB\003\340A"
-          + "\002\022\\\n\024authorization_policy\030\003 \001(\01329.google"
-          + ".cloud.networksecurity.v1beta1.Authoriza"
-          + "tionPolicyB\003\340A\002\"\266\001\n UpdateAuthorizationP"
-          + "olicyRequest\0224\n\013update_mask\030\001 \001(\0132\032.goog"
-          + "le.protobuf.FieldMaskB\003\340A\001\022\\\n\024authorizat"
-          + "ion_policy\030\002 \001(\01329.google.cloud.networks"
-          + "ecurity.v1beta1.AuthorizationPolicyB\003\340A\002"
-          + "\"l\n DeleteAuthorizationPolicyRequest\022H\n\004"
-          + "name\030\001 \001(\tB:\340A\002\372A4\n2networksecurity.goog"
-          + "leapis.com/AuthorizationPolicyB\223\002\n(com.g"
-          + "oogle.cloud.networksecurity.v1beta1B\030Aut"
-          + "horizationPolicyProtoP\001ZSgoogle.golang.o"
-          + "rg/genproto/googleapis/cloud/networksecu"
-          + "rity/v1beta1;networksecurity\252\002$Google.Cl"
-          + "oud.NetworkSecurity.V1Beta1\312\002$Google\\Clo"
-          + "ud\\NetworkSecurity\\V1beta1\352\002\'Google::Clo"
-          + "ud::NetworkSecurity::V1beta1b\006proto3"
+          + "onPolicy\022\027\n\017next_page_token\030\002 \001(\t\"i\n\035Get"
+          + "AuthorizationPolicyRequest\022H\n\004name\030\001 \001(\t"
+          + "B:\340A\002\372A4\n2networksecurity.googleapis.com"
+          + "/AuthorizationPolicy\"\362\001\n CreateAuthoriza"
+          + "tionPolicyRequest\022J\n\006parent\030\001 \001(\tB:\340A\002\372A"
+          + "4\0222networksecurity.googleapis.com/Author"
+          + "izationPolicy\022$\n\027authorization_policy_id"
+          + "\030\002 \001(\tB\003\340A\002\022\\\n\024authorization_policy\030\003 \001("
+          + "\01329.google.cloud.networksecurity.v1beta1"
+          + ".AuthorizationPolicyB\003\340A\002\"\266\001\n UpdateAuth"
+          + "orizationPolicyRequest\0224\n\013update_mask\030\001 "
+          + "\001(\0132\032.google.protobuf.FieldMaskB\003\340A\001\022\\\n\024"
+          + "authorization_policy\030\002 \001(\01329.google.clou"
+          + "d.networksecurity.v1beta1.AuthorizationP"
+          + "olicyB\003\340A\002\"l\n DeleteAuthorizationPolicyR"
+          + "equest\022H\n\004name\030\001 \001(\tB:\340A\002\372A4\n2networksec"
+          + "urity.googleapis.com/AuthorizationPolicy"
+          + "B\223\002\n(com.google.cloud.networksecurity.v1"
+          + "beta1B\030AuthorizationPolicyProtoP\001ZSgoogl"
+          + "e.golang.org/genproto/googleapis/cloud/n"
+          + "etworksecurity/v1beta1;networksecurity\252\002"
+          + "$Google.Cloud.NetworkSecurity.V1Beta1\312\002$"
+          + "Google\\Cloud\\NetworkSecurity\\V1beta1\352\002\'G"
+          + "oogle::Cloud::NetworkSecurity::V1beta1b\006"
+          + "proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -161,7 +161,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               com.google.api.ResourceProto.getDescriptor(),
               com.google.protobuf.FieldMaskProto.getDescriptor(),
               com.google.protobuf.TimestampProto.getDescriptor(),
-              com.google.api.AnnotationsProto.getDescriptor(),
             });
     internal_static_google_cloud_networksecurity_v1beta1_AuthorizationPolicy_descriptor =
         getDescriptor().getMessageTypes().get(0);
@@ -280,7 +279,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     com.google.api.ResourceProto.getDescriptor();
     com.google.protobuf.FieldMaskProto.getDescriptor();
     com.google.protobuf.TimestampProto.getDescriptor();
-    com.google.api.AnnotationsProto.getDescriptor();
   }
 
   // @@protoc_insertion_point(outer_class_scope)
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstance.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstance.java
index b793da92..d455e8ab 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstance.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstance.java
@@ -122,9 +122,9 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Required. Plugin instance name, used to locate and load CertificateProvider instance
-   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-   * Authority Service certificate provider instance.
+   * Required. Plugin instance name, used to locate and load CertificateProvider
+   * instance configuration. Set to "google_cloud_private_spiffe" to use
+   * Certificate Authority Service certificate provider instance.
    * </pre>
    *
    * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -147,9 +147,9 @@ public java.lang.String getPluginInstance() {
    *
    *
    * <pre>
-   * Required. Plugin instance name, used to locate and load CertificateProvider instance
-   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-   * Authority Service certificate provider instance.
+   * Required. Plugin instance name, used to locate and load CertificateProvider
+   * instance configuration. Set to "google_cloud_private_spiffe" to use
+   * Certificate Authority Service certificate provider instance.
    * </pre>
    *
    * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -504,9 +504,9 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * Required. Plugin instance name, used to locate and load CertificateProvider instance
-     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-     * Authority Service certificate provider instance.
+     * Required. Plugin instance name, used to locate and load CertificateProvider
+     * instance configuration. Set to "google_cloud_private_spiffe" to use
+     * Certificate Authority Service certificate provider instance.
      * </pre>
      *
      * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -528,9 +528,9 @@ public java.lang.String getPluginInstance() {
      *
      *
      * <pre>
-     * Required. Plugin instance name, used to locate and load CertificateProvider instance
-     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-     * Authority Service certificate provider instance.
+     * Required. Plugin instance name, used to locate and load CertificateProvider
+     * instance configuration. Set to "google_cloud_private_spiffe" to use
+     * Certificate Authority Service certificate provider instance.
      * </pre>
      *
      * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -552,9 +552,9 @@ public com.google.protobuf.ByteString getPluginInstanceBytes() {
      *
      *
      * <pre>
-     * Required. Plugin instance name, used to locate and load CertificateProvider instance
-     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-     * Authority Service certificate provider instance.
+     * Required. Plugin instance name, used to locate and load CertificateProvider
+     * instance configuration. Set to "google_cloud_private_spiffe" to use
+     * Certificate Authority Service certificate provider instance.
      * </pre>
      *
      * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -575,9 +575,9 @@ public Builder setPluginInstance(java.lang.String value) {
      *
      *
      * <pre>
-     * Required. Plugin instance name, used to locate and load CertificateProvider instance
-     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-     * Authority Service certificate provider instance.
+     * Required. Plugin instance name, used to locate and load CertificateProvider
+     * instance configuration. Set to "google_cloud_private_spiffe" to use
+     * Certificate Authority Service certificate provider instance.
      * </pre>
      *
      * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -594,9 +594,9 @@ public Builder clearPluginInstance() {
      *
      *
      * <pre>
-     * Required. Plugin instance name, used to locate and load CertificateProvider instance
-     * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-     * Authority Service certificate provider instance.
+     * Required. Plugin instance name, used to locate and load CertificateProvider
+     * instance configuration. Set to "google_cloud_private_spiffe" to use
+     * Certificate Authority Service certificate provider instance.
      * </pre>
      *
      * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstanceOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstanceOrBuilder.java
index dd8cae13..f419fa1e 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstanceOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CertificateProviderInstanceOrBuilder.java
@@ -27,9 +27,9 @@ public interface CertificateProviderInstanceOrBuilder
    *
    *
    * <pre>
-   * Required. Plugin instance name, used to locate and load CertificateProvider instance
-   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-   * Authority Service certificate provider instance.
+   * Required. Plugin instance name, used to locate and load CertificateProvider
+   * instance configuration. Set to "google_cloud_private_spiffe" to use
+   * Certificate Authority Service certificate provider instance.
    * </pre>
    *
    * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -41,9 +41,9 @@ public interface CertificateProviderInstanceOrBuilder
    *
    *
    * <pre>
-   * Required. Plugin instance name, used to locate and load CertificateProvider instance
-   * configuration. Set to "google_cloud_private_spiffe" to use Certificate
-   * Authority Service certificate provider instance.
+   * Required. Plugin instance name, used to locate and load CertificateProvider
+   * instance configuration. Set to "google_cloud_private_spiffe" to use
+   * Certificate Authority Service certificate provider instance.
    * </pre>
    *
    * <code>string plugin_instance = 1 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicy.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicy.java
index 3a9a3552..61e7d0ae 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicy.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicy.java
@@ -575,8 +575,9 @@ public com.google.protobuf.ByteString getSniBytes() {
    *
    *
    * <pre>
-   * Optional. Defines a mechanism to provision client identity (public and private keys)
-   * for peer to peer authentication. The presence of this dictates mTLS.
+   * Optional. Defines a mechanism to provision client identity (public and
+   * private keys) for peer to peer authentication. The presence of this
+   * dictates mTLS.
    * </pre>
    *
    * <code>
@@ -593,8 +594,9 @@ public boolean hasClientCertificate() {
    *
    *
    * <pre>
-   * Optional. Defines a mechanism to provision client identity (public and private keys)
-   * for peer to peer authentication. The presence of this dictates mTLS.
+   * Optional. Defines a mechanism to provision client identity (public and
+   * private keys) for peer to peer authentication. The presence of this
+   * dictates mTLS.
    * </pre>
    *
    * <code>
@@ -613,8 +615,9 @@ public com.google.cloud.networksecurity.v1beta1.CertificateProvider getClientCer
    *
    *
    * <pre>
-   * Optional. Defines a mechanism to provision client identity (public and private keys)
-   * for peer to peer authentication. The presence of this dictates mTLS.
+   * Optional. Defines a mechanism to provision client identity (public and
+   * private keys) for peer to peer authentication. The presence of this
+   * dictates mTLS.
    * </pre>
    *
    * <code>
@@ -633,9 +636,9 @@ public com.google.cloud.networksecurity.v1beta1.CertificateProvider getClientCer
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -651,9 +654,9 @@ public com.google.cloud.networksecurity.v1beta1.CertificateProvider getClientCer
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -669,9 +672,9 @@ public com.google.cloud.networksecurity.v1beta1.CertificateProvider getClientCer
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -686,9 +689,9 @@ public int getServerValidationCaCount() {
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -703,9 +706,9 @@ public com.google.cloud.networksecurity.v1beta1.ValidationCA getServerValidation
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -2153,8 +2156,9 @@ public Builder setSniBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2170,8 +2174,9 @@ public boolean hasClientCertificate() {
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2193,8 +2198,9 @@ public com.google.cloud.networksecurity.v1beta1.CertificateProvider getClientCer
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2219,8 +2225,9 @@ public Builder setClientCertificate(
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2242,8 +2249,9 @@ public Builder setClientCertificate(
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2273,8 +2281,9 @@ public Builder mergeClientCertificate(
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2296,8 +2305,9 @@ public Builder clearClientCertificate() {
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2314,8 +2324,9 @@ public Builder clearClientCertificate() {
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2336,8 +2347,9 @@ public Builder clearClientCertificate() {
      *
      *
      * <pre>
-     * Optional. Defines a mechanism to provision client identity (public and private keys)
-     * for peer to peer authentication. The presence of this dictates mTLS.
+     * Optional. Defines a mechanism to provision client identity (public and
+     * private keys) for peer to peer authentication. The presence of this
+     * dictates mTLS.
      * </pre>
      *
      * <code>
@@ -2383,9 +2395,9 @@ private void ensureServerValidationCaIsMutable() {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2404,9 +2416,9 @@ private void ensureServerValidationCaIsMutable() {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2424,9 +2436,9 @@ public int getServerValidationCaCount() {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2444,9 +2456,9 @@ public com.google.cloud.networksecurity.v1beta1.ValidationCA getServerValidation
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2471,9 +2483,9 @@ public Builder setServerValidationCa(
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2495,9 +2507,9 @@ public Builder setServerValidationCa(
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2522,9 +2534,9 @@ public Builder addServerValidationCa(
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2549,9 +2561,9 @@ public Builder addServerValidationCa(
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2573,9 +2585,9 @@ public Builder addServerValidationCa(
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2597,9 +2609,9 @@ public Builder addServerValidationCa(
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2622,9 +2634,9 @@ public Builder addAllServerValidationCa(
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2645,9 +2657,9 @@ public Builder clearServerValidationCa() {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2668,9 +2680,9 @@ public Builder removeServerValidationCa(int index) {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2685,9 +2697,9 @@ public Builder removeServerValidationCa(int index) {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2706,9 +2718,9 @@ public Builder removeServerValidationCa(int index) {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2727,9 +2739,9 @@ public Builder removeServerValidationCa(int index) {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2745,9 +2757,9 @@ public Builder removeServerValidationCa(int index) {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
@@ -2764,9 +2776,9 @@ public Builder removeServerValidationCa(int index) {
      *
      *
      * <pre>
-     * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-     * validate the server certificate. If empty, client does not validate the
-     * server certificate.
+     * Optional. Defines the mechanism to obtain the Certificate Authority
+     * certificate to validate the server certificate. If empty, client does not
+     * validate the server certificate.
      * </pre>
      *
      * <code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyOrBuilder.java
index c61b2e26..0e06dc59 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyOrBuilder.java
@@ -241,8 +241,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines a mechanism to provision client identity (public and private keys)
-   * for peer to peer authentication. The presence of this dictates mTLS.
+   * Optional. Defines a mechanism to provision client identity (public and
+   * private keys) for peer to peer authentication. The presence of this
+   * dictates mTLS.
    * </pre>
    *
    * <code>
@@ -256,8 +257,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines a mechanism to provision client identity (public and private keys)
-   * for peer to peer authentication. The presence of this dictates mTLS.
+   * Optional. Defines a mechanism to provision client identity (public and
+   * private keys) for peer to peer authentication. The presence of this
+   * dictates mTLS.
    * </pre>
    *
    * <code>
@@ -271,8 +273,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines a mechanism to provision client identity (public and private keys)
-   * for peer to peer authentication. The presence of this dictates mTLS.
+   * Optional. Defines a mechanism to provision client identity (public and
+   * private keys) for peer to peer authentication. The presence of this
+   * dictates mTLS.
    * </pre>
    *
    * <code>
@@ -286,9 +289,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -300,9 +303,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -314,9 +317,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -328,9 +331,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
@@ -343,9 +346,9 @@ java.lang.String getLabelsOrDefault(
    *
    *
    * <pre>
-   * Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-   * validate the server certificate. If empty, client does not validate the
-   * server certificate.
+   * Optional. Defines the mechanism to obtain the Certificate Authority
+   * certificate to validate the server certificate. If empty, client does not
+   * validate the server certificate.
    * </pre>
    *
    * <code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyProto.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyProto.java
index e6209856..141a069d 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyProto.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ClientTlsPolicyProto.java
@@ -74,53 +74,52 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "ehavior.proto\032\031google/api/resource.proto"
           + "\032.google/cloud/networksecurity/v1beta1/t"
           + "ls.proto\032 google/protobuf/field_mask.pro"
-          + "to\032\037google/protobuf/timestamp.proto\032\034goo"
-          + "gle/api/annotations.proto\"\373\004\n\017ClientTlsP"
-          + "olicy\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\030\n\013description\030"
-          + "\002 \001(\tB\003\340A\001\0224\n\013create_time\030\003 \001(\0132\032.google"
-          + ".protobuf.TimestampB\003\340A\003\0224\n\013update_time\030"
-          + "\004 \001(\0132\032.google.protobuf.TimestampB\003\340A\003\022V"
-          + "\n\006labels\030\005 \003(\0132A.google.cloud.networksec"
-          + "urity.v1beta1.ClientTlsPolicy.LabelsEntr"
-          + "yB\003\340A\001\022\020\n\003sni\030\006 \001(\tB\003\340A\001\022Z\n\022client_certi"
-          + "ficate\030\007 \001(\01329.google.cloud.networksecur"
-          + "ity.v1beta1.CertificateProviderB\003\340A\001\022U\n\024"
-          + "server_validation_ca\030\010 \003(\01322.google.clou"
-          + "d.networksecurity.v1beta1.ValidationCAB\003"
-          + "\340A\001\032-\n\013LabelsEntry\022\013\n\003key\030\001 \001(\t\022\r\n\005value"
-          + "\030\002 \001(\t:\0028\001:\202\001\352A\177\n.networksecurity.google"
-          + "apis.com/ClientTlsPolicy\022Mprojects/{proj"
-          + "ect}/locations/{location}/clientTlsPolic"
-          + "ies/{client_tls_policy}\"\200\001\n\034ListClientTl"
-          + "sPoliciesRequest\0229\n\006parent\030\001 \001(\tB)\340A\002\372A#"
-          + "\n!locations.googleapis.com/Location\022\021\n\tp"
-          + "age_size\030\002 \001(\005\022\022\n\npage_token\030\003 \001(\t\"\214\001\n\035L"
-          + "istClientTlsPoliciesResponse\022R\n\023client_t"
-          + "ls_policies\030\001 \003(\01325.google.cloud.network"
-          + "security.v1beta1.ClientTlsPolicy\022\027\n\017next"
-          + "_page_token\030\002 \001(\t\"a\n\031GetClientTlsPolicyR"
-          + "equest\022D\n\004name\030\001 \001(\tB6\340A\002\372A0\n.networksec"
-          + "urity.googleapis.com/ClientTlsPolicy\"\340\001\n"
-          + "\034CreateClientTlsPolicyRequest\022F\n\006parent\030"
-          + "\001 \001(\tB6\340A\002\372A0\n.networksecurity.googleapi"
-          + "s.com/ClientTlsPolicy\022!\n\024client_tls_poli"
-          + "cy_id\030\002 \001(\tB\003\340A\002\022U\n\021client_tls_policy\030\003 "
-          + "\001(\01325.google.cloud.networksecurity.v1bet"
-          + "a1.ClientTlsPolicyB\003\340A\002\"\253\001\n\034UpdateClient"
-          + "TlsPolicyRequest\0224\n\013update_mask\030\001 \001(\0132\032."
-          + "google.protobuf.FieldMaskB\003\340A\001\022U\n\021client"
-          + "_tls_policy\030\002 \001(\01325.google.cloud.network"
-          + "security.v1beta1.ClientTlsPolicyB\003\340A\002\"d\n"
-          + "\034DeleteClientTlsPolicyRequest\022D\n\004name\030\001 "
-          + "\001(\tB6\340A\002\372A0\n.networksecurity.googleapis."
-          + "com/ClientTlsPolicyB\217\002\n(com.google.cloud"
-          + ".networksecurity.v1beta1B\024ClientTlsPolic"
-          + "yProtoP\001ZSgoogle.golang.org/genproto/goo"
-          + "gleapis/cloud/networksecurity/v1beta1;ne"
-          + "tworksecurity\252\002$Google.Cloud.NetworkSecu"
-          + "rity.V1Beta1\312\002$Google\\Cloud\\NetworkSecur"
-          + "ity\\V1beta1\352\002\'Google::Cloud::NetworkSecu"
-          + "rity::V1beta1b\006proto3"
+          + "to\032\037google/protobuf/timestamp.proto\"\373\004\n\017"
+          + "ClientTlsPolicy\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\030\n\013de"
+          + "scription\030\002 \001(\tB\003\340A\001\0224\n\013create_time\030\003 \001("
+          + "\0132\032.google.protobuf.TimestampB\003\340A\003\0224\n\013up"
+          + "date_time\030\004 \001(\0132\032.google.protobuf.Timest"
+          + "ampB\003\340A\003\022V\n\006labels\030\005 \003(\0132A.google.cloud."
+          + "networksecurity.v1beta1.ClientTlsPolicy."
+          + "LabelsEntryB\003\340A\001\022\020\n\003sni\030\006 \001(\tB\003\340A\001\022Z\n\022cl"
+          + "ient_certificate\030\007 \001(\01329.google.cloud.ne"
+          + "tworksecurity.v1beta1.CertificateProvide"
+          + "rB\003\340A\001\022U\n\024server_validation_ca\030\010 \003(\01322.g"
+          + "oogle.cloud.networksecurity.v1beta1.Vali"
+          + "dationCAB\003\340A\001\032-\n\013LabelsEntry\022\013\n\003key\030\001 \001("
+          + "\t\022\r\n\005value\030\002 \001(\t:\0028\001:\202\001\352A\177\n.networksecur"
+          + "ity.googleapis.com/ClientTlsPolicy\022Mproj"
+          + "ects/{project}/locations/{location}/clie"
+          + "ntTlsPolicies/{client_tls_policy}\"\200\001\n\034Li"
+          + "stClientTlsPoliciesRequest\0229\n\006parent\030\001 \001"
+          + "(\tB)\340A\002\372A#\n!locations.googleapis.com/Loc"
+          + "ation\022\021\n\tpage_size\030\002 \001(\005\022\022\n\npage_token\030\003"
+          + " \001(\t\"\214\001\n\035ListClientTlsPoliciesResponse\022R"
+          + "\n\023client_tls_policies\030\001 \003(\01325.google.clo"
+          + "ud.networksecurity.v1beta1.ClientTlsPoli"
+          + "cy\022\027\n\017next_page_token\030\002 \001(\t\"a\n\031GetClient"
+          + "TlsPolicyRequest\022D\n\004name\030\001 \001(\tB6\340A\002\372A0\n."
+          + "networksecurity.googleapis.com/ClientTls"
+          + "Policy\"\340\001\n\034CreateClientTlsPolicyRequest\022"
+          + "F\n\006parent\030\001 \001(\tB6\340A\002\372A0\022.networksecurity"
+          + ".googleapis.com/ClientTlsPolicy\022!\n\024clien"
+          + "t_tls_policy_id\030\002 \001(\tB\003\340A\002\022U\n\021client_tls"
+          + "_policy\030\003 \001(\01325.google.cloud.networksecu"
+          + "rity.v1beta1.ClientTlsPolicyB\003\340A\002\"\253\001\n\034Up"
+          + "dateClientTlsPolicyRequest\0224\n\013update_mas"
+          + "k\030\001 \001(\0132\032.google.protobuf.FieldMaskB\003\340A\001"
+          + "\022U\n\021client_tls_policy\030\002 \001(\01325.google.clo"
+          + "ud.networksecurity.v1beta1.ClientTlsPoli"
+          + "cyB\003\340A\002\"d\n\034DeleteClientTlsPolicyRequest\022"
+          + "D\n\004name\030\001 \001(\tB6\340A\002\372A0\n.networksecurity.g"
+          + "oogleapis.com/ClientTlsPolicyB\217\002\n(com.go"
+          + "ogle.cloud.networksecurity.v1beta1B\024Clie"
+          + "ntTlsPolicyProtoP\001ZSgoogle.golang.org/ge"
+          + "nproto/googleapis/cloud/networksecurity/"
+          + "v1beta1;networksecurity\252\002$Google.Cloud.N"
+          + "etworkSecurity.V1Beta1\312\002$Google\\Cloud\\Ne"
+          + "tworkSecurity\\V1beta1\352\002\'Google::Cloud::N"
+          + "etworkSecurity::V1beta1b\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -131,7 +130,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               com.google.cloud.networksecurity.v1beta1.TlsProto.getDescriptor(),
               com.google.protobuf.FieldMaskProto.getDescriptor(),
               com.google.protobuf.TimestampProto.getDescriptor(),
-              com.google.api.AnnotationsProto.getDescriptor(),
             });
     internal_static_google_cloud_networksecurity_v1beta1_ClientTlsPolicy_descriptor =
         getDescriptor().getMessageTypes().get(0);
@@ -218,7 +216,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     com.google.cloud.networksecurity.v1beta1.TlsProto.getDescriptor();
     com.google.protobuf.FieldMaskProto.getDescriptor();
     com.google.protobuf.TimestampProto.getDescriptor();
-    com.google.api.AnnotationsProto.getDescriptor();
   }
 
