You have an Azure subscription that contains a managed identity named Identity1 and the Azure key vaults shown in the following table. KeyVault1 contains an acc...

You have an Azure subscription that contains a managed identity named Identity1 and the Azure key vaults shown in the following table.

KeyVault1 contains an access policy that grants Identity1 the following key permissions:
• Get
• List
• Wrap
• Unwrap
You need to provide Identity1 with the same permissions for KeyVault2. The solution must use the principle of least privilege.
Which role should you assign to Identity1?

A. Key Vault Crypto Service Encryption User B. Key Vault Crypto User C. Key Vault Reader D. Key Vault Crypto Officer