AWS Code Sample
Catalog

asm-user-policy-grants-access-to-secret-by-name-with-wildcard.json

This IAM policy demonstrates how to grant read-only access to secrets that match a specific name pattern.

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "secretsmanager:DescribeSecret", "secretsmanager:List*" ], "Resource": "*" }, { "Effect": "Allow", "Action": "secretsmanager:*", "Resource": [ "arn:aws:secretsmanager:<region>:<account-id-number>:secret:a_specific_secret_name-a1b2c3", "arn:aws:secretsmanager:<region>:<account-id-number>:secret:another_secret_name-??????" ] } ] }

Sample Details

Service: secretsmanager

Author: AWS

Type: full-example

On this page: