From 0ae180e711a29be8e42a1deb2bf4a2366faa6296 Mon Sep 17 00:00:00 2001 From: DogPetter <112200954+runanwang-dev@users.noreply.github.com> Date: Tue, 1 Oct 2024 09:48:01 -0700 Subject: [PATCH] Move ConfidentialInstanceType "TDX" from Beta to GA (#11849) --- mmv1/products/compute/Instance.yaml | 2 +- .../compute/resource_compute_instance.go.tmpl | 6 +++--- ...te_instance_from_machine_image_test.go.tmpl | 4 ---- ...compute_instance_from_template_test.go.tmpl | 18 ++++++++---------- .../resource_compute_instance_template.go.tmpl | 4 ++-- ...urce_compute_instance_template_test.go.tmpl | 4 ---- .../resource_compute_instance_test.go.tmpl | 12 ++++-------- ...ce_compute_region_instance_template.go.tmpl | 13 ------------- ...mpute_region_instance_template_test.go.tmpl | 4 ---- .../docs/r/compute_instance.html.markdown | 2 +- .../r/compute_instance_template.html.markdown | 2 +- ...pute_region_instance_template.html.markdown | 2 +- 12 files changed, 21 insertions(+), 52 deletions(-) diff --git a/mmv1/products/compute/Instance.yaml b/mmv1/products/compute/Instance.yaml index 6b3677d92cee..4963847e1c07 100644 --- a/mmv1/products/compute/Instance.yaml +++ b/mmv1/products/compute/Instance.yaml @@ -635,7 +635,7 @@ properties: The confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform = - "AMD Milan" is currently required. TDX is only available in beta. + "AMD Milan" is currently required. at_least_one_of: - 'confidential_instance_config.0.enable_confidential_compute' - 'confidential_instance_config.0.confidential_instance_type' diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance.go.tmpl index 86f98bfb58b9..299363f66c60 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_instance.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_instance.go.tmpl @@ -938,7 +938,7 @@ be from 0 to 999,999,999 inclusive.`, Optional: true, Description: `Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.`, }, - + "maintenance_interval": { Type: schema.TypeString, Optional: true, @@ -1129,7 +1129,7 @@ be from 0 to 999,999,999 inclusive.`, The confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform = - "AMD Milan" is currently required. TDX is only available in beta.`, + "AMD Milan" is currently required.`, AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"}, }, }, @@ -1741,7 +1741,7 @@ func resourceComputeInstanceRead(d *schema.ResourceData, meta interface{}) error di["disk_encryption_key_sha256"] = key.Sha256 } } - + // We want the disks to remain in the order we set in the config, so if a disk // is present in the config, make sure it's at the correct index. Otherwise, append it. if inConfig { diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_machine_image_test.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_machine_image_test.go.tmpl index fbcc2f25170d..771a4503e18e 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_machine_image_test.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_machine_image_test.go.tmpl @@ -270,7 +270,6 @@ func TestAccComputeInstanceFromMachineImage_confidentialInstanceConfigMain(t *te testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance, false, "SEV_SNP"), ), }, - {{- if ne $.TargetVersionName "ga" }} { Config: testAccComputeInstanceFromMachineImage_ConfidentialInstanceConfigTdx(fmt.Sprintf("tf-test-tdx-%s", acctest.RandString(t, 10)), fmt.Sprintf("tf-test-tdx-generated-%s", acctest.RandString(t, 10)), "TDX"), Check: resource.ComposeTestCheckFunc( @@ -282,7 +281,6 @@ func TestAccComputeInstanceFromMachineImage_confidentialInstanceConfigMain(t *te ), }, - {{- end }} }, }) } @@ -594,7 +592,6 @@ resource "google_compute_instance_from_machine_image" "foobar4" { `, instance, confidentialInstanceType, instance, newInstance, confidentialInstanceType) } -{{ if ne $.TargetVersionName `ga` -}} func testAccComputeInstanceFromMachineImage_ConfidentialInstanceConfigTdx(instance string, newInstance string, confidentialInstanceType string) string { return fmt.Sprintf(` resource "google_compute_instance" "vm5" { @@ -651,7 +648,6 @@ resource "google_compute_instance_from_machine_image" "foobar5" { } `, instance, confidentialInstanceType, instance, newInstance, confidentialInstanceType) } -{{- end }} {{ if ne $.TargetVersionName `ga` -}} func testAccComputeInstanceFromMachineImage_maxRunDuration(instance, newInstance string) string { diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_template_test.