keyVaultSecretId

The Secret ID of the (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required if data is not set.

NOTE: To implement certificate rotation, versionless_secret_id should be used, although secret_id is also supported. NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs. NOTE: For TLS termination with Key Vault certificates to work properly, an existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via identity block. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.