diff --git a/deploy/scripts/deploy.ps1 b/deploy/scripts/deploy.ps1
index 2e0e47495e..6b9a68a1a2 100644
--- a/deploy/scripts/deploy.ps1
+++ b/deploy/scripts/deploy.ps1
@@ -932,6 +932,7 @@ Function New-Deployment() {
         if ([string]::IsNullOrEmpty($script:gatewayVmSku)) {
 
             # Get all vm skus available in the location and in the account
+            Write-Host "Determining VM sizes for Linux IoT Edge gateway simulations..."
             $availableVms = Get-AzComputeResourceSku | Where-Object {
                 ($_.ResourceType.Contains("virtualMachines")) -and `
                 ($_.Locations -icontains $script:resourceGroupLocation) -and `
@@ -984,6 +985,7 @@ Write-Warning "Standard_D4s_v4 VM with Nested virtualization for IoT Edge Eflow
         if ([string]::IsNullOrEmpty($script:opcPlcVmSku)) {
 
             # We will use VM with at least 1 core and 2 GB of memory for hosting OPC PLC simulation containers.
+            Write-Host "Determining VM sizes for simulation containers..."
             $simulationVmSizes = Get-AzVMSize $script:resourceGroupLocation `
             | Where-Object { $availableVmNames -icontains $_.Name } `
             | Where-Object {
@@ -1043,6 +1045,9 @@ Write-Warning "Standard_D4s_v4 VM with Nested virtualization for IoT Edge Eflow
                 Set-AzContext -Context $context
             }
         }
+        else {
+            Write-Host "Not registering AAD application!"
+        }
     }
     elseif (($script:aadConfig -is [string]) -and (Test-Path $script:aadConfig)) {
         # read configuration from file
@@ -1076,19 +1081,32 @@ Write-Warning "Standard_D4s_v4 VM with Nested virtualization for IoT Edge Eflow
     }
 
     # Register current aad user to access keyvault
-    if (![string]::IsNullOrEmpty($script:aadConfig.UserPrincipalId)) {
-        $templateParameters.Add("userPrincipalId", $script:aadConfig.UserPrincipalId)
+    $userPrincipalId = $script:aadConfig.UserPrincipalId
+    if (![string]::IsNullOrWhiteSpace($userPrincipalId)) {
+        Write-Warning "Deployment will add access to keyvault for user $userPrincipalId..."
     }
     else {
-        $userPrincipalId = (Get-AzADUser -UserPrincipalName (Get-AzContext).Account.Id).Id
-
-        if (![string]::IsNullOrEmpty($userPrincipalId)) {
-            $templateParameters.Add("userPrincipalId", $userPrincipalId)
+        $ctx = Get-AzContext
+        if ($ctx.Account.Type -eq "User") {
+            $userPrincipalId = (Get-AzADUser -UserPrincipalName $ctx.Account.Id).Id
+            Write-Warning "Deployment will add access to keyvault for current user..."
+        }
+        else {
+            $userPrincipalId = (Get-AzADServicePrincipal -ApplicationId $ctx.Account.Id).Id
+            Write-Warning "Deployment will add access to keyvault for service principal id $userPrincipalId..."
+        }
+    }
+    if ([string]::IsNullOrWhiteSpace($userPrincipalId)) {
+        $userPrincipalId = $script:aadConfig.FallBackPrincipalId
+        if ([string]::IsNullOrWhiteSpace($userPrincipalId)) {
+            Write-Host "User principal could not be determined."
+            Write-Host "Access to deployed key vault must be configured manually..."
         }
         else {
-            $templateParameters.Add("userPrincipalId", $script:aadConfig.FallBackPrincipalId)
+            Write-Warning "Deployment will add access to keyvault for user $userPrincipalId (Fallback)..."
         }
     }
+    $templateParameters.Add("userPrincipalId", $userPrincipalId)
 
     # Add IoTSuiteType tag. This tag will be applied for all resources.
     $tags = @{"IoTSuiteType" = "AzureIndustrialIoT-$($script:type)-$($script:version)-PS1"}
@@ -1096,6 +1114,7 @@ Write-Warning "Standard_D4s_v4 VM with Nested virtualization for IoT Edge Eflow
     $deploymentName = $script:version
 
