missing details on keyvault pre-req's w.r.t. access policy for installing user

[phwecker]

i just tried an install based on the doc and it seems that there are undocumented pre-req's for keyvault acceess for the user that is used to do the install.

current paragraph : An Azure Key Vault that has the Permission model set to Vault access policy. You can check this setting in the Access configuration section of an existing key vault.

BUT .. without creating an access policy for the user that is executing the az iot ops init command, the command fails with an error message, pointing to the ID of the user principal.

after creating an access policy for that user, the install proceeds successfully beyond that respective pre-check.

ASK : the doc should contain the minimum set of key vault permissions for the access policy to successfully perform the install.

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: 29921128-fb46-1a38-c832-a49887df3eb0
• Version Independent ID: aca6d9bf-b567-692b-ae75-efec339c973b
• Content: Deploy extensions - Azure IoT Orchestrator - Azure IoT Operations Preview
• Content Source: articles/iot-operations/deploy-iot-ops/howto-deploy-iot-operations.md
• Service: iot-operations
• GitHub Login: @kgremban
• Microsoft Alias: kgremban

[Naveenommi-MSFT]

@phwecker Thanks for your feedback! We will investigate and update as appropriate.

[RamanathanChinnappan-MSFT]

@phwecker I've delegated this to @kgremban, a content author, to review and share their valuable insights.