23 actions in the secretsmanager service. Select an action to see its access level, resource ARNs, condition keys, and a copy-paste IAM policy.
Grants permission to retrieve and decrypt a list of secrets
Grants permission to cancel an in-progress secret rotation
Grants permission to create a secret that stores encrypted data that can be queried and rotated
Grants permission to delete the resource policy attached to a secret
Grants permission to delete a secret
Grants permission to retrieve the metadata about a secret, but not the encrypted data
Grants permission to generate a random string for use in password creation
Grants permission to get the resource policy attached to a secret
Grants permission to retrieve and decrypt the encrypted data
Grants permission to list the available secrets
Grants permission to list the available versions of a secret
Grants permission to attach a resource policy to a secret
Grants permission to create a new version of the secret with new encrypted data
Grants permission to remove regions from replication
Grants permission to convert an existing secret to a multi-Region secret and begin replicating the secret to a list of new regions
Grants permission to cancel deletion of a secret
Grants permission to start rotation of a secret
Grants permission to remove the secret from replication and promote the secret to a regional secret in the replica Region
Grants permission to add tags to a secret
Grants permission to remove tags from a secret
Grants permission to update a secret with new metadata or with a new version of the encrypted data
Grants permission to move a stage from one secret to another
Grants permission to validate a resource policy before attaching policy