A customer needs to migrate sensitive workloads to a Compute Engine cluster utilizing Managed Instance Groups (MIGs). The workloads are bursty and require rapid completion. They have a specific requirement to manage the key lifecycle.

Which boot disk encryption method should be implemented for the cluster to satisfy these requirements?