/// <summary>
/// Initializes a new instance of the <see cref="KeyVaultAccessControlClient"/> class for the specified vault.
/// </summary>
/// <param name="vaultUri">A <see cref="Uri"/> to the vault on which the client operates. Appears as "DNS Name" in the Azure portal.</param>
/// <param name="credential">A <see cref="TokenCredential"/> used to authenticate requests to the vault, such as DefaultAzureCredential.</param>
/// <param name="options"><see cref="KeyVaultAdministrationClientOptions"/> that allow to configure the management of the request sent to Key Vault.</param>
/// <exception cref="ArgumentNullException"><paramref name="vaultUri"/> or <paramref name="credential"/> is null.</exception>
public KeyVaultAccessControlClient(Uri vaultUri, TokenCredential credential, KeyVaultAdministrationClientOptions options)
{
Argument.AssertNotNull(vaultUri, nameof(vaultUri));
Argument.AssertNotNull(credential, nameof(credential));
VaultUri = vaultUri;
options ??= new KeyVaultAdministrationClientOptions();
string apiVersion = options.GetVersionString();
HttpPipeline pipeline = HttpPipelineBuilder.Build(options,
new ChallengeBasedAuthenticationPolicy(credential));
_diagnostics = new ClientDiagnostics(options);
_definitionsRestClient = new RoleDefinitionsRestClient(_diagnostics, pipeline, apiVersion);
_assignmentsRestClient = new RoleAssignmentsRestClient(_diagnostics, pipeline, apiVersion);
}