diff --git a/docs/integrations/cloud/aws-secret-manager-assume-role.mdx b/docs/integrations/cloud/aws-secret-manager-assume-role.mdx
deleted file mode 100644
index d4cd8370c0..0000000000
--- a/docs/integrations/cloud/aws-secret-manager-assume-role.mdx
+++ /dev/null
@@ -1,144 +0,0 @@
----
-title: "AWS Secrets Manager Assume Role"
-description: "Learn how to sync secrets from Infisical to AWS Secrets Manager without sharing any user credentials."
----
-
-Prerequisites:
-
-- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
-
-
- To connect your Infisical instance with AWS, you need to set up an AWS IAM User account that can assume the AWS IAM Role for the integration.
-
-
-
- Navigate to [Create IAM User](https://console.aws.amazon.com/iamv2/home#/users/create) in your AWS Console.
-
-
- Attach the following inline permission policy to the IAM User to allow it to assume any IAM Roles:
-```json
-{
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "AllowAssumeAnyRole",
- "Effect": "Allow",
- "Action": "sts:AssumeRole",
- "Resource": "arn:aws:iam::*:role/*"
- }
- ]
-}
-```
-
-
- Obtain the AWS access key ID and secret access key for your IAM User by navigating to IAM > Users > [Your User] > Security credentials > Access keys.
-
- ![Access Key Step 1](../../images/integrations/aws/integrations-aws-access-key-1.png)
- ![Access Key Step 2](../../images/integrations/aws/integrations-aws-access-key-2.png)
- ![Access Key Step 3](../../images/integrations/aws/integrations-aws-access-key-3.png)
-
-
- 1. Set the access key as **CLIENT_ID_AWS_INTEGRATION**.
- 2. Set the secret key as **CLIENT_SECRET_AWS_INTEGRATION**.
-
-
-
-
-
-
- 1. Navigate to the [Create IAM Role](https://console.aws.amazon.com/iamv2/home#/roles/create?step=selectEntities) page in your AWS Console.
- ![IAM Role Creation](../../images/integrations/aws/integration-aws-iam-assume-role.png)
-
- 2. Select **AWS Account** as the **Trusted Entity Type**.
- 3. Choose **Another AWS Account** and enter **381492033652** (Infisical AWS Account ID). This restricts the role to be assumed only by Infisical. If self-hosting, provide your AWS account number instead.
- 4. Optionally, enable **Require external ID** and enter your **project ID** to further enhance security.
-
-
-
- ![IAM Role Permissions](../../images/integrations/aws/integration-aws-iam-assume-permission.png)
- Use the following custom policy to grant the minimum permissions required by Infisical to sync secrets to AWS Secrets Manager:
-
- ```json
- {
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "AllowSecretsManagerAccess",
- "Effect": "Allow",
- "Action": [
- "secretsmanager:GetSecretValue",
- "secretsmanager:CreateSecret",
- "secretsmanager:UpdateSecret",
- "secretsmanager:DescribeSecret",
- "secretsmanager:TagResource",
- "secretsmanager:UntagResource",
- "kms:ListKeys",
- "kms:ListAliases",
- "kms:Encrypt",
- "kms:Decrypt"
- ],
- "Resource": "*"
- }
- ]
- }
- ```
-
-
-
- ![Copy IAM Role ARN](../../images/integrations/aws/integration-aws-iam-assume-arn.png)
-
-
-
- 1. Navigate to your project's integrations tab in Infisical.
- 2. Click on the **AWS Secrets Manager** tile.
- ![Select AWS Secrets Manager](../../images/integrations.png)
-
- 3. Select the **AWS Assume Role** option.
- ![Select Assume Role](../../images/integrations/aws/integration-aws-iam-assume-select.png)
-
- 4. Provide the **AWS IAM Role ARN** obtained from the previous step.
-
- Select how you want to integration to work by specifying a number of parameters:
-
-
- The environment in Infisical from which you want to sync secrets to AWS Secrets Manager.