   // @@protoc_insertion_point(outer_class_scope)
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CommonProto.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CommonProto.java
index 0cb4fe04..df2e3c8d 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CommonProto.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CommonProto.java
@@ -43,21 +43,21 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
       "\n1google/cloud/networksecurity/v1beta1/c"
           + "ommon.proto\022$google.cloud.networksecurit"
           + "y.v1beta1\032\037google/api/field_behavior.pro"
-          + "to\032\037google/protobuf/timestamp.proto\032\034goo"
-          + "gle/api/annotations.proto\"\200\002\n\021OperationM"
-          + "etadata\0224\n\013create_time\030\001 \001(\0132\032.google.pr"
-          + "otobuf.TimestampB\003\340A\003\0221\n\010end_time\030\002 \001(\0132"
-          + "\032.google.protobuf.TimestampB\003\340A\003\022\023\n\006targ"
-          + "et\030\003 \001(\tB\003\340A\003\022\021\n\004verb\030\004 \001(\tB\003\340A\003\022\033\n\016stat"
-          + "us_message\030\005 \001(\tB\003\340A\003\022#\n\026requested_cance"
-          + "llation\030\006 \001(\010B\003\340A\003\022\030\n\013api_version\030\007 \001(\tB"
-          + "\003\340A\003B\206\002\n(com.google.cloud.networksecurit"
-          + "y.v1beta1B\013CommonProtoP\001ZSgoogle.golang."
-          + "org/genproto/googleapis/cloud/networksec"
-          + "urity/v1beta1;networksecurity\252\002$Google.C"
-          + "loud.NetworkSecurity.V1Beta1\312\002$Google\\Cl"
-          + "oud\\NetworkSecurity\\V1beta1\352\002\'Google::Cl"
-          + "oud::NetworkSecurity::V1beta1b\006proto3"
+          + "to\032\037google/protobuf/timestamp.proto\"\200\002\n\021"
+          + "OperationMetadata\0224\n\013create_time\030\001 \001(\0132\032"
+          + ".google.protobuf.TimestampB\003\340A\003\0221\n\010end_t"
+          + "ime\030\002 \001(\0132\032.google.protobuf.TimestampB\003\340"
+          + "A\003\022\023\n\006target\030\003 \001(\tB\003\340A\003\022\021\n\004verb\030\004 \001(\tB\003\340"
+          + "A\003\022\033\n\016status_message\030\005 \001(\tB\003\340A\003\022#\n\026reque"
+          + "sted_cancellation\030\006 \001(\010B\003\340A\003\022\030\n\013api_vers"
+          + "ion\030\007 \001(\tB\003\340A\003B\206\002\n(com.google.cloud.netw"
+          + "orksecurity.v1beta1B\013CommonProtoP\001ZSgoog"
+          + "le.golang.org/genproto/googleapis/cloud/"
+          + "networksecurity/v1beta1;networksecurity\252"
+          + "\002$Google.Cloud.NetworkSecurity.V1Beta1\312\002"
+          + "$Google\\Cloud\\NetworkSecurity\\V1beta1\352\002\'"
+          + "Google::Cloud::NetworkSecurity::V1beta1b"
+          + "\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -65,7 +65,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
             new com.google.protobuf.Descriptors.FileDescriptor[] {
               com.google.api.FieldBehaviorProto.getDescriptor(),
               com.google.protobuf.TimestampProto.getDescriptor(),
-              com.google.api.AnnotationsProto.getDescriptor(),
             });
     internal_static_google_cloud_networksecurity_v1beta1_OperationMetadata_descriptor =
         getDescriptor().getMessageTypes().get(0);
@@ -88,7 +87,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
         descriptor, registry);
     com.google.api.FieldBehaviorProto.getDescriptor();
     com.google.protobuf.TimestampProto.getDescriptor();
-    com.google.api.AnnotationsProto.getDescriptor();
   }
 
