169163334 - Switches to SystemAssigned managed identity

The SystemAssigned managed identity requires a preview feature to be
enabled.

```
rgil@rem5:~/atst/terraform/providers/dev$ az feature list|grep MSIPreview
    "id": "/subscriptions/95934d54-980d-47cc-9bce-3a96bf9a2d1b/providers/Microsoft.Features/providers/Microsoft.ContainerService/features/MSIPreview",
    "name": "Microsoft.ContainerService/MSIPreview",
rgil@rem5:~/atst/terraform/providers/dev$ az feature register --namespace Microsoft.ContainerService --name MSIPreview
Once the feature 'MSIPreview' is registered, invoking 'az provider register -n Microsoft.ContainerService' is required to get the change propagated
{
  "id": "/subscriptions/95934d54-980d-47cc-9bce-3a96bf9a2d1b/providers/Microsoft.Features/providers/Microsoft.ContainerService/features/MSIPreview",
  "name": "Microsoft.ContainerService/MSIPreview",
  "properties": {
    "state": "Registering"
  },
  "type": "Microsoft.Features/providers/features"
}
rgil@rem5:~/atst/terraform/providers/dev$ az provider register -n Microsoft.ContainerService
rgil@rem5:~/atst/terraform/providers/dev$
```

This also now integrates the policy for keyvault with the k8s managed
identity (system assigned).

terraform/modules/keyvault/variables.tf

@@ -22,3 +22,8 @@ variable "tenant_id" {
   type        = string
   description = "The Tenant ID"
 }
+
+variable "principal_id" {
+  type        = string
+  description = "The service principal_id of the k8s cluster"
+}