Note
Long-lived credentials are the problem, not rotation
Credential rotation is useful hygiene, but it is not the end state. A rotated standing secret is still a standing secret.
Short-lived credentials change the shape of the problem. They reduce the value of exfiltration, make access easier to scope, and align better with workload identity and auditable trust boundaries.
The best secret is usually the one the service never had to store.