   // @@protoc_insertion_point(outer_class_scope)
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequest.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequest.java
index cf4acdd4..4df049f8 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequest.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequest.java
@@ -199,9 +199,10 @@ public com.google.protobuf.ByteString getParentBytes() {
    *
    *
    * <pre>
-   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * Required. Short name of the ClientTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "client_mtls_policy".
    * </pre>
    *
    * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -224,9 +225,10 @@ public java.lang.String getClientTlsPolicyId() {
    *
    *
    * <pre>
-   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * Required. Short name of the ClientTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "client_mtls_policy".
    * </pre>
    *
    * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -798,9 +800,10 @@ public Builder setParentBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * Required. Short name of the ClientTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "client_mtls_policy".
      * </pre>
      *
      * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -822,9 +825,10 @@ public java.lang.String getClientTlsPolicyId() {
      *
      *
      * <pre>
-     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * Required. Short name of the ClientTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "client_mtls_policy".
      * </pre>
      *
      * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -846,9 +850,10 @@ public com.google.protobuf.ByteString getClientTlsPolicyIdBytes() {
      *
      *
      * <pre>
-     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * Required. Short name of the ClientTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "client_mtls_policy".
      * </pre>
      *
      * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -869,9 +874,10 @@ public Builder setClientTlsPolicyId(java.lang.String value) {
      *
      *
      * <pre>
-     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * Required. Short name of the ClientTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "client_mtls_policy".
      * </pre>
      *
      * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -888,9 +894,10 @@ public Builder clearClientTlsPolicyId() {
      *
      *
      * <pre>
-     * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "client_mtls_policy".
+     * Required. Short name of the ClientTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "client_mtls_policy".
      * </pre>
      *
      * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequestOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequestOrBuilder.java
index d7d98ce0..1a24cfe5 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequestOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateClientTlsPolicyRequestOrBuilder.java
@@ -58,9 +58,10 @@ public interface CreateClientTlsPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * Required. Short name of the ClientTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "client_mtls_policy".
    * </pre>
    *
    * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -72,9 +73,10 @@ public interface CreateClientTlsPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * Required. Short name of the ClientTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "client_mtls_policy".
+   * Required. Short name of the ClientTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "client_mtls_policy".
    * </pre>
    *
    * <code>string client_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequest.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequest.java
index 918f24c6..48bb547a 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequest.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequest.java
@@ -199,9 +199,10 @@ public com.google.protobuf.ByteString getParentBytes() {
    *
    *
    * <pre>
-   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * Required. Short name of the ServerTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "server_mtls_policy".
    * </pre>
    *
    * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -224,9 +225,10 @@ public java.lang.String getServerTlsPolicyId() {
    *
    *
    * <pre>
-   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * Required. Short name of the ServerTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "server_mtls_policy".
    * </pre>
    *
    * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -798,9 +800,10 @@ public Builder setParentBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * Required. Short name of the ServerTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "server_mtls_policy".
      * </pre>
      *
      * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -822,9 +825,10 @@ public java.lang.String getServerTlsPolicyId() {
      *
      *
      * <pre>
-     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * Required. Short name of the ServerTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "server_mtls_policy".
      * </pre>
      *
      * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -846,9 +850,10 @@ public com.google.protobuf.ByteString getServerTlsPolicyIdBytes() {
      *
      *
      * <pre>
-     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * Required. Short name of the ServerTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "server_mtls_policy".
      * </pre>
      *
      * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -869,9 +874,10 @@ public Builder setServerTlsPolicyId(java.lang.String value) {
      *
      *
      * <pre>
-     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * Required. Short name of the ServerTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "server_mtls_policy".
      * </pre>
      *
      * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -888,9 +894,10 @@ public Builder clearServerTlsPolicyId() {
      *
      *
      * <pre>
-     * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-     * be 1-63 characters long, containing only letters, numbers, hyphens, and
-     * underscores, and should not start with a number. E.g. "server_mtls_policy".
+     * Required. Short name of the ServerTlsPolicy resource to be created. This
+     * value should be 1-63 characters long, containing only letters, numbers,
+     * hyphens, and underscores, and should not start with a number. E.g.
+     * "server_mtls_policy".
      * </pre>
      *
      * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequestOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequestOrBuilder.java
index e78ad0b7..fcb0feb7 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequestOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/CreateServerTlsPolicyRequestOrBuilder.java
@@ -58,9 +58,10 @@ public interface CreateServerTlsPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * Required. Short name of the ServerTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "server_mtls_policy".
    * </pre>
    *
    * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -72,9 +73,10 @@ public interface CreateServerTlsPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * Required. Short name of the ServerTlsPolicy resource to be created. This value should
-   * be 1-63 characters long, containing only letters, numbers, hyphens, and
-   * underscores, and should not start with a number. E.g. "server_mtls_policy".
+   * Required. Short name of the ServerTlsPolicy resource to be created. This
+   * value should be 1-63 characters long, containing only letters, numbers,
+   * hyphens, and underscores, and should not start with a number. E.g.
+   * "server_mtls_policy".
    * </pre>
    *
    * <code>string server_tls_policy_id = 2 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequest.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequest.java
index 648e1841..38ef7e52 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequest.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequest.java
@@ -121,8 +121,8 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the
+   * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
    * </pre>
    *
    * <code>
@@ -147,8 +147,8 @@ public java.lang.String getName() {
    *
    *
    * <pre>
-   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the
+   * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
    * </pre>
    *
    * <code>
@@ -508,8 +508,8 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the
+     * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
      * </pre>
      *
      * <code>
@@ -533,8 +533,8 @@ public java.lang.String getName() {
      *
      *
      * <pre>
-     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the
+     * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
      * </pre>
      *
      * <code>
@@ -558,8 +558,8 @@ public com.google.protobuf.ByteString getNameBytes() {
      *
      *
      * <pre>
-     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the
+     * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
      * </pre>
      *
      * <code>
@@ -582,8 +582,8 @@ public Builder setName(java.lang.String value) {
      *
      *
      * <pre>
-     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the
+     * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
      * </pre>
      *
      * <code>
@@ -602,8 +602,8 @@ public Builder clearName() {
      *
      *
      * <pre>
-     * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-     * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+     * Required. A name of the AuthorizationPolicy to delete. Must be in the
+     * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
      * </pre>
      *
      * <code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequestOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequestOrBuilder.java
index ca7a1977..da42b96c 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequestOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/DeleteAuthorizationPolicyRequestOrBuilder.java
@@ -27,8 +27,8 @@ public interface DeleteAuthorizationPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the
+   * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
    * </pre>
    *
    * <code>
@@ -42,8 +42,8 @@ public interface DeleteAuthorizationPolicyRequestOrBuilder
    *
    *
    * <pre>
-   * Required. A name of the AuthorizationPolicy to delete. Must be in the format
-   * `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
+   * Required. A name of the AuthorizationPolicy to delete. Must be in the
+   * format `projects/{project}/locations/{location}/authorizationPolicies/&#42;`.
    * </pre>
    *
    * <code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpoint.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpoint.java
index c8ee221a..dead5b04 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpoint.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpoint.java
@@ -119,8 +119,8 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-   * should start with “unix:”.
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+   * and should start with "unix:".
    * </pre>
    *
    * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -143,8 +143,8 @@ public java.lang.String getTargetUri() {
    *
    *
    * <pre>
-   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-   * should start with “unix:”.
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+   * and should start with "unix:".
    * </pre>
    *
    * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -488,8 +488,8 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-     * should start with “unix:”.
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+     * and should start with "unix:".
      * </pre>
      *
      * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -511,8 +511,8 @@ public java.lang.String getTargetUri() {
      *
      *
      * <pre>
-     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-     * should start with “unix:”.
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+     * and should start with "unix:".
      * </pre>
      *
      * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -534,8 +534,8 @@ public com.google.protobuf.ByteString getTargetUriBytes() {
      *
      *
      * <pre>
-     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-     * should start with “unix:”.
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+     * and should start with "unix:".
      * </pre>
      *
      * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -556,8 +556,8 @@ public Builder setTargetUri(java.lang.String value) {
      *
      *
      * <pre>
-     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-     * should start with “unix:”.
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+     * and should start with "unix:".
      * </pre>
      *
      * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -574,8 +574,8 @@ public Builder clearTargetUri() {
      *
      *
      * <pre>
-     * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-     * should start with “unix:”.
+     * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+     * and should start with "unix:".
      * </pre>
      *
      * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpointOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpointOrBuilder.java
index e90cc417..dad56dfa 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpointOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/GrpcEndpointOrBuilder.java
@@ -27,8 +27,8 @@ public interface GrpcEndpointOrBuilder
    *
    *
    * <pre>
-   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-   * should start with “unix:”.
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+   * and should start with "unix:".
    * </pre>
    *
    * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
@@ -40,8 +40,8 @@ public interface GrpcEndpointOrBuilder
    *
    *
    * <pre>
-   * Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-   * should start with “unix:”.
+   * Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+   * and should start with "unix:".
    * </pre>
    *
    * <code>string target_uri = 1 [(.google.api.field_behavior) = REQUIRED];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadata.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadata.java
index 2b549789..8e4c09be 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadata.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadata.java
@@ -425,8 +425,9 @@ public com.google.protobuf.ByteString getStatusMessageBytes() {
    * <pre>
    * Output only. Identifies whether the user has requested cancellation
    * of the operation. Operations that have successfully been cancelled
-   * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
-   * corresponding to `Code.CANCELLED`.
+   * have [Operation.error][] value with a
+   * [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
+   * `Code.CANCELLED`.
    * </pre>
    *
    * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
@@ -1639,8 +1640,9 @@ public Builder setStatusMessageBytes(com.google.protobuf.ByteString value) {
      * <pre>
      * Output only. Identifies whether the user has requested cancellation
      * of the operation. Operations that have successfully been cancelled
-     * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
-     * corresponding to `Code.CANCELLED`.
+     * have [Operation.error][] value with a
+     * [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
+     * `Code.CANCELLED`.
      * </pre>
      *
      * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
@@ -1657,8 +1659,9 @@ public boolean getRequestedCancellation() {
      * <pre>
      * Output only. Identifies whether the user has requested cancellation
      * of the operation. Operations that have successfully been cancelled
-     * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
-     * corresponding to `Code.CANCELLED`.
+     * have [Operation.error][] value with a
+     * [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
+     * `Code.CANCELLED`.
      * </pre>
      *
      * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
@@ -1678,8 +1681,9 @@ public Builder setRequestedCancellation(boolean value) {
      * <pre>
      * Output only. Identifies whether the user has requested cancellation
      * of the operation. Operations that have successfully been cancelled
-     * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
-     * corresponding to `Code.CANCELLED`.
+     * have [Operation.error][] value with a
+     * [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
+     * `Code.CANCELLED`.
      * </pre>
      *
      * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadataOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadataOrBuilder.java
index 3f97707f..9cba9e01 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadataOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/OperationMetadataOrBuilder.java
@@ -180,8 +180,9 @@ public interface OperationMetadataOrBuilder
    * <pre>
    * Output only. Identifies whether the user has requested cancellation
    * of the operation. Operations that have successfully been cancelled
-   * have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
-   * corresponding to `Code.CANCELLED`.
+   * have [Operation.error][] value with a
+   * [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
+   * `Code.CANCELLED`.
    * </pre>
    *
    * <code>bool requested_cancellation = 6 [(.google.api.field_behavior) = OUTPUT_ONLY];</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicy.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicy.java
index 9aba06b8..f181745d 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicy.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicy.java
@@ -1618,6 +1618,8 @@ public java.lang.String getLabelsOrThrow(java.lang.String key) {
    * and `mtls_policy` are set, server allows both plain text and mTLS
    * connections. See documentation of other encryption modes to confirm
    * compatibility.
+   * Consider using it if you wish to upgrade in place your deployment to TLS
+   * while having mixed TLS and non-TLS traffic reaching port :80.
    * </pre>
    *
    * <code>bool allow_open = 6;</code>
@@ -3041,6 +3043,8 @@ public Builder putAllLabels(java.util.Map<java.lang.String, java.lang.String> va
      * and `mtls_policy` are set, server allows both plain text and mTLS
      * connections. See documentation of other encryption modes to confirm
      * compatibility.
+     * Consider using it if you wish to upgrade in place your deployment to TLS
+     * while having mixed TLS and non-TLS traffic reaching port :80.
      * </pre>
      *
      * <code>bool allow_open = 6;</code>
@@ -3061,6 +3065,8 @@ public boolean getAllowOpen() {
      * and `mtls_policy` are set, server allows both plain text and mTLS
      * connections. See documentation of other encryption modes to confirm
      * compatibility.
+     * Consider using it if you wish to upgrade in place your deployment to TLS
+     * while having mixed TLS and non-TLS traffic reaching port :80.
      * </pre>
      *
      * <code>bool allow_open = 6;</code>
@@ -3084,6 +3090,8 @@ public Builder setAllowOpen(boolean value) {
      * and `mtls_policy` are set, server allows both plain text and mTLS
      * connections. See documentation of other encryption modes to confirm
      * compatibility.
+     * Consider using it if you wish to upgrade in place your deployment to TLS
+     * while having mixed TLS and non-TLS traffic reaching port :80.
      * </pre>
      *
      * <code>bool allow_open = 6;</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyOrBuilder.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyOrBuilder.java
index fb4dbe6f..67eb3c43 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyOrBuilder.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyOrBuilder.java
@@ -220,6 +220,8 @@ java.lang.String getLabelsOrDefault(
    * and `mtls_policy` are set, server allows both plain text and mTLS
    * connections. See documentation of other encryption modes to confirm
    * compatibility.
+   * Consider using it if you wish to upgrade in place your deployment to TLS
+   * while having mixed TLS and non-TLS traffic reaching port :80.
    * </pre>
    *
    * <code>bool allow_open = 6;</code>
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyProto.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyProto.java
index e7323b8a..6f2b7d33 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyProto.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/ServerTlsPolicyProto.java
@@ -78,55 +78,54 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "ehavior.proto\032\031google/api/resource.proto"
           + "\032.google/cloud/networksecurity/v1beta1/t"
           + "ls.proto\032 google/protobuf/field_mask.pro"
-          + "to\032\037google/protobuf/timestamp.proto\032\034goo"
-          + "gle/api/annotations.proto\"\316\005\n\017ServerTlsP"
-          + "olicy\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\023\n\013description\030"
-          + "\002 \001(\t\0224\n\013create_time\030\003 \001(\0132\032.google.prot"
-          + "obuf.TimestampB\003\340A\003\0224\n\013update_time\030\004 \001(\013"
-          + "2\032.google.protobuf.TimestampB\003\340A\003\022Q\n\006lab"
-          + "els\030\005 \003(\0132A.google.cloud.networksecurity"
-          + ".v1beta1.ServerTlsPolicy.LabelsEntry\022\022\n\n"
-          + "allow_open\030\006 \001(\010\022U\n\022server_certificate\030\007"
-          + " \001(\01329.google.cloud.networksecurity.v1be"
-          + "ta1.CertificateProvider\022U\n\013mtls_policy\030\010"
-          + " \001(\0132@.google.cloud.networksecurity.v1be"
-          + "ta1.ServerTlsPolicy.MTLSPolicy\032^\n\nMTLSPo"
-          + "licy\022P\n\024client_validation_ca\030\001 \003(\01322.goo"
-          + "gle.cloud.networksecurity.v1beta1.Valida"
-          + "tionCA\032-\n\013LabelsEntry\022\013\n\003key\030\001 \001(\t\022\r\n\005va"
-          + "lue\030\002 \001(\t:\0028\001:\202\001\352A\177\n.networksecurity.goo"
-          + "gleapis.com/ServerTlsPolicy\022Mprojects/{p"
-          + "roject}/locations/{location}/serverTlsPo"
-          + "licies/{server_tls_policy}\"\200\001\n\034ListServe"
-          + "rTlsPoliciesRequest\0229\n\006parent\030\001 \001(\tB)\340A\002"
-          + "\372A#\n!locations.googleapis.com/Location\022\021"
-          + "\n\tpage_size\030\002 \001(\005\022\022\n\npage_token\030\003 \001(\t\"\214\001"
-          + "\n\035ListServerTlsPoliciesResponse\022R\n\023serve"
-          + "r_tls_policies\030\001 \003(\01325.google.cloud.netw"
-          + "orksecurity.v1beta1.ServerTlsPolicy\022\027\n\017n"
-          + "ext_page_token\030\002 \001(\t\"a\n\031GetServerTlsPoli"
-          + "cyRequest\022D\n\004name\030\001 \001(\tB6\340A\002\372A0\n.network"
-          + "security.googleapis.com/ServerTlsPolicy\""
-          + "\340\001\n\034CreateServerTlsPolicyRequest\022F\n\006pare"
-          + "nt\030\001 \001(\tB6\340A\002\372A0\n.networksecurity.google"
-          + "apis.com/ServerTlsPolicy\022!\n\024server_tls_p"
-          + "olicy_id\030\002 \001(\tB\003\340A\002\022U\n\021server_tls_policy"
-          + "\030\003 \001(\01325.google.cloud.networksecurity.v1"
-          + "beta1.ServerTlsPolicyB\003\340A\002\"\253\001\n\034UpdateSer"
-          + "verTlsPolicyRequest\0224\n\013update_mask\030\001 \001(\013"
-          + "2\032.google.protobuf.FieldMaskB\003\340A\001\022U\n\021ser"
-          + "ver_tls_policy\030\002 \001(\01325.google.cloud.netw"
-          + "orksecurity.v1beta1.ServerTlsPolicyB\003\340A\002"
-          + "\"d\n\034DeleteServerTlsPolicyRequest\022D\n\004name"
-          + "\030\001 \001(\tB6\340A\002\372A0\n.networksecurity.googleap"
-          + "is.com/ServerTlsPolicyB\217\002\n(com.google.cl"
-          + "oud.networksecurity.v1beta1B\024ServerTlsPo"
-          + "licyProtoP\001ZSgoogle.golang.org/genproto/"
-          + "googleapis/cloud/networksecurity/v1beta1"
-          + ";networksecurity\252\002$Google.Cloud.NetworkS"
-          + "ecurity.V1Beta1\312\002$Google\\Cloud\\NetworkSe"
-          + "curity\\V1beta1\352\002\'Google::Cloud::NetworkS"
-          + "ecurity::V1beta1b\006proto3"
+          + "to\032\037google/protobuf/timestamp.proto\"\316\005\n\017"
+          + "ServerTlsPolicy\022\021\n\004name\030\001 \001(\tB\003\340A\002\022\023\n\013de"
+          + "scription\030\002 \001(\t\0224\n\013create_time\030\003 \001(\0132\032.g"
+          + "oogle.protobuf.TimestampB\003\340A\003\0224\n\013update_"
+          + "time\030\004 \001(\0132\032.google.protobuf.TimestampB\003"
+          + "\340A\003\022Q\n\006labels\030\005 \003(\0132A.google.cloud.netwo"
+          + "rksecurity.v1beta1.ServerTlsPolicy.Label"
+          + "sEntry\022\022\n\nallow_open\030\006 \001(\010\022U\n\022server_cer"
+          + "tificate\030\007 \001(\01329.google.cloud.networksec"
+          + "urity.v1beta1.CertificateProvider\022U\n\013mtl"
+          + "s_policy\030\010 \001(\0132@.google.cloud.networksec"
+          + "urity.v1beta1.ServerTlsPolicy.MTLSPolicy"
+          + "\032^\n\nMTLSPolicy\022P\n\024client_validation_ca\030\001"
+          + " \003(\01322.google.cloud.networksecurity.v1be"
+          + "ta1.ValidationCA\032-\n\013LabelsEntry\022\013\n\003key\030\001"
+          + " \001(\t\022\r\n\005value\030\002 \001(\t:\0028\001:\202\001\352A\177\n.networkse"
+          + "curity.googleapis.com/ServerTlsPolicy\022Mp"
+          + "rojects/{project}/locations/{location}/s"
+          + "erverTlsPolicies/{server_tls_policy}\"\200\001\n"
+          + "\034ListServerTlsPoliciesRequest\0229\n\006parent\030"
+          + "\001 \001(\tB)\340A\002\372A#\n!locations.googleapis.com/"
+          + "Location\022\021\n\tpage_size\030\002 \001(\005\022\022\n\npage_toke"
+          + "n\030\003 \001(\t\"\214\001\n\035ListServerTlsPoliciesRespons"
+          + "e\022R\n\023server_tls_policies\030\001 \003(\01325.google."
+          + "cloud.networksecurity.v1beta1.ServerTlsP"
+          + "olicy\022\027\n\017next_page_token\030\002 \001(\t\"a\n\031GetSer"
+          + "verTlsPolicyRequest\022D\n\004name\030\001 \001(\tB6\340A\002\372A"
+          + "0\n.networksecurity.googleapis.com/Server"
+          + "TlsPolicy\"\340\001\n\034CreateServerTlsPolicyReque"
+          + "st\022F\n\006parent\030\001 \001(\tB6\340A\002\372A0\022.networksecur"
+          + "ity.googleapis.com/ServerTlsPolicy\022!\n\024se"
+          + "rver_tls_policy_id\030\002 \001(\tB\003\340A\002\022U\n\021server_"
+          + "tls_policy\030\003 \001(\01325.google.cloud.networks"
+          + "ecurity.v1beta1.ServerTlsPolicyB\003\340A\002\"\253\001\n"
+          + "\034UpdateServerTlsPolicyRequest\0224\n\013update_"
+          + "mask\030\001 \001(\0132\032.google.protobuf.FieldMaskB\003"
+          + "\340A\001\022U\n\021server_tls_policy\030\002 \001(\01325.google."
+          + "cloud.networksecurity.v1beta1.ServerTlsP"
+          + "olicyB\003\340A\002\"d\n\034DeleteServerTlsPolicyReque"
+          + "st\022D\n\004name\030\001 \001(\tB6\340A\002\372A0\n.networksecurit"
+          + "y.googleapis.com/ServerTlsPolicyB\217\002\n(com"
+          + ".google.cloud.networksecurity.v1beta1B\024S"
+          + "erverTlsPolicyProtoP\001ZSgoogle.golang.org"
+          + "/genproto/googleapis/cloud/networksecuri"
+          + "ty/v1beta1;networksecurity\252\002$Google.Clou"
+          + "d.NetworkSecurity.V1Beta1\312\002$Google\\Cloud"
+          + "\\NetworkSecurity\\V1beta1\352\002\'Google::Cloud"
+          + "::NetworkSecurity::V1beta1b\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -137,7 +136,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               com.google.cloud.networksecurity.v1beta1.TlsProto.getDescriptor(),
               com.google.protobuf.FieldMaskProto.getDescriptor(),
               com.google.protobuf.TimestampProto.getDescriptor(),
-              com.google.api.AnnotationsProto.getDescriptor(),
             });
     internal_static_google_cloud_networksecurity_v1beta1_ServerTlsPolicy_descriptor =
         getDescriptor().getMessageTypes().get(0);
@@ -234,7 +232,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     com.google.cloud.networksecurity.v1beta1.TlsProto.getDescriptor();
     com.google.protobuf.FieldMaskProto.getDescriptor();
     com.google.protobuf.TimestampProto.getDescriptor();
-    com.google.api.AnnotationsProto.getDescriptor();
   }
 
