Add a profile field to the authz.Rotate RPC.

 * (M) authz/authz.proto
  - Where a gNSI server supporting the authz service is running on
    a target that supports multiple downstream gRPC services, it is
    currently required that the same authz policy is applied to all
    of them. Particularly, if the downstream gRPC servers MAY expose
    the same service, it is not possible to have different policies
    for each server. This PR adds a `profile` field that allows
    such endpoints to be disambiguated, similarly to the `profile`
    that is provided by certz.

authz/authz.proto

@@ -148,6 +148,19 @@ message RotateAuthzRequest {
   // version` is already in use (is not unique).
   // It is a no-op for the `finalize_rotation` request.
   bool force_overwrite = 3;
+
+  // The profile for which the authz policy is being rotated. In the case that
+  // this field is not specified, the default authz policy which applies to all
+  // gRPC endpoints run by the target is assumed. Where non-default policies
+  // are to supported by an endpoint, the value of the profile determines which
+  // set of policies are to be rotated.
+  //
+  // It is not permitted to rotate multiple profiles' policies at the same time -
+  // if a `Rotate` RPC is in progress for profile "foo" (i.e., `upload_request`
+  // has been supplied, but the rotation has not been finalised), and a second
+  // `RotateAuthzRequest` with `upload_request` is sent from the client for
+  // profile "bar" this is considered an error.
+  string policy = 4;
 }
 
 // Response messages from the target.