-
-
- The path within the preselected environment form which you want to sync secrets to AWS Secrets Manager.
-
-
- The region that you want to integrate with in AWS Secrets Manager.
-
-
- How you want the integration to map the secrets. The selected value could be either one to one or one to many.
-
-
- The secret name/path in AWS into which you want to sync the secrets from Infisical.
-
-
- ![integration create](../../images/integrations/aws/integrations-aws-secret-manager-create.png)
-
- Optionally, you can add tags or specify the encryption key of all the secrets created via this integration:
-
-
- The Key/Value of a tag that will be added to secrets in AWS. Please note that it is possible to add multiple tags via API.
-
-
- The alias/ID of the AWS KMS key used for encryption. Please note that key should be enabled in order to work and the IAM user should have access to it.
-
- ![integration options](../../images/integrations/aws/integrations-aws-secret-manager-options.png)
-
- Then, press `Create Integration` to start syncing secrets to AWS Secrets Manager.
-
-
- Infisical currently syncs environment variables to AWS Secrets Manager as
- key-value pairs under one secret. We're actively exploring ways to help users
- group environment variable key-pairs under multiple secrets for greater
- control.
-
-
- Please note that upon deleting secrets in Infisical, AWS Secrets Manager immediately makes the secrets inaccessible but only schedules them for deletion after at least 7 days.
-
-
-
-
diff --git a/docs/integrations/cloud/aws-secret-manager.mdx b/docs/integrations/cloud/aws-secret-manager.mdx
index 4b46840b05..64df1df321 100644
--- a/docs/integrations/cloud/aws-secret-manager.mdx
+++ b/docs/integrations/cloud/aws-secret-manager.mdx
@@ -3,6 +3,156 @@ title: "AWS Secrets Manager"
description: "Learn how to sync secrets from Infisical to AWS Secrets Manager."
---
+
+
+Infisical will assume the provided role in your AWS account securely, without the need to share any credentials.
+
+Prerequisites:
+
+- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
+
+
+ To connect your Infisical instance with AWS, you need to set up an AWS IAM User account that can assume the AWS IAM Role for the integration.
+
+If your instance is deployed on AWS, the aws-sdk will automatically retrieve the credentials. Ensure that you assign the provided permission policy to your deployed instance, such as ECS or EC2.
+
+The following steps are for instances not deployed on AWS
+
+
+ Navigate to [Create IAM User](https://console.aws.amazon.com/iamv2/home#/users/create) in your AWS Console.
+
+
+ Attach the following inline permission policy to the IAM User to allow it to assume any IAM Roles:
+```json
+{
+ "Version": "2012-10-17",
+ "Statement": [
+ {
+ "Sid": "AllowAssumeAnyRole",
+ "Effect": "Allow",
+ "Action": "sts:AssumeRole",
+ "Resource": "arn:aws:iam::*:role/*"
+ }
+ ]
+}
+```
+
+
+ Obtain the AWS access key ID and secret access key for your IAM User by navigating to IAM > Users > [Your User] > Security credentials > Access keys.
+
+ ![Access Key Step 1](../../images/integrations/aws/integrations-aws-access-key-1.png)
+ ![Access Key Step 2](../../images/integrations/aws/integrations-aws-access-key-2.png)
+ ![Access Key Step 3](../../images/integrations/aws/integrations-aws-access-key-3.png)
+
+
+ 1. Set the access key as **CLIENT_ID_AWS_INTEGRATION**.
+ 2. Set the secret key as **CLIENT_SECRET_AWS_INTEGRATION**.
+
+
+
+
+
+
+ 1. Navigate to the [Create IAM Role](https://console.aws.amazon.com/iamv2/home#/roles/create?step=selectEntities) page in your AWS Console.
+ ![IAM Role Creation](../../images/integrations/aws/integration-aws-iam-assume-role.png)
+
+ 2. Select **AWS Account** as the **Trusted Entity Type**.
