diff --git a/api/vendor/github.com/openshift/assisted-service/models/boot.go b/api/vendor/github.com/openshift/assisted-service/models/boot.go
index 8b7defc953..c6eec1d227 100644
--- a/api/vendor/github.com/openshift/assisted-service/models/boot.go
+++ b/api/vendor/github.com/openshift/assisted-service/models/boot.go
@@ -8,6 +8,7 @@ package models
 import (
 	"context"
 
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -25,15 +26,67 @@ type Boot struct {
 
 	// pxe interface
 	PxeInterface string `json:"pxe_interface,omitempty"`
+
+	// secure boot state
+	SecureBootState SecureBootState `json:"secure_boot_state,omitempty"`
 }
 
 // Validate validates this boot
 func (m *Boot) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateSecureBootState(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) validateSecureBootState(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecureBootState) { // not required
+		return nil
+	}
+
+	if err := m.SecureBootState.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
-// ContextValidate validates this boot based on context it is used
+// ContextValidate validate this boot based on the context it is used
 func (m *Boot) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateSecureBootState(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) contextValidateSecureBootState(ctx context.Context, formats strfmt.Registry) error {
+
+	if err := m.SecureBootState.ContextValidate(ctx, formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
diff --git a/api/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go b/api/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go
new file mode 100644
index 0000000000..934cfd675f
--- /dev/null
+++ b/api/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go
@@ -0,0 +1,84 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// SecureBootState secure boot state
+//
+// swagger:model secure-boot-state
+type SecureBootState string
+
+func NewSecureBootState(value SecureBootState) *SecureBootState {
+	return &value
+}
+
+// Pointer returns a pointer to a freshly-allocated SecureBootState.
+func (m SecureBootState) Pointer() *SecureBootState {
+	return &m
+}
+
+const (
+
+	// SecureBootStateUnknown captures enum value "Unknown"
+	SecureBootStateUnknown SecureBootState = "Unknown"
+
+	// SecureBootStateNotSupported captures enum value "NotSupported"
+	SecureBootStateNotSupported SecureBootState = "NotSupported"
+
+	// SecureBootStateEnabled captures enum value "Enabled"
+	SecureBootStateEnabled SecureBootState = "Enabled"
+
+	// SecureBootStateDisabled captures enum value "Disabled"
+	SecureBootStateDisabled SecureBootState = "Disabled"
+)
+
+// for schema
+var secureBootStateEnum []interface{}
+
+func init() {
+	var res []SecureBootState
+	if err := json.Unmarshal([]byte(`["Unknown","NotSupported","Enabled","Disabled"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		secureBootStateEnum = append(secureBootStateEnum, v)
+	}
+}
+
+func (m SecureBootState) validateSecureBootStateEnum(path, location string, value SecureBootState) error {
+	if err := validate.EnumCase(path, location, value, secureBootStateEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this secure boot state
+func (m SecureBootState) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateSecureBootStateEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// ContextValidate validates this secure boot state based on context it is used
+func (m SecureBootState) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
diff --git a/client/vendor/github.com/openshift/assisted-service/models/boot.go b/client/vendor/github.com/openshift/assisted-service/models/boot.go
index 8b7defc953..c6eec1d227 100644
--- a/client/vendor/github.com/openshift/assisted-service/models/boot.go
+++ b/client/vendor/github.com/openshift/assisted-service/models/boot.go
@@ -8,6 +8,7 @@ package models
 import (
 	"context"
 
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -25,15 +26,67 @@ type Boot struct {
 
 	// pxe interface
 	PxeInterface string `json:"pxe_interface,omitempty"`
+
+	// secure boot state
+	SecureBootState SecureBootState `json:"secure_boot_state,omitempty"`
 }
 
