So..potentially stupid question here..is it ok to store your state files locally? I mean they’ll be added to the GitHub repo so it’ll be source controlled.

Should be fine mostly. I'd look to avoid doing that with any resources that get a password, since the password would be in the state file. Even encrypted, I wouldn't want a secret stored in my SCM. YMMV.

It should be fine, but I'd rather treat the state file as a secret. Due to the reason above.

Personally, I don't see the need to store state files locally - they will be in a backend of sorts and I can access them when needed. I tend to not put them into source control either

setting up backend for azure is....tedious and were not allowed to use Pulumi's service (This came from our compliance folks). So I have have two issues, cant use Pulumi service and backend configuration for azure is so tedious its hard to sell compared to TF lol. So far all I got under my belt here is that Pulumi can deploy resources Terraform cannot...such as AADDS

ah ok...