AppConfig - cross-reference/integration with Secret Manager and/or Param Store

Hi I just recently discovered the AppConfig feature of AWS, and it looks super cool and very useful. Our company sticks with Java and Spring Boot, so what I noticed there is already ongoing integration with the awspring.io library: Ticket: https://github.com/awspring/spring-cloud-aws/issues/465 Branch: https://github.com/awspring/spring-cloud-aws/tree/appconfig

However, I have some security concerns and would love to ask to implement a new feature to integrate Secret Manager or ParamStore with AppConfig so we could reference config secret parameter from Secret Manager or SSM

Here is what I mean by config example:

This is an example of how it works now:

spring:
  config:
    activate:
      on-profile: aws-qa-env
  r2dbc:
    username: "<your_user>"
    password: "<your_pass>"
    schema-name: "<schema_name>"
    url: r2dbc:mysql://<host>:<port>/${spring.r2dbc.schema-name}

This means that secrets must be specified in the config. However, I'm asking to extend Appconfig functionality and allow to reference to Secret Manager or SSM like this:

spring:
  config:
    activate:
      on-profile: aws-qa-env
  r2dbc:
    username: @{SSM:/my/path/to/db/username}
    password: @{SSM:/my/path/to/db/pass}
    schema-name: "<schema_name>"
    url: r2dbc:mysql://@{SSM:/my/path/to/db/host}:@{SSM:/my/path/to/db/port}/${spring.r2dbc.schema-name}

if AppConfig allows referencing to the secret manager, it would allow to implement automated secrets rotation and keep secrets separately from the general config. The reference keyholder as I mentioned in the example@{SSM:} could be anything that AWS dev team think might be a good fit for it, I just used it as an example