Currently, Our Security engineering team is not allowing to write in secrets manager but read is fine.
We have a common lambda role which is being used by other modules as well.
- Is there any way to configure writing limited to only particular secrets?
Yes. This official documentation shows how to grant read access to only specific secrets. You could do the same thing with write access.
- Alternatives to AWS secrets manager.