   // @@protoc_insertion_point(outer_class_scope)
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/TlsProto.java b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/TlsProto.java
index e0289e81..8581da04 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/TlsProto.java
+++ b/proto-google-cloud-network-security-v1beta1/src/main/java/com/google/cloud/networksecurity/v1beta1/TlsProto.java
@@ -54,35 +54,33 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     java.lang.String[] descriptorData = {
       "\n.google/cloud/networksecurity/v1beta1/t"
           + "ls.proto\022$google.cloud.networksecurity.v"
-          + "1beta1\032\037google/api/field_behavior.proto\032"
-          + "\034google/api/annotations.proto\"\'\n\014GrpcEnd"
-          + "point\022\027\n\ntarget_uri\030\001 \001(\tB\003\340A\002\"\317\001\n\014Valid"
-          + "ationCA\022K\n\rgrpc_endpoint\030\002 \001(\01322.google."
-          + "cloud.networksecurity.v1beta1.GrpcEndpoi"
-          + "ntH\000\022j\n\035certificate_provider_instance\030\003 "
-          + "\001(\0132A.google.cloud.networksecurity.v1bet"
-          + "a1.CertificateProviderInstanceH\000B\006\n\004type"
-          + "\";\n\033CertificateProviderInstance\022\034\n\017plugi"
-          + "n_instance\030\001 \001(\tB\003\340A\002\"\326\001\n\023CertificatePro"
-          + "vider\022K\n\rgrpc_endpoint\030\002 \001(\01322.google.cl"
-          + "oud.networksecurity.v1beta1.GrpcEndpoint"
-          + "H\000\022j\n\035certificate_provider_instance\030\003 \001("
-          + "\0132A.google.cloud.networksecurity.v1beta1"
-          + ".CertificateProviderInstanceH\000B\006\n\004typeB\203"
-          + "\002\n(com.google.cloud.networksecurity.v1be"
-          + "ta1B\010TlsProtoP\001ZSgoogle.golang.org/genpr"
-          + "oto/googleapis/cloud/networksecurity/v1b"
-          + "eta1;networksecurity\252\002$Google.Cloud.Netw"
-          + "orkSecurity.V1Beta1\312\002$Google\\Cloud\\Netwo"
-          + "rkSecurity\\V1beta1\352\002\'Google::Cloud::Netw"
-          + "orkSecurity::V1beta1b\006proto3"
+          + "1beta1\032\037google/api/field_behavior.proto\""
+          + "\'\n\014GrpcEndpoint\022\027\n\ntarget_uri\030\001 \001(\tB\003\340A\002"
+          + "\"\317\001\n\014ValidationCA\022K\n\rgrpc_endpoint\030\002 \001(\013"
+          + "22.google.cloud.networksecurity.v1beta1."
+          + "GrpcEndpointH\000\022j\n\035certificate_provider_i"
+          + "nstance\030\003 \001(\0132A.google.cloud.networksecu"
+          + "rity.v1beta1.CertificateProviderInstance"
+          + "H\000B\006\n\004type\";\n\033CertificateProviderInstanc"
+          + "e\022\034\n\017plugin_instance\030\001 \001(\tB\003\340A\002\"\326\001\n\023Cert"
+          + "ificateProvider\022K\n\rgrpc_endpoint\030\002 \001(\01322"
+          + ".google.cloud.networksecurity.v1beta1.Gr"
+          + "pcEndpointH\000\022j\n\035certificate_provider_ins"
+          + "tance\030\003 \001(\0132A.google.cloud.networksecuri"
+          + "ty.v1beta1.CertificateProviderInstanceH\000"
+          + "B\006\n\004typeB\203\002\n(com.google.cloud.networksec"
+          + "urity.v1beta1B\010TlsProtoP\001ZSgoogle.golang"
+          + ".org/genproto/googleapis/cloud/networkse"
+          + "curity/v1beta1;networksecurity\252\002$Google."
+          + "Cloud.NetworkSecurity.V1Beta1\312\002$Google\\C"
+          + "loud\\NetworkSecurity\\V1beta1\352\002\'Google::C"
+          + "loud::NetworkSecurity::V1beta1b\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
             descriptorData,
             new com.google.protobuf.Descriptors.FileDescriptor[] {
               com.google.api.FieldBehaviorProto.getDescriptor(),
-              com.google.api.AnnotationsProto.getDescriptor(),
             });
     internal_static_google_cloud_networksecurity_v1beta1_GrpcEndpoint_descriptor =
         getDescriptor().getMessageTypes().get(0);
@@ -122,7 +120,6 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
         descriptor, registry);
     com.google.api.FieldBehaviorProto.getDescriptor();
-    com.google.api.AnnotationsProto.getDescriptor();
   }
 
   // @@protoc_insertion_point(outer_class_scope)
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/authorization_policy.proto b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/authorization_policy.proto
index f14dedf6..afae9ba5 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/authorization_policy.proto
+++ b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/authorization_policy.proto
@@ -20,7 +20,6 @@ import "google/api/field_behavior.proto";
 import "google/api/resource.proto";
 import "google/protobuf/field_mask.proto";
 import "google/protobuf/timestamp.proto";
-import "google/api/annotations.proto";
 
 option csharp_namespace = "Google.Cloud.NetworkSecurity.V1Beta1";
 option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1beta1;networksecurity";
@@ -44,25 +43,25 @@ message AuthorizationPolicy {
   message Rule {
     // Specification of traffic source attributes.
     message Source {
-      // Optional. List of peer identities to match for authorization. At least one
-      // principal should match. Each peer can be an exact match, or a prefix
-      // match (example, "namespace/*") or a suffix match (example, //
-      // */service-account") or a presence match "*". Authorization based on the
-      // principal name without certificate validation (configured by
+      // Optional. List of peer identities to match for authorization. At least
+      // one principal should match. Each peer can be an exact match, or a
+      // prefix match (example, "namespace/*") or a suffix match (example,
+      // "*/service-account") or a presence match "*". Authorization based on
+      // the principal name without certificate validation (configured by
       // ServerTlsPolicy resource) is considered insecure.
       repeated string principals = 1 [(google.api.field_behavior) = OPTIONAL];
 
-      // Optional. List of CIDR ranges to match based on source IP address. At least one
-      // IP block should match. Single IP (e.g., "1.2.3.4") and CIDR (e.g.,
-      // "1.2.3.0/24") are supported. Authorization based on source IP alone
-      // should be avoided. The IP addresses of any load balancers or proxies
-      // should be considered untrusted.
+      // Optional. List of CIDR ranges to match based on source IP address. At
+      // least one IP block should match. Single IP (e.g., "1.2.3.4") and CIDR
+      // (e.g., "1.2.3.0/24") are supported. Authorization based on source IP
+      // alone should be avoided. The IP addresses of any load balancers or
+      // proxies should be considered untrusted.
       repeated string ip_blocks = 2 [(google.api.field_behavior) = OPTIONAL];
     }
 
     // Specification of traffic destination attributes.
     message Destination {
-      // Specification of HTTP header match atrributes.
+      // Specification of HTTP header match attributes.
       message HttpHeaderMatch {
         oneof type {
           // Required. The value of the header must match the regular expression
@@ -82,39 +81,42 @@ message AuthorizationPolicy {
         string header_name = 1 [(google.api.field_behavior) = REQUIRED];
       }
 
-      // Required. List of host names to match. Matched against the ":authority" header in
-      // http requests. At least one host should match. Each host can be an
-      // exact match, or a prefix match (example "mydomain.*") or a suffix
-      // match (example // *.myorg.com") or a presence(any) match "*".
+      // Required. List of host names to match. Matched against the ":authority"
+      // header in http requests. At least one host should match. Each host can
+      // be an exact match, or a prefix match (example "mydomain.*") or a suffix
+      // match (example "*.myorg.com") or a presence (any) match "*".
       repeated string hosts = 1 [(google.api.field_behavior) = REQUIRED];
 
-      // Required. List of destination ports to match. At least one port should match.
+      // Required. List of destination ports to match. At least one port should
+      // match.
       repeated uint32 ports = 2 [(google.api.field_behavior) = REQUIRED];
 
       // Optional. A list of HTTP methods to match. At least one method should
       // match. Should not be set for gRPC services.
       repeated string methods = 4 [(google.api.field_behavior) = OPTIONAL];
 
-      // Optional. Match against key:value pair in http header. Provides a flexible match
-      // based on HTTP headers, for potentially advanced use cases. At least one
-      // header should match. Avoid using header matches to make authorization
-      // decisions unless there is a strong guarantee that requests arrive
-      // through a trusted client or proxy.
-      HttpHeaderMatch http_header_match = 5 [(google.api.field_behavior) = OPTIONAL];
+      // Optional. Match against key:value pair in http header. Provides a
+      // flexible match based on HTTP headers, for potentially advanced use
+      // cases. At least one header should match. Avoid using header matches to
+      // make authorization decisions unless there is a strong guarantee that
+      // requests arrive through a trusted client or proxy.
+      HttpHeaderMatch http_header_match = 5
+          [(google.api.field_behavior) = OPTIONAL];
     }
 
-    // Optional. List of attributes for the traffic source. All of the sources must match.
-    // A source is a match if both principals and ip_blocks match. If not set,
-    // the action specified in the 'action' field will be applied without any
-    // rule checks for the source.
+    // Optional. List of attributes for the traffic source. All of the sources
+    // must match. A source is a match if both principals and ip_blocks match.
+    // If not set, the action specified in the 'action' field will be applied
+    // without any rule checks for the source.
     repeated Source sources = 1 [(google.api.field_behavior) = OPTIONAL];
 
-    // Optional. List of attributes for the traffic destination. All of the destinations
-    // must match. A destination is a match if a request matches all the
-    // specified hosts, ports, methods and headers. If not set, the
+    // Optional. List of attributes for the traffic destination. All of the
+    // destinations must match. A destination is a match if a request matches
+    // all the specified hosts, ports, methods and headers. If not set, the
     // action specified in the 'action' field will be applied without any rule
     // checks for the destination.
-    repeated Destination destinations = 2 [(google.api.field_behavior) = OPTIONAL];
+    repeated Destination destinations = 2
+        [(google.api.field_behavior) = OPTIONAL];
   }
 
   // Possible values that define what action to take.
@@ -139,22 +141,26 @@ message AuthorizationPolicy {
   string description = 2 [(google.api.field_behavior) = OPTIONAL];
 
   // Output only. The timestamp when the resource was created.
-  google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp create_time = 3
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. The timestamp when the resource was updated.
-  google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp update_time = 4
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
-  // Optional. Set of label tags associated with the AuthorizationPolicy resource.
+  // Optional. Set of label tags associated with the AuthorizationPolicy
+  // resource.
   map<string, string> labels = 5 [(google.api.field_behavior) = OPTIONAL];
 
