No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

You could encrypt those secrets with `additionalSecretOutputs` in Pulumi state and keep the state in the Pulumi backend.

<@UB39JFCKC> is it worth maybe creating an issue to look into supporting AAD authentication to the storage now instead of the storage key?

It’s always worth opening a case with a fruitful idea

Thinking of writing a script that uses Azure CLI to get the Storage Key and write it into the environment variable.
$Env:AZURE_STORAGE_KEY = az storage account keys list --account-name $Env:AZURE_STORAGE_ACCOUNT --query "[0].value"