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_template_test.go.tmpl index 6aa4f1f4156b..2114604c7ae3 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_template_test.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_instance_from_template_test.go.tmpl @@ -495,7 +495,6 @@ func TestAccComputeInstanceFromTemplate_confidentialInstanceConfigMain(t *testin testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance2, false, "SEV_SNP"), ), }, - {{- if ne $.TargetVersionName "ga" }} { Config: testAccComputeInstanceFromTemplate_confidentialInstanceConfigNoConfigTdx( fmt.Sprintf("tf-test-%s", acctest.RandString(t, 10)), @@ -512,7 +511,6 @@ func TestAccComputeInstanceFromTemplate_confidentialInstanceConfigMain(t *testin testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance2, false, "TDX"), ), }, - {{- end }} }, }) } @@ -1919,7 +1917,7 @@ data "google_compute_image" "my_image" { family = "debian-11" project = "debian-cloud" } - + resource "google_compute_region_instance_template" "foobar" { name = "%s" region = "us-central1" @@ -1932,7 +1930,7 @@ resource "google_compute_region_instance_template" "foobar" { network = "default" } } - + resource "google_compute_instance_from_template" "foobar" { name = "%s" zone = "us-central1-a" @@ -1971,11 +1969,11 @@ data "google_compute_image" "my_image" { family = "debian-11" project = "debian-cloud" } - + resource "google_compute_region_instance_template" "foobar" { name = "%s" region = "us-central1" - machine_type = "n1-standard-1" + machine_type = "n1-standard-1" disk { resource_policies = [ google_compute_resource_policy.test-snapshot-policy2.name ] source_image = data.google_compute_image.my_image.self_link @@ -1984,7 +1982,7 @@ resource "google_compute_region_instance_template" "foobar" { network = "default" } } - + resource "google_compute_instance_from_template" "foobar" { name = "%s" zone = "us-central1-a" @@ -2023,11 +2021,11 @@ data "google_compute_image" "my_image" { family = "debian-11" project = "debian-cloud" } - + resource "google_compute_region_instance_template" "foobar" { name = "%s" region = "us-central1" - machine_type = "n1-standard-1" + machine_type = "n1-standard-1" disk { resource_policies = [ google_compute_resource_policy.test-snapshot-policy.name, google_compute_resource_policy.test-snapshot-policy2.name ] source_image = data.google_compute_image.my_image.self_link @@ -2036,7 +2034,7 @@ resource "google_compute_region_instance_template" "foobar" { network = "default" } } - + resource "google_compute_instance_from_template" "foobar" { name = "%s" zone = "us-central1-a" diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_template.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_template.go.tmpl index 85df5950a4b8..9363286c6b0b 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_instance_template.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_instance_template.go.tmpl @@ -767,7 +767,7 @@ be from 0 to 999,999,999 inclusive.`, ForceNew: true, Description: `Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.`, }, - + "maintenance_interval" : { Type: schema.TypeString, Optional: true, @@ -921,7 +921,7 @@ be from 0 to 999,999,999 inclusive.`, The confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform = - "AMD Milan" is currently required. TDX is only available in beta.`, + "AMD Milan" is currently required.`, AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"}, }, }, diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_template_test.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_template_test.go.tmpl index 215121fead56..21855cad3db8 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_instance_template_test.