feat(secrets-manager): add AWS Secrets Manager integration (#3866)

* feat(secrets-manager): add AWS Secrets Manager integration * fix(secrets-manager): address PR review feedback - Conditional delete message based on forceDelete flag - Add binary secret detection in getSecretValue * fix(secrets-manager): handle boolean forceDelete and validate numeric inputs - Accept both string 'true' and boolean true for forceDelete - Guard parseInt results with isNaN check for maxResults and recoveryWindowInDays
2026-04-06 03:00:16 -04:00 · 2026-03-31 15:26:03 -07:00
parent 4544fd4519
commit 1a2aa6949e
25 changed files with 1670 additions and 0 deletions
--- a/apps/docs/components/icons.tsx
+++ b/apps/docs/components/icons.tsx
@@ -4502,6 +4502,24 @@ export function DynamoDBIcon(props: SVGProps<SVGSVGElement>) {
  )
 }

+export function SecretsManagerIcon(props: SVGProps<SVGSVGElement>) {
+  return (
+    <svg {...props} viewBox='0 0 80 80' xmlns='http://www.w3.org/2000/svg'>
+      <defs>
+        <linearGradient x1='0%' y1='100%' x2='100%' y2='0%' id='secretsManagerGradient'>
+          <stop stopColor='#BD0816' offset='0%' />
+          <stop stopColor='#FF5252' offset='100%' />
+        </linearGradient>
+      </defs>
+      <rect fill='url(#secretsManagerGradient)' width='80' height='80' />
+      <path
+        d='M38.76,43.36 C38.76,44.044 39.317,44.6 40,44.6 C40.684,44.6 41.24,44.044 41.24,43.36 C41.24,42.676 40.684,42.12 40,42.12 C39.317,42.12 38.76,42.676 38.76,43.36 L38.76,43.36 Z M36.76,43.36 C36.76,41.573 38.213,40.12 40,40.12 C41.787,40.12 43.24,41.573 43.24,43.36 C43.24,44.796 42.296,46.002 41,46.426 L41,49 L39,49 L39,46.426 C37.704,46.002 36.76,44.796 36.76,43.36 L36.76,43.36 Z M49,38 L31,38 L31,51 L49,51 L49,48 L46,48 L46,46 L49,46 L49,43 L46,43 L46,41 L49,41 L49,38 Z M34,36 L45.999,36 L46,31 C46.001,28.384 43.143,26.002 40.004,26 L40.001,26 C38.472,26 36.928,26.574 35.763,27.575 C34.643,28.537 34,29.786 34,31.001 L34,36 Z M48,31.001 L47.999,36 L50,36 C50.553,36 51,36.448 51,37 L51,52 C51,52.552 50.553,53 50,53 L30,53 C29.447,53 29,52.552 29,52 L29,37 C29,36.448 29.447,36 30,36 L32,36 L32,31 C32.001,29.202 32.897,27.401 34.459,26.058 C35.982,24.75 38.001,24 40.001,24 L40.004,24 C44.265,24.002 48.001,27.273 48,31.001 L48,31.001 Z M19.207,55.049 L20.828,53.877 C18.093,50.097 16.581,45.662 16.396,41 L19,41 L19,39 L16.399,39 C16.598,34.366 18.108,29.957 20.828,26.198 L19.207,25.025 C16.239,29.128 14.599,33.942 14.399,39 L12,39 L12,41 L14.396,41 C14.582,46.086 16.224,50.926 19.207,55.049 L19.207,55.049 Z M53.838,59.208 C50.069,61.936 45.648,63.446 41,63.639 L41,61 L39,61 L39,63.639 C34.352,63.447 29.93,61.937 26.159,59.208 L24.988,60.828 C29.1,63.805 33.928,65.445 39,65.639 L39,68 L41,68 L41,65.639 C46.072,65.445 50.898,63.805 55.01,60.828 L53.838,59.208 Z M26.159,20.866 C29.93,18.138 34.352,16.628 39,16.436 L39,19 L41,19 L41,16.436 C45.648,16.628 50.069,18.138 53.838,20.866 L55.01,19.246 C50.898,16.27 46.072,14.63 41,14.436 L41,12 L39,12 L39,14.436 C33.928,14.629 29.1,16.269 24.988,19.246 L26.159,20.866 Z M65.599,39 C65.399,33.942 63.759,29.128 60.79,25.025 L59.169,26.198 C61.89,29.957 63.4,34.366 63.599,39 L61,39 L61,41 L63.602,41 C63.416,45.662 61.905,50.097 59.169,53.877 L60.79,55.049 C63.774,50.926 65.415,46.086 65.602,41 L68,41 L68,39 L65.599,39 Z M56.386,25.064 L64.226,17.224 L62.812,15.81 L54.972,23.65 L56.386,25.064 Z M23.612,55.01 L15.772,62.85 L17.186,64.264 L25.026,56.424 L23.612,55.01 Z M28.666,27.253 L13.825,12.413 L12.411,13.827 L27.252,28.667 L28.666,27.253 Z M54.193,52.78 L67.586,66.173 L66.172,67.587 L52.779,54.194 L54.193,52.78 Z'
+        fill='#FFFFFF'
+      />
+    </svg>
+  )
+}
+
 export function SQSIcon(props: SVGProps<SVGSVGElement>) {
  return (
    <svg
--- a/apps/docs/components/ui/icon-mapping.ts
+++ b/apps/docs/components/ui/icon-mapping.ts
@@ -140,6 +140,7 @@ import {
  S3Icon,
  SalesforceIcon,
  SearchIcon,
+  SecretsManagerIcon,
  SendgridIcon,
  SentryIcon,
  SerperIcon,
@@ -317,6 +318,7 @@ export const blockTypeToIconMap: Record<string, IconComponent> = {
  s3: S3Icon,
  salesforce: SalesforceIcon,
  search: SearchIcon,
+  secrets_manager: SecretsManagerIcon,
  sendgrid: SendgridIcon,
  sentry: SentryIcon,
  serper: SerperIcon,
--- a/apps/docs/content/docs/en/tools/meta.json
+++ b/apps/docs/content/docs/en/tools/meta.json
@@ -135,6 +135,7 @@
    "s3",
    "salesforce",
    "search",
+    "secrets_manager",
    "sendgrid",
    "sentry",
    "serper",
--- a/apps/docs/content/docs/en/tools/secrets_manager.mdx
+++ b/apps/docs/content/docs/en/tools/secrets_manager.mdx
@@ -0,0 +1,157 @@
+---
+title: AWS Secrets Manager
+description: Connect to AWS Secrets Manager
+---
+
+import { BlockInfoCard } from "@/components/ui/block-info-card"
+
+<BlockInfoCard 
+  type="secrets_manager"
+  color="linear-gradient(45deg, #BD0816 0%, #FF5252 100%)"
+/>
+
+{/* MANUAL-CONTENT-START:intro */}
+[AWS Secrets Manager](https://aws.amazon.com/secrets-manager/) is a secrets management service that helps you protect access to your applications, services, and IT resources. It enables you to rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.
+
+With AWS Secrets Manager, you can:
+
+- **Securely store secrets**: Encrypt secrets at rest using AWS KMS encryption keys
+- **Retrieve secrets programmatically**: Access secrets from your applications and workflows without hardcoding credentials
+- **Rotate secrets automatically**: Configure automatic rotation for supported services like RDS, Redshift, and DocumentDB
+- **Audit access**: Track secret access and changes through AWS CloudTrail integration
+- **Control access with IAM**: Use fine-grained IAM policies to manage who can access which secrets
+- **Replicate across regions**: Automatically replicate secrets to multiple AWS regions for disaster recovery
+
+In Sim, the AWS Secrets Manager integration allows your workflows to securely retrieve credentials and configuration values at runtime, create and manage secrets as part of automation pipelines, and maintain a centralized secrets store that your agents can access. This is particularly useful for workflows that need to authenticate with external services, rotate credentials, or manage sensitive configuration across environments — all without exposing secrets in your workflow definitions.
+{/* MANUAL-CONTENT-END */}
+
+
+## Usage Instructions
+
+Integrate AWS Secrets Manager into the workflow. Can retrieve, create, update, list, and delete secrets.
+
+
+
+## Tools
+
+### `secrets_manager_get_secret`
+
+Retrieve a secret value from AWS Secrets Manager
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
+| `accessKeyId` | string | Yes | AWS access key ID |
+| `secretAccessKey` | string | Yes | AWS secret access key |
+| `secretId` | string | Yes | The name or ARN of the secret to retrieve |
+| `versionId` | string | No | The unique identifier of the version to retrieve |
+| `versionStage` | string | No | The staging label of the version to retrieve \(e.g., AWSCURRENT, AWSPREVIOUS\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `name` | string | Name of the secret |
+| `secretValue` | string | The decrypted secret value |
+| `arn` | string | ARN of the secret |
+| `versionId` | string | Version ID of the secret |
+| `versionStages` | array | Staging labels attached to this version |
+| `createdDate` | string | Date the secret was created |
+
+### `secrets_manager_list_secrets`
+
+List secrets stored in AWS Secrets Manager
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
+| `accessKeyId` | string | Yes | AWS access key ID |
+| `secretAccessKey` | string | Yes | AWS secret access key |
+| `maxResults` | number | No | Maximum number of secrets to return \(1-100, default 100\) |
+| `nextToken` | string | No | Pagination token from a previous request |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `secrets` | json | List of secrets with name, ARN, description, and dates |
+| `nextToken` | string | Pagination token for the next page of results |
+| `count` | number | Number of secrets returned |
+
+### `secrets_manager_create_secret`
+
+Create a new secret in AWS Secrets Manager
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
+| `accessKeyId` | string | Yes | AWS access key ID |
+| `secretAccessKey` | string | Yes | AWS secret access key |
+| `name` | string | Yes | Name of the secret to create |
+| `secretValue` | string | Yes | The secret value \(plain text or JSON string\) |
+| `description` | string | No | Description of the secret |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `message` | string | Operation status message |
+| `name` | string | Name of the created secret |
+| `arn` | string | ARN of the created secret |
+| `versionId` | string | Version ID of the created secret |
+
+### `secrets_manager_update_secret`
+
+Update the value of an existing secret in AWS Secrets Manager
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
+| `accessKeyId` | string | Yes | AWS access key ID |
+| `secretAccessKey` | string | Yes | AWS secret access key |
+| `secretId` | string | Yes | The name or ARN of the secret to update |
+| `secretValue` | string | Yes | The new secret value \(plain text or JSON string\) |
+| `description` | string | No | Updated description of the secret |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `message` | string | Operation status message |
+| `name` | string | Name of the updated secret |
+| `arn` | string | ARN of the updated secret |
+| `versionId` | string | Version ID of the updated secret |
+
+### `secrets_manager_delete_secret`
+
+Delete a secret from AWS Secrets Manager
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `region` | string | Yes | AWS region \(e.g., us-east-1\) |
+| `accessKeyId` | string | Yes | AWS access key ID |
+| `secretAccessKey` | string | Yes | AWS secret access key |
+| `secretId` | string | Yes | The name or ARN of the secret to delete |
+| `recoveryWindowInDays` | number | No | Number of days before permanent deletion \(7-30, default 30\) |
+| `forceDelete` | boolean | No | If true, immediately delete without recovery window |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `message` | string | Operation status message |
+| `name` | string | Name of the deleted secret |
+| `arn` | string | ARN of the deleted secret |
+| `deletionDate` | string | Scheduled deletion date |
+
+
--- a/apps/sim/app/(landing)/integrations/data/icon-mapping.ts
+++ b/apps/sim/app/(landing)/integrations/data/icon-mapping.ts
@@ -140,6 +140,7 @@ import {
  S3Icon,
  SalesforceIcon,
  SearchIcon,
+  SecretsManagerIcon,
  SendgridIcon,
  SentryIcon,
  SerperIcon,
@@ -317,6 +318,7 @@ export const blockTypeToIconMap: Record<string, IconComponent> = {
  s3: S3Icon,
  salesforce: SalesforceIcon,
  search: SearchIcon,
+  secrets_manager: SecretsManagerIcon,
  sendgrid: SendgridIcon,
  sentry: SentryIcon,
  serper: SerperIcon,
--- a/apps/sim/app/(landing)/integrations/data/integrations.json
+++ b/apps/sim/app/(landing)/integrations/data/integrations.json
@@ -1138,6 +1138,45 @@
    "integrationType": "crm",
    "tags": ["sales-engagement", "enrichment"]
  },
+  {
+    "type": "secrets_manager",
+    "slug": "aws-secrets-manager",
+    "name": "AWS Secrets Manager",
+    "description": "Connect to AWS Secrets Manager",
+    "longDescription": "Integrate AWS Secrets Manager into the workflow. Can retrieve, create, update, list, and delete secrets.",
+    "bgColor": "linear-gradient(45deg, #BD0816 0%, #FF5252 100%)",
+    "iconName": "SecretsManagerIcon",
+    "docsUrl": "https://docs.sim.ai/tools/secrets-manager",
+    "operations": [
+      {
+        "name": "Get Secret",
+        "description": "Retrieve a secret value from AWS Secrets Manager"
+      },
+      {
+        "name": "List Secrets",
+        "description": "List secrets stored in AWS Secrets Manager"
+      },
+      {
+        "name": "Create Secret",
+        "description": "Create a new secret in AWS Secrets Manager"
+      },
+      {
+        "name": "Update Secret",
+        "description": "Update the value of an existing secret in AWS Secrets Manager"
+      },
+      {
+        "name": "Delete Secret",
+        "description": "Delete a secret from AWS Secrets Manager"
+      }
+    ],
+    "operationCount": 5,
+    "triggers": [],
+    "triggerCount": 0,
+    "authType": "none",
+    "category": "tools",
+    "integrationType": "developer-tools",
+    "tags": ["cloud", "secrets-management"]
+  },
  {
    "type": "textract_v2",
    "slug": "aws-textract",
--- a/apps/sim/app/api/tools/secrets_manager/create-secret/route.ts
+++ b/apps/sim/app/api/tools/secrets_manager/create-secret/route.ts
@@ -0,0 +1,65 @@
+import { randomUUID } from 'crypto'
+import { createLogger } from '@sim/logger'
