Added Key Vault access policies for App Service identities in az-isolated-service-single-region template

[awkwardindustries]

All Submissions:

---

• [x] Have you followed the guidelines in our Contributing document?
• [x] Have you added an explanation of what your changes do and why you'd like us to include them?
• [x] I have updated the documentation accordingly.
• [ ] I have added tests to cover my changes.
• [x] All new and existing tests passed.
• [x] My code follows the code style of this project.
• [x] I ran lint checks locally prior to submission.
• [x] Have you checked to ensure there aren't other open Pull Requests for the same update/change?

What is the current behavior?

---

The az-isolated-service-single-region template creates all app services in Azure with system assigned identities; however, the Key Vault does not have an access policy for those identities to allow them Get/List permissions to the resource objects.

Issue Number: #282

What is the new behavior?

---

• [x] App services defined within the unauthn_deployment_targets will also have a key vault access policy created providing them with GET/LIST permissions
• [x] App services defined within the authn_deployment_targets will also have a key vault access policy created providing them with GET/LIST permissions

Does this introduce a breaking change?

---

• [NO]

While the behavior will be different, it should only add the permission to any existing deployments.

Any relevant logs, error output, etc?

---

N/A

Other information

---

N/A

[awkwardindustries]

Issue #289 created to track addition of integration tests needed to cover this addition to the template.