AWS Secrets Manager Secret Policy

This page shows how to write Terraform and CloudFormation for Secrets Manager Secret Policy and write them securely.

aws_secretsmanager_secret_policy (Terraform)

The Secret Policy in Secrets Manager can be configured in Terraform with the resource name aws_secretsmanager_secret_policy. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

secrets-iam.tf#L1
resource "aws_secretsmanager_secret_policy" "station_sm_policy" {
  secret_arn = aws_secretsmanager_secret.station_secretmanager.arn

  policy = <<POLICY
{
  "Version": "2012-10-17",
secrets.tf#L11
resource "aws_secretsmanager_secret_policy" "example" {
  secret_arn = aws_secretsmanager_secret.token.arn

  policy = <<POLICY
{
  "Version": "2012-10-17",
secrets_manager_secret.tf#L11
resource "aws_secretsmanager_secret_policy" "example" {
  secret_arn = aws_secretsmanager_secret.example.arn

  policy = <<POLICY
{
  "Version": "2012-10-17",
main.tf#L9
resource "aws_secretsmanager_secret_policy" "example" {
  secret_arn = aws_secretsmanager_secret.not_secure_policy.arn

  policy = <<POLICY
{
  "Version": "2012-10-17",
main.tf#L9
resource "aws_secretsmanager_secret_policy" "example" {
  secret_arn = aws_secretsmanager_secret.secure_policy.arn

  policy = <<POLICY
{
  "Version": "2012-10-17",

Parameters

Explanation in Terraform Registry

Provides a resource to manage AWS Secrets Manager secret policy.

AWS::SecretsManager::ResourcePolicy (CloudFormation)

The ResourcePolicy in SecretsManager can be configured in CloudFormation with the resource name AWS::SecretsManager::ResourcePolicy. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

Explanation in CloudFormation Registry

Attaches a resource-based permission policy to a secret. A resource-based policy is optional. For more information, see Authentication and access control for Secrets Manager For information about attaching a policy in the console, see Attach a permissions policy to a secret.

Frequently asked questions

What is AWS Secrets Manager Secret Policy?

AWS Secrets Manager Secret Policy is a resource for Secrets Manager of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Secrets Manager Secret Policy?

For Terraform, the kagzouli/StationDemoProject, viralpatel94/cloud9 and kmcquade/terraform-aws-resource-exposure source code examples are useful. See the Terraform Example section for further details.