doc: add example for Tenant ServiceAccount

The ServiceAccount "ceph-csi-vault-sa" is expected to be placed in the
Namespace "tenant" so that the provisioner and node-plugin fetch the
ServiceAccount from a Namespace where Ceph-CSI is not deployed.

Signed-off-by: Niels de Vos <ndevos@redhat.com>

examples/kms/vault/csi-kms-connection-details.yaml

@@ -31,6 +31,13 @@ data:
       "VAULT_BACKEND_PATH": "secret",
       "VAULT_SKIP_VERIFY": "true"
     }
+  vault-tenant-sa-test: |-
+    {
+      "KMS_PROVIDER": "vaulttenantsa",
+      "VAULT_ADDR": "http://vault.default.svc.cluster.local:8200",
+      "VAULT_BACKEND_PATH": "shared-secrets",
+      "VAULT_SKIP_VERIFY": "true"
+    }
   secrets-metadata-test: |-
     {
       "encryptionKMSType": "metadata"