Updated test configurations to use confidential instances (#11376) (#19028)

[upstream:f42a18f6e393189141e3aaece50615ed25d0bf67]

Signed-off-by: Modular Magician <magic-modules@google.com>

Author: modular-magician

.changelog/11376.txt

@@ -0,0 +1,3 @@
+```release-note:none
+
+```

google/services/container/resource_container_cluster_test.go

@@ -8967,23 +8967,26 @@ func testAccContainerCluster_withConfidentialBootDisk(clusterName, npName, kmsKe
 resource "google_container_cluster" "with_confidential_boot_disk" {
   name               = "%s"
   location           = "us-central1-a"
+  confidential_nodes {
+  	enabled = true
+  }
   release_channel {
-  channel = "RAPID"
-}
+    channel = "RAPID"
+  }
   node_pool {
     name = "%s"
     initial_node_count = 1
     node_config {
-    oauth_scopes = [
-      "https://www.googleapis.com/auth/cloud-platform",
-    ]
-    image_type = "COS_CONTAINERD"
-    boot_disk_kms_key = "%s"
-    machine_type = "n2-standard-2"
-    enable_confidential_storage = true
-    disk_type = "hyperdisk-balanced"
+      oauth_scopes = [
+        "https://www.googleapis.com/auth/cloud-platform",
+      ]
+      image_type = "COS_CONTAINERD"
+      boot_disk_kms_key = "%s"
+      machine_type = "n2d-standard-2"
+      enable_confidential_storage = true
+      disk_type = "hyperdisk-balanced"
+    }
   }
-}
   deletion_protection = false
   network    = "%s"
   subnetwork    = "%s"
@@ -9026,6 +9029,9 @@ func testAccContainerCluster_withConfidentialBootDiskNodeConfig(clusterName, kms
 resource "google_container_cluster" "with_confidential_boot_disk_node_config" {
   name               = "%s"
   location           = "us-central1-a"
+  confidential_nodes {
+  	enabled = true
+  }
   initial_node_count = 1
   release_channel {
     channel = "RAPID"
@@ -9036,7 +9042,7 @@ resource "google_container_cluster" "with_confidential_boot_disk_node_config" {
     ]
     image_type = "COS_CONTAINERD"
     boot_disk_kms_key = "%s"
-    machine_type = "n2-standard-2"
+    machine_type = "n2d-standard-2"
     enable_confidential_storage = true
     disk_type = "hyperdisk-balanced"
   }

google/services/container/resource_container_node_pool_test.go

@@ -4053,14 +4053,17 @@ resource "google_container_node_pool" "with_confidential_boot_disk" {
   cluster            = google_container_cluster.cluster.name
 
   node_config {
+    confidential_nodes {
+      enabled = true
+    }
     image_type = "COS_CONTAINERD"
     boot_disk_kms_key = "%s"
     oauth_scopes = [
       "https://www.googleapis.com/auth/logging.write",
       "https://www.googleapis.com/auth/monitoring",
     ]
     enable_confidential_storage = true
-    machine_type = "n2-standard-2"
+    machine_type = "n2d-standard-2"
     disk_type = "hyperdisk-balanced"
   }
 }

website/docs/r/container_cluster.html.markdown

@@ -812,6 +812,8 @@ The `master_authorized_networks_config.cidr_blocks` block supports:
 
 <a name="nested_node_config"></a>The `node_config` block supports:
 
+* `confidential_nodes` - (Optional) Configuration for Confidential Nodes feature. Structure is [documented below](#nested_confidential_nodes).
+
 * `disk_size_gb` - (Optional) Size of the disk attached to each node, specified
     in GB. The smallest allowed disk size is 10GB. Defaults to 100GB.
 
@@ -981,6 +983,12 @@ sole_tenant_config {
 * `advanced_machine_features` - (Optional) Specifies options for controlling
   advanced machine features. Structure is [documented below](#nested_advanced_machine_features).
 
+
+<a name="nested_confidential_nodes"></a> The `confidential_nodes` block supports:
+
+* `enabled` (Required) - Enable Confidential GKE Nodes for this node pool, to
+    enforce encryption of data in-use.
+
 <a name="nested_node_affinity"></a>The `node_affinity` block supports:
 
 * `key` (Required) - The default or custom node affinity label key name.

website/docs/r/container_node_pool.html.markdown

@@ -111,8 +111,6 @@ resource "google_container_cluster" "primary" {
 * `autoscaling` - (Optional) Configuration required by cluster autoscaler to adjust
     the size of the node pool to the current cluster usage. Structure is [documented below](#nested_autoscaling).
 
-* `confidential_nodes` - (Optional) Configuration for Confidential Nodes feature. Structure is [documented below](#nested_confidential_nodes).
-
 * `initial_node_count` - (Optional) The initial number of nodes for the pool. In
     regional or multi-zonal clusters, this is the number of nodes per zone. Changing
     this will force recreation of the resource. WARNING: Resizing your node pool manually
@@ -200,11 +198,6 @@ cluster.
     * "ANY" - Instructs the cluster autoscaler to prioritize utilization of unused reservations,
       and reduce preemption risk for Spot VMs.
 
-<a name="nested_confidential_nodes"></a> The `confidential_nodes` block supports:
-
-* `enabled` (Required) - Enable Confidential GKE Nodes for this cluster, to
-    enforce encryption of data in-use.
-
 <a name="nested_management"></a>The `management` block supports:
 
 * `auto_repair` - (Optional) Whether the nodes will be automatically repaired. Enabled by default.