Secrets are exposed in Azure Virtual Machine customData, this may lead to unauthorized access, privilege escalation and other issues.
Once a Virtual Machine is created in the console, custom data cannot be changed. You could choose to create a new virtual machine instance, or use a virtual machine scale set which does have the ability to change update custom data.
In Terraform -
Deprecated in favor of azurerm_linux_virtual_machine and azurerm_windows_virtual_machine:
References:
https://learn.microsoft.com/en-us/azure/virtual-machines/custom-data
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#custom_data