+ 3. Choose **Another AWS Account** and enter **381492033652** (Infisical AWS Account ID). This restricts the role to be assumed only by Infisical. If self-hosting, provide your AWS account number instead.
+ 4. Optionally, enable **Require external ID** and enter your **project ID** to further enhance security.
+
+
+
+ ![IAM Role Permissions](../../images/integrations/aws/integration-aws-iam-assume-permission.png)
+ Use the following custom policy to grant the minimum permissions required by Infisical to sync secrets to AWS Secrets Manager:
+
+ ```json
+ {
+ "Version": "2012-10-17",
+ "Statement": [
+ {
+ "Sid": "AllowSecretsManagerAccess",
+ "Effect": "Allow",
+ "Action": [
+ "secretsmanager:GetSecretValue",
+ "secretsmanager:CreateSecret",
+ "secretsmanager:UpdateSecret",
+ "secretsmanager:DescribeSecret",
+ "secretsmanager:TagResource",
+ "secretsmanager:UntagResource",
+ "kms:ListKeys",
+ "kms:ListAliases",
+ "kms:Encrypt",
+ "kms:Decrypt"
+ ],
+ "Resource": "*"
+ }
+ ]
+ }
+ ```
+
+
+
+ ![Copy IAM Role ARN](../../images/integrations/aws/integration-aws-iam-assume-arn.png)
+
+
+
+ 1. Navigate to your project's integrations tab in Infisical.
+ 2. Click on the **AWS Secrets Manager** tile.
+ ![Select AWS Secrets Manager](../../images/integrations.png)
+
+ 3. Select the **AWS Assume Role** option.
+ ![Select Assume Role](../../images/integrations/aws/integration-aws-iam-assume-select.png)
+
+ 4. Provide the **AWS IAM Role ARN** obtained from the previous step.
+
+ Select how you want to integration to work by specifying a number of parameters:
+
+
+ The environment in Infisical from which you want to sync secrets to AWS Secrets Manager.
+
+
+ The path within the preselected environment form which you want to sync secrets to AWS Secrets Manager.
+
+
+ The region that you want to integrate with in AWS Secrets Manager.
+
+
+ How you want the integration to map the secrets. The selected value could be either one to one or one to many.
+
+
+ The secret name/path in AWS into which you want to sync the secrets from Infisical.
+
+
+ ![integration create](../../images/integrations/aws/integrations-aws-secret-manager-create.png)
+
+ Optionally, you can add tags or specify the encryption key of all the secrets created via this integration:
+
+
+ The Key/Value of a tag that will be added to secrets in AWS. Please note that it is possible to add multiple tags via API.
+
+
+ The alias/ID of the AWS KMS key used for encryption. Please note that key should be enabled in order to work and the IAM user should have access to it.
+
+ ![integration options](../../images/integrations/aws/integrations-aws-secret-manager-options.png)
+
+ Then, press `Create Integration` to start syncing secrets to AWS Secrets Manager.
+
+
+ Infisical currently syncs environment variables to AWS Secrets Manager as
+ key-value pairs under one secret. We're actively exploring ways to help users
+ group environment variable key-pairs under multiple secrets for greater
+ control.
+
+
+ Please note that upon deleting secrets in Infisical, AWS Secrets Manager immediately makes the secrets inaccessible but only schedules them for deletion after at least 7 days.
+
+
+
+
+
+
+Infisical will access your account using the provided AWS access key and secret key.
+
Prerequisites:
- Set up and add envars to [Infisical Cloud](https://app.infisical.com)
@@ -105,3 +255,5 @@ Prerequisites:
+
+
diff --git a/docs/mint.json b/docs/mint.json
index d8410e27af..ac2a536c0a 100644
--- a/docs/mint.json
+++ b/docs/mint.json
@@ -299,7 +299,6 @@
"pages": [
"integrations/cloud/aws-parameter-store",
"integrations/cloud/aws-secret-manager",
- "integrations/cloud/aws-secret-manager-assume-role",
"integrations/cloud/aws-amplify"
]
},