   // Required. The action to take when a rule match is found. Possible values
   // are "ALLOW" or "DENY".
   Action action = 6 [(google.api.field_behavior) = REQUIRED];
 
-  // Optional. List of rules to match. Note that at least one of the rules must match in
-  // order for the action specified in the 'action' field to be taken. A rule is
-  // a match if there is a matching source and destination. If left blank, the
-  // action specified in the `action` field will be applied on every request.
+  // Optional. List of rules to match. Note that at least one of the rules must
+  // match in order for the action specified in the 'action' field to be taken.
+  // A rule is a match if there is a matching source and destination. If left
+  // blank, the action specified in the `action` field will be applied on every
+  // request.
   repeated Rule rules = 7 [(google.api.field_behavior) = OPTIONAL];
 }
 
@@ -210,7 +216,7 @@ message CreateAuthorizationPolicyRequest {
   string parent = 1 [
     (google.api.field_behavior) = REQUIRED,
     (google.api.resource_reference) = {
-      type: "networksecurity.googleapis.com/AuthorizationPolicy"
+      child_type: "networksecurity.googleapis.com/AuthorizationPolicy"
     }
   ];
 
@@ -221,7 +227,8 @@ message CreateAuthorizationPolicyRequest {
   string authorization_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
 
   // Required. AuthorizationPolicy resource to be created.
-  AuthorizationPolicy authorization_policy = 3 [(google.api.field_behavior) = REQUIRED];
+  AuthorizationPolicy authorization_policy = 3
+      [(google.api.field_behavior) = REQUIRED];
 }
 
 // Request used by the UpdateAuthorizationPolicy method.
@@ -231,16 +238,18 @@ message UpdateAuthorizationPolicyRequest {
   // The fields specified in the update_mask are relative to the resource, not
   // the full request. A field will be overwritten if it is in the mask. If the
   // user does not provide a mask then all fields will be overwritten.
-  google.protobuf.FieldMask update_mask = 1 [(google.api.field_behavior) = OPTIONAL];
+  google.protobuf.FieldMask update_mask = 1
+      [(google.api.field_behavior) = OPTIONAL];
 
   // Required. Updated AuthorizationPolicy resource.
-  AuthorizationPolicy authorization_policy = 2 [(google.api.field_behavior) = REQUIRED];
+  AuthorizationPolicy authorization_policy = 2
+      [(google.api.field_behavior) = REQUIRED];
 }
 
 // Request used by the DeleteAuthorizationPolicy method.
 message DeleteAuthorizationPolicyRequest {
-  // Required. A name of the AuthorizationPolicy to delete. Must be in the format
-  // `projects/{project}/locations/{location}/authorizationPolicies/*`.
+  // Required. A name of the AuthorizationPolicy to delete. Must be in the
+  // format `projects/{project}/locations/{location}/authorizationPolicies/*`.
   string name = 1 [
     (google.api.field_behavior) = REQUIRED,
     (google.api.resource_reference) = {
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/client_tls_policy.proto b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/client_tls_policy.proto
index 6cc0c228..8f10ad7f 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/client_tls_policy.proto
+++ b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/client_tls_policy.proto
@@ -21,7 +21,6 @@ import "google/api/resource.proto";
 import "google/cloud/networksecurity/v1beta1/tls.proto";
 import "google/protobuf/field_mask.proto";
 import "google/protobuf/timestamp.proto";
-import "google/api/annotations.proto";
 
 option csharp_namespace = "Google.Cloud.NetworkSecurity.V1Beta1";
 option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1beta1;networksecurity";
@@ -48,10 +47,12 @@ message ClientTlsPolicy {
   string description = 2 [(google.api.field_behavior) = OPTIONAL];
 
   // Output only. The timestamp when the resource was created.
-  google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp create_time = 3
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. The timestamp when the resource was updated.
-  google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp update_time = 4
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Optional. Set of label tags associated with the resource.
   map<string, string> labels = 5 [(google.api.field_behavior) = OPTIONAL];
@@ -60,14 +61,17 @@ message ClientTlsPolicy {
   // handshake. E.g: "secure.example.com".
   string sni = 6 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. Defines a mechanism to provision client identity (public and private keys)
-  // for peer to peer authentication. The presence of this dictates mTLS.
-  CertificateProvider client_certificate = 7 [(google.api.field_behavior) = OPTIONAL];
-
-  // Optional. Defines the mechanism to obtain the Certificate Authority certificate to
-  // validate the server certificate. If empty, client does not validate the
-  // server certificate.
-  repeated ValidationCA server_validation_ca = 8 [(google.api.field_behavior) = OPTIONAL];
+  // Optional. Defines a mechanism to provision client identity (public and
+  // private keys) for peer to peer authentication. The presence of this
+  // dictates mTLS.
+  CertificateProvider client_certificate = 7
+      [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. Defines the mechanism to obtain the Certificate Authority
+  // certificate to validate the server certificate. If empty, client does not
+  // validate the server certificate.
+  repeated ValidationCA server_validation_ca = 8
+      [(google.api.field_behavior) = OPTIONAL];
 }
 
 // Request used by the ListClientTlsPolicies method.
@@ -121,17 +125,19 @@ message CreateClientTlsPolicyRequest {
   string parent = 1 [
     (google.api.field_behavior) = REQUIRED,
     (google.api.resource_reference) = {
-      type: "networksecurity.googleapis.com/ClientTlsPolicy"
+      child_type: "networksecurity.googleapis.com/ClientTlsPolicy"
     }
   ];
 
-  // Required. Short name of the ClientTlsPolicy resource to be created. This value should
-  // be 1-63 characters long, containing only letters, numbers, hyphens, and
-  // underscores, and should not start with a number. E.g. "client_mtls_policy".
+  // Required. Short name of the ClientTlsPolicy resource to be created. This
+  // value should be 1-63 characters long, containing only letters, numbers,
+  // hyphens, and underscores, and should not start with a number. E.g.
+  // "client_mtls_policy".
   string client_tls_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
 
   // Required. ClientTlsPolicy resource to be created.
-  ClientTlsPolicy client_tls_policy = 3 [(google.api.field_behavior) = REQUIRED];
+  ClientTlsPolicy client_tls_policy = 3
+      [(google.api.field_behavior) = REQUIRED];
 }
 
 // Request used by UpdateClientTlsPolicy method.
@@ -142,10 +148,12 @@ message UpdateClientTlsPolicyRequest {
   // the full request. A field will be overwritten if it is in the
   // mask. If the user does not provide a mask then all fields will be
   // overwritten.
-  google.protobuf.FieldMask update_mask = 1 [(google.api.field_behavior) = OPTIONAL];
+  google.protobuf.FieldMask update_mask = 1
+      [(google.api.field_behavior) = OPTIONAL];
 
   // Required. Updated ClientTlsPolicy resource.
-  ClientTlsPolicy client_tls_policy = 2 [(google.api.field_behavior) = REQUIRED];
+  ClientTlsPolicy client_tls_policy = 2
+      [(google.api.field_behavior) = REQUIRED];
 }
 
 // Request used by the DeleteClientTlsPolicy method.
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/common.proto b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/common.proto
index 4a85f652..7aa715d5 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/common.proto
+++ b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/common.proto
@@ -18,7 +18,6 @@ package google.cloud.networksecurity.v1beta1;
 
 import "google/api/field_behavior.proto";
 import "google/protobuf/timestamp.proto";
-import "google/api/annotations.proto";
 
 option csharp_namespace = "Google.Cloud.NetworkSecurity.V1Beta1";
 option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1beta1;networksecurity";
@@ -31,10 +30,12 @@ option ruby_package = "Google::Cloud::NetworkSecurity::V1beta1";
 // Represents the metadata of the long-running operation.
 message OperationMetadata {
   // Output only. The time the operation was created.
-  google.protobuf.Timestamp create_time = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp create_time = 1
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. The time the operation finished running.
-  google.protobuf.Timestamp end_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp end_time = 2
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. Server-defined resource path for the target of the operation.
   string target = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
@@ -47,8 +48,9 @@ message OperationMetadata {
 
   // Output only. Identifies whether the user has requested cancellation
   // of the operation. Operations that have successfully been cancelled
-  // have [Operation.error][] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1,
-  // corresponding to `Code.CANCELLED`.
+  // have [Operation.error][] value with a
+  // [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
+  // `Code.CANCELLED`.
   bool requested_cancellation = 6 [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. API version used to start the operation.
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/server_tls_policy.proto b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/server_tls_policy.proto
index d3c52121..ce92cfce 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/server_tls_policy.proto
+++ b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/server_tls_policy.proto
@@ -21,7 +21,6 @@ import "google/api/resource.proto";
 import "google/cloud/networksecurity/v1beta1/tls.proto";
 import "google/protobuf/field_mask.proto";
 import "google/protobuf/timestamp.proto";
-import "google/api/annotations.proto";
 
 option csharp_namespace = "Google.Cloud.NetworkSecurity.V1Beta1";
 option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1beta1;networksecurity";
@@ -34,7 +33,6 @@ option ruby_package = "Google::Cloud::NetworkSecurity::V1beta1";
 // ServerTlsPolicy is a resource that specifies how a server should authenticate
 // incoming requests. This resource itself does not affect configuration unless
 // it is attached to a target https proxy or endpoint config selector resource.
-//
 message ServerTlsPolicy {
   option (google.api.resource) = {
     type: "networksecurity.googleapis.com/ServerTlsPolicy"
@@ -57,10 +55,12 @@ message ServerTlsPolicy {
   string description = 2;
 
   // Output only. The timestamp when the resource was created.
-  google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp create_time = 3
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. The timestamp when the resource was updated.
-  google.protobuf.Timestamp update_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp update_time = 4
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Set of label tags associated with the resource.
   map<string, string> labels = 5;
@@ -72,6 +72,9 @@ message ServerTlsPolicy {
   // and `mtls_policy` are set, server allows both plain text and mTLS
   // connections. See documentation of other encryption modes to confirm
   // compatibility.
+  //
+  // Consider using it if you wish to upgrade in place your deployment to TLS
+  // while having mixed TLS and non-TLS traffic reaching port :80.
   bool allow_open = 6;
 
   //
@@ -140,17 +143,19 @@ message CreateServerTlsPolicyRequest {
   string parent = 1 [
     (google.api.field_behavior) = REQUIRED,
     (google.api.resource_reference) = {
-      type: "networksecurity.googleapis.com/ServerTlsPolicy"
+      child_type: "networksecurity.googleapis.com/ServerTlsPolicy"
     }
   ];
 
-  // Required. Short name of the ServerTlsPolicy resource to be created. This value should
-  // be 1-63 characters long, containing only letters, numbers, hyphens, and
-  // underscores, and should not start with a number. E.g. "server_mtls_policy".
+  // Required. Short name of the ServerTlsPolicy resource to be created. This
+  // value should be 1-63 characters long, containing only letters, numbers,
+  // hyphens, and underscores, and should not start with a number. E.g.
+  // "server_mtls_policy".
   string server_tls_policy_id = 2 [(google.api.field_behavior) = REQUIRED];
 
   // Required. ServerTlsPolicy resource to be created.
-  ServerTlsPolicy server_tls_policy = 3 [(google.api.field_behavior) = REQUIRED];
+  ServerTlsPolicy server_tls_policy = 3
+      [(google.api.field_behavior) = REQUIRED];
 }
 
 // Request used by UpdateServerTlsPolicy method.
@@ -161,10 +166,12 @@ message UpdateServerTlsPolicyRequest {
   // the full request. A field will be overwritten if it is in the
   // mask. If the user does not provide a mask then all fields will be
   // overwritten.
-  google.protobuf.FieldMask update_mask = 1 [(google.api.field_behavior) = OPTIONAL];
+  google.protobuf.FieldMask update_mask = 1
+      [(google.api.field_behavior) = OPTIONAL];
 
   // Required. Updated ServerTlsPolicy resource.
-  ServerTlsPolicy server_tls_policy = 2 [(google.api.field_behavior) = REQUIRED];
+  ServerTlsPolicy server_tls_policy = 2
+      [(google.api.field_behavior) = REQUIRED];
 }
 
