Cannot create Keyvault key and enable customer-key encryption for PostgreSQL at the same time.

[dingjianrui]

I found if we need to enable the customer key encryption for the PostgreSQL database, the "serverKeyName" must be in this format: "KeyvaultName_keyName_keyVersion".

azure-postgresql/arm-templates/ExampleWithDataEncryption/template.json

Lines 36 to 38 in 0b28059

	"variables": {
	"serverKeyName": "[concat(parameters('keyVaultName'), '_', parameters('keyName'), '_', parameters('keyVersion'))]"
	},

which makes it impossible to create the keyvault key and enable the customer-key encryption at the same within one ARM template, cause we cannot use the ARM function "reference" to reference the key we created and extract the dynamically generated version number. The "reference" function cannot be used in variables definition, resource name and types.

azure-postgresql/arm-templates/ExampleWithDataEncryption/template.json

Lines 90 to 102 in 0b28059

	{
	"name": "[concat(parameters('serverName'), '/', variables('serverKeyName'))]",
	"type": "Microsoft.DBforPostgreSQL/servers/keys",
	"apiVersion": "2020-01-01-preview",
	"dependsOn": [
	"addAccessPolicy",
	"[resourceId('Microsoft.DBforPostgreSQL/servers', parameters('serverName'))]"
	],
	"properties": {
	"serverKeyType": "AzureKeyVault",
	"uri": "[concat(reference(resourceId(parameters('keyVaultResourceGroupName'), 'Microsoft.KeyVault/vaults/', parameters('keyVaultName')), '2018-02-14-preview', 'Full').properties.vaultUri, 'keys/', parameters('keyName'), '/', parameters('keyVersion'))]"
	}
	}

Questions:
How to create the keyvault key and enable the customer-key encryption at the same time within one ARM template?

Thanks.