Pattern: Key vault Secret should have a content type set
Issue: -
Content Type is an optional Key Vault Secret behavior and is not enabled by default.
Clients may specify the content type of a secret to assist in interpreting the secret data when it's retrieved. The maximum length of this field is 255 characters. There are no pre-defined values. The suggested usage is as a hint for interpreting the secret data.
Resolution: Provide content type for secrets to aid interpretation on retrieval.
Example of incorrect code:
resource "azurerm_key_vault_secret" "bad_example" {
name = "secret-sauce"
value = "szechuan"
key_vault_id = azurerm_key_vault.example.id
}Example of correct code:
resource "azurerm_key_vault_secret" "good_example" {
name = "secret-sauce"
value = "szechuan"
key_vault_id = azurerm_key_vault.example.id
content_type = "password"
}