+import { type NextRequest, NextResponse } from 'next/server'
+import { z } from 'zod'
+import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { createSecret, createSecretsManagerClient } from '../utils'
+
+const logger = createLogger('SecretsManagerCreateSecretAPI')
+
+const CreateSecretSchema = z.object({
+  region: z.string().min(1, 'AWS region is required'),
+  accessKeyId: z.string().min(1, 'AWS access key ID is required'),
+  secretAccessKey: z.string().min(1, 'AWS secret access key is required'),
+  name: z.string().min(1, 'Secret name is required'),
+  secretValue: z.string().min(1, 'Secret value is required'),
+  description: z.string().nullish(),
+})
+
+export async function POST(request: NextRequest) {
+  const requestId = randomUUID().slice(0, 8)
+
+  const auth = await checkInternalAuth(request)
+  if (!auth.success || !auth.userId) {
+    return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
+  }
+
+  try {
+    const body = await request.json()
+    const params = CreateSecretSchema.parse(body)
+
+    logger.info(`[${requestId}] Creating secret ${params.name}`)
+
+    const client = createSecretsManagerClient({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+    })
+
+    try {
+      const result = await createSecret(client, params.name, params.secretValue, params.description)
+
+      logger.info(`[${requestId}] Secret created: ${result.name}`)
+
+      return NextResponse.json({
+        message: `Secret "${result.name}" created successfully`,
+        ...result,
+      })
+    } finally {
+      client.destroy()
+    }
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      logger.warn(`[${requestId}] Invalid request data`, { errors: error.errors })
+      return NextResponse.json(
+        { error: 'Invalid request data', details: error.errors },
+        { status: 400 }
+      )
+    }
+
+    const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred'
+    logger.error(`[${requestId}] Failed to create secret:`, error)
+
+    return NextResponse.json({ error: `Failed to create secret: ${errorMessage}` }, { status: 500 })
+  }
+}
--- a/apps/sim/app/api/tools/secrets_manager/delete-secret/route.ts
+++ b/apps/sim/app/api/tools/secrets_manager/delete-secret/route.ts
@@ -0,0 +1,71 @@
+import { randomUUID } from 'crypto'
+import { createLogger } from '@sim/logger'
+import { type NextRequest, NextResponse } from 'next/server'
+import { z } from 'zod'
+import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { createSecretsManagerClient, deleteSecret } from '../utils'
+
+const logger = createLogger('SecretsManagerDeleteSecretAPI')
+
+const DeleteSecretSchema = z.object({
+  region: z.string().min(1, 'AWS region is required'),
+  accessKeyId: z.string().min(1, 'AWS access key ID is required'),
+  secretAccessKey: z.string().min(1, 'AWS secret access key is required'),
+  secretId: z.string().min(1, 'Secret ID is required'),
+  recoveryWindowInDays: z.number().min(7).max(30).nullish(),
+  forceDelete: z.boolean().nullish(),
+})
+
+export async function POST(request: NextRequest) {
+  const requestId = randomUUID().slice(0, 8)
+
+  const auth = await checkInternalAuth(request)
+  if (!auth.success || !auth.userId) {
+    return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
+  }
+
+  try {
+    const body = await request.json()
+    const params = DeleteSecretSchema.parse(body)
+
+    logger.info(`[${requestId}] Deleting secret ${params.secretId}`)
+
+    const client = createSecretsManagerClient({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+    })
+
+    try {
+      const result = await deleteSecret(
+        client,
+        params.secretId,
+        params.recoveryWindowInDays,
+        params.forceDelete
+      )
+
+      const action = params.forceDelete ? 'permanently deleted' : 'scheduled for deletion'
+      logger.info(`[${requestId}] Secret ${action}: ${result.name}`)
+
+      return NextResponse.json({
+        message: `Secret "${result.name}" ${action}`,
+        ...result,
+      })
+    } finally {
+      client.destroy()
+    }
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      logger.warn(`[${requestId}] Invalid request data`, { errors: error.errors })
+      return NextResponse.json(
+        { error: 'Invalid request data', details: error.errors },
+        { status: 400 }
+      )
+    }
+
+    const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred'
+    logger.error(`[${requestId}] Failed to delete secret:`, error)
+
+    return NextResponse.json({ error: `Failed to delete secret: ${errorMessage}` }, { status: 500 })
+  }
+}
--- a/apps/sim/app/api/tools/secrets_manager/get-secret/route.ts
+++ b/apps/sim/app/api/tools/secrets_manager/get-secret/route.ts
@@ -0,0 +1,70 @@
+import { randomUUID } from 'crypto'
+import { createLogger } from '@sim/logger'
+import { type NextRequest, NextResponse } from 'next/server'
+import { z } from 'zod'
+import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { createSecretsManagerClient, getSecretValue } from '../utils'
+
+const logger = createLogger('SecretsManagerGetSecretAPI')
+
+const GetSecretSchema = z.object({
+  region: z.string().min(1, 'AWS region is required'),
+  accessKeyId: z.string().min(1, 'AWS access key ID is required'),
+  secretAccessKey: z.string().min(1, 'AWS secret access key is required'),
+  secretId: z.string().min(1, 'Secret ID is required'),
+  versionId: z.string().nullish(),
+  versionStage: z.string().nullish(),
+})
+
+export async function POST(request: NextRequest) {
+  const requestId = randomUUID().slice(0, 8)
+
+  const auth = await checkInternalAuth(request)
+  if (!auth.success || !auth.userId) {
+    return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
+  }
+
+  try {
+    const body = await request.json()
+    const params = GetSecretSchema.parse(body)
+
+    logger.info(`[${requestId}] Retrieving secret ${params.secretId}`)
+
+    const client = createSecretsManagerClient({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+    })
+
+    try {
+      const result = await getSecretValue(
+        client,
+        params.secretId,
+        params.versionId,
+        params.versionStage
+      )
+
+      logger.info(`[${requestId}] Secret retrieved successfully`)
+
+      return NextResponse.json(result)
+    } finally {
+      client.destroy()
+    }
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      logger.warn(`[${requestId}] Invalid request data`, { errors: error.errors })
+      return NextResponse.json(
+        { error: 'Invalid request data', details: error.errors },
+        { status: 400 }
+      )
+    }
+
+    const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred'
+    logger.error(`[${requestId}] Failed to retrieve secret:`, error)
+
+    return NextResponse.json(
+      { error: `Failed to retrieve secret: ${errorMessage}` },
+      { status: 500 }
+    )
+  }
+}
--- a/apps/sim/app/api/tools/secrets_manager/list-secrets/route.ts
+++ b/apps/sim/app/api/tools/secrets_manager/list-secrets/route.ts
@@ -0,0 +1,61 @@
+import { randomUUID } from 'crypto'
+import { createLogger } from '@sim/logger'
+import { type NextRequest, NextResponse } from 'next/server'
+import { z } from 'zod'
+import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { createSecretsManagerClient, listSecrets } from '../utils'
+
+const logger = createLogger('SecretsManagerListSecretsAPI')
+
+const ListSecretsSchema = z.object({
+  region: z.string().min(1, 'AWS region is required'),
+  accessKeyId: z.string().min(1, 'AWS access key ID is required'),
+  secretAccessKey: z.string().min(1, 'AWS secret access key is required'),
+  maxResults: z.number().min(1).max(100).nullish(),
+  nextToken: z.string().nullish(),
+})
+
+export async function POST(request: NextRequest) {
+  const requestId = randomUUID().slice(0, 8)
+
+  const auth = await checkInternalAuth(request)
+  if (!auth.success || !auth.userId) {
+    return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
+  }
+
+  try {
+    const body = await request.json()
+    const params = ListSecretsSchema.parse(body)
+
+    logger.info(`[${requestId}] Listing secrets`)
+
+    const client = createSecretsManagerClient({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+    })
+
+    try {
+      const result = await listSecrets(client, params.maxResults, params.nextToken)
+
+      logger.info(`[${requestId}] Listed ${result.count} secrets`)
+
+      return NextResponse.json(result)
+    } finally {
+      client.destroy()
+    }
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      logger.warn(`[${requestId}] Invalid request data`, { errors: error.errors })
+      return NextResponse.json(
+        { error: 'Invalid request data', details: error.errors },
+        { status: 400 }
+      )
+    }
+
+    const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred'
+    logger.error(`[${requestId}] Failed to list secrets:`, error)
+
+    return NextResponse.json({ error: `Failed to list secrets: ${errorMessage}` }, { status: 500 })
+  }
+}
--- a/apps/sim/app/api/tools/secrets_manager/update-secret/route.ts
+++ b/apps/sim/app/api/tools/secrets_manager/update-secret/route.ts
@@ -0,0 +1,70 @@
+import { randomUUID } from 'crypto'
+import { createLogger } from '@sim/logger'
+import { type NextRequest, NextResponse } from 'next/server'
+import { z } from 'zod'
+import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { createSecretsManagerClient, updateSecretValue } from '../utils'
+
+const logger = createLogger('SecretsManagerUpdateSecretAPI')
+
+const UpdateSecretSchema = z.object({
+  region: z.string().min(1, 'AWS region is required'),
+  accessKeyId: z.string().min(1, 'AWS access key ID is required'),
+  secretAccessKey: z.string().min(1, 'AWS secret access key is required'),
+  secretId: z.string().min(1, 'Secret ID is required'),
+  secretValue: z.string().min(1, 'Secret value is required'),
+  description: z.string().nullish(),
+})
+
+export async function POST(request: NextRequest) {
+  const requestId = randomUUID().slice(0, 8)
+
+  const auth = await checkInternalAuth(request)
+  if (!auth.success || !auth.userId) {
+    return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
+  }
+
+  try {
+    const body = await request.json()
+    const params = UpdateSecretSchema.parse(body)
+
+    logger.info(`[${requestId}] Updating secret ${params.secretId}`)
+
+    const client = createSecretsManagerClient({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+    })
+
+    try {
+      const result = await updateSecretValue(
+        client,
+        params.secretId,
+        params.secretValue,
+        params.description
+      )
+
+      logger.info(`[${requestId}] Secret updated: ${result.name}`)
+
+      return NextResponse.json({
+        message: `Secret "${result.name}" updated successfully`,
+        ...result,
+      })
+    } finally {
+      client.destroy()
+    }
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      logger.warn(`[${requestId}] Invalid request data`, { errors: error.errors })
+      return NextResponse.json(
+        { error: 'Invalid request data', details: error.errors },
+        { status: 400 }
+      )
+    }
+
+    const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred'
+    logger.error(`[${requestId}] Failed to update secret:`, error)
+
+    return NextResponse.json({ error: `Failed to update secret: ${errorMessage}` }, { status: 500 })
+  }
+}
--- a/apps/sim/app/api/tools/secrets_manager/utils.ts
+++ b/apps/sim/app/api/tools/secrets_manager/utils.ts
@@ -0,0 +1,140 @@
+import {
+  CreateSecretCommand,
+  DeleteSecretCommand,
+  GetSecretValueCommand,
+  ListSecretsCommand,
+  SecretsManagerClient,
+  UpdateSecretCommand,
+} from '@aws-sdk/client-secrets-manager'
+import type { SecretsManagerConnectionConfig } from '@/tools/secrets_manager/types'
+
+export function createSecretsManagerClient(
+  config: SecretsManagerConnectionConfig
+): SecretsManagerClient {
+  return new SecretsManagerClient({
+    region: config.region,
+    credentials: {
+      accessKeyId: config.accessKeyId,
+      secretAccessKey: config.secretAccessKey,
+    },
+  })
+}
+
+export async function getSecretValue(
+  client: SecretsManagerClient,
+  secretId: string,
+  versionId?: string | null,
+  versionStage?: string | null
+) {
+  const command = new GetSecretValueCommand({
+    SecretId: secretId,
+    ...(versionId ? { VersionId: versionId } : {}),
+    ...(versionStage ? { VersionStage: versionStage } : {}),
+  })
+
+  const response = await client.send(command)
+
+  if (!response.SecretString && response.SecretBinary) {
+    throw new Error(
+      'Secret is stored as binary (SecretBinary). This integration only supports string secrets.'
