resource "azurerm_key_vault" "key_vault" { name = var.key_vault_name location = var.location resource_group_name = var.resource_group_name tags = var.tags access_policy = [] enable_rbac_authorization = true enabled_for_deployment = false enabled_for_disk_encryption = false enabled_for_template_deployment = false network_acls { bypass = "AzureServices" default_action = "Allow" ip_rules = [] virtual_network_subnet_ids = [] } public_network_access_enabled = true purge_protection_enabled = true sku_name = var.key_vault_sku_name soft_delete_retention_days = 7 tenant_id = data.azurerm_client_config.current.tenant_id }