A company uses AWS Organizations for a multi-account setup in the AWS Cloud. The company uses AWS
Control Tower for governance and uses AWS Transit Gateway for VPC connectivity across accounts.
In an AWS application account, the company's application team has deployed a web application that uses
AWS Lambda and Amazon RDS. The company's database administrators have a separate DBA account and
use the account to centrally manage all the databases across the organization. The database administrators use
an Amazon EC2 instance that is deployed in the DBA account to access an RDS database that is deployed in
the application account.
The application team has stored the database credentials as secrets in AWS Secrets Manager in the application
account. The application team is manually sharing the secrets with the database administrators. The secrets are
encrypted by the default AWS managed key for Secrets Manager in the application account. A solutions
architect needs to implement a solution that gives the database administrators access to the database and
eliminates the need to manually share the secrets.
Which solution will meet these requirements?