Do not KV delete access policies on incremental deployments

[nmiodice]

All Submissions:

---

• [YES] Have you followed the guidelines in our Contributing document?
• [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
• [YES] I have updated the documentation accordingly.
• [YES] I have added tests to cover my changes.
• [YES] All new and existing tests passed.
• [YES] My code follows the code style of this project.
• [YES] I ran lint checks locally prior to submission.
• [YES] Have you checked to ensure there aren't other open Pull Requests for the same update/change?

What is the current behavior?

---

KV access policies are deleted and re-created after the initial TF apply. Issue Number: https://github.com/microsoft/cobalt/issues/294

What is the new behavior?

---

KV access policies are created once and need not be updated.

Does this introduce a breaking change?

---

• [NO]

Any relevant logs, error output, etc?

---

New plan does NOT contain statements about recreating KV access policies. I.E., the following is now omitted from the output of terraform plan

  + resource "azurerm_key_vault_access_policy" "keyvault" {
      + certificate_permissions = [
          + "create",
          + "delete",
          + "get",
          + "list",
        ]
      + id                      = (known after apply)
      + key_permissions         = [
          + "create",
          + "delete",
          + "get",
        ]
      + key_vault_id            = "..."
      + object_id               = "..."
      + resource_group_name     = (known after apply)
      + secret_permissions      = [
          + "set",
          + "delete",
          + "get",
          + "list",
        ]
      + tenant_id               = "***"
      + vault_name              = (known after apply)
    }

[TechnicallyWilliams]

Looks good so far. Nice catch on the module usage!