Change bound to 'tpm2'.

This is a bit more logical and flexible for the future.

confluent_osdeploy/el8/profiles/default/scripts/pre.sh

@@ -42,7 +42,7 @@ if [ -f "/run/install/cmdline.d/01-autocons.conf" ]; then
 fi
 cryptboot=$(grep ^encryptboot: /etc/confluent/confluent.deploycfg | awk '{print $2}')
 LUKSPARTY=''
-if [ "$cryptboot" == "bound" ]; then
+if [ "$cryptboot" == "tpm2" ]; then
 	LUKSPARTY="--encrypted --passphrase=$(cat /etc/confluent/confluent.apikey)"
 	echo $cryptboot >> /tmp/cryptboot
 fi

confluent_osdeploy/rhvh4/profiles/default/scripts/pre.sh

@@ -43,7 +43,7 @@ if [ -f "/run/install/cmdline.d/01-autocons.conf" ]; then
 fi
 cryptboot=$(grep ^encryptboot: /etc/confluent/confluent.deploycfg | awk '{print $2}')
 LUKSPARTY=''
-if [ "$cryptboot" == "bound" ]; then
+if [ "$cryptboot" == "tpm2" ]; then
 	LUKSPARTY="--encrypted --passphrase=$(cat /etc/confluent/confluent.apikey)"
 	echo $cryptboot >> /tmp/cryptboot
 fi

confluent_server/confluent/config/attributes.py

@@ -111,11 +111,11 @@ node = {
         'description': ('Specify a strategy for encrypting the volume. Support '
                         'This setting is currently only enabled for '
                         'RedHat 8 and CentOS 8 profiles. If blank or unset, '
-                        'no encryption is done. If set to "bound" then the OS '
+                        'no encryption is done. If set to "tpm2" then the OS '
                         'will freely decrypt so long as the same '
                         'Trusted Platform Module is available to decrypt the '
                         'volume'),
-        'validvalues': ('bound', 'none', ''),
+        'validvalues': ('tpm2', 'none', ''),
     },
     'deployment.apiarmed': {
         'description': ('Indicates whether the node authentication token interface '