@@ -542,6 +542,9 @@ message Node {
542542
543543 // Output only. Whether the Node belongs to a Multislice group.
544544 bool multislice_node = 47 [(google.api.field_behavior ) = OUTPUT_ONLY ];
545+
546+ // Optional. Boot disk configuration.
547+ BootDiskConfig boot_disk_config = 49 [(google.api.field_behavior ) = OPTIONAL ];
545548}
546549
547550// A QueuedResource represents a request for resources that will be placed
@@ -1282,3 +1285,35 @@ message ShieldedInstanceConfig {
12821285 // Defines whether the instance has Secure Boot enabled.
12831286 bool enable_secure_boot = 1 ;
12841287}
1288+
1289+ // Boot disk configurations.
1290+ message BootDiskConfig {
1291+ // Optional. Customer encryption key for boot disk.
1292+ CustomerEncryptionKey customer_encryption_key = 1
1293+ [(google.api.field_behavior ) = OPTIONAL ];
1294+
1295+ // Optional. Whether the boot disk will be created with confidential compute
1296+ // mode.
1297+ bool enable_confidential_compute = 2 [(google.api.field_behavior ) = OPTIONAL ];
1298+ }
1299+
1300+ // Customer's encryption key.
1301+ message CustomerEncryptionKey {
1302+ oneof key {
1303+ // The name of the encryption key that is stored in Google Cloud KMS.
1304+ // For example:
1305+ // <pre class="lang-html">"kmsKeyName": "projects/
1306+ // <var class="apiparam">kms_project_id</var>/locations/
1307+ // <var class="apiparam">region</var>/keyRings/<var class="apiparam">
1308+ // key_region</var>/cryptoKeys/<var class="apiparam">key</var>
1309+ // </pre>
1310+ // The fully-qualifed key name may be returned for resource GET requests.
1311+ // For example:
1312+ // <pre class="lang-html">"kmsKeyName": "projects/
1313+ // <var class="apiparam">kms_project_id</var>/locations/
1314+ // <var class="apiparam">region</var>/keyRings/<var class="apiparam">
1315+ // key_region</var>/cryptoKeys/<var class="apiparam">key</var>
1316+ // /cryptoKeyVersions/1</pre>
1317+ string kms_key_name = 7 ;
1318+ }
1319+ }
0 commit comments