+    )
+  }
+
+  return {
+    name: response.Name ?? '',
+    secretValue: response.SecretString ?? '',
+    arn: response.ARN ?? '',
+    versionId: response.VersionId ?? '',
+    versionStages: response.VersionStages ?? [],
+    createdDate: response.CreatedDate?.toISOString() ?? null,
+  }
+}
+
+export async function listSecrets(
+  client: SecretsManagerClient,
+  maxResults?: number | null,
+  nextToken?: string | null
+) {
+  const command = new ListSecretsCommand({
+    ...(maxResults ? { MaxResults: maxResults } : {}),
+    ...(nextToken ? { NextToken: nextToken } : {}),
+  })
+
+  const response = await client.send(command)
+  const secrets = (response.SecretList ?? []).map((secret) => ({
+    name: secret.Name ?? '',
+    arn: secret.ARN ?? '',
+    description: secret.Description ?? null,
+    createdDate: secret.CreatedDate?.toISOString() ?? null,
+    lastChangedDate: secret.LastChangedDate?.toISOString() ?? null,
+    lastAccessedDate: secret.LastAccessedDate?.toISOString() ?? null,
+    rotationEnabled: secret.RotationEnabled ?? false,
+    tags: secret.Tags?.map((t) => ({ key: t.Key ?? '', value: t.Value ?? '' })) ?? [],
+  }))
+
+  return {
+    secrets,
+    nextToken: response.NextToken ?? null,
+    count: secrets.length,
+  }
+}
+
+export async function createSecret(
+  client: SecretsManagerClient,
+  name: string,
+  secretValue: string,
+  description?: string | null
+) {
+  const command = new CreateSecretCommand({
+    Name: name,
+    SecretString: secretValue,
+    ...(description ? { Description: description } : {}),
+  })
+
+  const response = await client.send(command)
+  return {
+    name: response.Name ?? '',
+    arn: response.ARN ?? '',
+    versionId: response.VersionId ?? '',
+  }
+}
+
+export async function updateSecretValue(
+  client: SecretsManagerClient,
+  secretId: string,
+  secretValue: string,
+  description?: string | null
+) {
+  const command = new UpdateSecretCommand({
+    SecretId: secretId,
+    SecretString: secretValue,
+    ...(description ? { Description: description } : {}),
+  })
+
+  const response = await client.send(command)
+  return {
+    name: response.Name ?? '',
+    arn: response.ARN ?? '',
+    versionId: response.VersionId ?? '',
+  }
+}
+
+export async function deleteSecret(
+  client: SecretsManagerClient,
+  secretId: string,
+  recoveryWindowInDays?: number | null,
+  forceDelete?: boolean | null
+) {
+  const command = new DeleteSecretCommand({
+    SecretId: secretId,
+    ...(forceDelete ? { ForceDeleteWithoutRecovery: true } : {}),
+    ...(!forceDelete && recoveryWindowInDays ? { RecoveryWindowInDays: recoveryWindowInDays } : {}),
+  })
+
+  const response = await client.send(command)
+  return {
+    name: response.Name ?? '',
+    arn: response.ARN ?? '',
+    deletionDate: response.DeletionDate?.toISOString() ?? null,
+  }
+}
--- a/apps/sim/blocks/blocks/secrets_manager.ts
+++ b/apps/sim/blocks/blocks/secrets_manager.ts
@@ -0,0 +1,282 @@
+import { SecretsManagerIcon } from '@/components/icons'
+import type { BlockConfig } from '@/blocks/types'
+import { IntegrationType } from '@/blocks/types'
+import type { SecretsManagerBaseResponse } from '@/tools/secrets_manager/types'
+
+export const SecretsManagerBlock: BlockConfig<SecretsManagerBaseResponse> = {
+  type: 'secrets_manager',
+  name: 'AWS Secrets Manager',
+  description: 'Connect to AWS Secrets Manager',
+  longDescription:
+    'Integrate AWS Secrets Manager into the workflow. Can retrieve, create, update, list, and delete secrets.',
+  docsLink: 'https://docs.sim.ai/tools/secrets-manager',
+  category: 'tools',
+  integrationType: IntegrationType.DeveloperTools,
+  tags: ['cloud', 'secrets-management'],
+  bgColor: 'linear-gradient(45deg, #BD0816 0%, #FF5252 100%)',
+  icon: SecretsManagerIcon,
+  subBlocks: [
+    {
+      id: 'operation',
+      title: 'Operation',
+      type: 'dropdown',
+      options: [
+        { label: 'Get Secret', id: 'get_secret' },
+        { label: 'List Secrets', id: 'list_secrets' },
+        { label: 'Create Secret', id: 'create_secret' },
+        { label: 'Update Secret', id: 'update_secret' },
+        { label: 'Delete Secret', id: 'delete_secret' },
+      ],
+      value: () => 'get_secret',
+    },
+    {
+      id: 'region',
+      title: 'AWS Region',
+      type: 'short-input',
+      placeholder: 'us-east-1',
+      required: true,
+    },
+    {
+      id: 'accessKeyId',
+      title: 'AWS Access Key ID',
+      type: 'short-input',
+      placeholder: 'AKIA...',
+      password: true,
+      required: true,
+    },
+    {
+      id: 'secretAccessKey',
+      title: 'AWS Secret Access Key',
+      type: 'short-input',
+      placeholder: 'Your secret access key',
+      password: true,
+      required: true,
+    },
+    {
+      id: 'secretId',
+      title: 'Secret Name or ARN',
+      type: 'short-input',
+      placeholder: 'my-app/database-password',
+      condition: { field: 'operation', value: ['get_secret', 'update_secret', 'delete_secret'] },
+      required: { field: 'operation', value: ['get_secret', 'update_secret', 'delete_secret'] },
+    },
+    {
+      id: 'name',
+      title: 'Secret Name',
+      type: 'short-input',
+      placeholder: 'my-app/database-password',
+      condition: { field: 'operation', value: 'create_secret' },
+      required: { field: 'operation', value: 'create_secret' },
+    },
+    {
+      id: 'secretValue',
+      title: 'Secret Value',
+      type: 'code',
+      placeholder: '{"username":"admin","password":"secret123"}',
+      condition: { field: 'operation', value: ['create_secret', 'update_secret'] },
+      required: { field: 'operation', value: ['create_secret', 'update_secret'] },
+    },
+    {
+      id: 'description',
+      title: 'Description',
+      type: 'short-input',
+      placeholder: 'Database credentials for production',
+      condition: { field: 'operation', value: ['create_secret', 'update_secret'] },
+      required: false,
+      mode: 'advanced',
+    },
+    {
+      id: 'versionId',
+      title: 'Version ID',
+      type: 'short-input',
+      placeholder: 'Version UUID (optional)',
+      condition: { field: 'operation', value: 'get_secret' },
+      required: false,
+      mode: 'advanced',
+    },
+    {
+      id: 'versionStage',
+      title: 'Version Stage',
+      type: 'short-input',
+      placeholder: 'AWSCURRENT',
+      condition: { field: 'operation', value: 'get_secret' },
+      required: false,
+      mode: 'advanced',
+    },
+    {
+      id: 'maxResults',
+      title: 'Max Results',
+      type: 'short-input',
+      placeholder: '100',
+      condition: { field: 'operation', value: 'list_secrets' },
+      required: false,
+      mode: 'advanced',
+    },
+    {
+      id: 'nextToken',
+      title: 'Next Token',
+      type: 'short-input',
+      placeholder: 'Pagination token',
+      condition: { field: 'operation', value: 'list_secrets' },
+      required: false,
+      mode: 'advanced',
+    },
+    {
+      id: 'recoveryWindowInDays',
+      title: 'Recovery Window (Days)',
+      type: 'short-input',
+      placeholder: '30',
+      condition: { field: 'operation', value: 'delete_secret' },
+      required: false,
+      mode: 'advanced',
+    },
+    {
+      id: 'forceDelete',
+      title: 'Force Delete',
+      type: 'dropdown',
+      options: [
+        { label: 'No', id: 'false' },
+        { label: 'Yes', id: 'true' },
+      ],
+      value: () => 'false',
+      condition: { field: 'operation', value: 'delete_secret' },
+      required: false,
+      mode: 'advanced',
+    },
+  ],
+  tools: {
+    access: [
+      'secrets_manager_get_secret',
+      'secrets_manager_list_secrets',
+      'secrets_manager_create_secret',
+      'secrets_manager_update_secret',
+      'secrets_manager_delete_secret',
+    ],
+    config: {
+      tool: (params) => {
+        switch (params.operation) {
+          case 'get_secret':
+            return 'secrets_manager_get_secret'
+          case 'list_secrets':
+            return 'secrets_manager_list_secrets'
+          case 'create_secret':
+            return 'secrets_manager_create_secret'
+          case 'update_secret':
+            return 'secrets_manager_update_secret'
+          case 'delete_secret':
+            return 'secrets_manager_delete_secret'
+          default:
+            throw new Error(`Invalid Secrets Manager operation: ${params.operation}`)
+        }
+      },
+      params: (params) => {
+        const { operation, forceDelete, recoveryWindowInDays, maxResults, ...rest } = params
+
+        const connectionConfig = {
+          region: rest.region,
+          accessKeyId: rest.accessKeyId,
+          secretAccessKey: rest.secretAccessKey,
+        }
+
+        const result: Record<string, unknown> = { ...connectionConfig }
+
+        switch (operation) {
+          case 'get_secret':
+            result.secretId = rest.secretId
+            if (rest.versionId) result.versionId = rest.versionId
+            if (rest.versionStage) result.versionStage = rest.versionStage
+            break
+          case 'list_secrets':
+            if (maxResults) {
+              const parsed = Number.parseInt(String(maxResults), 10)
+              if (!Number.isNaN(parsed)) result.maxResults = parsed
+            }
+            if (rest.nextToken) result.nextToken = rest.nextToken
+            break
+          case 'create_secret':
+            result.name = rest.name
+            result.secretValue = rest.secretValue
+            if (rest.description) result.description = rest.description
+            break
+          case 'update_secret':
+            result.secretId = rest.secretId
+            result.secretValue = rest.secretValue
+            if (rest.description) result.description = rest.description
+            break
+          case 'delete_secret':
+            result.secretId = rest.secretId
+            if (recoveryWindowInDays) {
+              const parsed = Number.parseInt(String(recoveryWindowInDays), 10)
+              if (!Number.isNaN(parsed)) result.recoveryWindowInDays = parsed
+            }
+            if (forceDelete === 'true' || forceDelete === true) result.forceDelete = true
+            break
+        }
+
+        return result
+      },
+    },
+  },
+  inputs: {
+    operation: { type: 'string', description: 'Secrets Manager operation to perform' },
+    region: { type: 'string', description: 'AWS region' },
+    accessKeyId: { type: 'string', description: 'AWS access key ID' },
+    secretAccessKey: { type: 'string', description: 'AWS secret access key' },
+    secretId: { type: 'string', description: 'Secret name or ARN' },
+    name: { type: 'string', description: 'Name for a new secret' },
+    secretValue: { type: 'string', description: 'Secret value (plain text or JSON)' },
+    description: { type: 'string', description: 'Secret description' },
+    versionId: { type: 'string', description: 'Version ID' },
+    versionStage: { type: 'string', description: 'Version stage (e.g., AWSCURRENT)' },
+    maxResults: { type: 'number', description: 'Maximum number of results to return' },
+    nextToken: { type: 'string', description: 'Pagination token' },
+    recoveryWindowInDays: { type: 'number', description: 'Days before permanent deletion' },
+    forceDelete: { type: 'string', description: 'Force immediate deletion' },
+  },
+  outputs: {
+    message: {
+      type: 'string',
+      description: 'Operation status message',
+    },
+    name: {
+      type: 'string',
+      description: 'Name of the secret',
+    },
+    secretValue: {
+      type: 'string',
+      description: 'The decrypted secret value',
+    },
+    arn: {
+      type: 'string',
+      description: 'ARN of the secret',
+    },
+    versionId: {
+      type: 'string',
+      description: 'Version ID of the secret',
+    },
+    versionStages: {
+      type: 'array',
+      description: 'Staging labels attached to this version',
+    },
+    secrets: {
+      type: 'json',
+      description: 'List of secrets',
+    },
+    count: {
+      type: 'number',
+      description: 'Number of secrets returned',
+    },
+    nextToken: {
+      type: 'string',
+      description: 'Pagination token for the next page',
+    },
+    createdDate: {
+      type: 'string',
+      description: 'Date the secret was created',
+    },
+    deletionDate: {
+      type: 'string',
+      description: 'Scheduled deletion date',
+    },
+  },
+}
--- a/apps/sim/blocks/registry.ts
+++ b/apps/sim/blocks/registry.ts
@@ -155,6 +155,7 @@ import { S3Block } from '@/blocks/blocks/s3'
 import { SalesforceBlock } from '@/blocks/blocks/salesforce'
 import { ScheduleBlock } from '@/blocks/blocks/schedule'
 import { SearchBlock } from '@/blocks/blocks/search'
+import { SecretsManagerBlock } from '@/blocks/blocks/secrets_manager'
 import { SendGridBlock } from '@/blocks/blocks/sendgrid'
 import { SentryBlock } from '@/blocks/blocks/sentry'
 import { SerperBlock } from '@/blocks/blocks/serper'
@@ -393,6 +394,7 @@ export const registry: Record<string, BlockConfig> = {
  slack: SlackBlock,
  smtp: SmtpBlock,
  spotify: SpotifyBlock,
+  secrets_manager: SecretsManagerBlock,
  sqs: SQSBlock,
  ssh: SSHBlock,
  stagehand: StagehandBlock,
--- a/apps/sim/components/icons.tsx
+++ b/apps/sim/components/icons.tsx
@@ -4502,6 +4502,24 @@ export function DynamoDBIcon(props: SVGProps<SVGSVGElement>) {
  )
 }

+export function SecretsManagerIcon(props: SVGProps<SVGSVGElement>) {
+  return (
+    <svg {...props} viewBox='0 0 80 80' xmlns='http://www.w3.org/2000/svg'>
+      <defs>
+        <linearGradient x1='0%' y1='100%' x2='100%' y2='0%' id='secretsManagerGradient'>
+          <stop stopColor='#BD0816' offset='0%' />
+          <stop stopColor='#FF5252' offset='100%' />
+        </linearGradient>
+      </defs>
+      <rect fill='url(#secretsManagerGradient)' width='80' height='80' />
+      <path
+        d='M38.76,43.36 C38.76,44.044 39.317,44.6 40,44.6 C40.684,44.6 41.24,44.044 41.24,43.36 C41.24,42.676 40.684,42.12 40,42.12 C39.317,42.12 38.76,42.676 38.76,43.36 L38.76,43.36 Z M36.76,43.36 C36.76,41.573 38.213,40.12 40,40.12 C41.787,40.12 43.24,41.573 43.24,43.36 C43.24,44.796 42.296,46.002 41,46.426 L41,49 L39,49 L39,46.426 C37.704,46.002 36.76,44.796 36.76,43.36 L36.76,43.36 Z M49,38 L31,38 L31,51 L49,51 L49,48 L46,48 L46,46 L49,46 L49,43 L46,43 L46,41 L49,41 L49,38 Z M34,36 L45.999,36 L46,31 C46.001,28.384 43.143,26.002 40.004,26 L40.001,26 C38.472,26 36.928,26.574 35.763,27.575 C34.643,28.537 34,29.786 34,31.001 L34,36 Z M48,31.001 L47.999,36 L50,36 C50.553,36 51,36.448 51,37 L51,52 C51,52.552 50.553,53 50,53 L30,53 C29.447,53 29,52.552 29,52 L29,37 C29,36.448 29.447,36 30,36 L32,36 L32,31 C32.001,29.202 32.897,27.401 34.459,26.058 C35.982,24.75 38.001,24 40.001,24 L40.004,24 C44.265,24.002 48.001,27.273 48,31.001 L48,31.001 Z M19.207,55.049 L20.828,53.877 C18.093,50.097 16.581,45.662 16.396,41 L19,41 L19,39 L16.399,39 C16.598,34.366 18.108,29.957 20.828,26.198 L19.207,25.025 C16.239,29.128 14.599,33.942 14.399,39 L12,39 L12,41 L14.396,41 C14.582,46.086 16.224,50.926 19.207,55.049 L19.207,55.049 Z M53.838,59.208 C50.069,61.936 45.648,63.446 41,63.639 L41,61 L39,61 L39,63.639 C34.352,63.447 29.93,61.937 26.159,59.208 L24.988,60.828 C29.1,63.805 33.928,65.445 39,65.639 L39,68 L41,68 L41,65.639 C46.072,65.445 50.898,63.805 55.01,60.828 L53.838,59.208 Z M26.159,20.866 C29.93,18.138 34.352,16.628 39,16.436 L39,19 L41,19 L41,16.436 C45.648,16.628 50.069,18.138 53.838,20.866 L55.01,19.246 C50.898,16.27 46.072,14.63 41,14.436 L41,12 L39,12 L39,14.436 C33.928,14.629 29.1,16.269 24.988,19.246 L26.159,20.866 Z M65.599,39 C65.399,33.942 63.759,29.128 60.79,25.025 L59.169,26.198 C61.89,29.957 63.4,34.366 63.599,39 L61,39 L61,41 L63.602,41 C63.416,45.662 61.905,50.097 59.169,53.877 L60.79,55.049 C63.774,50.926 65.415,46.086 65.602,41 L68,41 L68,39 L65.599,39 Z M56.386,25.064 L64.226,17.224 L62.812,15.81 L54.972,23.65 L56.386,25.064 Z M23.612,55.01 L15.772,62.85 L17.186,64.264 L25.026,56.424 L23.612,55.01 Z M28.666,27.253 L13.825,12.413 L12.411,13.827 L27.252,28.667 L28.666,27.253 Z M54.193,52.78 L67.586,66.173 L66.172,67.587 L52.779,54.194 L54.193,52.78 Z'
+        fill='#FFFFFF'
+      />
+    </svg>
+  )
+}
+
 export function SQSIcon(props: SVGProps<SVGSVGElement>) {
  return (
    <svg
--- a/apps/sim/package.json
+++ b/apps/sim/package.json
@@ -40,6 +40,7 @@
    "@aws-sdk/client-dynamodb": "3.940.0",
    "@aws-sdk/client-rds-data": "3.940.0",
    "@aws-sdk/client-s3": "^3.779.0",
+    "@aws-sdk/client-secrets-manager": "3.1021.0",
    "@aws-sdk/client-sqs": "3.947.0",
    "@aws-sdk/lib-dynamodb": "3.940.0",
    "@aws-sdk/s3-request-presigner": "^3.779.0",
--- a/apps/sim/tools/registry.ts
+++ b/apps/sim/tools/registry.ts
@@ -1947,6 +1947,13 @@ import {
  salesforceUpdateTaskTool,
 } from '@/tools/salesforce'
 import { searchTool } from '@/tools/search'
+import {
+  secretsManagerCreateSecretTool,
+  secretsManagerDeleteSecretTool,
+  secretsManagerGetSecretTool,
+  secretsManagerListSecretsTool,
+  secretsManagerUpdateSecretTool,
+} from '@/tools/secrets_manager'
 import {
  sendGridAddContactsToListTool,
  sendGridAddContactTool,
@@ -4033,6 +4040,11 @@ export const tools: Record<string, ToolConfig> = {
  s3_list_objects: s3ListObjectsTool,
  s3_delete_object: s3DeleteObjectTool,
  s3_copy_object: s3CopyObjectTool,
+  secrets_manager_get_secret: secretsManagerGetSecretTool,
+  secrets_manager_list_secrets: secretsManagerListSecretsTool,
+  secrets_manager_create_secret: secretsManagerCreateSecretTool,
+  secrets_manager_update_secret: secretsManagerUpdateSecretTool,
+  secrets_manager_delete_secret: secretsManagerDeleteSecretTool,
  telegram_message: telegramMessageTool,
  telegram_delete_message: telegramDeleteMessageTool,
  telegram_send_audio: telegramSendAudioTool,
--- a/apps/sim/tools/secrets_manager/create_secret.ts
+++ b/apps/sim/tools/secrets_manager/create_secret.ts
@@ -0,0 +1,94 @@
+import type {
+  SecretsManagerCreateSecretParams,
+  SecretsManagerCreateSecretResponse,
+} from '@/tools/secrets_manager/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const createSecretTool: ToolConfig<
+  SecretsManagerCreateSecretParams,
+  SecretsManagerCreateSecretResponse
+> = {
+  id: 'secrets_manager_create_secret',
+  name: 'Secrets Manager Create Secret',
+  description: 'Create a new secret in AWS Secrets Manager',
+  version: '1.0',
+
+  params: {
+    region: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS region (e.g., us-east-1)',
+    },
+    accessKeyId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS access key ID',
+    },
+    secretAccessKey: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS secret access key',
+    },
+    name: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'Name of the secret to create',
+    },
+    secretValue: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'The secret value (plain text or JSON string)',
+    },
+    description: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Description of the secret',
+    },
+  },
+
+  request: {
+    url: '/api/tools/secrets_manager/create-secret',
+    method: 'POST',
+    headers: () => ({ 'Content-Type': 'application/json' }),
+    body: (params) => ({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+      name: params.name,
+      secretValue: params.secretValue,
+      description: params.description,
+    }),
+  },
+
+  transformResponse: async (response: Response) => {
+    const data = await response.json()
+
+    if (!response.ok) {
+      throw new Error(data.error || 'Failed to create secret')
+    }
+
+    return {
+      success: true,
+      output: {
+        message: data.message || 'Secret created successfully',
+        name: data.name ?? '',
+        arn: data.arn ?? '',
+        versionId: data.versionId ?? '',
+      },
+      error: undefined,
+    }
+  },
+
+  outputs: {
+    message: { type: 'string', description: 'Operation status message' },
+    name: { type: 'string', description: 'Name of the created secret' },
+    arn: { type: 'string', description: 'ARN of the created secret' },
+    versionId: { type: 'string', description: 'Version ID of the created secret' },
+  },
+}
--- a/apps/sim/tools/secrets_manager/delete_secret.ts
+++ b/apps/sim/tools/secrets_manager/delete_secret.ts
@@ -0,0 +1,94 @@
+import type {
+  SecretsManagerDeleteSecretParams,
+  SecretsManagerDeleteSecretResponse,
+} from '@/tools/secrets_manager/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const deleteSecretTool: ToolConfig<
+  SecretsManagerDeleteSecretParams,
+  SecretsManagerDeleteSecretResponse
+> = {
+  id: 'secrets_manager_delete_secret',
+  name: 'Secrets Manager Delete Secret',
