rover login ----impersonate-sp-from-keyvault-url https://vaulturl -lz .....
Will impersonate the rover under the sp-client-id, sp-client-secret and sp-tenant-id stored into the keyvault
Require a user with permissions to get the secrets from that vault
Add support to login the rover with: