**Is this a BUG REPORT or FEATURE REQUEST?**: FEATURE REQUEST **What happened**: As of now, the azure key vault client can be created using the ClientID and ClientSecret. The [recommended way ](https://learn.microsoft.com/en-us/azure/key-vault/general/developers-guide#authentication-best-practices)of creating the client is using a certificate. **What you expected to happen**: Create azure key vault client using certificate. Use the `NewServicePrincipalTokenFromCertificate` function to generate the token using certificate. **How to reproduce it (as minimally and precisely as possible)**: N/A **Anything else we need to know?**: N/A **Environment**: - Container Orchestrator and version: - Cloud provider or hardware configuration: - OS (e.g. from /etc/os-release): - Kernel (e.g. `uname -a`): - Install tools: - Others: