{{ }} Substitute variables
Adjust the variable values according to your preference.
Policy Code
Referenced from: https://docs.aws.amazon.com/mediaconnect/latest/ug/iam-policy-examples-asm-secrets.html
1{
2 "Version" : "2012-10-17",
3 "Statement" : [
4 {
5 "Sid" : "Secrets Manager Secrets Cross Account Policy",
6 "Effect" : "Allow",
7 "Action" : "secretsmanager:GetSecretValue",
8 "Resource" : "*",
9 "Principal" : {
10 "AWS" : [
11 "arn:aws:iam::{{account-id1}}:role/{{role-name1}}",
12 "arn:aws:iam::{{account-id2}}:role/{{role-name2}}"
13 ]
14 }
15 }
16 ]
17}
DOC
For each cross-account role you wish to enable access to Secrets Manager, replace {{account-id}} and {{role-name}} variables.