SecretsManagerSecretConfiguration - IAM Access Analyzer
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


The configuration for a Secrets Manager secret. For more information, see CreateSecret.

You can propose a configuration for a new secret or an existing secret that you own by specifying the secret policy and optional Amazon KMS encryption key. If the configuration is for an existing secret and you do not specify the secret policy, the access preview uses the existing policy for the secret. If the access preview is for a new resource and you do not specify the policy, the access preview assumes a secret without a policy. To propose deletion of an existing policy, you can specify an empty string. If the proposed configuration is for a new secret and you do not specify the KMS key ID, the access preview uses the Amazon managed key aws/secretsmanager. If you specify an empty string for the KMS key ID, the access preview uses the Amazon managed key of the Amazon Web Services account. For more information about secret policy limits, see Quotas for Amazon Secrets Manager..



The proposed ARN, key ID, or alias of the KMS key.

Type: String

Required: No


The proposed resource policy defining who can access or manage the secret.

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: