Posted On: Jan 27, 2021

AWS Identity and Access Management (IAM) Access Analyzer now analyzes AWS Secrets Manager resource-based policies to help you discover secrets that can be accessed publicly or from other accounts or organizations. IAM Access Analyzer makes it easier to identify and remediate unintended public, cross-account, or cross-organization sharing of your Secrets Manager secrets. This helps you reduce access to your secrets and adhere to the security best practice of least privilege.

IAM Access Analyzer is available at no additional cost in the IAM console and through APIs in all commercial AWS Regions, AWS China regions, and AWS GovCloud (US). To learn more about IAM Access Analyzer and which resources it supports, see the documentation page.