Context

Provisionning Machines on GCP Provider
With confidential compute enabled
Try to set onHostMaintenance to Migrate

Current Issue

Today the webhook refused this case, as it is forbidden by default on GCP.

But an exception exists on n2d series
See this doc for information : https://cloud.google.com/confidential-computing/confidential-vm/docs/troubleshoot-live-migration

Resolution

Add an exception on the webhhook for the n2d series VM, and accept the Migrate onHostMaintenance

Environment

This issue is present on Openshift 4.16, 4.18 and 4.19 for sure