asm-resource-policy-grants-xacct-read.json - AWS Code Sample


This resource-based policy shows how to delegate access to the attached secret to the administrator of another AWS account.

{ "Sid": "Allow users or roles in account 123456789012 who are delegated access by that account's administrator to have read access to the secret", "Effect": "Allow", "Principal": {"AWS": "arn:aws:iam::123456789012:root"}, "Action": [ "secretsmanager:List*", "secretsmanager:Describe*", "secretsmanager:Get*" ], "Resource": "*" }

Sample Details

Author: AWS

Type: full-example