Move ConfidentialInstanceType "TDX" from Beta to GA

GoogleCloudPlatform · Sep 26, 2024 · df513b1 · df513b1
1 parent 2fdda66
commit df513b1
Show file tree

Hide file tree

Showing 12 changed files with 24 additions and 55 deletions.
diff --git a/mmv1/products/compute/Instance.yaml b/mmv1/products/compute/Instance.yaml
@@ -635,7 +635,7 @@ properties:
           The confidential computing technology the instance uses.
           SEV is an AMD feature. TDX is an Intel feature. One of the following
           values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform =
-          "AMD Milan" is currently required. TDX is only available in beta.
+          "AMD Milan" is currently required.
         at_least_one_of:
           - 'confidential_instance_config.0.enable_confidential_compute'
           - 'confidential_instance_config.0.confidential_instance_type'

diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance.go.tmpl
@@ -937,7 +937,7 @@ be from 0 to 999,999,999 inclusive.`,
 							Optional:    true,
 							Description: `Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.`,
 						},
-						
+
 						"maintenance_interval": {
 							Type:          schema.TypeString,
 							Optional:      true,
@@ -1128,7 +1128,7 @@ be from 0 to 999,999,999 inclusive.`,
 								The confidential computing technology the instance uses.
 								SEV is an AMD feature. TDX is an Intel feature. One of the following
 								values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform =
-								"AMD Milan" is currently required. TDX is only available in beta.`,
+								"AMD Milan" is currently required.`,
 							AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"},
 						},
 					},
@@ -1740,7 +1740,7 @@ func resourceComputeInstanceRead(d *schema.ResourceData, meta interface{}) error
 					di["disk_encryption_key_sha256"] = key.Sha256
 				}
 			}
-			
+
 			// We want the disks to remain in the order we set in the config, so if a disk
 			// is present in the config, make sure it's at the correct index. Otherwise, append it.
 			if inConfig {

diff --git a/...arty/terraform/services/compute/resource_compute_instance_from_machine_image_test.go.tmpl b/...arty/terraform/services/compute/resource_compute_instance_from_machine_image_test.go.tmpl
@@ -270,7 +270,6 @@ func TestAccComputeInstanceFromMachineImage_confidentialInstanceConfigMain(t *te
 					testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance, false, "SEV_SNP"),
 				),
 			},
-			{{- if ne $.TargetVersionName "ga" }}
 			{
 				Config: testAccComputeInstanceFromMachineImage_ConfidentialInstanceConfigTdx(fmt.Sprintf("tf-test-tdx-%s", acctest.RandString(t, 10)), fmt.Sprintf("tf-test-tdx-generated-%s", acctest.RandString(t, 10)), "TDX"),
 				Check: resource.ComposeTestCheckFunc(
@@ -282,7 +281,6 @@ func TestAccComputeInstanceFromMachineImage_confidentialInstanceConfigMain(t *te
 				),
 
 			},
-			{{- end }}
 		},
 	})
 }
@@ -594,11 +592,10 @@ resource "google_compute_instance_from_machine_image" "foobar4" {
 `, instance, confidentialInstanceType, instance, newInstance, confidentialInstanceType)
 }
 
-{{ if ne $.TargetVersionName `ga` -}}
 func testAccComputeInstanceFromMachineImage_ConfidentialInstanceConfigTdx(instance string, newInstance string, confidentialInstanceType string) string {
 	return fmt.Sprintf(`
 resource "google_compute_instance" "vm5" {
-  provider     = google-beta
+  provider     = google
 
   boot_disk {
     initialize_params {
@@ -627,13 +624,13 @@ resource "google_compute_instance" "vm5" {
 }
 
 resource "google_compute_machine_image" "foobar5" {
-  provider        = google-beta
+  provider        = google
   name            = "%s"
   source_instance = google_compute_instance.vm5.self_link
 }
 
 resource "google_compute_instance_from_machine_image" "foobar5" {
-  provider = google-beta
+  provider = google
   name = "%s"
   zone = "us-central1-a"
 
@@ -651,7 +648,6 @@ resource "google_compute_instance_from_machine_image" "foobar5" {
 }
 `, instance, confidentialInstanceType, instance, newInstance, confidentialInstanceType)
 }
-{{- end }}
 
