AWS Certified Security - Specialty (#18)

A company’s database developer has just migrated an Amazon RDS database credential to be stored and managed by AWS Secrets Manager. The developer has also enabled rotation of the credential within the Secrets Manager console and set the rotation to change every 30 days. After a short period of time, a number of existing applications have failed with authentication errors. What is the MOST likely cause of the authentication errors?

Migrating the credential to RDS requires that all access come through requests to the Secrets Manager.
Enabling rotation in Secrets Manager causes the secret to rotate immediately, and the applications are using the earlier credential.
The Secrets Manager IAM policy does not allow access to the RDS database.
The Secrets Manager IAM policy does not allow access for the applications.