A company is deploying an application on Amazon EC2 instances with an Amazon RDS MySQL database. The application will store sensitive data and a security engineer has been tasked with recommending measures to protect the sensitive data against security breaches. The solution must minimize operational overhead and credentials must be regularly and automatically rotated. Which measures should the security engineer suggest?