An organization is implementing a cloud-based orchestration platform to automate resource deployments. To secure the management plane, they must ensure that only authorized users and services can initiate orchestration tasks. Which of the following is the MOST effective security measure to achieve this?