AWS Code Sample
Catalog

asm-user-policy-grants-access-to-only-specified-version-of-secret.json

This IAM policy allows the attached principal to access a secret only if it begins with the letters PROD, and only the AWSCURRENT version of that secret.

{ "Policy": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "secretsmanager:GetSecret", "Resource": "arn:aws:secretsmanager:*:*:secret:Prod*", "Condition": { "ForAnyValue:StringEquals": { "secretsmanager:VersionStage": "AWSCURRENT" } } } ] } }

Sample Details

Service: secretsmanager

Author: AWS

Type: full-example

On this page: