created a secret manager key (non-rotational)with plain text option and encrypted. When i tried to get the value in lambda function, I am getting the error as permission denied. Could you please help how to resolve the issue
You need to assign the role to lambda function to read from the secret manager.
AWS role The following IAM policy allows read access to all resources that you create in AWS Secrets Manager. This policy applies to resources that you have created already and all resources that you create in the future.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"secretsmanager:GetResourcePolicy",
"secretsmanager:GetSecretValue",
"secretsmanager:DescribeSecret",
"secretsmanager:ListSecretVersionIds"
],
"Resource": ["*"]
}
]
}
You can find more specific example below iam-policy-examples-asm-secrets
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.