Changing the access control model from Key Vault access policies to Azure RBAC for an existing deployment of Microsoft Industrial IoT (IIoT) suites 2.9.2

[vikas-azureiot]

Is your feature request related to a problem? Please describe.
Currently we installed IIoT suites 2.9.2 where script has created key vault and assigned the Key Vault access policies. However, If we change access control model from Key Vault access policies to Azure RBAC on key vault then what would be the impact on solution.

Describe the solution you'd like
we want to change access control model from Key Vault access policies to Azure RBAC on key vault which was created by IIoT 2.9.2 as this is the requirement for one of the client.

Describe alternatives you've considered
If we change access control model from Key Vault access policies to Azure RBAC so what would be the impact and how we can fix for existing solutions.

Additional context
If we want to deploy new IIoT suites where key vault created with Azure RBAC so where we need to change in IIoT suite script, Please suggest and guide.

[marcschier]

You then need to give the managed identity that is used by app service rbac permissions to the keyvault, technically it should be possible to do this using ARM.