Default ConfidentialInstanceType to SEV-SNP on supported machines when confidentialCompute is Enabled #1427
Description
/kind feature
Describe the solution you'd like
A patch that opens the possibility of configuring AMD SEV-SNP confidential computing instances was merged (see #1410).
This was implemented by extending confidentialCompute, a GCPMachineSpec attribute, to accept more values than just the prior Enabled/Disabled.
Another similar effort is #1426, which aims at TDX on c3 machines (Intel's equivalent technology).
When only Enabled/Disabled was allowed, only AMD SEV machines could be configured. This set compute.Instance's ConfidentialInstanceConfig.EnableConfidentialCompute to true and relied on google API's internal defaults to provision a SEV machine. Those defaults do not seem to be documented [0], though.
AMD SEV-SNP extends previous AMD SEV by covering some of the existing attack channels [1]. That is, AMD SEV-SNP is considered to be a safer alternative following AMD SEV.
However, confidential instance type relies on Google API defaults, which default to SEV (I guess that for backward compatibility reasons).
Wouldn't be a safer choice (from the user perspective) to default to AMD SEV-SNP when confidentialCompute: Enabled is configured for a machine (n2d) that supports both SEV-SNP and SEV?
However, this could have some backward compatibility implications from my point of view. At the moment (as prior to #1410), setting confidentialCompute: Enabled for a n2d machine results on a SEV confidential instance. If the default for n2d and Enabled was changed, the same configuration would result in, although safer on paper, a different SEV-SNP confidential instance.
In case it's needed, I could share a draft patch if that would explain the intentions better.