 {{ if ne $.TargetVersionName `ga` -}}
 func testAccComputeInstanceFromMachineImage_maxRunDuration(instance, newInstance string) string {

diff --git a/...ird_party/terraform/services/compute/resource_compute_instance_from_template_test.go.tmpl b/...ird_party/terraform/services/compute/resource_compute_instance_from_template_test.go.tmpl
@@ -495,7 +495,6 @@ func TestAccComputeInstanceFromTemplate_confidentialInstanceConfigMain(t *testin
 					testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance2, false, "SEV_SNP"),
 				),
 			},
-			{{- if ne $.TargetVersionName "ga" }}
 			{
 				Config: testAccComputeInstanceFromTemplate_confidentialInstanceConfigNoConfigTdx(
 					fmt.Sprintf("tf-test-%s", acctest.RandString(t, 10)),
@@ -512,7 +511,6 @@ func TestAccComputeInstanceFromTemplate_confidentialInstanceConfigMain(t *testin
 					testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance2, false, "TDX"),
 				),
 			},
-			{{- end }}
 		},
 	})
 }
@@ -1919,7 +1917,7 @@ data "google_compute_image" "my_image" {
   family  = "debian-11"
   project = "debian-cloud"
 }
-  
+
 resource "google_compute_region_instance_template" "foobar" {
   name         = "%s"
   region = "us-central1"
@@ -1932,7 +1930,7 @@ resource "google_compute_region_instance_template" "foobar" {
       network = "default"
   }
 }
-  
+
 resource "google_compute_instance_from_template" "foobar" {
   name = "%s"
   zone = "us-central1-a"
@@ -1971,11 +1969,11 @@ data "google_compute_image" "my_image" {
   family  = "debian-11"
   project = "debian-cloud"
 }
-  
+
 resource "google_compute_region_instance_template" "foobar" {
   name         = "%s"
   region = "us-central1"
-  machine_type = "n1-standard-1" 
+  machine_type = "n1-standard-1"
   disk {
     resource_policies = [ google_compute_resource_policy.test-snapshot-policy2.name ]
     source_image = data.google_compute_image.my_image.self_link
@@ -1984,7 +1982,7 @@ resource "google_compute_region_instance_template" "foobar" {
       network = "default"
   }
 }
-  
+
 resource "google_compute_instance_from_template" "foobar" {
   name = "%s"
   zone = "us-central1-a"
@@ -2023,11 +2021,11 @@ data "google_compute_image" "my_image" {
   family  = "debian-11"
   project = "debian-cloud"
 }
-  
+
 resource "google_compute_region_instance_template" "foobar" {
   name         = "%s"
   region = "us-central1"
-  machine_type = "n1-standard-1" 
+  machine_type = "n1-standard-1"
   disk {
     resource_policies = [ google_compute_resource_policy.test-snapshot-policy.name, google_compute_resource_policy.test-snapshot-policy2.name ]
     source_image = data.google_compute_image.my_image.self_link
@@ -2036,7 +2034,7 @@ resource "google_compute_region_instance_template" "foobar" {
       network = "default"
   }
 }
-  
+
 resource "google_compute_instance_from_template" "foobar" {
   name = "%s"
   zone = "us-central1-a"

diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_template.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_template.go.tmpl
@@ -767,7 +767,7 @@ be from 0 to 999,999,999 inclusive.`,
 							ForceNew:    true,
 							Description: `Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.`,
 						},
-						
+
 						"maintenance_interval" : {
 							Type:        schema.TypeString,
 							Optional:    true,
@@ -921,7 +921,7 @@ be from 0 to 999,999,999 inclusive.`,
 								The confidential computing technology the instance uses.
 								SEV is an AMD feature. TDX is an Intel feature. One of the following
 								values is required: SEV, SEV_SNP, TDX. If SEV_SNP, min_cpu_platform =
-								"AMD Milan" is currently required. TDX is only available in beta.`,
+								"AMD Milan" is currently required.`,
 							AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"},
 						},
 					},

diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_template_test.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_template_test.go.tmpl
@@ -842,15 +842,13 @@ func TestAccComputeInstanceTemplate_ConfidentialInstanceConfigMain(t *testing.T)
 					testAccCheckComputeInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate2, false, "SEV_SNP"),
 				),
 			},
-			{{- if ne $.TargetVersionName "ga" }}
 			{
 				Config: testAccComputeInstanceTemplateConfidentialInstanceConfigEnableTdx(acctest.RandString(t, 10), "TDX"),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckComputeInstanceTemplateExists(t, "google_compute_instance_template.foobar5", &instanceTemplate),
 					testAccCheckComputeInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate, false, "TDX"),
 				),
 			},
-			{{- end }}
 		},
 	})
 }
@@ -3596,7 +3594,6 @@ resource "google_compute_instance_template" "foobar4" {
 `, suffix, minCpuPlatform, confidentialInstanceType, suffix, minCpuPlatform, confidentialInstanceType)
 }
 
