Attach a permissions policy to an identity - AWS Secrets Manager

Attach a permissions policy to an identity

You can attach permissions policies to IAM identities: users, user groups, and roles. In an identity-based policy, you specify which secrets the identity can access and the actions the identity can perform on the secrets.

You can use identity-based policies to:

  • Grant an identity access to multiple secrets.

  • Control who can create new secrets, and who can access secrets that haven't been created yet.

  • Grant an IAM group access to secrets.

See Permissions policy examples.

To add or remove permissions on an identity