Promote enable_confidential_compute for disks to v1. (#9789) (#6842)

* Promote enable_confidential_compute for disks to v1. * Enable confidential hyperdisk test for `google_compute_disk. [upstream:20d545e01c8858f58ca9c14824c88c408a2efeef] Signed-off-by: Modular Magician <[email protected]>
hashicorp · Jan 10, 2024 · 2b12af2 · 2b12af2
1 parent c208b05
commit 2b12af2
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 5 deletions.
diff --git a/.changelog/9789.txt b/.changelog/9789.txt
@@ -0,0 +1,6 @@
+```release-note:enhancement
+compute: promoted `google_compute_disk.enable_confidential_compute` to GA
+```
+```release-note:enhancement
+compute: added `enable_confidential_compute` field to `google_compute_instance.boot_disk.initialize_params`
+```
diff --git a/google-beta/services/compute/resource_compute_disk_test.go b/google-beta/services/compute/resource_compute_disk_test.go
@@ -558,12 +558,15 @@ func TestAccComputeDisk_encryptionKMS(t *testing.T) {
 }
 
 func TestAccComputeDisk_pdHyperDiskEnableConfidentialCompute(t *testing.T) {
-	t.Skip()
 	t.Parallel()
 
 	context := map[string]interface{}{
-		"random_suffix":        acctest.RandString(t, 10),
-		"kms":                  acctest.BootstrapKMSKey(t).CryptoKey.Name, // global KMS key
+		"random_suffix": acctest.RandString(t, 10),
+		"kms": acctest.BootstrapKMSKeyWithPurposeInLocationAndName(
+			t,
+			"ENCRYPT_DECRYPT",
+			"us-central1",
+			"tf-bootstrap-hyperdisk-key1").CryptoKey.Name, // regional KMS key
 		"disk_size":            64,
 		"confidential_compute": true,
 	}

diff --git a/google-beta/services/compute/resource_compute_instance_test.go b/google-beta/services/compute/resource_compute_instance_test.go
@@ -7053,7 +7053,7 @@ resource "google_kms_crypto_key_iam_member" "crypto_key" {
 
 resource "google_compute_instance" "foobar" {
   name         = "%{instance_name}"
-  machine_type = "n2-standard-2"
+  machine_type = "h3-standard-88"
   zone         = "%{zone}"
 
   boot_disk {

diff --git a/website/docs/r/compute_disk.html.markdown b/website/docs/r/compute_disk.html.markdown
@@ -228,7 +228,7 @@ The following arguments are supported:
   to allow for updating the resource policy attached to the disk.
 
 * `enable_confidential_compute` -
-  (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
+  (Optional)
   Whether this disk is using confidential compute mode.
   Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true
 

diff --git a/website/docs/r/compute_instance.html.markdown b/website/docs/r/compute_instance.html.markdown
@@ -265,6 +265,9 @@ is desired, you will need to modify your state file manually using
     recreate the disk, hyperdisk allows for an update of throughput every 4 hours.
     To update your hyperdisk more frequently, you'll need to manually delete and recreate it.
 
+* `enable_confidential_compute` - (Optional) Whether this disk is using confidential compute mode.
+    Note: Only supported on hyperdisk skus, disk_encryption_key is required when setting to true.
+
 <a name="nested_scratch_disk"></a>The `scratch_disk` block supports:
 
 * `interface` - (Required) The disk interface to use for attaching this disk; either SCSI or NVME.