Status: OUT
GCP has two independent key/secret rotation challenges with complementary risk profiles: KMS rotation is operationally safe (duty-separated, non-disruptive) but destruction is catastrophic, while Secret Manager rotation is notification-only (Pub/Sub message, no actual value change) creating startup/rotation tension in Cloud Run — both channels must be mastered independently and both surface as availability events in production.