+  description: 'Delete a secret from AWS Secrets Manager',
+  version: '1.0',
+
+  params: {
+    region: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS region (e.g., us-east-1)',
+    },
+    accessKeyId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS access key ID',
+    },
+    secretAccessKey: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS secret access key',
+    },
+    secretId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'The name or ARN of the secret to delete',
+    },
+    recoveryWindowInDays: {
+      type: 'number',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Number of days before permanent deletion (7-30, default 30)',
+    },
+    forceDelete: {
+      type: 'boolean',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'If true, immediately delete without recovery window',
+    },
+  },
+
+  request: {
+    url: '/api/tools/secrets_manager/delete-secret',
+    method: 'POST',
+    headers: () => ({ 'Content-Type': 'application/json' }),
+    body: (params) => ({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+      secretId: params.secretId,
+      recoveryWindowInDays: params.recoveryWindowInDays,
+      forceDelete: params.forceDelete,
+    }),
+  },
+
+  transformResponse: async (response: Response) => {
+    const data = await response.json()
+
+    if (!response.ok) {
+      throw new Error(data.error || 'Failed to delete secret')
+    }
+
+    return {
+      success: true,
+      output: {
+        message: data.message || 'Secret scheduled for deletion',
+        name: data.name ?? '',
+        arn: data.arn ?? '',
+        deletionDate: data.deletionDate ?? null,
+      },
+      error: undefined,
+    }
+  },
+
+  outputs: {
+    message: { type: 'string', description: 'Operation status message' },
+    name: { type: 'string', description: 'Name of the deleted secret' },
+    arn: { type: 'string', description: 'ARN of the deleted secret' },
+    deletionDate: { type: 'string', description: 'Scheduled deletion date', optional: true },
+  },
+}
--- a/apps/sim/tools/secrets_manager/get_secret.ts
+++ b/apps/sim/tools/secrets_manager/get_secret.ts
@@ -0,0 +1,98 @@
+import type {
+  SecretsManagerGetSecretParams,
+  SecretsManagerGetSecretResponse,
+} from '@/tools/secrets_manager/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const getSecretTool: ToolConfig<
+  SecretsManagerGetSecretParams,
+  SecretsManagerGetSecretResponse
+> = {
+  id: 'secrets_manager_get_secret',
+  name: 'Secrets Manager Get Secret',
+  description: 'Retrieve a secret value from AWS Secrets Manager',
+  version: '1.0',
+
+  params: {
+    region: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS region (e.g., us-east-1)',
+    },
+    accessKeyId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS access key ID',
+    },
+    secretAccessKey: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS secret access key',
+    },
+    secretId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'The name or ARN of the secret to retrieve',
+    },
+    versionId: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'The unique identifier of the version to retrieve',
+    },
+    versionStage: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'The staging label of the version to retrieve (e.g., AWSCURRENT, AWSPREVIOUS)',
+    },
+  },
+
+  request: {
+    url: '/api/tools/secrets_manager/get-secret',
+    method: 'POST',
+    headers: () => ({ 'Content-Type': 'application/json' }),
+    body: (params) => ({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+      secretId: params.secretId,
+      versionId: params.versionId,
+      versionStage: params.versionStage,
+    }),
+  },
+
+  transformResponse: async (response: Response) => {
+    const data = await response.json()
+
+    if (!response.ok) {
+      throw new Error(data.error || 'Failed to retrieve secret')
+    }
+
+    return {
+      success: true,
+      output: {
+        name: data.name ?? '',
+        secretValue: data.secretValue ?? '',
+        arn: data.arn ?? '',
+        versionId: data.versionId ?? '',
+        versionStages: data.versionStages ?? [],
+        createdDate: data.createdDate ?? null,
+      },
+      error: undefined,
+    }
+  },
+
+  outputs: {
+    name: { type: 'string', description: 'Name of the secret' },
+    secretValue: { type: 'string', description: 'The decrypted secret value' },
+    arn: { type: 'string', description: 'ARN of the secret' },
+    versionId: { type: 'string', description: 'Version ID of the secret' },
+    versionStages: { type: 'array', description: 'Staging labels attached to this version' },
+    createdDate: { type: 'string', description: 'Date the secret was created' },
+  },
+}
--- a/apps/sim/tools/secrets_manager/index.ts
+++ b/apps/sim/tools/secrets_manager/index.ts
@@ -0,0 +1,11 @@
+import { createSecretTool } from './create_secret'
+import { deleteSecretTool } from './delete_secret'
+import { getSecretTool } from './get_secret'
+import { listSecretsTool } from './list_secrets'
+import { updateSecretTool } from './update_secret'
+
+export const secretsManagerGetSecretTool = getSecretTool
+export const secretsManagerListSecretsTool = listSecretsTool
+export const secretsManagerCreateSecretTool = createSecretTool
+export const secretsManagerUpdateSecretTool = updateSecretTool
+export const secretsManagerDeleteSecretTool = deleteSecretTool
--- a/apps/sim/tools/secrets_manager/list_secrets.ts
+++ b/apps/sim/tools/secrets_manager/list_secrets.ts
@@ -0,0 +1,92 @@
+import type {
+  SecretsManagerListSecretsParams,
+  SecretsManagerListSecretsResponse,
+} from '@/tools/secrets_manager/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const listSecretsTool: ToolConfig<
+  SecretsManagerListSecretsParams,
+  SecretsManagerListSecretsResponse
+> = {
+  id: 'secrets_manager_list_secrets',
+  name: 'Secrets Manager List Secrets',
+  description: 'List secrets stored in AWS Secrets Manager',
+  version: '1.0',
+
+  params: {
+    region: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS region (e.g., us-east-1)',
+    },
+    accessKeyId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS access key ID',
+    },
+    secretAccessKey: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS secret access key',
+    },
+    maxResults: {
+      type: 'number',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Maximum number of secrets to return (1-100, default 100)',
+    },
+    nextToken: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Pagination token from a previous request',
+    },
+  },
+
+  request: {
+    url: '/api/tools/secrets_manager/list-secrets',
+    method: 'POST',
+    headers: () => ({ 'Content-Type': 'application/json' }),
+    body: (params) => ({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+      maxResults: params.maxResults,
+      nextToken: params.nextToken,
+    }),
+  },
+
+  transformResponse: async (response: Response) => {
+    const data = await response.json()
+
+    if (!response.ok) {
+      throw new Error(data.error || 'Failed to list secrets')
+    }
+
+    return {
+      success: true,
+      output: {
+        secrets: data.secrets ?? [],
+        nextToken: data.nextToken ?? null,
+        count: data.count ?? 0,
+      },
+      error: undefined,
+    }
+  },
+
+  outputs: {
+    secrets: {
+      type: 'json',
+      description: 'List of secrets with name, ARN, description, and dates',
+    },
+    nextToken: {
+      type: 'string',
+      description: 'Pagination token for the next page of results',
+      optional: true,
+    },
+    count: { type: 'number', description: 'Number of secrets returned' },
+  },
+}
--- a/apps/sim/tools/secrets_manager/types.ts
+++ b/apps/sim/tools/secrets_manager/types.ts
@@ -0,0 +1,101 @@
+import type { ToolResponse } from '@/tools/types'
+
+export interface SecretsManagerConnectionConfig {
+  region: string
+  accessKeyId: string
+  secretAccessKey: string
+}
+
+export interface SecretsManagerGetSecretParams extends SecretsManagerConnectionConfig {
+  secretId: string
+  versionId?: string | null
+  versionStage?: string | null
+}
+
+export interface SecretsManagerListSecretsParams extends SecretsManagerConnectionConfig {
+  maxResults?: number | null
+  nextToken?: string | null
+}
+
+export interface SecretsManagerCreateSecretParams extends SecretsManagerConnectionConfig {
+  name: string
+  secretValue: string
+  description?: string | null
+}
+
+export interface SecretsManagerUpdateSecretParams extends SecretsManagerConnectionConfig {
+  secretId: string
+  secretValue: string
+  description?: string | null
+}
+
+export interface SecretsManagerDeleteSecretParams extends SecretsManagerConnectionConfig {
+  secretId: string
+  recoveryWindowInDays?: number | null
+  forceDelete?: boolean | null
+}
+
+export interface SecretsManagerBaseResponse extends ToolResponse {
+  output: { message: string }
+  error?: string
+}
+
+export interface SecretsManagerGetSecretResponse extends ToolResponse {
+  output: {
+    name: string
+    secretValue: string
+    arn: string
+    versionId: string
+    versionStages: string[]
+    createdDate: string | null
+  }
+  error?: string
+}
+
+export interface SecretsManagerListSecretsResponse extends ToolResponse {
+  output: {
+    secrets: Array<{
+      name: string
+      arn: string
+      description: string | null
+      createdDate: string | null
+      lastChangedDate: string | null
+      lastAccessedDate: string | null
+      rotationEnabled: boolean
+      tags: Array<{ key: string; value: string }>
+    }>
+    nextToken: string | null
+    count: number
+  }
+  error?: string
+}
+
+export interface SecretsManagerCreateSecretResponse extends ToolResponse {
+  output: {
+    message: string
+    name: string
+    arn: string
+    versionId: string
+  }
+  error?: string
+}
+
+export interface SecretsManagerUpdateSecretResponse extends ToolResponse {
+  output: {
+    message: string
+    name: string
+    arn: string
+    versionId: string
+  }
+  error?: string
+}
+
+export interface SecretsManagerDeleteSecretResponse extends ToolResponse {
+  output: {
+    message: string
+    name: string
+    arn: string
+    deletionDate: string | null
+  }
+  error?: string
+}
--- a/apps/sim/tools/secrets_manager/update_secret.ts
+++ b/apps/sim/tools/secrets_manager/update_secret.ts
@@ -0,0 +1,94 @@
+import type {
