You are designing a new governance model for secrets stored in Secret Manager. Currently, secrets for Production and Non-Production applications are stored and accessed using service accounts. Your proposed solution must:

• Provide granular access to secrets
• Give you control over the rotation schedules for the encryption keys that wrap your secrets
• Maintain environment separation
• Provide ease of management Which approach should you take?