 // Validate validates this boot
 func (m *Boot) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateSecureBootState(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) validateSecureBootState(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecureBootState) { // not required
+		return nil
+	}
+
+	if err := m.SecureBootState.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
-// ContextValidate validates this boot based on context it is used
+// ContextValidate validate this boot based on the context it is used
 func (m *Boot) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateSecureBootState(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) contextValidateSecureBootState(ctx context.Context, formats strfmt.Registry) error {
+
+	if err := m.SecureBootState.ContextValidate(ctx, formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
diff --git a/client/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go b/client/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go
new file mode 100644
index 0000000000..934cfd675f
--- /dev/null
+++ b/client/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go
@@ -0,0 +1,84 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// SecureBootState secure boot state
+//
+// swagger:model secure-boot-state
+type SecureBootState string
+
+func NewSecureBootState(value SecureBootState) *SecureBootState {
+	return &value
+}
+
+// Pointer returns a pointer to a freshly-allocated SecureBootState.
+func (m SecureBootState) Pointer() *SecureBootState {
+	return &m
+}
+
+const (
+
+	// SecureBootStateUnknown captures enum value "Unknown"
+	SecureBootStateUnknown SecureBootState = "Unknown"
+
+	// SecureBootStateNotSupported captures enum value "NotSupported"
+	SecureBootStateNotSupported SecureBootState = "NotSupported"
+
+	// SecureBootStateEnabled captures enum value "Enabled"
+	SecureBootStateEnabled SecureBootState = "Enabled"
+
+	// SecureBootStateDisabled captures enum value "Disabled"
+	SecureBootStateDisabled SecureBootState = "Disabled"
+)
+
+// for schema
+var secureBootStateEnum []interface{}
+
+func init() {
+	var res []SecureBootState
+	if err := json.Unmarshal([]byte(`["Unknown","NotSupported","Enabled","Disabled"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		secureBootStateEnum = append(secureBootStateEnum, v)
+	}
+}
+
+func (m SecureBootState) validateSecureBootStateEnum(path, location string, value SecureBootState) error {
+	if err := validate.EnumCase(path, location, value, secureBootStateEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this secure boot state
+func (m SecureBootState) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateSecureBootStateEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// ContextValidate validates this secure boot state based on context it is used
+func (m SecureBootState) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
diff --git a/models/boot.go b/models/boot.go
index 8b7defc953..c6eec1d227 100644
--- a/models/boot.go
+++ b/models/boot.go
@@ -8,6 +8,7 @@ package models
 import (
 	"context"
 
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -25,15 +26,67 @@ type Boot struct {
 
 	// pxe interface
 	PxeInterface string `json:"pxe_interface,omitempty"`
+
+	// secure boot state
+	SecureBootState SecureBootState `json:"secure_boot_state,omitempty"`
 }
 
 // Validate validates this boot
 func (m *Boot) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateSecureBootState(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) validateSecureBootState(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecureBootState) { // not required
+		return nil
+	}
+
+	if err := m.SecureBootState.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
-// ContextValidate validates this boot based on context it is used
+// ContextValidate validate this boot based on the context it is used
 func (m *Boot) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateSecureBootState(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) contextValidateSecureBootState(ctx context.Context, formats strfmt.Registry) error {
+
+	if err := m.SecureBootState.ContextValidate(ctx, formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
diff --git a/models/secure_boot_state.go b/models/secure_boot_state.go
new file mode 100644
index 0000000000..934cfd675f
--- /dev/null
+++ b/models/secure_boot_state.go
@@ -0,0 +1,84 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// SecureBootState secure boot state
+//
+// swagger:model secure-boot-state
+type SecureBootState string
+
+func NewSecureBootState(value SecureBootState) *SecureBootState {
+	return &value
+}
+
+// Pointer returns a pointer to a freshly-allocated SecureBootState.
+func (m SecureBootState) Pointer() *SecureBootState {
+	return &m
+}
+
+const (
+
+	// SecureBootStateUnknown captures enum value "Unknown"
+	SecureBootStateUnknown SecureBootState = "Unknown"
+
+	// SecureBootStateNotSupported captures enum value "NotSupported"
+	SecureBootStateNotSupported SecureBootState = "NotSupported"
+
+	// SecureBootStateEnabled captures enum value "Enabled"
+	SecureBootStateEnabled SecureBootState = "Enabled"
+
+	// SecureBootStateDisabled captures enum value "Disabled"
+	SecureBootStateDisabled SecureBootState = "Disabled"
+)
+
+// for schema
+var secureBootStateEnum []interface{}
+
+func init() {
+	var res []SecureBootState
+	if err := json.Unmarshal([]byte(`["Unknown","NotSupported","Enabled","Disabled"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		secureBootStateEnum = append(secureBootStateEnum, v)
+	}
+}
+
+func (m SecureBootState) validateSecureBootStateEnum(path, location string, value SecureBootState) error {
+	if err := validate.EnumCase(path, location, value, secureBootStateEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this secure boot state
+func (m SecureBootState) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateSecureBootStateEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// ContextValidate validates this secure boot state based on context it is used
+func (m SecureBootState) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
diff --git a/restapi/embedded_spec.go b/restapi/embedded_spec.go
index b33874b298..0b90e1165a 100644
--- a/restapi/embedded_spec.go
+++ b/restapi/embedded_spec.go
@@ -6140,6 +6140,9 @@ func init() {
         },
         "pxe_interface": {
           "type": "string"
+        },
+        "secure_boot_state": {
+          "$ref": "#/definitions/secure-boot-state"
         }
       }
     },
@@ -10110,6 +10113,15 @@ func init() {
         }
       }
     },
+    "secure-boot-state": {
+      "type": "string",
+      "enum": [
+        "Unknown",
+        "NotSupported",
+        "Enabled",
+        "Disabled"
+      ]
+    },
     "service_network": {
       "description": "IP address block for service IP blocks.",
       "type": "object",
@@ -17034,6 +17046,9 @@ func init() {
         },
         "pxe_interface": {
           "type": "string"
+        },
+        "secure_boot_state": {
+          "$ref": "#/definitions/secure-boot-state"
         }
       }
     },
@@ -20962,6 +20977,15 @@ func init() {
         }
       }
     },
+    "secure-boot-state": {
+      "type": "string",
+      "enum": [
+        "Unknown",
+        "NotSupported",
+        "Enabled",
+        "Disabled"
+      ]
+    },
     "service_network": {
       "description": "IP address block for service IP blocks.",
       "type": "object",
diff --git a/swagger.yaml b/swagger.yaml
index 6d368ec5d1..2d06d4d452 100644
--- a/swagger.yaml
+++ b/swagger.yaml
@@ -6015,6 +6015,8 @@ definitions:
         type: string
       command_line:
         type: string
+      secure_boot_state:
+        $ref: '#/definitions/secure-boot-state'
 