+  SecretsManagerUpdateSecretParams,
+  SecretsManagerUpdateSecretResponse,
+} from '@/tools/secrets_manager/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const updateSecretTool: ToolConfig<
+  SecretsManagerUpdateSecretParams,
+  SecretsManagerUpdateSecretResponse
+> = {
+  id: 'secrets_manager_update_secret',
+  name: 'Secrets Manager Update Secret',
+  description: 'Update the value of an existing secret in AWS Secrets Manager',
+  version: '1.0',
+
+  params: {
+    region: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS region (e.g., us-east-1)',
+    },
+    accessKeyId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS access key ID',
+    },
+    secretAccessKey: {
+      type: 'string',
+      required: true,
+      visibility: 'user-only',
+      description: 'AWS secret access key',
+    },
+    secretId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'The name or ARN of the secret to update',
+    },
+    secretValue: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'The new secret value (plain text or JSON string)',
+    },
+    description: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Updated description of the secret',
+    },
+  },
+
+  request: {
+    url: '/api/tools/secrets_manager/update-secret',
+    method: 'POST',
+    headers: () => ({ 'Content-Type': 'application/json' }),
+    body: (params) => ({
+      region: params.region,
+      accessKeyId: params.accessKeyId,
+      secretAccessKey: params.secretAccessKey,
+      secretId: params.secretId,
+      secretValue: params.secretValue,
+      description: params.description,
+    }),
+  },
+
+  transformResponse: async (response: Response) => {
+    const data = await response.json()
+
+    if (!response.ok) {
+      throw new Error(data.error || 'Failed to update secret')
+    }
+
+    return {
+      success: true,
+      output: {
+        message: data.message || 'Secret updated successfully',
+        name: data.name ?? '',
+        arn: data.arn ?? '',
+        versionId: data.versionId ?? '',
+      },
+      error: undefined,
+    }
+  },
+
+  outputs: {
+    message: { type: 'string', description: 'Operation status message' },
+    name: { type: 'string', description: 'Name of the updated secret' },
+    arn: { type: 'string', description: 'ARN of the updated secret' },
+    versionId: { type: 'string', description: 'Version ID of the updated secret' },
+  },
+}
--- a/bun.lock
+++ b/bun.lock
@@ -60,6 +60,7 @@
        "@aws-sdk/client-dynamodb": "3.940.0",
        "@aws-sdk/client-rds-data": "3.940.0",
        "@aws-sdk/client-s3": "^3.779.0",
+        "@aws-sdk/client-secrets-manager": "3.1021.0",
        "@aws-sdk/client-sqs": "3.947.0",
        "@aws-sdk/lib-dynamodb": "3.940.0",
        "@aws-sdk/s3-request-presigner": "^3.779.0",
@@ -419,6 +420,8 @@

    "@aws-sdk/client-s3": ["@aws-sdk/client-s3@3.1015.0", "", { "dependencies": { "@aws-crypto/sha1-browser": "5.2.0", "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "^3.973.24", "@aws-sdk/credential-provider-node": "^3.972.25", "@aws-sdk/middleware-bucket-endpoint": "^3.972.8", "@aws-sdk/middleware-expect-continue": "^3.972.8", "@aws-sdk/middleware-flexible-checksums": "^3.974.4", "@aws-sdk/middleware-host-header": "^3.972.8", "@aws-sdk/middleware-location-constraint": "^3.972.8", "@aws-sdk/middleware-logger": "^3.972.8", "@aws-sdk/middleware-recursion-detection": "^3.972.8", "@aws-sdk/middleware-sdk-s3": "^3.972.24", "@aws-sdk/middleware-ssec": "^3.972.8", "@aws-sdk/middleware-user-agent": "^3.972.25", "@aws-sdk/region-config-resolver": "^3.972.9", "@aws-sdk/signature-v4-multi-region": "^3.996.12", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@aws-sdk/util-user-agent-browser": "^3.972.8", "@aws-sdk/util-user-agent-node": "^3.973.11", "@smithy/config-resolver": "^4.4.13", "@smithy/core": "^3.23.12", "@smithy/eventstream-serde-browser": "^4.2.12", "@smithy/eventstream-serde-config-resolver": "^4.3.12", "@smithy/eventstream-serde-node": "^4.2.12", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/hash-blob-browser": "^4.2.13", "@smithy/hash-node": "^4.2.12", "@smithy/hash-stream-node": "^4.2.12", "@smithy/invalid-dependency": "^4.2.12", "@smithy/md5-js": "^4.2.12", "@smithy/middleware-content-length": "^4.2.12", "@smithy/middleware-endpoint": "^4.4.27", "@smithy/middleware-retry": "^4.4.44", "@smithy/middleware-serde": "^4.2.15", "@smithy/middleware-stack": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/node-http-handler": "^4.5.0", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.7", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-body-length-node": "^4.2.3", "@smithy/util-defaults-mode-browser": "^4.3.43", "@smithy/util-defaults-mode-node": "^4.2.47", "@smithy/util-endpoints": "^3.3.3", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.12", "@smithy/util-stream": "^4.5.20", "@smithy/util-utf8": "^4.2.2", "@smithy/util-waiter": "^4.2.13", "tslib": "^2.6.2" } }, "sha512-yo+Y+/fq5/E684SynTRO+VA3a+98MeE/hs7J52XpNI5SchOCSrLhLtcDKVASlGhHQdNLGLzblRgps1OZaf8sbA=="],

+    "@aws-sdk/client-secrets-manager": ["@aws-sdk/client-secrets-manager@3.1021.0", "", { "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "^3.973.26", "@aws-sdk/credential-provider-node": "^3.972.29", "@aws-sdk/middleware-host-header": "^3.972.8", "@aws-sdk/middleware-logger": "^3.972.8", "@aws-sdk/middleware-recursion-detection": "^3.972.9", "@aws-sdk/middleware-user-agent": "^3.972.28", "@aws-sdk/region-config-resolver": "^3.972.10", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@aws-sdk/util-user-agent-browser": "^3.972.8", "@aws-sdk/util-user-agent-node": "^3.973.14", "@smithy/config-resolver": "^4.4.13", "@smithy/core": "^3.23.13", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/hash-node": "^4.2.12", "@smithy/invalid-dependency": "^4.2.12", "@smithy/middleware-content-length": "^4.2.12", "@smithy/middleware-endpoint": "^4.4.28", "@smithy/middleware-retry": "^4.4.46", "@smithy/middleware-serde": "^4.2.16", "@smithy/middleware-stack": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/node-http-handler": "^4.5.1", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-body-length-node": "^4.2.3", "@smithy/util-defaults-mode-browser": "^4.3.44", "@smithy/util-defaults-mode-node": "^4.2.48", "@smithy/util-endpoints": "^3.3.3", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.13", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-Z2z4eEuXDBiLXwu51icmP7GYIXHoQ4KRQaNESquKa6n57rWnQ6kD6ZhsbQow/39gHvbU9uA6t+aHeTdYxw0JbQ=="],
+
    "@aws-sdk/client-sesv2": ["@aws-sdk/client-sesv2@3.1015.0", "", { "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "^3.973.24", "@aws-sdk/credential-provider-node": "^3.972.25", "@aws-sdk/middleware-host-header": "^3.972.8", "@aws-sdk/middleware-logger": "^3.972.8", "@aws-sdk/middleware-recursion-detection": "^3.972.8", "@aws-sdk/middleware-user-agent": "^3.972.25", "@aws-sdk/region-config-resolver": "^3.972.9", "@aws-sdk/signature-v4-multi-region": "^3.996.12", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@aws-sdk/util-user-agent-browser": "^3.972.8", "@aws-sdk/util-user-agent-node": "^3.973.11", "@smithy/config-resolver": "^4.4.13", "@smithy/core": "^3.23.12", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/hash-node": "^4.2.12", "@smithy/invalid-dependency": "^4.2.12", "@smithy/middleware-content-length": "^4.2.12", "@smithy/middleware-endpoint": "^4.4.27", "@smithy/middleware-retry": "^4.4.44", "@smithy/middleware-serde": "^4.2.15", "@smithy/middleware-stack": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/node-http-handler": "^4.5.0", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.7", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-body-length-node": "^4.2.3", "@smithy/util-defaults-mode-browser": "^4.3.43", "@smithy/util-defaults-mode-node": "^4.2.47", "@smithy/util-endpoints": "^3.3.3", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.12", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-FoIU3k4Z3ccEEgZFRwLHa84erkMk25r17q7UfsNLrpP/ef3EzNYss+QM15imeS8ekbH8+P/5T6/5/9sUO3L6kA=="],

    "@aws-sdk/client-sqs": ["@aws-sdk/client-sqs@3.947.0", "", { "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "3.947.0", "@aws-sdk/credential-provider-node": "3.947.0", "@aws-sdk/middleware-host-header": "3.936.0", "@aws-sdk/middleware-logger": "3.936.0", "@aws-sdk/middleware-recursion-detection": "3.936.0", "@aws-sdk/middleware-sdk-sqs": "3.946.0", "@aws-sdk/middleware-user-agent": "3.947.0", "@aws-sdk/region-config-resolver": "3.936.0", "@aws-sdk/types": "3.936.0", "@aws-sdk/util-endpoints": "3.936.0", "@aws-sdk/util-user-agent-browser": "3.936.0", "@aws-sdk/util-user-agent-node": "3.947.0", "@smithy/config-resolver": "^4.4.3", "@smithy/core": "^3.18.7", "@smithy/fetch-http-handler": "^5.3.6", "@smithy/hash-node": "^4.2.5", "@smithy/invalid-dependency": "^4.2.5", "@smithy/md5-js": "^4.2.5", "@smithy/middleware-content-length": "^4.2.5", "@smithy/middleware-endpoint": "^4.3.14", "@smithy/middleware-retry": "^4.4.14", "@smithy/middleware-serde": "^4.2.6", "@smithy/middleware-stack": "^4.2.5", "@smithy/node-config-provider": "^4.3.5", "@smithy/node-http-handler": "^4.4.5", "@smithy/protocol-http": "^5.3.5", "@smithy/smithy-client": "^4.9.10", "@smithy/types": "^4.9.0", "@smithy/url-parser": "^4.2.5", "@smithy/util-base64": "^4.3.0", "@smithy/util-body-length-browser": "^4.2.0", "@smithy/util-body-length-node": "^4.2.1", "@smithy/util-defaults-mode-browser": "^4.3.13", "@smithy/util-defaults-mode-node": "^4.2.16", "@smithy/util-endpoints": "^3.2.5", "@smithy/util-middleware": "^4.2.5", "@smithy/util-retry": "^4.2.5", "@smithy/util-utf8": "^4.2.0", "tslib": "^2.6.2" } }, "sha512-8tzFyYGAAnQg+G9eB5zAe0oEo+MJMZ3YEk+8EL4uf2zG5wKxJvTBJZr6U9I1CEXYUde374OyLMyKng+sWyN+wg=="],
@@ -3863,6 +3866,46 @@

    "@aws-sdk/client-s3/@aws-sdk/util-user-agent-node": ["@aws-sdk/util-user-agent-node@3.973.11", "", { "dependencies": { "@aws-sdk/middleware-user-agent": "^3.972.25", "@aws-sdk/types": "^3.973.6", "@smithy/node-config-provider": "^4.3.12", "@smithy/types": "^4.13.1", "@smithy/util-config-provider": "^4.2.2", "tslib": "^2.6.2" }, "peerDependencies": { "aws-crt": ">=1.0.0" }, "optionalPeers": ["aws-crt"] }, "sha512-1qdXbXo2s5MMLpUvw00284LsbhtlQ4ul7Zzdn5n+7p4WVgCMLqhxImpHIrjSoc72E/fyc4Wq8dLtUld2Gsh+lA=="],

