diff --git a/server/db/pg/schema/schema.ts b/server/db/pg/schema/schema.ts
index 6ca067ade..6b4ce32b8 100644
--- a/server/db/pg/schema/schema.ts
+++ b/server/db/pg/schema/schema.ts
@@ -886,7 +886,9 @@ export const resourcePolicyRules = pgTable("resourcePolicyRules", {
     enabled: boolean("enabled").notNull().default(true),
     priority: integer("priority").notNull(),
     action: varchar("action").$type<"ACCEPT" | "DROP" | "PASS">().notNull(),
-    match: varchar("match").$type<"CIDR" | "PATH" | "IP">().notNull(),
+    match: varchar("match")
+        .$type<"CIDR" | "PATH" | "IP" | "COUNTRY" | "ASN" | "REGION">()
+        .notNull(),
     value: varchar("value").notNull()
 });
 
diff --git a/server/db/sqlite/schema/schema.ts b/server/db/sqlite/schema/schema.ts
index 4291df6b0..492576cc6 100644
--- a/server/db/sqlite/schema/schema.ts
+++ b/server/db/sqlite/schema/schema.ts
@@ -1248,7 +1248,9 @@ export const resourcePolicyRules = sqliteTable("resourcePolicyRules", {
     enabled: integer("enabled", { mode: "boolean" }).notNull().default(true),
     priority: integer("priority").notNull(),
     action: text("action").$type<"ACCEPT" | "DROP" | "PASS">().notNull(),
-    match: text("match").$type<"CIDR" | "PATH" | "IP">().notNull(),
+    match: text("match")
+        .$type<"CIDR" | "PATH" | "IP" | "COUNTRY" | "ASN" | "REGION">()
+        .notNull(),
     value: text("value").notNull()
 });
 
diff --git a/server/lib/blueprints/resourcePolicies.ts b/server/lib/blueprints/resourcePolicies.ts
index 0c9595e40..7a794c55a 100644
--- a/server/lib/blueprints/resourcePolicies.ts
+++ b/server/lib/blueprints/resourcePolicies.ts
@@ -345,8 +345,16 @@ function getRuleAction(input: string): "ACCEPT" | "DROP" | "PASS" {
     return "PASS";
 }
 
-function getRuleMatch(input: string): "CIDR" | "IP" | "PATH" {
-    return input.toUpperCase() as "CIDR" | "IP" | "PATH";
+function getRuleMatch(
+    input: string
+): "CIDR" | "IP" | "PATH" | "COUNTRY" | "ASN" | "REGION" {
+    return input.toUpperCase() as
+        | "CIDR"
+        | "IP"
+        | "PATH"
+        | "COUNTRY"
+        | "ASN"
+        | "REGION";
 }
 
 async function syncRolePolicies(
diff --git a/server/lib/blueprints/types.ts b/server/lib/blueprints/types.ts
index 640f39491..ad3676c4b 100644
--- a/server/lib/blueprints/types.ts
+++ b/server/lib/blueprints/types.ts
@@ -83,7 +83,8 @@ export const RuleSchema = z
         action: z.enum(["allow", "deny", "pass"]),
         match: z.enum(["cidr", "path", "ip", "country", "asn", "region"]),
         value: z.coerce.string(),
-        priority: z.int().optional()
+        priority: z.int().optional(),
+        enabled: z.boolean().optional().default(true)
     })
     .refine(
         (rule) => {
@@ -507,40 +508,7 @@ export const PrivateResourceSchema = z
         }
     );
 
-export const ResourcePolicyRuleSchema = z
-    .object({
-        action: z.enum(["allow", "deny", "pass"]),
-        match: z.enum(["cidr", "path", "ip"]),
-        value: z.coerce.string(),
-        priority: z.int().optional(),
-        enabled: z.boolean().optional().default(true)
-    })
-    .refine(
-        (rule) => {
-            if (rule.match === "ip") {
-                return z.union([z.ipv4(), z.ipv6()]).safeParse(rule.value)
-                    .success;
-            }
-            return true;
-        },
-        {
-            path: ["value"],
-            message: "Value must be a valid IP address when match is 'ip'"
-        }
-    )
-    .refine(
-        (rule) => {
-            if (rule.match === "cidr") {
-                return z.union([z.cidrv4(), z.cidrv6()]).safeParse(rule.value)
-                    .success;
-            }
-            return true;
-        },
-        {
-            path: ["value"],
-            message: "Value must be a valid CIDR notation when match is 'cidr'"
-        }
-    );
+export const ResourcePolicyRuleSchema = RuleSchema;
 
 export const ResourcePolicySchema = z.object({
     name: z.string().min(1).max(255),
diff --git a/src/app/[orgId]/settings/resources/public/create/page.tsx b/src/app/[orgId]/settings/resources/public/create/page.tsx
index f4535e935..54ae66378 100644
--- a/src/app/[orgId]/settings/resources/public/create/page.tsx
+++ b/src/app/[orgId]/settings/resources/public/create/page.tsx
@@ -280,7 +280,7 @@ export default function Page() {
         env.flags.allowRawResources &&
         (build !== "saas" || remoteExitNodes.length > 0);
     const enterpriseModesAllowed =
-        build === "oss" && !env.flags.disableEnterpriseFeatures;
+        !env.flags.disableEnterpriseFeatures;
 
     const availableTypes = useMemo((): NewResourceType[] => {
         const base: NewResourceType[] = ["http"];
diff --git a/src/app/navigation.tsx b/src/app/navigation.tsx
index 0fb678ffb..bf954a5cb 100644
--- a/src/app/navigation.tsx
+++ b/src/app/navigation.tsx
@@ -137,7 +137,7 @@ export const orgNavSections = (
                     }
                 ]
             },
-            ...(build === "oss" && !env?.flags.disableEnterpriseFeatures
+            ...(!env?.flags.disableEnterpriseFeatures
                 ? [
                       {
                           title: "sidebarPolicies",