A company is building an application that uses Amazon EC2 instances and an Amazon RDS database. The solution must be highly secure, and encryption will be implemented within the application and database using an AWS KMS customer managed KMS key. The security team wants to prevent any other services from using the KMS key. Which solution will meet these requirements?