You have an application running on Google Kubernetes Engine (GKE) that needs to make authenticated requests to Google Cloud managed services. The solution should be a one-time setup adhering to security best practices, including automatic key rotation and encrypted storage of credentials. A service account with the necessary permissions has already been created. What is the next step to configure this securely?