You are responsible for recommending a Google Cloud encryption service for a client migrating their data. The service must manage their encryption keys and meet these requirements:

• The master key must be rotated at least once every 45 days.
• The solution storing the master key must be FIPS 140-2 Level 3 validated.
• The master key must be stored in multiple regions within the US for redundancy. Which solution meets these requirements?