Key Vault Secrets Content Type Undefined

Query id: f8e08a38-fc6e-4915-abbe-a7aadf1d59ef
Query name: Key Vault Secrets Content Type Undefined
Platform: Terraform
Severity: Medium
Category: Best Practices
URL: Github

Description¶

Key Vault Secrets should have set Content Type
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Positive test num. 1 - tf file

resource "azurerm_key_vault_secret" "positive" {
  name         = "secret-sauce"
  value        = "szechuan"
  key_vault_id = azurerm_key_vault.example.id
}

Code samples without security vulnerabilities¶

Negative test num. 1 - tf file

resource "azurerm_key_vault_secret" "negative" {
  name         = "secret-sauce"
  value        = "szechuan"
  key_vault_id = azurerm_key_vault.example.id
  content_type = "password"
}