Skip to content

Service: secretsmanager

Attached Policies

Policy ARN Policy Name
arn:aws:iam::aws:policy/ReadOnlyAccess ReadOnlyAccess
arn:aws:iam::aws:policy/AmazonRedshiftFullAccess AmazonRedshiftFullAccess
arn:aws:iam::aws:policy/SecurityAudit SecurityAudit
arn:aws:iam::aws:policy/CloudWatchEventsFullAccess CloudWatchEventsFullAccess
arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole AWSOpsWorksCMInstanceProfileRole
arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole AWSOpsWorksCMServiceRole
arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy AWSGreengrassResourceAccessRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AmazonRedshiftServiceLinkedRolePolicy AmazonRedshiftServiceLinkedRolePolicy
arn:aws:iam::aws:policy/AmazonSageMakerFullAccess AmazonSageMakerFullAccess
arn:aws:iam::aws:policy/AlexaForBusinessFullAccess AlexaForBusinessFullAccess
arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup AlexaForBusinessDeviceSetup
arn:aws:iam::aws:policy/aws-service-role/AmazonRDSServiceRolePolicy AmazonRDSServiceRolePolicy
arn:aws:iam::aws:policy/SecretsManagerReadWrite SecretsManagerReadWrite
arn:aws:iam::aws:policy/aws-service-role/AmazonRDSBetaServiceRolePolicy AmazonRDSBetaServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AWSConfigServiceRolePolicy AWSConfigServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AmazonRDSPreviewServiceRolePolicy AmazonRDSPreviewServiceRolePolicy
arn:aws:iam::aws:policy/AmazonRedshiftQueryEditor AmazonRedshiftQueryEditor
arn:aws:iam::aws:policy/aws-service-role/KafkaServiceRolePolicy KafkaServiceRolePolicy
arn:aws:iam::aws:policy/AmazonRDSDataFullAccess AmazonRDSDataFullAccess
arn:aws:iam::aws:policy/aws-service-role/AlexaForBusinessNetworkProfileServicePolicy AlexaForBusinessNetworkProfileServicePolicy
arn:aws:iam::aws:policy/AWSIoTSiteWiseConsoleFullAccess AWSIoTSiteWiseConsoleFullAccess
arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess AmazonEventBridgeFullAccess
arn:aws:iam::aws:policy/aws-service-role/AccessAnalyzerServiceRolePolicy AccessAnalyzerServiceRolePolicy
arn:aws:iam::aws:policy/AmazonKendraFullAccess AmazonKendraFullAccess
arn:aws:iam::aws:policy/AWSThinkboxAWSPortalGatewayPolicy AWSThinkboxAWSPortalGatewayPolicy
arn:aws:iam::aws:policy/AWSThinkboxAWSPortalAdminPolicy AWSThinkboxAWSPortalAdminPolicy
arn:aws:iam::aws:policy/AmazonAppFlowFullAccess AmazonAppFlowFullAccess
arn:aws:iam::aws:policy/AmazonRedshiftDataFullAccess AmazonRedshiftDataFullAccess
arn:aws:iam::aws:policy/service-role/AWS_ConfigRole AWS_ConfigRole
arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy AWSSupportServiceRolePolicy
arn:aws:iam::aws:policy/AwsGlueDataBrewFullAccessPolicy AwsGlueDataBrewFullAccessPolicy
arn:aws:iam::aws:policy/AWSPanoramaFullAccess AWSPanoramaFullAccess
arn:aws:iam::aws:policy/service-role/AWSGlueDataBrewServiceRole AWSGlueDataBrewServiceRole
arn:aws:iam::aws:policy/aws-service-role/AWSAuditManagerServiceRolePolicy AWSAuditManagerServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AWSDirectConnectServiceRolePolicy AWSDirectConnectServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeApiDestinationsServiceRolePolicy AmazonEventBridgeApiDestinationsServiceRolePolicy
arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2FullAccess AmazonRedshiftQueryEditorV2FullAccess
arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2NoSharing AmazonRedshiftQueryEditorV2NoSharing
arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadSharing AmazonRedshiftQueryEditorV2ReadSharing
arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadWriteSharing AmazonRedshiftQueryEditorV2ReadWriteSharing
arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomServiceRolePolicy AmazonRDSCustomServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomPreviewServiceRolePolicy AmazonRDSCustomPreviewServiceRolePolicy
arn:aws:iam::aws:policy/AWSMigrationHubStrategyConsoleFullAccess AWSMigrationHubStrategyConsoleFullAccess
arn:aws:iam::aws:policy/AWSMigrationHubStrategyCollector AWSMigrationHubStrategyCollector
arn:aws:iam::aws:policy/aws-service-role/AWSPanoramaServiceLinkedRolePolicy AWSPanoramaServiceLinkedRolePolicy
arn:aws:iam::aws:policy/AmazonRedshiftAllCommandsFullAccess AmazonRedshiftAllCommandsFullAccess
arn:aws:iam::aws:policy/aws-service-role/AWSECRPullThroughCache_ServiceRolePolicy AWSECRPullThroughCache_ServiceRolePolicy
arn:aws:iam::aws:policy/service-role/AmazonGrafanaRedshiftAccess AmazonGrafanaRedshiftAccess
arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorPlugin AWSMigrationHubOrchestratorPlugin
arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorConsoleFullAccess AWSMigrationHubOrchestratorConsoleFullAccess
arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorInstanceRolePolicy AWSMigrationHubOrchestratorInstanceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerUserSubscriptionsServiceRolePolicy AWSLicenseManagerUserSubscriptionsServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AmazonEKSLocalOutpostServiceRolePolicy AmazonEKSLocalOutpostServiceRolePolicy
arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy AmazonEKSLocalOutpostClusterPolicy
arn:aws:iam::aws:policy/AmazonSageMakerCanvasFullAccess AmazonSageMakerCanvasFullAccess
arn:aws:iam::aws:policy/AWSRefactoringToolkitFullAccess AWSRefactoringToolkitFullAccess
arn:aws:iam::aws:policy/aws-service-role/AWSResourceExplorerServiceRolePolicy AWSResourceExplorerServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy
arn:aws:iam::aws:policy/service-role/AWSSupplyChainFederationAdminAccess AWSSupplyChainFederationAdminAccess
arn:aws:iam::aws:policy/aws-service-role/AWSDataSyncDiscoveryServiceRolePolicy AWSDataSyncDiscoveryServiceRolePolicy
arn:aws:iam::aws:policy/AmazonSecurityLakeAdministrator AmazonSecurityLakeAdministrator
arn:aws:iam::aws:policy/AmazonDocDBElasticFullAccess AmazonDocDBElasticFullAccess
arn:aws:iam::aws:policy/service-role/ROSAInstallerPolicy ROSAInstallerPolicy
arn:aws:iam::aws:policy/service-role/AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy AmazonSageMakerPartnerServiceCatalogProductsLambdaServiceRolePolicy
arn:aws:iam::aws:policy/AmazonLaunchWizardFullAccessV2 AmazonLaunchWizardFullAccessV2
arn:aws:iam::aws:policy/AmazonDataZoneEnvironmentRolePermissionsBoundary AmazonDataZoneEnvironmentRolePermissionsBoundary
arn:aws:iam::aws:policy/AmazonDataZoneFullAccess AmazonDataZoneFullAccess
arn:aws:iam::aws:policy/service-role/AmazonDataZoneRedshiftManageAccessRolePolicy AmazonDataZoneRedshiftManageAccessRolePolicy
arn:aws:iam::aws:policy/AmazonDataZoneRedshiftGlueProvisioningPolicy AmazonDataZoneRedshiftGlueProvisioningPolicy
arn:aws:iam::aws:policy/AmazonSageMakerCanvasDataPrepFullAccess AmazonSageMakerCanvasDataPrepFullAccess
arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceDeploymentServiceRolePolicy AWSMarketplaceDeploymentServiceRolePolicy
arn:aws:iam::aws:policy/service-role/AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity
arn:aws:iam::aws:policy/AmazonRDSCustomInstanceProfileRolePolicy AmazonRDSCustomInstanceProfileRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AmazonTimestreamInfluxDBServiceRolePolicy AmazonTimestreamInfluxDBServiceRolePolicy
arn:aws:iam::aws:policy/AmazonDataZoneSageMakerEnvironmentRolePermissionsBoundary AmazonDataZoneSageMakerEnvironmentRolePermissionsBoundary
arn:aws:iam::aws:policy/aws-service-role/AppStudioServiceRolePolicy AppStudioServiceRolePolicy
arn:aws:iam::aws:policy/AmazonBedrockStudioPermissionsBoundary AmazonBedrockStudioPermissionsBoundary
arn:aws:iam::aws:policy/aws-service-role/AWSPCSServiceRolePolicy AWSPCSServiceRolePolicy
arn:aws:iam::aws:policy/aws-service-role/AWSDataSyncServiceRolePolicy AWSDataSyncServiceRolePolicy
arn:aws:iam::aws:policy/ResourceGroupsTaggingAPITagUntagSupportedResources ResourceGroupsTaggingAPITagUntagSupportedResources
arn:aws:iam::aws:policy/SageMakerStudioProjectUserRolePermissionsBoundary SageMakerStudioProjectUserRolePermissionsBoundary
arn:aws:iam::aws:policy/service-role/SageMakerStudioProjectProvisioningRolePolicy SageMakerStudioProjectProvisioningRolePolicy
arn:aws:iam::aws:policy/SageMakerStudioProjectUserRolePolicy SageMakerStudioProjectUserRolePolicy
arn:aws:iam::aws:policy/SageMakerStudioFullAccess SageMakerStudioFullAccess
arn:aws:iam::aws:policy/AIOpsAssistantPolicy AIOpsAssistantPolicy
arn:aws:iam::aws:policy/AIOpsConsoleAdminPolicy AIOpsConsoleAdminPolicy
arn:aws:iam::aws:policy/service-role/SageMakerStudioBedrockFunctionExecutionRolePolicy SageMakerStudioBedrockFunctionExecutionRolePolicy

Allowed Actions

Action Service
secretsmanager:* secretsmanager
secretsmanager:CreateSecret secretsmanager
secretsmanager:DeleteResourcePolicy secretsmanager
secretsmanager:DeleteSecret secretsmanager
secretsmanager:Describe* secretsmanager
secretsmanager:DescribeSecret secretsmanager
secretsmanager:GetRandomPassword secretsmanager
secretsmanager:GetResourcePolicy secretsmanager
secretsmanager:GetSecretValue secretsmanager
secretsmanager:List* secretsmanager
secretsmanager:ListSecretVersionIds secretsmanager
secretsmanager:ListSecrets secretsmanager
secretsmanager:PutResourcePolicy secretsmanager
secretsmanager:PutSecretValue secretsmanager
secretsmanager:RemoveRegionsFromReplication secretsmanager
secretsmanager:RestoreSecret secretsmanager
secretsmanager:RotateSecret secretsmanager
secretsmanager:TagResource secretsmanager
secretsmanager:UntagResource secretsmanager
secretsmanager:UpdateSecret secretsmanager
secretsmanager:UpdateSecretVersionStage secretsmanager
secretsmanager:describeSecret secretsmanager
secretsmanager:getResourcePolicy secretsmanager
secretsmanager:listSecretVersionIds secretsmanager
secretsmanager:listSecrets secretsmanager