AWS Secrets Manager Secret Policy
This page shows how to write Terraform and CloudFormation for Secrets Manager Secret Policy and write them securely.
aws_secretsmanager_secret_policy (Terraform)
The Secret Policy in Secrets Manager can be configured in Terraform with the resource name aws_secretsmanager_secret_policy
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_secretsmanager_secret_policy" "station_sm_policy" {
secret_arn = aws_secretsmanager_secret.station_secretmanager.arn
policy = <<POLICY
{
"Version": "2012-10-17",
resource "aws_secretsmanager_secret_policy" "example" {
secret_arn = aws_secretsmanager_secret.token.arn
policy = <<POLICY
{
"Version": "2012-10-17",
resource "aws_secretsmanager_secret_policy" "example" {
secret_arn = aws_secretsmanager_secret.example.arn
policy = <<POLICY
{
"Version": "2012-10-17",
resource "aws_secretsmanager_secret_policy" "example" {
secret_arn = aws_secretsmanager_secret.not_secure_policy.arn
policy = <<POLICY
{
"Version": "2012-10-17",
resource "aws_secretsmanager_secret_policy" "example" {
secret_arn = aws_secretsmanager_secret.secure_policy.arn
policy = <<POLICY
{
"Version": "2012-10-17",
Parameters
-
block_public_policy
optional - bool -
id
optional computed - string -
policy
required - string -
secret_arn
required - string
Explanation in Terraform Registry
Provides a resource to manage AWS Secrets Manager secret policy.
AWS::SecretsManager::ResourcePolicy (CloudFormation)
The ResourcePolicy in SecretsManager can be configured in CloudFormation with the resource name AWS::SecretsManager::ResourcePolicy
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
BlockPublicPolicy
optional - Boolean -
SecretId
required - String -
ResourcePolicy
required - Json
Explanation in CloudFormation Registry
Attaches a resource-based permission policy to a secret. A resource-based policy is optional. For more information, see Authentication and access control for Secrets Manager For information about attaching a policy in the console, see Attach a permissions policy to a secret.
Frequently asked questions
What is AWS Secrets Manager Secret Policy?
AWS Secrets Manager Secret Policy is a resource for Secrets Manager of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Secrets Manager Secret Policy?
For Terraform, the kagzouli/StationDemoProject, viralpatel94/cloud9 and kmcquade/terraform-aws-resource-exposure source code examples are useful. See the Terraform Example section for further details.