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_instance_template_test.go.tmpl @@ -842,7 +842,6 @@ func TestAccComputeInstanceTemplate_ConfidentialInstanceConfigMain(t *testing.T) testAccCheckComputeInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate2, false, "SEV_SNP"), ), }, - {{- if ne $.TargetVersionName "ga" }} { Config: testAccComputeInstanceTemplateConfidentialInstanceConfigEnableTdx(acctest.RandString(t, 10), "TDX"), Check: resource.ComposeTestCheckFunc( @@ -850,7 +849,6 @@ func TestAccComputeInstanceTemplate_ConfidentialInstanceConfigMain(t *testing.T) testAccCheckComputeInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate, false, "TDX"), ), }, - {{- end }} }, }) } @@ -3596,7 +3594,6 @@ resource "google_compute_instance_template" "foobar4" { `, suffix, minCpuPlatform, confidentialInstanceType, suffix, minCpuPlatform, confidentialInstanceType) } -{{ if ne $.TargetVersionName `ga` -}} func testAccComputeInstanceTemplateConfidentialInstanceConfigEnableTdx(suffix string, confidentialInstanceType string) string { return fmt.Sprintf(` data "google_compute_image" "my_image3" { @@ -3629,7 +3626,6 @@ resource "google_compute_instance_template" "foobar5" { } `, suffix, confidentialInstanceType) } -{{- end }} func testAccComputeInstanceTemplateAdvancedMachineFeatures(suffix string) string { return fmt.Sprintf(` diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_test.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_test.go.tmpl index 3a5836f4a3a2..7832b3f5206d 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_instance_test.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_instance_test.go.tmpl @@ -1542,7 +1542,7 @@ func TestAccComputeInstance_reservationAffinities(t *testing.T) { {{ if ne $.TargetVersionName `ga` -}} func TestAccComputeInstance_hostErrorTimeoutSecconds(t *testing.T) { t.Parallel() - + var instance compute.Instance context_1 := map[string]interface{}{ "instance_name": fmt.Sprintf("tf-test-%s", acctest.RandString(t, 10)), @@ -2188,7 +2188,6 @@ func TestAccComputeInstanceConfidentialInstanceConfigMain(t *testing.T) { testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance2, false, "SEV_SNP"), ), }, - {{- if ne $.TargetVersionName "ga" }} { Config: testAccComputeInstanceConfidentialInstanceConfigEnableTdx(instanceName, "TDX"), Check: resource.ComposeTestCheckFunc( @@ -2196,7 +2195,6 @@ func TestAccComputeInstanceConfidentialInstanceConfigMain(t *testing.T) { testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance, false, "TDX"), ), }, - {{- end }} }, }) } @@ -7893,7 +7891,7 @@ resource "google_compute_instance" "foobar" { network_interface { subnetwork = google_compute_subnetwork.inst-test-subnetwork.self_link alias_ip_range { - subnetwork_range_name = "inst-test-secondary" + subnetwork_range_name = "inst-test-secondary" ip_cidr_range = "172.16.1.0/24" } alias_ip_range { @@ -8597,7 +8595,6 @@ resource "google_compute_instance" "foobar6" { `, instance, minCpuPlatform, confidentialInstanceType, instance, minCpuPlatform, confidentialInstanceType) } -{{ if ne $.TargetVersionName `ga` -}} func testAccComputeInstanceConfidentialInstanceConfigEnableTdx(instance string, confidentialInstanceType string) string { return fmt.Sprintf(` data "google_compute_image" "my_image3" { @@ -8631,7 +8628,6 @@ resource "google_compute_instance" "foobar5" { } `, instance, confidentialInstanceType) } -{{- end }} func testAccComputeInstance_attributionLabelCreate(instance, add, strategy string) string { return fmt.Sprintf(` @@ -10758,7 +10754,7 @@ resource "google_compute_instance" "foobar" { storage_pool = "%s" } } - + network_interface { network = "default" } @@ -10831,7 +10827,7 @@ resource "google_compute_instance" "foobar" { attached_disk { source = google_compute_disk.foorbarattach.self_link } - + network_interface { network = "default" } diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template.go.tmpl index 0034f1929674..aab1d45eaa34 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template.go.tmpl @@ -865,18 +865,6 @@ be from 0 to 999,999,999 inclusive.`, Description: `Defines whether the instance should have confidential compute enabled. Field will be deprecated in a future release.`, AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"}, }, - {{- if eq $.TargetVersionName "ga" }} - "confidential_instance_type": { - Type: schema.TypeString, - Optional: true, - ForceNew: true, - Description: ` - Specifies which confidential computing technology to use. - This could be one of the following values: SEV, SEV_SNP. - If SEV_SNP, min_cpu_platform = "AMD Milan" is currently required.`, - AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"}, - }, - {{- else }} "confidential_instance_type": { Type: schema.TypeString, Optional: true, @@ -888,7 +876,6 @@ be from 0 to 999,999,999 inclusive.`, "AMD Milan" is currently required.`, AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"}, }, - {{- end }} }, }, }, diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template_test.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template_test.go.tmpl index 06c9ada78409..1610efeaa26c 100644 --- a/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template_test.go.tmpl +++ b/mmv1/third_party/terraform/services/compute/resource_compute_region_instance_template_test.go.tmpl @@ -714,7 +714,6 @@ func TestAccComputeRegionInstanceTemplate_ConfidentialInstanceConfigMain(t *test testAccCheckComputeRegionInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate2, false, "SEV_SNP"), ), }, - {{- if ne $.TargetVersionName "ga" }} { Config: testAccComputeRegionInstanceTemplateConfidentialInstanceConfigEnableTdx(acctest.RandString(t, 10), "TDX"), Check: resource.ComposeTestCheckFunc( @@ -722,7 +721,6 @@ func TestAccComputeRegionInstanceTemplate_ConfidentialInstanceConfigMain(t *test testAccCheckComputeRegionInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate, false, "TDX"), ), }, - {{- end }} }, }) } @@ -2982,7 +2980,6 @@ resource "google_compute_region_instance_template" "foobar4" { `, suffix, minCpuPlatform, confidentialInstanceType, suffix, minCpuPlatform, confidentialInstanceType) } -{{ if ne $.TargetVersionName `ga` -}} func testAccComputeRegionInstanceTemplateConfidentialInstanceConfigEnableTdx(suffix string, confidentialInstanceType string) string { return fmt.Sprintf(` data "google_compute_image" "my_image3" { @@ -3016,7 +3013,6 @@ resource "google_compute_region_instance_template" "foobar5" { } `, suffix, confidentialInstanceType) } -{{- end }} func testAccComputeRegionInstanceTemplateAdvancedMachineFeatures(suffix string) string { return fmt.Sprintf(` diff --git a/mmv1/third_party/terraform/website/docs/r/compute_instance.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_instance.html.markdown index e1bea1efa9a0..ab0e0f752037 100644 --- a/mmv1/third_party/terraform/website/docs/r/compute_instance.html.markdown +++ b/mmv1/third_party/terraform/website/docs/r/compute_instance.html.markdown @@ -558,7 +558,7 @@ specified, then this instance will have no external IPv6 Internet access. Struct * `enable_confidential_compute` (Optional) Defines whether the instance should have confidential compute enabled with AMD SEV. If enabled, [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. -* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. TDX is only available in beta. +* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. The `advanced_machine_features` block supports: diff --git a/mmv1/third_party/terraform/website/docs/r/compute_instance_template.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_instance_template.html.markdown index 009a38511c03..e02439fe1233 100644 --- a/mmv1/third_party/terraform/website/docs/r/compute_instance_template.html.markdown +++ b/mmv1/third_party/terraform/website/docs/r/compute_instance_template.html.markdown @@ -712,7 +712,7 @@ The `specific_reservation` block supports: * `enable_confidential_compute` (Optional) Defines whether the instance should have confidential compute enabled with AMD SEV. If enabled, [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. -* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. TDX is only available in beta. +* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. The `network_performance_config` block supports: diff --git a/mmv1/third_party/terraform/website/docs/r/compute_region_instance_template.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_region_instance_template.html.markdown index 6ef5f515d3ac..84cbcae282cd 100644 --- a/mmv1/third_party/terraform/website/docs/r/compute_region_instance_template.html.markdown +++ b/mmv1/third_party/terraform/website/docs/r/compute_region_instance_template.html.markdown @@ -672,7 +672,7 @@ The `specific_reservation` block supports: * `enable_confidential_compute` (Optional) Defines whether the instance should have confidential compute enabled with AMD SEV. If enabled, [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. -* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. TDX is only available in beta. +* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. The `network_performance_config` block supports: