Question:
Which of the below methods of authenticating to Azure Key Vault is recommended for most scenarios?
Answer:
The benefit of this approach is that Azure automatically rotates the identity.
Service principal and secret is not recommended because the application owner or developer must rotate the certificate.
Service principal and certificate is not recommended because it is difficult to automatically rotate the bootstrap secret that's used to authenticate to Key Vault.