 // Request used by the DeleteServerTlsPolicy method.
diff --git a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/tls.proto b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/tls.proto
index 740c785c..3addee9f 100644
--- a/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/tls.proto
+++ b/proto-google-cloud-network-security-v1beta1/src/main/proto/google/cloud/networksecurity/v1beta1/tls.proto
@@ -17,7 +17,6 @@ syntax = "proto3";
 package google.cloud.networksecurity.v1beta1;
 
 import "google/api/field_behavior.proto";
-import "google/api/annotations.proto";
 
 option csharp_namespace = "Google.Cloud.NetworkSecurity.V1Beta1";
 option go_package = "google.golang.org/genproto/googleapis/cloud/networksecurity/v1beta1;networksecurity";
@@ -29,8 +28,8 @@ option ruby_package = "Google::Cloud::NetworkSecurity::V1beta1";
 
 // Specification of the GRPC Endpoint.
 message GrpcEndpoint {
-  // Required. The target URI of the gRPC endpoint. Only UDS path is supported, and
-  // should start with “unix:”.
+  // Required. The target URI of the gRPC endpoint. Only UDS path is supported,
+  // and should start with "unix:".
   string target_uri = 1 [(google.api.field_behavior) = REQUIRED];
 }
 
@@ -55,9 +54,9 @@ message ValidationCA {
 // and configured by specifying this message. Workloads use the values from this
 // message to locate and load the CertificateProvider instance configuration.
 message CertificateProviderInstance {
-  // Required. Plugin instance name, used to locate and load CertificateProvider instance
-  // configuration. Set to "google_cloud_private_spiffe" to use Certificate
-  // Authority Service certificate provider instance.
+  // Required. Plugin instance name, used to locate and load CertificateProvider
+  // instance configuration. Set to "google_cloud_private_spiffe" to use
+  // Certificate Authority Service certificate provider instance.
   string plugin_instance = 1 [(google.api.field_behavior) = REQUIRED];
 }
 
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetCredentialsProvider1.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetCredentialsProvider1.java
new file mode 100644
index 00000000..6b436f37
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/create/SyncCreateSetCredentialsProvider1.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_create_setcredentialsprovider1_sync]
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecuritySettings;
+
+public class SyncCreateSetCredentialsProvider1 {
+
+  public static void main(String[] args) throws Exception {
+    syncCreateSetCredentialsProvider1();
+  }
+
+  public static void syncCreateSetCredentialsProvider1() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    NetworkSecuritySettings networkSecuritySettings =
+        NetworkSecuritySettings.newBuilder()
+            .setTransportChannelProvider(
+                NetworkSecuritySettings.defaultHttpJsonTransportProviderBuilder().build())
+            .build();
+    NetworkSecurityClient networkSecurityClient =
+        NetworkSecurityClient.create(networkSecuritySettings);
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_create_setcredentialsprovider1_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java
index 491de0b9..21139726 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicy.java
@@ -19,8 +19,8 @@
 // [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_async]
 import com.google.api.core.ApiFuture;
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
-import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
 import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.longrunning.Operation;
 
@@ -36,9 +36,7 @@ public static void asyncCreateAuthorizationPolicy() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateAuthorizationPolicyRequest request =
           CreateAuthorizationPolicyRequest.newBuilder()
-              .setParent(
-                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setAuthorizationPolicyId("authorizationPolicyId1314252166")
               .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java
index 68a87363..7c00d5e8 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/AsyncCreateAuthorizationPolicyLRO.java
@@ -19,8 +19,8 @@
 // [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_lro_async]
 import com.google.api.gax.longrunning.OperationFuture;
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
-import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
 import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
 
@@ -36,9 +36,7 @@ public static void asyncCreateAuthorizationPolicyLRO() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateAuthorizationPolicyRequest request =
           CreateAuthorizationPolicyRequest.newBuilder()
-              .setParent(
-                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setAuthorizationPolicyId("authorizationPolicyId1314252166")
               .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java
index d1c6244f..828f3195 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicy.java
@@ -18,8 +18,8 @@
 
 // [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_sync]
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
-import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
 import com.google.cloud.networksecurity.v1beta1.CreateAuthorizationPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 
 public class SyncCreateAuthorizationPolicy {
@@ -34,9 +34,7 @@ public static void syncCreateAuthorizationPolicy() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateAuthorizationPolicyRequest request =
           CreateAuthorizationPolicyRequest.newBuilder()
-              .setParent(
-                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setAuthorizationPolicyId("authorizationPolicyId1314252166")
               .setAuthorizationPolicy(AuthorizationPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyLocationnameAuthorizationpolicyString.java
similarity index 71%
rename from samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString.java
rename to samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyLocationnameAuthorizationpolicyString.java
index e6bacdff..d70559ae 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyLocationnameAuthorizationpolicyString.java
@@ -16,24 +16,23 @@
 
 package com.google.cloud.networksecurity.v1beta1.samples;
 
-// [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_authorizationpolicynameauthorizationpolicystring_sync]
+// [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_locationnameauthorizationpolicystring_sync]
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
-import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 
-public class SyncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString {
+public class SyncCreateAuthorizationPolicyLocationnameAuthorizationpolicyString {
 
   public static void main(String[] args) throws Exception {
-    syncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString();
+    syncCreateAuthorizationPolicyLocationnameAuthorizationpolicyString();
   }
 
-  public static void syncCreateAuthorizationPolicyAuthorizationpolicynameAuthorizationpolicyString()
+  public static void syncCreateAuthorizationPolicyLocationnameAuthorizationpolicyString()
       throws Exception {
     // This snippet has been automatically generated for illustrative purposes only.
     // It may require modifications to work in your environment.
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-      AuthorizationPolicyName parent =
-          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]");
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
       AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
       String authorizationPolicyId = "authorizationPolicyId1314252166";
       AuthorizationPolicy response =
@@ -43,4 +42,4 @@ public static void syncCreateAuthorizationPolicyAuthorizationpolicynameAuthoriza
     }
   }
 }
-// [END networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_authorizationpolicynameauthorizationpolicystring_sync]
+// [END networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_locationnameauthorizationpolicystring_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java
index 9a6ac78c..41d7ce7b 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createauthorizationpolicy/SyncCreateAuthorizationPolicyStringAuthorizationpolicyString.java
@@ -18,7 +18,7 @@
 
 // [START networksecurity_v1beta1_generated_networksecurityclient_createauthorizationpolicy_stringauthorizationpolicystring_sync]
 import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicy;
-import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 
 public class SyncCreateAuthorizationPolicyStringAuthorizationpolicyString {
@@ -32,9 +32,7 @@ public static void syncCreateAuthorizationPolicyStringAuthorizationpolicyString(
     // This snippet has been automatically generated for illustrative purposes only.
     // It may require modifications to work in your environment.
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-      String parent =
-          AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
-              .toString();
+      String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
       AuthorizationPolicy authorizationPolicy = AuthorizationPolicy.newBuilder().build();
       String authorizationPolicyId = "authorizationPolicyId1314252166";
       AuthorizationPolicy response =
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java
index a48741df..00cc0937 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicy.java
@@ -19,8 +19,8 @@
 // [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_async]
 import com.google.api.core.ApiFuture;
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
 import com.google.cloud.networksecurity.v1beta1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.longrunning.Operation;
 
@@ -36,9 +36,7 @@ public static void asyncCreateClientTlsPolicy() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateClientTlsPolicyRequest request =
           CreateClientTlsPolicyRequest.newBuilder()
-              .setParent(
-                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setClientTlsPolicyId("clientTlsPolicyId-188933315")
               .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java
index 69b8176c..b424c0ab 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/AsyncCreateClientTlsPolicyLRO.java
@@ -19,8 +19,8 @@
 // [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_lro_async]
 import com.google.api.gax.longrunning.OperationFuture;
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
 import com.google.cloud.networksecurity.v1beta1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
 
@@ -36,9 +36,7 @@ public static void asyncCreateClientTlsPolicyLRO() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateClientTlsPolicyRequest request =
           CreateClientTlsPolicyRequest.newBuilder()
-              .setParent(
-                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setClientTlsPolicyId("clientTlsPolicyId-188933315")
               .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java
index 21e917d1..8bde4306 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicy.java
@@ -18,8 +18,8 @@
 
 // [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_sync]
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
 import com.google.cloud.networksecurity.v1beta1.CreateClientTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 
 public class SyncCreateClientTlsPolicy {
@@ -34,9 +34,7 @@ public static void syncCreateClientTlsPolicy() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateClientTlsPolicyRequest request =
           CreateClientTlsPolicyRequest.newBuilder()
-              .setParent(
-                  ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setClientTlsPolicyId("clientTlsPolicyId-188933315")
               .setClientTlsPolicy(ClientTlsPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyLocationnameClienttlspolicyString.java
similarity index 72%
rename from samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString.java
rename to samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyLocationnameClienttlspolicyString.java
index eb78ff27..64e8a29c 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyLocationnameClienttlspolicyString.java
@@ -16,24 +16,22 @@
 
 package com.google.cloud.networksecurity.v1beta1.samples;
 
-// [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_clienttlspolicynameclienttlspolicystring_sync]
+// [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_locationnameclienttlspolicystring_sync]
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 
-public class SyncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString {
+public class SyncCreateClientTlsPolicyLocationnameClienttlspolicyString {
 
   public static void main(String[] args) throws Exception {
-    syncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString();
+    syncCreateClientTlsPolicyLocationnameClienttlspolicyString();
   }
 
-  public static void syncCreateClientTlsPolicyClienttlspolicynameClienttlspolicyString()
-      throws Exception {
+  public static void syncCreateClientTlsPolicyLocationnameClienttlspolicyString() throws Exception {
     // This snippet has been automatically generated for illustrative purposes only.
     // It may require modifications to work in your environment.
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-      ClientTlsPolicyName parent =
-          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]");
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
       ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
       String clientTlsPolicyId = "clientTlsPolicyId-188933315";
       ClientTlsPolicy response =
@@ -43,4 +41,4 @@ public static void syncCreateClientTlsPolicyClienttlspolicynameClienttlspolicySt
     }
   }
 }
-// [END networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_clienttlspolicynameclienttlspolicystring_sync]
+// [END networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_locationnameclienttlspolicystring_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java
index ba6aa2b9..2cd2a43f 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createclienttlspolicy/SyncCreateClientTlsPolicyStringClienttlspolicyString.java
@@ -18,7 +18,7 @@
 
 // [START networksecurity_v1beta1_generated_networksecurityclient_createclienttlspolicy_stringclienttlspolicystring_sync]
 import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ClientTlsPolicyName;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 
 public class SyncCreateClientTlsPolicyStringClienttlspolicyString {
@@ -31,8 +31,7 @@ public static void syncCreateClientTlsPolicyStringClienttlspolicyString() throws
     // This snippet has been automatically generated for illustrative purposes only.
     // It may require modifications to work in your environment.
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-      String parent =
-          ClientTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[CLIENT_TLS_POLICY]").toString();
+      String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
       ClientTlsPolicy clientTlsPolicy = ClientTlsPolicy.newBuilder().build();
       String clientTlsPolicyId = "clientTlsPolicyId-188933315";
       ClientTlsPolicy response =
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java
index 50130540..0dafd358 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicy.java
@@ -19,9 +19,9 @@
 // [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_async]
 import com.google.api.core.ApiFuture;
 import com.google.cloud.networksecurity.v1beta1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
 import com.google.longrunning.Operation;
 
 public class AsyncCreateServerTlsPolicy {
@@ -36,9 +36,7 @@ public static void asyncCreateServerTlsPolicy() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateServerTlsPolicyRequest request =
           CreateServerTlsPolicyRequest.newBuilder()
-              .setParent(
-                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
               .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java
index 1c96d17b..81f6283f 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/AsyncCreateServerTlsPolicyLRO.java
@@ -19,10 +19,10 @@
 // [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_lro_async]
 import com.google.api.gax.longrunning.OperationFuture;
 import com.google.cloud.networksecurity.v1beta1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.cloud.networksecurity.v1beta1.OperationMetadata;
 import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
 
 public class AsyncCreateServerTlsPolicyLRO {
 
@@ -36,9 +36,7 @@ public static void asyncCreateServerTlsPolicyLRO() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateServerTlsPolicyRequest request =
           CreateServerTlsPolicyRequest.newBuilder()
-              .setParent(
-                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
               .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java
index 5aada445..abfa3359 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicy.java
@@ -18,9 +18,9 @@
 
 // [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_sync]
 import com.google.cloud.networksecurity.v1beta1.CreateServerTlsPolicyRequest;
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
 
 public class SyncCreateServerTlsPolicy {
 
@@ -34,9 +34,7 @@ public static void syncCreateServerTlsPolicy() throws Exception {
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
       CreateServerTlsPolicyRequest request =
           CreateServerTlsPolicyRequest.newBuilder()
-              .setParent(
-                  ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]")
-                      .toString())
+              .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
               .setServerTlsPolicyId("serverTlsPolicyId-1966046011")
               .setServerTlsPolicy(ServerTlsPolicy.newBuilder().build())
               .build();
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyLocationnameServertlspolicyString.java
similarity index 72%
rename from samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString.java
rename to samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyLocationnameServertlspolicyString.java
index f84fd060..99011883 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyLocationnameServertlspolicyString.java
@@ -16,24 +16,22 @@
 
 package com.google.cloud.networksecurity.v1beta1.samples;
 
-// [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_servertlspolicynameservertlspolicystring_sync]
+// [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_locationnameservertlspolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
 
-public class SyncCreateServerTlsPolicyServertlspolicynameServertlspolicyString {
+public class SyncCreateServerTlsPolicyLocationnameServertlspolicyString {
 
   public static void main(String[] args) throws Exception {
-    syncCreateServerTlsPolicyServertlspolicynameServertlspolicyString();
+    syncCreateServerTlsPolicyLocationnameServertlspolicyString();
   }
 
-  public static void syncCreateServerTlsPolicyServertlspolicynameServertlspolicyString()
-      throws Exception {
+  public static void syncCreateServerTlsPolicyLocationnameServertlspolicyString() throws Exception {
     // This snippet has been automatically generated for illustrative purposes only.
     // It may require modifications to work in your environment.
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-      ServerTlsPolicyName parent =
-          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]");
+      LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
       ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
       String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
       ServerTlsPolicy response =
@@ -43,4 +41,4 @@ public static void syncCreateServerTlsPolicyServertlspolicynameServertlspolicySt
     }
   }
 }
-// [END networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_servertlspolicynameservertlspolicystring_sync]
+// [END networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_locationnameservertlspolicystring_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java
index de5873a4..778fc498 100644
--- a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/createservertlspolicy/SyncCreateServerTlsPolicyStringServertlspolicyString.java
@@ -17,9 +17,9 @@
 package com.google.cloud.networksecurity.v1beta1.samples;
 
 // [START networksecurity_v1beta1_generated_networksecurityclient_createservertlspolicy_stringservertlspolicystring_sync]
+import com.google.cloud.networksecurity.v1beta1.LocationName;
 import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
 import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicy;
-import com.google.cloud.networksecurity.v1beta1.ServerTlsPolicyName;
 
 public class SyncCreateServerTlsPolicyStringServertlspolicyString {
 
@@ -31,8 +31,7 @@ public static void syncCreateServerTlsPolicyStringServertlspolicyString() throws
     // This snippet has been automatically generated for illustrative purposes only.
     // It may require modifications to work in your environment.
     try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
-      String parent =
-          ServerTlsPolicyName.of("[PROJECT]", "[LOCATION]", "[SERVER_TLS_POLICY]").toString();
+      String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
       ServerTlsPolicy serverTlsPolicy = ServerTlsPolicy.newBuilder().build();
       String serverTlsPolicyId = "serverTlsPolicyId-1966046011";
       ServerTlsPolicy response =
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getiampolicy/AsyncGetIamPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getiampolicy/AsyncGetIamPolicy.java
new file mode 100644
index 00000000..9dc29e2f
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getiampolicy/AsyncGetIamPolicy.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getiampolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.GetPolicyOptions;
+import com.google.iam.v1.Policy;
+
+public class AsyncGetIamPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncGetIamPolicy();
+  }
+
+  public static void asyncGetIamPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetIamPolicyRequest request =
+          GetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setOptions(GetPolicyOptions.newBuilder().build())
+              .build();
+      ApiFuture<Policy> future = networkSecurityClient.getIamPolicyCallable().futureCall(request);
+      // Do something.
+      Policy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getiampolicy_async]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getiampolicy/SyncGetIamPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getiampolicy/SyncGetIamPolicy.java
new file mode 100644
index 00000000..deb52a06
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getiampolicy/SyncGetIamPolicy.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getiampolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.GetPolicyOptions;
+import com.google.iam.v1.Policy;
+
+public class SyncGetIamPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncGetIamPolicy();
+  }
+
+  public static void syncGetIamPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetIamPolicyRequest request =
+          GetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setOptions(GetPolicyOptions.newBuilder().build())
+              .build();
+      Policy response = networkSecurityClient.getIamPolicy(request);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getiampolicy_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getlocation/AsyncGetLocation.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getlocation/AsyncGetLocation.java
new file mode 100644
index 00000000..b4ee9eae
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getlocation/AsyncGetLocation.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getlocation_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.Location;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class AsyncGetLocation {
+
+  public static void main(String[] args) throws Exception {
+    asyncGetLocation();
+  }
+
+  public static void asyncGetLocation() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetLocationRequest request = GetLocationRequest.newBuilder().setName("name3373707").build();
+      ApiFuture<Location> future = networkSecurityClient.getLocationCallable().futureCall(request);
+      // Do something.
+      Location response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getlocation_async]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getlocation/SyncGetLocation.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getlocation/SyncGetLocation.java
new file mode 100644
index 00000000..b8e22b31
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/getlocation/SyncGetLocation.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_getlocation_sync]
+import com.google.cloud.location.GetLocationRequest;
+import com.google.cloud.location.Location;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncGetLocation {
+
+  public static void main(String[] args) throws Exception {
+    syncGetLocation();
+  }
+
+  public static void syncGetLocation() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      GetLocationRequest request = GetLocationRequest.newBuilder().setName("name3373707").build();
+      Location response = networkSecurityClient.getLocation(request);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_getlocation_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/AsyncListLocations.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/AsyncListLocations.java
new file mode 100644
index 00000000..dc382319
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/AsyncListLocations.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listlocations_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.Location;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class AsyncListLocations {
+
+  public static void main(String[] args) throws Exception {
+    asyncListLocations();
+  }
+
+  public static void asyncListLocations() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListLocationsRequest request =
+          ListLocationsRequest.newBuilder()
+              .setName("name3373707")
+              .setFilter("filter-1274492040")
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      ApiFuture<Location> future =
+          networkSecurityClient.listLocationsPagedCallable().futureCall(request);
+      // Do something.
+      for (Location element : future.get().iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listlocations_async]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/AsyncListLocationsPaged.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/AsyncListLocationsPaged.java
new file mode 100644
index 00000000..5157ef85
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/AsyncListLocationsPaged.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listlocations_paged_async]
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.ListLocationsResponse;
+import com.google.cloud.location.Location;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.common.base.Strings;
+
+public class AsyncListLocationsPaged {
+
+  public static void main(String[] args) throws Exception {
+    asyncListLocationsPaged();
+  }
+
+  public static void asyncListLocationsPaged() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListLocationsRequest request =
+          ListLocationsRequest.newBuilder()
+              .setName("name3373707")
+              .setFilter("filter-1274492040")
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      while (true) {
+        ListLocationsResponse response =
+            networkSecurityClient.listLocationsCallable().call(request);
+        for (Location element : response.getLocationsList()) {
+          // doThingsWith(element);
+        }
+        String nextPageToken = response.getNextPageToken();
+        if (!Strings.isNullOrEmpty(nextPageToken)) {
+          request = request.toBuilder().setPageToken(nextPageToken).build();
+        } else {
+          break;
+        }
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listlocations_paged_async]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/SyncListLocations.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/SyncListLocations.java
new file mode 100644
index 00000000..9cd01181
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/listlocations/SyncListLocations.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_listlocations_sync]
+import com.google.cloud.location.ListLocationsRequest;
+import com.google.cloud.location.Location;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+
+public class SyncListLocations {
+
+  public static void main(String[] args) throws Exception {
+    syncListLocations();
+  }
+
+  public static void syncListLocations() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      ListLocationsRequest request =
+          ListLocationsRequest.newBuilder()
+              .setName("name3373707")
+              .setFilter("filter-1274492040")
+              .setPageSize(883849137)
+              .setPageToken("pageToken873572522")
+              .build();
+      for (Location element : networkSecurityClient.listLocations(request).iterateAll()) {
+        // doThingsWith(element);
+      }
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_listlocations_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/setiampolicy/AsyncSetIamPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/setiampolicy/AsyncSetIamPolicy.java
new file mode 100644
index 00000000..94670d43
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/setiampolicy/AsyncSetIamPolicy.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_setiampolicy_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class AsyncSetIamPolicy {
+
+  public static void main(String[] args) throws Exception {
+    asyncSetIamPolicy();
+  }
+
+  public static void asyncSetIamPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      SetIamPolicyRequest request =
+          SetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setPolicy(Policy.newBuilder().build())
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .build();
+      ApiFuture<Policy> future = networkSecurityClient.setIamPolicyCallable().futureCall(request);
+      // Do something.
+      Policy response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_setiampolicy_async]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/setiampolicy/SyncSetIamPolicy.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/setiampolicy/SyncSetIamPolicy.java
new file mode 100644
index 00000000..d23430c8
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/setiampolicy/SyncSetIamPolicy.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_setiampolicy_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.protobuf.FieldMask;
+
+public class SyncSetIamPolicy {
+
+  public static void main(String[] args) throws Exception {
+    syncSetIamPolicy();
+  }
+
+  public static void syncSetIamPolicy() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      SetIamPolicyRequest request =
+          SetIamPolicyRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .setPolicy(Policy.newBuilder().build())
+              .setUpdateMask(FieldMask.newBuilder().build())
+              .build();
+      Policy response = networkSecurityClient.setIamPolicy(request);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_setiampolicy_sync]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/testiampermissions/AsyncTestIamPermissions.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/testiampermissions/AsyncTestIamPermissions.java
new file mode 100644
index 00000000..dbd9629b
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/testiampermissions/AsyncTestIamPermissions.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_testiampermissions_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
+import java.util.ArrayList;
+
+public class AsyncTestIamPermissions {
+
+  public static void main(String[] args) throws Exception {
+    asyncTestIamPermissions();
+  }
+
+  public static void asyncTestIamPermissions() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      TestIamPermissionsRequest request =
+          TestIamPermissionsRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .addAllPermissions(new ArrayList<String>())
+              .build();
+      ApiFuture<TestIamPermissionsResponse> future =
+          networkSecurityClient.testIamPermissionsCallable().futureCall(request);
+      // Do something.
+      TestIamPermissionsResponse response = future.get();
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_testiampermissions_async]
diff --git a/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/testiampermissions/SyncTestIamPermissions.java b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/testiampermissions/SyncTestIamPermissions.java
new file mode 100644
index 00000000..a3d3d3cf
--- /dev/null
+++ b/samples/snippets/generated/com/google/cloud/networksecurity/v1beta1/networksecurityclient/testiampermissions/SyncTestIamPermissions.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.networksecurity.v1beta1.samples;
+
+// [START networksecurity_v1beta1_generated_networksecurityclient_testiampermissions_sync]
+import com.google.cloud.networksecurity.v1beta1.AuthorizationPolicyName;
+import com.google.cloud.networksecurity.v1beta1.NetworkSecurityClient;
+import com.google.iam.v1.TestIamPermissionsRequest;
+import com.google.iam.v1.TestIamPermissionsResponse;
+import java.util.ArrayList;
+
+public class SyncTestIamPermissions {
+
+  public static void main(String[] args) throws Exception {
+    syncTestIamPermissions();
+  }
+
+  public static void syncTestIamPermissions() throws Exception {
+    // This snippet has been automatically generated for illustrative purposes only.
+    // It may require modifications to work in your environment.
+    try (NetworkSecurityClient networkSecurityClient = NetworkSecurityClient.create()) {
+      TestIamPermissionsRequest request =
+          TestIamPermissionsRequest.newBuilder()
+              .setResource(
+                  AuthorizationPolicyName.of("[PROJECT]", "[LOCATION]", "[AUTHORIZATION_POLICY]")
+                      .toString())
+              .addAllPermissions(new ArrayList<String>())
+              .build();
+      TestIamPermissionsResponse response = networkSecurityClient.testIamPermissions(request);
+    }
+  }
+}
+// [END networksecurity_v1beta1_generated_networksecurityclient_testiampermissions_sync]