   system_vendor:
     type: object
@@ -7590,3 +7592,11 @@ definitions:
         type: string
         format: date-time
         description: Expiration time for the URL token.
+
+  secure-boot-state:
+    type: string
+    enum:
+    - Unknown
+    - NotSupported
+    - Enabled
+    - Disabled
diff --git a/vendor/github.com/openshift/assisted-service/models/boot.go b/vendor/github.com/openshift/assisted-service/models/boot.go
index 8b7defc953..c6eec1d227 100644
--- a/vendor/github.com/openshift/assisted-service/models/boot.go
+++ b/vendor/github.com/openshift/assisted-service/models/boot.go
@@ -8,6 +8,7 @@ package models
 import (
 	"context"
 
+	"github.com/go-openapi/errors"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
@@ -25,15 +26,67 @@ type Boot struct {
 
 	// pxe interface
 	PxeInterface string `json:"pxe_interface,omitempty"`
+
+	// secure boot state
+	SecureBootState SecureBootState `json:"secure_boot_state,omitempty"`
 }
 
 // Validate validates this boot
 func (m *Boot) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.validateSecureBootState(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) validateSecureBootState(formats strfmt.Registry) error {
+	if swag.IsZero(m.SecureBootState) { // not required
+		return nil
+	}
+
+	if err := m.SecureBootState.Validate(formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
-// ContextValidate validates this boot based on context it is used
+// ContextValidate validate this boot based on the context it is used
 func (m *Boot) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := m.contextValidateSecureBootState(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (m *Boot) contextValidateSecureBootState(ctx context.Context, formats strfmt.Registry) error {
+
+	if err := m.SecureBootState.ContextValidate(ctx, formats); err != nil {
+		if ve, ok := err.(*errors.Validation); ok {
+			return ve.ValidateName("secure_boot_state")
+		} else if ce, ok := err.(*errors.CompositeError); ok {
+			return ce.ValidateName("secure_boot_state")
+		}
+		return err
+	}
+
 	return nil
 }
 
diff --git a/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go b/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go
new file mode 100644
index 0000000000..934cfd675f
--- /dev/null
+++ b/vendor/github.com/openshift/assisted-service/models/secure_boot_state.go
@@ -0,0 +1,84 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
+)
+
+// SecureBootState secure boot state
+//
+// swagger:model secure-boot-state
+type SecureBootState string
+
+func NewSecureBootState(value SecureBootState) *SecureBootState {
+	return &value
+}
+
+// Pointer returns a pointer to a freshly-allocated SecureBootState.
+func (m SecureBootState) Pointer() *SecureBootState {
+	return &m
+}
+
+const (
+
+	// SecureBootStateUnknown captures enum value "Unknown"
+	SecureBootStateUnknown SecureBootState = "Unknown"
+
+	// SecureBootStateNotSupported captures enum value "NotSupported"
+	SecureBootStateNotSupported SecureBootState = "NotSupported"
+
+	// SecureBootStateEnabled captures enum value "Enabled"
+	SecureBootStateEnabled SecureBootState = "Enabled"
+
+	// SecureBootStateDisabled captures enum value "Disabled"
+	SecureBootStateDisabled SecureBootState = "Disabled"
+)
+
+// for schema
+var secureBootStateEnum []interface{}
+
+func init() {
+	var res []SecureBootState
+	if err := json.Unmarshal([]byte(`["Unknown","NotSupported","Enabled","Disabled"]`), &res); err != nil {
+		panic(err)
+	}
+	for _, v := range res {
+		secureBootStateEnum = append(secureBootStateEnum, v)
+	}
+}
+
+func (m SecureBootState) validateSecureBootStateEnum(path, location string, value SecureBootState) error {
+	if err := validate.EnumCase(path, location, value, secureBootStateEnum, true); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Validate validates this secure boot state
+func (m SecureBootState) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	// value enum
+	if err := m.validateSecureBootStateEnum("", "body", m); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+// ContextValidate validates this secure boot state based on context it is used
+func (m SecureBootState) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}