Hello @Huhn, Alexander
You error means that you should use address range within address space 10.1.0.0/24.
Address range could be 10.1.0.0/29
To access Key Vault securely you can enable Azure Managed Identity in Azure App Service and grant access to use Key Vault.
https://learn.microsoft.com/en-us/samples/azure-samples/app-service-msi-keyvault-dotnet/keyvault-msi-appservice-sample/
https://learn.microsoft.com/en-us/azure/key-vault/general/assign-access-policy?tabs=azure-portal
Then you can reference KeyVault secrets in Azure App Service Settings.
https://intelequia.com/blog/post/2070/storing-azure-app-service-secrets-on-azure-key-vault
If you want to integrate KeyVault into Virtual Network, you can use Private or Service Endpoint
https://learn.microsoft.com/en-us/azure/key-vault/general/private-link-service?tabs=portal
https://learn.microsoft.com/en-us/azure/key-vault/general/overview-vnet-service-endpoints