No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I think this repository I created can answer some of your questions: <https://github.com/TechWatching/AzureFunctionSQLBindings|https://github.com/TechWatching/AzureFunctionSQLBindings>
It creates an Azure Key Vault with a secret in it, a Function App (configuration is quite similar to a Web App) with a system assigned identity that has the correct role on the key vault

I am not familiar with setting a secret from a file but I guess you can use the file system api to read it and then set the value of the secret with the content of the file.

Do not hesitate if you have some questions about the code. It is separated in different components in the the eng/infra/components folder. I hop that helps

and great article =&gt; <https://www.techwatching.dev/posts/azure-ready-github-repository>