     # register providers
+    Write-Host "Registering providers..."
     $script:requiredProviders | ForEach-Object {
         Register-AzResourceProvider -ProviderNamespace $_
     } | Out-Null
diff --git a/tools/e2etesting/SetVariables.ps1 b/tools/e2etesting/SetVariables.ps1
index f1220f5289..6df09adeb7 100644
--- a/tools/e2etesting/SetVariables.ps1
+++ b/tools/e2etesting/SetVariables.ps1
@@ -41,15 +41,15 @@ function Get-ContainerRegistrySecret
 $KeyVaultName = $null
 if ($registry -eq "industrialiot")
 {
-    $KeyVaultName = "kv-release-pipeline"
+    $KeyVaultName = "kv-industrialiot"
 }
 if ($registry -eq "industrialiotdev")
 {
-    $KeyVaultName = "kv-developer-pipeline"
+    $KeyVaultName = "kv-industrialiotdev"
 }
 if ($registry -eq "industrialiotprod")
 {
-   # $KeyVaultName = "kv-release-pipeline" #todo
+   # $KeyVaultName = "kv-industrialiotprod" #todo
 }
 if ($KeyVaultName)
 {
diff --git a/tools/e2etesting/steps/deployplatform.yml b/tools/e2etesting/steps/deployplatform.yml
index 134956c0a3..c96f5b95d3 100644
--- a/tools/e2etesting/steps/deployplatform.yml
+++ b/tools/e2etesting/steps/deployplatform.yml
@@ -1,9 +1,23 @@
 steps:
+- task: AzurePowerShell@5
+  displayName: 'Select Image to test'
+  inputs:
+    azureSubscription: '$(AzureSubscription)'
+    azurePowerShellVersion: 'latestVersion'
+    workingDirectory: '$(BasePath)'
+    scriptType: filePath
+    scriptPath: '$(BasePath)\tools\e2etesting\SetVariables.ps1'
+    scriptArguments: >
+      -BranchName "$(BranchName)"
+      -Region "$(Region)"
+      -ImageTag "$(PlatformVersion)"
+      -ContainerRegistryServer "$(ContainerRegistryServer)"
+
 - task: UseDotNet@2
   displayName: 'Install .NET Core SDK for building'
   inputs:
     packageType: sdk
-    version: 8.0.x
+    version: 9.0.x
     includePreviewVersions: false
     installationPath: $(Agent.ToolsDirectory)/dotnet
 
@@ -24,20 +38,6 @@ steps:
       Write-Host "##vso[task.setvariable variable=ServicePrincipalAccessToken]$($accessToken.accessToken)"
       Write-Host "##vso[task.setvariable variable=ServicePrincipalTenantId]$($env:tenantId)"
 
-- task: AzurePowerShell@5
-  displayName: 'Select Image to test'
-  inputs:
-    azureSubscription: '$(AzureSubscription)'
-    azurePowerShellVersion: 'latestVersion'
-    workingDirectory: '$(BasePath)'
-    scriptType: filePath
-    scriptPath: '$(BasePath)\tools\e2etesting\SetVariables.ps1'
-    scriptArguments: >
-      -BranchName "$(BranchName)"
-      -Region "$(Region)"
-      -ImageTag "$(PlatformVersion)"
-      -ContainerRegistryServer "$(ContainerRegistryServer)"
-
 - task: AzurePowerShell@5
   displayName: "Run deployment script"
   retryCountOnTaskFailure: 2
@@ -90,9 +90,3 @@ steps:
     scriptPath: '$(BasePath)\tools\e2etesting\DetermineKeyVaultName.ps1'
     scriptArguments: >
       -ResourceGroupName '$(ResourceGroupName)'
-- task: AzureKeyVault@1
-  displayName: 'Retrieve App identifier'
-  inputs:
-    azureSubscription: '$(AzureSubscription)'
-    KeyVaultName: '$(KeyVaultName)'
-    SecretsFilter: 'PCS-AUTH-CLIENT-APPID,PCS-AUTH-TENANT'
diff --git a/tools/e2etesting/steps/runtests.yml b/tools/e2etesting/steps/runtests.yml
index cb47ca5753..df0d9e1d06 100644
--- a/tools/e2etesting/steps/runtests.yml
+++ b/tools/e2etesting/steps/runtests.yml
@@ -42,13 +42,13 @@ steps:
       -ResourceGroupName "$(ResourceGroupName)"
       -ServicePrincipalName "$(ServicePrincipalId)"
 
-- task: AzureKeyVault@1
+- task: AzureKeyVault@2
   displayName: 'Retrieve KeyVault secrets'
   inputs:
     azureSubscription: '$(AzureSubscription)'
     KeyVaultName: '$(KeyVaultName)'
     SecretsFilter: 'PCS-IOTHUB-CONNSTRING,plc-simulation-urls,plc-simulation-ips,iot-edge-vm-username,iot-edge-vm-publickey,iot-edge-vm-privatekey,iot-edge-device-id,iot-edge-device-dnsname,iothub-eventhub-connectionstring,PCS-SUBSCRIPTION-ID'
-- task: AzureKeyVault@1
+- task: AzureKeyVault@2
   displayName: 'Retrieve KeyVault secrets for API tests'
   condition: notIn( '${{ parameters.ModeValue }}', 'standalone', 'AE')
   inputs: