Key Management Service()

in helper/src/components/clusterTab.js [452:466]

• 15 lines of code
• 4 McCabe index (conditional complexity)

                    Key Management Service (KMS) etcd Encryption
                </Label>
                <MessageBar messageBarType={MessageBarType.info}>
                    Using the CSI Secrets Add-On, with volume mounted secrets is the recommended approach for secrets management. <Link target='_' href='https://docs.microsoft.com/azure/aks/csi-secrets-store-driver'>docs</Link>
                </MessageBar>
                <MessageBar messageBarType={MessageBarType.info} styles={{ root: { display: (net.vnetprivateend ? "block" : "none") } }}>
                    Using an existing Key Vault for KMS is the only supported scenario when using Private Link Networking
                </MessageBar>
                <MessageBar messageBarType={MessageBarType.warning} styles={{ root: { display: (cluster.keyVaultKms !== "none" ? "block" : "none") } }}>
                    KMS requires the customer to be responsible for key management (to include rotation).
                    <br />
                    Mismanagement can cause the secrets to be unrecoverable in the cluster. <Link target='_' href='https://docs.microsoft.com/azure/aks/use-kms-etcd-encryption'>docs</Link>
                </MessageBar>
                <ChoiceGroup
                    selectedKey={cluster.keyVaultKms}