openshift
diff --git a/‎machine/v1beta1/types_awsprovider.go
Lines changed: 30 additions & 0 deletions b/‎machine/v1beta1/types_awsprovider.go
Lines changed: 30 additions & 0 deletions
diff --git a/‎machine/v1beta1/zz_generated.deepcopy.go
Lines changed: 21 additions & 0 deletions b/‎machine/v1beta1/zz_generated.deepcopy.go
Lines changed: 21 additions & 0 deletions
diff --git a/‎machine/v1beta1/zz_generated.swagger_doc_generated.go
Lines changed: 10 additions & 0 deletions b/‎machine/v1beta1/zz_generated.swagger_doc_generated.go
Lines changed: 10 additions & 0 deletions
diff --git a/‎openapi/generated_openapi/zz_generated.openapi.go
Lines changed: 28 additions & 1 deletion b/‎openapi/generated_openapi/zz_generated.openapi.go
Lines changed: 28 additions & 1 deletion
diff --git a/‎openapi/openapi.json
Lines changed: 14 additions & 0 deletions b/‎openapi/openapi.json
Lines changed: 14 additions & 0 deletions
@@ -17,6 +17,9 @@ type AWSMachineProviderConfig struct {
 	AMI AWSResourceReference `json:"ami"`
 	// instanceType is the type of instance to create. Example: m4.xlarge
 	InstanceType string `json:"instanceType"`
+	// cpuOptions is the set of cpu options for the instance.
+	// +optional
+	CPUOptions *CPUOptions `json:"cpuOptions,omitempty"`
 	// tags is the set of tags to add to apply to an instance, in addition to the ones
 	// added by default by the actuator. These tags are additive. The actuator will ensure
 	// these tags are present, but will not remove any other tags that may exist on the
@@ -109,6 +112,33 @@ type AWSMachineProviderConfig struct {
 	MarketType MarketType `json:"marketType,omitempty"`
 }
 
+// AWSConfidentialComputePolicy represents the confidential compute configuration for the AWS machine.
+type AWSConfidentialComputePolicy string
+
+const (
+	// AWSConfidentialComputePolicyDisabled disables confidential compute for the AWS machine.
+	AWSConfidentialComputePolicyDisabled AWSConfidentialComputePolicy = "Disabled"
+	// AWSConfidentialComputePolicyAWSSEVSNP sets AMD SEV-SNP as the VM instance's confidential computing technology of choice.
+	AWSConfidentialComputePolicySEVSNP AWSConfidentialComputePolicy = "AMDSevSnp"
+)
+
+// CPUOptions defines the cpu options for the instance.
+type CPUOptions struct {
+	// confidentialCompute specifies whether confidential computing should be enabled for the instance,
+	// and, if so, which confidential computing technology to use.
+	// If set to Disabled, the instance will not use confidential computing.
+	// If set to AMDSevSnp, the instance will be configured with AMD SEV-SNP.
+	// In this case, ensure the following conditions are met:
+	// 1) The selected instance type supports AMD SEV-SNP.
+	// 2) The selected AWS region supports AMD SEV-SNP.
+	// 3) The selected AMI supports AMD SEV-SNP.
+	// More details can be checked at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html
+	// If omitted, the platform will apply a default value — currently Disabled, but this may change over time.
+	// +kubebuilder:validation:Enum=Disabled;AMDSevSnp
+	// +optional
+	ConfidentialCompute AWSConfidentialComputePolicy `json:"confidentialCompute,omitempty"`
+}
+
 // BlockDeviceMappingSpec describes a block device mapping
 type BlockDeviceMappingSpec struct {
 	// The device name exposed to the machine (for example, /dev/sdh or xvdh).
 
@@ -21953,6 +21953,10 @@
           "type": "string",
           "default": ""
         },
+        "cpuOptions": {
+          "description": "cpuOptions is the set of cpu options for the instance.",
+          "$ref": "#/definitions/com.github.openshift.api.machine.v1beta1.CPUOptions"
+        },
         "credentialsSecret": {
           "description": "credentialsSecret is a reference to the secret with AWS credentials. Otherwise, defaults to permissions provided by attached IAM role where the actuator is running.",
           "$ref": "#/definitions/io.k8s.api.core.v1.LocalObjectReference"
@@ -22428,6 +22432,16 @@
         }
       }
     },
+    "com.github.openshift.api.machine.v1beta1.CPUOptions": {
+      "description": "CPUOptions defines the cpu options for the instance.",
+      "type": "object",
+      "properties": {
+        "confidentialCompute": {
+          "description": "confidentialCompute specifies whether confidential computing should be enabled for the instance, and, if so, which confidential computing technology to use. If set to Disabled, the instance will not use confidential computing. If set to AMDSevSnp, the instance will be configured with AMD SEV-SNP. In this case, ensure the following conditions are met: 1) The selected instance type supports AMD SEV-SNP. 2) The selected AWS region supports AMD SEV-SNP. 3) The selected AMI supports AMD SEV-SNP. More details can be checked at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html If omitted, the platform will apply a default value — currently Disabled, but this may change over time.",
+          "type": "string"
+        }
+      }
+    },
     "com.github.openshift.api.machine.v1beta1.Condition": {
       "description": "Condition defines an observation of a Machine API resource operational state.",
       "type": "object",