+    "@aws-sdk/client-secrets-manager/@aws-sdk/core": ["@aws-sdk/core@3.973.26", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@aws-sdk/xml-builder": "^3.972.16", "@smithy/core": "^3.23.13", "@smithy/node-config-provider": "^4.3.12", "@smithy/property-provider": "^4.2.12", "@smithy/protocol-http": "^5.3.12", "@smithy/signature-v4": "^5.3.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "@smithy/util-base64": "^4.3.2", "@smithy/util-middleware": "^4.2.12", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-A/E6n2W42ruU+sfWk+mMUOyVXbsSgGrY3MJ9/0Az5qUdG67y8I6HYzzoAa+e/lzxxl1uCYmEL6BTMi9ZiZnplQ=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node": ["@aws-sdk/credential-provider-node@3.972.29", "", { "dependencies": { "@aws-sdk/credential-provider-env": "^3.972.24", "@aws-sdk/credential-provider-http": "^3.972.26", "@aws-sdk/credential-provider-ini": "^3.972.28", "@aws-sdk/credential-provider-process": "^3.972.24", "@aws-sdk/credential-provider-sso": "^3.972.28", "@aws-sdk/credential-provider-web-identity": "^3.972.28", "@aws-sdk/types": "^3.973.6", "@smithy/credential-provider-imds": "^4.2.12", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-clSzDcvndpFJAggLDnDb36sPdlZYyEs5Zm6zgZjjUhwsJgSWiWKwFIXUVBcbruidNyBdbpOv2tNDL9sX8y3/0g=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/middleware-host-header": ["@aws-sdk/middleware-host-header@3.972.8", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@smithy/protocol-http": "^5.3.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-wAr2REfKsqoKQ+OkNqvOShnBoh+nkPurDKW7uAeVSu6kUECnWlSJiPvnoqxGlfousEY/v9LfS9sNc46hjSYDIQ=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/middleware-logger": ["@aws-sdk/middleware-logger@3.972.8", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-CWl5UCM57WUFaFi5kB7IBY1UmOeLvNZAZ2/OZ5l20ldiJ3TiIz1pC65gYj8X0BCPWkeR1E32mpsCk1L1I4n+lA=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/middleware-recursion-detection": ["@aws-sdk/middleware-recursion-detection@3.972.9", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@aws/lambda-invoke-store": "^0.2.2", "@smithy/protocol-http": "^5.3.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-/Wt5+CT8dpTFQxEJ9iGy/UGrXr7p2wlIOEHvIr/YcHYByzoLjrqkYqXdJjd9UIgWjv7eqV2HnFJen93UTuwfTQ=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/middleware-user-agent": ["@aws-sdk/middleware-user-agent@3.972.28", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@smithy/core": "^3.23.13", "@smithy/protocol-http": "^5.3.12", "@smithy/types": "^4.13.1", "@smithy/util-retry": "^4.2.13", "tslib": "^2.6.2" } }, "sha512-cfWZFlVh7Va9lRay4PN2A9ARFzaBYcA097InT5M2CdRS05ECF5yaz86jET8Wsl2WcyKYEvVr/QNmKtYtafUHtQ=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/region-config-resolver": ["@aws-sdk/region-config-resolver@3.972.10", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@smithy/config-resolver": "^4.4.13", "@smithy/node-config-provider": "^4.3.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-1dq9ToC6e070QvnVhhbAs3bb5r6cQ10gTVc6cyRV5uvQe7P138TV2uG2i6+Yok4bAkVAcx5AqkTEBUvWEtBlsQ=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/types": ["@aws-sdk/types@3.973.6", "", { "dependencies": { "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-Atfcy4E++beKtwJHiDln2Nby8W/mam64opFPTiHEqgsthqeydFS1pY+OUlN1ouNOmf8ArPU/6cDS65anOP3KQw=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/util-endpoints": ["@aws-sdk/util-endpoints@3.996.5", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-endpoints": "^3.3.3", "tslib": "^2.6.2" } }, "sha512-Uh93L5sXFNbyR5sEPMzUU8tJ++Ku97EY4udmC01nB8Zu+xfBPwpIwJ6F7snqQeq8h2pf+8SGN5/NoytfKgYPIw=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/util-user-agent-browser": ["@aws-sdk/util-user-agent-browser@3.972.8", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@smithy/types": "^4.13.1", "bowser": "^2.11.0", "tslib": "^2.6.2" } }, "sha512-B3KGXJviV2u6Cdw2SDY2aDhoJkVfY/Q/Trwk2CMSkikE1Oi6gRzxhvhIfiRpHfmIsAhV4EA54TVEX8K6CbHbkA=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/util-user-agent-node": ["@aws-sdk/util-user-agent-node@3.973.14", "", { "dependencies": { "@aws-sdk/middleware-user-agent": "^3.972.28", "@aws-sdk/types": "^3.973.6", "@smithy/node-config-provider": "^4.3.12", "@smithy/types": "^4.13.1", "@smithy/util-config-provider": "^4.2.2", "tslib": "^2.6.2" }, "peerDependencies": { "aws-crt": ">=1.0.0" }, "optionalPeers": ["aws-crt"] }, "sha512-vNSB/DYaPOyujVZBg/zUznH9QC142MaTHVmaFlF7uzzfg3CgT9f/l4C0Yi+vU/tbBhxVcXVB90Oohk5+o+ZbWw=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/core": ["@smithy/core@3.23.13", "", { "dependencies": { "@smithy/protocol-http": "^5.3.12", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-middleware": "^4.2.12", "@smithy/util-stream": "^4.5.21", "@smithy/util-utf8": "^4.2.2", "@smithy/uuid": "^1.1.2", "tslib": "^2.6.2" } }, "sha512-J+2TT9D6oGsUVXVEMvz8h2EmdVnkBiy2auCie4aSJMvKlzUtO5hqjEzXhoCUkIMo7gAYjbQcN0g/MMSXEhDs1Q=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/middleware-endpoint": ["@smithy/middleware-endpoint@4.4.28", "", { "dependencies": { "@smithy/core": "^3.23.13", "@smithy/middleware-serde": "^4.2.16", "@smithy/node-config-provider": "^4.3.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-middleware": "^4.2.12", "tslib": "^2.6.2" } }, "sha512-p1gfYpi91CHcs5cBq982UlGlDrxoYUX6XdHSo91cQ2KFuz6QloHosO7Jc60pJiVmkWrKOV8kFYlGFFbQ2WUKKQ=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/middleware-retry": ["@smithy/middleware-retry@4.4.46", "", { "dependencies": { "@smithy/node-config-provider": "^4.3.12", "@smithy/protocol-http": "^5.3.12", "@smithy/service-error-classification": "^4.2.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.13", "@smithy/uuid": "^1.1.2", "tslib": "^2.6.2" } }, "sha512-SpvWNNOPOrKQGUqZbEPO+es+FRXMWvIyzUKUOYdDgdlA6BdZj/R58p4umoQ76c2oJC44PiM7mKizyyex1IJzow=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/middleware-serde": ["@smithy/middleware-serde@4.2.16", "", { "dependencies": { "@smithy/core": "^3.23.13", "@smithy/protocol-http": "^5.3.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-beqfV+RZ9RSv+sQqor3xroUUYgRFCGRw6niGstPG8zO9LgTl0B0MCucxjmrH/2WwksQN7UUgI7KNANoZv+KALA=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/node-http-handler": ["@smithy/node-http-handler@4.5.1", "", { "dependencies": { "@smithy/protocol-http": "^5.3.12", "@smithy/querystring-builder": "^4.2.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-ejjxdAXjkPIs9lyYyVutOGNOraqUE9v/NjGMKwwFrfOM354wfSD8lmlj8hVwUzQmlLLF4+udhfCX9Exnbmvfzw=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/smithy-client": ["@smithy/smithy-client@4.12.8", "", { "dependencies": { "@smithy/core": "^3.23.13", "@smithy/middleware-endpoint": "^4.4.28", "@smithy/middleware-stack": "^4.2.12", "@smithy/protocol-http": "^5.3.12", "@smithy/types": "^4.13.1", "@smithy/util-stream": "^4.5.21", "tslib": "^2.6.2" } }, "sha512-aJaAX7vHe5i66smoSSID7t4rKY08PbD8EBU7DOloixvhOozfYWdcSYE4l6/tjkZ0vBZhGjheWzB2mh31sLgCMA=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/util-defaults-mode-browser": ["@smithy/util-defaults-mode-browser@4.3.44", "", { "dependencies": { "@smithy/property-provider": "^4.2.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-eZg6XzaCbVr2S5cAErU5eGBDaOVTuTo1I65i4tQcHENRcZ8rMWhQy1DaIYUSLyZjsfXvmCqZrstSMYyGFocvHA=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/util-defaults-mode-node": ["@smithy/util-defaults-mode-node@4.2.48", "", { "dependencies": { "@smithy/config-resolver": "^4.4.13", "@smithy/credential-provider-imds": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/property-provider": "^4.2.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-FqOKTlqSaoV3nzO55pMs5NBnZX8EhoI0DGmn9kbYeXWppgHD6dchyuj2HLqp4INJDJbSrj6OFYJkAh/WhSzZPg=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/util-retry": ["@smithy/util-retry@4.2.13", "", { "dependencies": { "@smithy/service-error-classification": "^4.2.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-qQQsIvL0MGIbUjeSrg0/VlQ3jGNKyM3/2iU3FPNgy01z+Sp4OvcaxbgIoFOTvB61ZoohtutuOvOcgmhbD0katQ=="],
+
    "@aws-sdk/client-sesv2/@aws-sdk/core": ["@aws-sdk/core@3.973.24", "", { "dependencies": { "@aws-sdk/types": "^3.973.6", "@aws-sdk/xml-builder": "^3.972.15", "@smithy/core": "^3.23.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/property-provider": "^4.2.12", "@smithy/protocol-http": "^5.3.12", "@smithy/signature-v4": "^5.3.12", "@smithy/smithy-client": "^4.12.7", "@smithy/types": "^4.13.1", "@smithy/util-base64": "^4.3.2", "@smithy/util-middleware": "^4.2.12", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-vvf82RYQu2GidWAuQq+uIzaPz9V0gSCXVqdVzRosgl5rXcspXOpSD3wFreGGW6AYymPr97Z69kjVnLePBxloDw=="],

    "@aws-sdk/client-sesv2/@aws-sdk/credential-provider-node": ["@aws-sdk/credential-provider-node@3.972.25", "", { "dependencies": { "@aws-sdk/credential-provider-env": "^3.972.22", "@aws-sdk/credential-provider-http": "^3.972.24", "@aws-sdk/credential-provider-ini": "^3.972.24", "@aws-sdk/credential-provider-process": "^3.972.22", "@aws-sdk/credential-provider-sso": "^3.972.24", "@aws-sdk/credential-provider-web-identity": "^3.972.24", "@aws-sdk/types": "^3.973.6", "@smithy/credential-provider-imds": "^4.2.12", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-m7dR0Dsva2P+VUpL+VkC0WwiDby5pgmWXkRVDB5rlwv0jXJrQJf7YMtCoM8Wjk0H9jPeCYOxOXXcIgp/qp5Alg=="],
@@ -4517,6 +4560,24 @@

    "@aws-sdk/client-s3/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-web-identity": ["@aws-sdk/credential-provider-web-identity@3.972.24", "", { "dependencies": { "@aws-sdk/core": "^3.973.24", "@aws-sdk/nested-clients": "^3.996.14", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-J6H4R1nvr3uBTqD/EeIPAskrBtET4WFfNhpFySr2xW7bVZOXpQfPjrLSIx65jcNjBmLXzWq8QFLdVoGxiGG/SA=="],

