Encrypt the credentials with a database administrator's assistance and store the encrypted text in Amazon S3, granting the EC2 instance role the necessary permissions to read and decrypt the text.

Set up a scheduled task to update the credentials in AWS Systems Manager Parameter Store and alert the engineer to restart the application.

Enable automatic credential rotation within AWS Secrets Manager.

Secure the credentials by storing them as an encrypted parameter in AWS Systems Manager Parameter Store, and allow the EC2 instance role access to both the parameter and the AWS KMS key used for encryption.

Program the Java application to detect connection failures and fetch updated credentials from AWS Secrets Manager upon password rotation, with the EC2 instance role having access permissions to Secrets Manager.