-{{ if ne $.TargetVersionName `ga` -}}
 func testAccComputeInstanceTemplateConfidentialInstanceConfigEnableTdx(suffix string, confidentialInstanceType string) string {
 	return fmt.Sprintf(`
 data "google_compute_image" "my_image3" {
@@ -3629,7 +3626,6 @@ resource "google_compute_instance_template" "foobar5" {
 }
 `, suffix, confidentialInstanceType)
 }
-{{- end }}
 
 func testAccComputeInstanceTemplateAdvancedMachineFeatures(suffix string) string {
 	return fmt.Sprintf(`

diff --git a/mmv1/third_party/terraform/services/compute/resource_compute_instance_test.go.tmpl b/mmv1/third_party/terraform/services/compute/resource_compute_instance_test.go.tmpl
@@ -1485,7 +1485,7 @@ func TestAccComputeInstance_reservationAffinities(t *testing.T) {
 {{ if ne $.TargetVersionName `ga` -}}
 func TestAccComputeInstance_hostErrorTimeoutSecconds(t *testing.T) {
 	t.Parallel()
-	
+
 	var instance compute.Instance
 	context_1 := map[string]interface{}{
 		"instance_name":          fmt.Sprintf("tf-test-%s", acctest.RandString(t, 10)),
@@ -2131,15 +2131,13 @@ func TestAccComputeInstanceConfidentialInstanceConfigMain(t *testing.T) {
 					testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance2, false, "SEV_SNP"),
 				),
 			},
-			{{- if ne $.TargetVersionName "ga" }}
 			{
 				Config: testAccComputeInstanceConfidentialInstanceConfigEnableTdx(instanceName, "TDX"),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckComputeInstanceExists(t, "google_compute_instance.foobar5", &instance),
 					testAccCheckComputeInstanceHasConfidentialInstanceConfig(&instance, false, "TDX"),
 				),
 			},
-			{{- end }}
 		},
 	})
 }
@@ -7781,7 +7779,7 @@ resource "google_compute_instance" "foobar" {
   network_interface {
     subnetwork = google_compute_subnetwork.inst-test-subnetwork.self_link
     alias_ip_range {
-      subnetwork_range_name = "inst-test-secondary"  
+      subnetwork_range_name = "inst-test-secondary"
       ip_cidr_range = "172.16.1.0/24"
     }
     alias_ip_range {
@@ -8485,7 +8483,6 @@ resource "google_compute_instance" "foobar6" {
 `, instance, minCpuPlatform, confidentialInstanceType, instance, minCpuPlatform, confidentialInstanceType)
 }
 
-{{ if ne $.TargetVersionName `ga` -}}
 func testAccComputeInstanceConfidentialInstanceConfigEnableTdx(instance string, confidentialInstanceType string) string {
 	return fmt.Sprintf(`
 data "google_compute_image" "my_image3" {
@@ -8519,7 +8516,6 @@ resource "google_compute_instance" "foobar5" {
 }
 `, instance, confidentialInstanceType)
 }
-{{- end }}
 
 func testAccComputeInstance_attributionLabelCreate(instance, add, strategy string) string {
 	return fmt.Sprintf(`
@@ -10646,7 +10642,7 @@ resource "google_compute_instance" "foobar" {
 			storage_pool = "%s"
 		}
 	}
-	
+
 	network_interface {
 		network = "default"
 	}
@@ -10719,7 +10715,7 @@ resource "google_compute_instance" "foobar" {
   	attached_disk {
               source = google_compute_disk.foorbarattach.self_link
   	}
-	
+
 	network_interface {
 		network = "default"
         }

diff --git a/.../third_party/terraform/services/compute/resource_compute_region_instance_template.go.tmpl b/.../third_party/terraform/services/compute/resource_compute_region_instance_template.go.tmpl
@@ -865,18 +865,6 @@ be from 0 to 999,999,999 inclusive.`,
 							Description: `Defines whether the instance should have confidential compute enabled. Field will be deprecated in a future release.`,
 							AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"},
 						},
-						{{- if eq $.TargetVersionName "ga" }}
-						"confidential_instance_type": {
-							Type:        schema.TypeString,
-							Optional:    true,
-							ForceNew:    true,
-							Description: `
-								Specifies which confidential computing technology to use.
-								This could be one of the following values: SEV, SEV_SNP.
-								If SEV_SNP, min_cpu_platform = "AMD Milan" is currently required.`,
-							AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"},
-						},
-						{{- else }}
 						"confidential_instance_type": {
 							Type:        schema.TypeString,
 							Optional:    true,
@@ -888,7 +876,6 @@ be from 0 to 999,999,999 inclusive.`,
 								"AMD Milan" is currently required.`,
 							AtLeastOneOf: []string{"confidential_instance_config.0.enable_confidential_compute", "confidential_instance_config.0.confidential_instance_type"},
 						},
-						{{- end }}
 					},
 				},
 			},

