URLs for learning more keyvaut:
===============================

https://docs.microsoft.com/en-us/azure/key-vault/general/overview :
  top level url for azure key vault.  contains other interesting links.
  Done reviewing excepting using the link list to find additional reading

https://docs.microsoft.com/en-us/azure/key-vault/secrets/quick-create-cli :
  Creating and (very superficially) accessing key vault.

https://docs.microsoft.com/en-us/azure/key-vault/general/manage-with-cli2 :
  More detailed version of quick-start.  Towards middle, discusses
  registering an app with azure ad and these three urls::

    https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
    https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal
    https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli

https://docs.microsoft.com/en-us/cli/azure/keyvault?view=azure-cli-latest :
  Entire cli keyvault command reference.

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal?WT.mc_id=Portal-Microsoft_Azure_KeyVault&tabs=current :
  Using Azure AD for keyvault access.

https://docs.microsoft.com/en-us/cli/azure/keyvault/role/assignment?view=azure-cli-latest :
  azcli role assignment creation.

https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates :
  Keys, secrets, and certs doc::

    https://docs.microsoft.com/en-us/azure/key-vault/keys/about-keys
    https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets
    https://docs.microsoft.com/en-us/azure/key-vault/certificates/about-certificates

https://docs.microsoft.com/en-us/azure/key-vault/general/best-practices
  general high level best practices.  Does suggest one kv per app per env.
  to avoid secrets leaking to other envs and to limit blast radius.

https://docs.microsoft.com/en-us/azure/key-vault/secrets/secrets-best-practices

https://docs.microsoft.com/en-us/azure/key-vault/general/authentication-requests-and-responsesk
  General http/REST put/get operations

https://docs.microsoft.com/en-us/azure/key-vault/general/authentication

https://docs.microsoft.com/en-us/azure/key-vault/general/access-behind-firewall
  Local firewall ports to open so apps/teams can work w/azure storage.

https://docs.microsoft.com/en-us/python/api/overview/azure/identity-readme?view=azure-python
  Python code examples for authenticating to AAD.

https://docs.microsoft.com/en-us/azure/key-vault/general/rbac-guide

https://docs.microsoft.com/en-us/azure/key-vault/general/security-features
  keyvault security overview

https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/key-vault-security-baseline
  keyvault security baseline - think CIS benchmark.  I mean literally.  Excellent doc
  for something that should have some automated scanning around it.

https://docs.microsoft.com/en-us/azure/key-vault/general/overview-vnet-service-endpoints
  Very generic overview of kv network endpoints.

https://docs.microsoft.com/en-us/azure/key-vault/general/network-security
  Pretty much a rehash of the kv firewall page.