1. To store secrets required for deploying a server in hetzner cloud e,g hcloud token, AWS secret and Access for state file, Github Oauth KEY and ID for GH as auth provider in rancher etc.
2. Once rancher is installed using pulumi we would need to set some management there, currently using vault and for basic secrets rancher/kubernetes secrets can be used.