diff --git a/...d_party/terraform/services/compute/resource_compute_region_instance_template_test.go.tmpl b/...d_party/terraform/services/compute/resource_compute_region_instance_template_test.go.tmpl
@@ -714,15 +714,13 @@ func TestAccComputeRegionInstanceTemplate_ConfidentialInstanceConfigMain(t *test
 					testAccCheckComputeRegionInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate2, false, "SEV_SNP"),
 				),
 			},
-			{{- if ne $.TargetVersionName "ga" }}
 			{
 				Config: testAccComputeRegionInstanceTemplateConfidentialInstanceConfigEnableTdx(acctest.RandString(t, 10), "TDX"),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckComputeRegionInstanceTemplateExists(t, "google_compute_region_instance_template.foobar5", &instanceTemplate),
 					testAccCheckComputeRegionInstanceTemplateHasConfidentialInstanceConfig(&instanceTemplate, false, "TDX"),
 				),
 			},
-			{{- end }}
 		},
 	})
 }
@@ -2982,7 +2980,6 @@ resource "google_compute_region_instance_template" "foobar4" {
 `, suffix, minCpuPlatform, confidentialInstanceType, suffix, minCpuPlatform, confidentialInstanceType)
 }
 
-{{ if ne $.TargetVersionName `ga` -}}
 func testAccComputeRegionInstanceTemplateConfidentialInstanceConfigEnableTdx(suffix string, confidentialInstanceType string) string {
 	return fmt.Sprintf(`
 data "google_compute_image" "my_image3" {
@@ -3016,7 +3013,6 @@ resource "google_compute_region_instance_template" "foobar5" {
 }
 `, suffix, confidentialInstanceType)
 }
-{{- end }}
 
 func testAccComputeRegionInstanceTemplateAdvancedMachineFeatures(suffix string) string {
 	return fmt.Sprintf(`

diff --git a/mmv1/third_party/terraform/website/docs/r/compute_instance.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_instance.html.markdown
@@ -558,7 +558,7 @@ specified, then this instance will have no external IPv6 Internet access. Struct
 
 * `enable_confidential_compute` (Optional) Defines whether the instance should have confidential compute enabled with AMD SEV. If enabled, [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM.
 
-* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. TDX is only available in beta.
+* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM.
 
 <a name="nested_advanced_machine_features"></a>The `advanced_machine_features` block supports:
 

diff --git a/mmv1/third_party/terraform/website/docs/r/compute_instance_template.html.markdown b/mmv1/third_party/terraform/website/docs/r/compute_instance_template.html.markdown
@@ -712,7 +712,7 @@ The `specific_reservation` block supports:
 
 * `enable_confidential_compute` (Optional) Defines whether the instance should have confidential compute enabled with AMD SEV. If enabled, [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM.
 
-* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. TDX is only available in beta.
+* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM.
 
 <a name="nested_network_performance_config"></a>The `network_performance_config` block supports:
 

diff --git a/...d_party/terraform/website/docs/r/compute_region_instance_template.html.markdown b/...d_party/terraform/website/docs/r/compute_region_instance_template.html.markdown
@@ -672,7 +672,7 @@ The `specific_reservation` block supports:
 
 * `enable_confidential_compute` (Optional) Defines whether the instance should have confidential compute enabled with AMD SEV. If enabled, [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM.
 
-* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM. TDX is only available in beta.
+* `confidential_instance_type` (Optional) Defines the confidential computing technology the instance uses. SEV is an AMD feature. TDX is an Intel feature. One of the following values is required: `SEV`, `SEV_SNP`, `TDX`. [`on_host_maintenance`](#on_host_maintenance) can be set to MIGRATE if [`confidential_instance_type`](#confidential_instance_type) is set to `SEV` and [`min_cpu_platform`](#min_cpu_platform) is set to `"AMD Milan"`. Otherwise, [`on_host_maintenance`](#on_host_maintenance) has to be set to TERMINATE or this will fail to create the VM. If `SEV_SNP`, currently [`min_cpu_platform`](#min_cpu_platform) has to be set to `"AMD Milan"` or this will fail to create the VM.
 
 <a name="nested_network_performance_config"></a>The `network_performance_config` block supports: