Add support for Resource Instance Rules for access to Azure KeyVault

[ericyew]

Similar to Resource instance rules for access to Azure Storage Generally available: Resource instance rules for access to Azure Storage please add support for Resource Instance Rules for access to Azure KeyVault.

Some Azure services operate on multi-tenant infrastructure, so resources of these services cannot be isolated to a specific virtual network. With resource instance rules, we can restrict Azure KeyVault to only allow access from specific resource instances of such Azure services. For example, Azure Logic App on consumption plan would benefit from this. A resource instance rule on a secured KeyVault can be restricted to only allow traffic from that Logic App.