+    "@aws-sdk/client-secrets-manager/@aws-sdk/core/@aws-sdk/xml-builder": ["@aws-sdk/xml-builder@3.972.16", "", { "dependencies": { "@smithy/types": "^4.13.1", "fast-xml-parser": "5.5.8", "tslib": "^2.6.2" } }, "sha512-iu2pyvaqmeatIJLURLqx9D+4jKAdTH20ntzB6BFwjyN7V960r4jK32mx0Zf7YbtOYAbmbtQfDNuL60ONinyw7A=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-env": ["@aws-sdk/credential-provider-env@3.972.24", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-FWg8uFmT6vQM7VuzELzwVo5bzExGaKHdubn0StjgrcU5FvuLExUe+k06kn/40uKv59rYzhez8eFNM4yYE/Yb/w=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-http": ["@aws-sdk/credential-provider-http@3.972.26", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/types": "^3.973.6", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/node-http-handler": "^4.5.1", "@smithy/property-provider": "^4.2.12", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "@smithy/util-stream": "^4.5.21", "tslib": "^2.6.2" } }, "sha512-CY4ppZ+qHYqcXqBVi//sdHST1QK3KzOEiLtpLsc9W2k2vfZPKExGaQIsOwcyvjpjUEolotitmd3mUNY56IwDEA=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-ini": ["@aws-sdk/credential-provider-ini@3.972.28", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/credential-provider-env": "^3.972.24", "@aws-sdk/credential-provider-http": "^3.972.26", "@aws-sdk/credential-provider-login": "^3.972.28", "@aws-sdk/credential-provider-process": "^3.972.24", "@aws-sdk/credential-provider-sso": "^3.972.28", "@aws-sdk/credential-provider-web-identity": "^3.972.28", "@aws-sdk/nested-clients": "^3.996.18", "@aws-sdk/types": "^3.973.6", "@smithy/credential-provider-imds": "^4.2.12", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-wXYvq3+uQcZV7k+bE4yDXCTBdzWTU9x/nMiKBfzInmv6yYK1veMK0AKvRfRBd72nGWYKcL6AxwiPg9z/pYlgpw=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-process": ["@aws-sdk/credential-provider-process@3.972.24", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-Q2k/XLrFXhEztPHqj4SLCNID3hEPdlhh1CDLBpNnM+1L8fq7P+yON9/9M1IGN/dA5W45v44ylERfXtDAlmMNmw=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-sso": ["@aws-sdk/credential-provider-sso@3.972.28", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/nested-clients": "^3.996.18", "@aws-sdk/token-providers": "3.1021.0", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-IoUlmKMLEITFn1SiCTjPfR6KrE799FBo5baWyk/5Ppar2yXZoUdaRqZzJzK6TcJxx450M8m8DbpddRVYlp5R/A=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-web-identity": ["@aws-sdk/credential-provider-web-identity@3.972.28", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/nested-clients": "^3.996.18", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-d+6h0SD8GGERzKe27v5rOzNGKOl0D+l0bWJdqrxH8WSQzHzjsQFIAPgIeOTUwBHVsKKwtSxc91K/SWax6XgswQ=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/core/@smithy/util-stream": ["@smithy/util-stream@4.5.21", "", { "dependencies": { "@smithy/fetch-http-handler": "^5.3.15", "@smithy/node-http-handler": "^4.5.1", "@smithy/types": "^4.13.1", "@smithy/util-base64": "^4.3.2", "@smithy/util-buffer-from": "^4.2.2", "@smithy/util-hex-encoding": "^4.2.2", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-KzSg+7KKywLnkoKejRtIBXDmwBfjGvg1U1i/etkC7XSWUyFCoLno1IohV2c74IzQqdhX5y3uE44r/8/wuK+A7Q=="],
+
+    "@aws-sdk/client-secrets-manager/@smithy/smithy-client/@smithy/util-stream": ["@smithy/util-stream@4.5.21", "", { "dependencies": { "@smithy/fetch-http-handler": "^5.3.15", "@smithy/node-http-handler": "^4.5.1", "@smithy/types": "^4.13.1", "@smithy/util-base64": "^4.3.2", "@smithy/util-buffer-from": "^4.2.2", "@smithy/util-hex-encoding": "^4.2.2", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-KzSg+7KKywLnkoKejRtIBXDmwBfjGvg1U1i/etkC7XSWUyFCoLno1IohV2c74IzQqdhX5y3uE44r/8/wuK+A7Q=="],
+
    "@aws-sdk/client-sesv2/@aws-sdk/core/@aws-sdk/xml-builder": ["@aws-sdk/xml-builder@3.972.15", "", { "dependencies": { "@smithy/types": "^4.13.1", "fast-xml-parser": "5.5.8", "tslib": "^2.6.2" } }, "sha512-PxMRlCFNiQnke9YR29vjFQwz4jq+6Q04rOVFeTDR2K7Qpv9h9FOWOxG+zJjageimYbWqE3bTuLjmryWHAWbvaA=="],

    "@aws-sdk/client-sesv2/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-env": ["@aws-sdk/credential-provider-env@3.972.22", "", { "dependencies": { "@aws-sdk/core": "^3.973.24", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-cXp0VTDWT76p3hyK5D51yIKEfpf6/zsUvMfaB8CkyqadJxMQ8SbEeVroregmDlZbtG31wkj9ei0WnftmieggLg=="],
@@ -5067,6 +5128,20 @@

    "@aws-sdk/client-s3/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-web-identity/@aws-sdk/nested-clients": ["@aws-sdk/nested-clients@3.996.14", "", { "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "^3.973.24", "@aws-sdk/middleware-host-header": "^3.972.8", "@aws-sdk/middleware-logger": "^3.972.8", "@aws-sdk/middleware-recursion-detection": "^3.972.8", "@aws-sdk/middleware-user-agent": "^3.972.25", "@aws-sdk/region-config-resolver": "^3.972.9", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@aws-sdk/util-user-agent-browser": "^3.972.8", "@aws-sdk/util-user-agent-node": "^3.973.11", "@smithy/config-resolver": "^4.4.13", "@smithy/core": "^3.23.12", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/hash-node": "^4.2.12", "@smithy/invalid-dependency": "^4.2.12", "@smithy/middleware-content-length": "^4.2.12", "@smithy/middleware-endpoint": "^4.4.27", "@smithy/middleware-retry": "^4.4.44", "@smithy/middleware-serde": "^4.2.15", "@smithy/middleware-stack": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/node-http-handler": "^4.5.0", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.7", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-body-length-node": "^4.2.3", "@smithy/util-defaults-mode-browser": "^4.3.43", "@smithy/util-defaults-mode-node": "^4.2.47", "@smithy/util-endpoints": "^3.3.3", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.12", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-fSESKvh1VbfjtV3QMnRkCPZWkUbQof6T/DOpiLp33yP2wA+rbwwnZeG3XT3Ekljgw2I8X4XaQPnw+zSR8yxJ5Q=="],

+    "@aws-sdk/client-secrets-manager/@aws-sdk/core/@aws-sdk/xml-builder/fast-xml-parser": ["fast-xml-parser@5.5.8", "", { "dependencies": { "fast-xml-builder": "^1.1.4", "path-expression-matcher": "^1.2.0", "strnum": "^2.2.0" }, "bin": { "fxparser": "src/cli/cli.js" } }, "sha512-Z7Fh2nVQSb2d+poDViM063ix2ZGt9jmY1nWhPfHBOK2Hgnb/OW3P4Et3P/81SEej0J7QbWtJqxO05h8QYfK7LQ=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-http/@smithy/util-stream": ["@smithy/util-stream@4.5.21", "", { "dependencies": { "@smithy/fetch-http-handler": "^5.3.15", "@smithy/node-http-handler": "^4.5.1", "@smithy/types": "^4.13.1", "@smithy/util-base64": "^4.3.2", "@smithy/util-buffer-from": "^4.2.2", "@smithy/util-hex-encoding": "^4.2.2", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-KzSg+7KKywLnkoKejRtIBXDmwBfjGvg1U1i/etkC7XSWUyFCoLno1IohV2c74IzQqdhX5y3uE44r/8/wuK+A7Q=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-ini/@aws-sdk/credential-provider-login": ["@aws-sdk/credential-provider-login@3.972.28", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/nested-clients": "^3.996.18", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/protocol-http": "^5.3.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-ZSTfO6jqUTCysbdBPtEX5OUR//3rbD0lN7jO3sQeS2Gjr/Y+DT6SbIJ0oT2cemNw3UzKu97sNONd1CwNMthuZQ=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-ini/@aws-sdk/nested-clients": ["@aws-sdk/nested-clients@3.996.18", "", { "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "^3.973.26", "@aws-sdk/middleware-host-header": "^3.972.8", "@aws-sdk/middleware-logger": "^3.972.8", "@aws-sdk/middleware-recursion-detection": "^3.972.9", "@aws-sdk/middleware-user-agent": "^3.972.28", "@aws-sdk/region-config-resolver": "^3.972.10", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@aws-sdk/util-user-agent-browser": "^3.972.8", "@aws-sdk/util-user-agent-node": "^3.973.14", "@smithy/config-resolver": "^4.4.13", "@smithy/core": "^3.23.13", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/hash-node": "^4.2.12", "@smithy/invalid-dependency": "^4.2.12", "@smithy/middleware-content-length": "^4.2.12", "@smithy/middleware-endpoint": "^4.4.28", "@smithy/middleware-retry": "^4.4.46", "@smithy/middleware-serde": "^4.2.16", "@smithy/middleware-stack": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/node-http-handler": "^4.5.1", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-body-length-node": "^4.2.3", "@smithy/util-defaults-mode-browser": "^4.3.44", "@smithy/util-defaults-mode-node": "^4.2.48", "@smithy/util-endpoints": "^3.3.3", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.13", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-c7ZSIXrESxHKx2Mcopgd8AlzZgoXMr20fkx5ViPWPOLBvmyhw9VwJx/Govg8Ef/IhEon5R9l53Z8fdYSEmp6VA=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-sso/@aws-sdk/nested-clients": ["@aws-sdk/nested-clients@3.996.18", "", { "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "^3.973.26", "@aws-sdk/middleware-host-header": "^3.972.8", "@aws-sdk/middleware-logger": "^3.972.8", "@aws-sdk/middleware-recursion-detection": "^3.972.9", "@aws-sdk/middleware-user-agent": "^3.972.28", "@aws-sdk/region-config-resolver": "^3.972.10", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@aws-sdk/util-user-agent-browser": "^3.972.8", "@aws-sdk/util-user-agent-node": "^3.973.14", "@smithy/config-resolver": "^4.4.13", "@smithy/core": "^3.23.13", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/hash-node": "^4.2.12", "@smithy/invalid-dependency": "^4.2.12", "@smithy/middleware-content-length": "^4.2.12", "@smithy/middleware-endpoint": "^4.4.28", "@smithy/middleware-retry": "^4.4.46", "@smithy/middleware-serde": "^4.2.16", "@smithy/middleware-stack": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/node-http-handler": "^4.5.1", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-body-length-node": "^4.2.3", "@smithy/util-defaults-mode-browser": "^4.3.44", "@smithy/util-defaults-mode-node": "^4.2.48", "@smithy/util-endpoints": "^3.3.3", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.13", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-c7ZSIXrESxHKx2Mcopgd8AlzZgoXMr20fkx5ViPWPOLBvmyhw9VwJx/Govg8Ef/IhEon5R9l53Z8fdYSEmp6VA=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-sso/@aws-sdk/token-providers": ["@aws-sdk/token-providers@3.1021.0", "", { "dependencies": { "@aws-sdk/core": "^3.973.26", "@aws-sdk/nested-clients": "^3.996.18", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-TKY6h9spUk3OLs5v1oAgW9mAeBE3LAGNBwJokLy96wwmd4W2v/tYlXseProyed9ValDj2u1jK/4Rg1T+1NXyJA=="],
+
+    "@aws-sdk/client-secrets-manager/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-web-identity/@aws-sdk/nested-clients": ["@aws-sdk/nested-clients@3.996.18", "", { "dependencies": { "@aws-crypto/sha256-browser": "5.2.0", "@aws-crypto/sha256-js": "5.2.0", "@aws-sdk/core": "^3.973.26", "@aws-sdk/middleware-host-header": "^3.972.8", "@aws-sdk/middleware-logger": "^3.972.8", "@aws-sdk/middleware-recursion-detection": "^3.972.9", "@aws-sdk/middleware-user-agent": "^3.972.28", "@aws-sdk/region-config-resolver": "^3.972.10", "@aws-sdk/types": "^3.973.6", "@aws-sdk/util-endpoints": "^3.996.5", "@aws-sdk/util-user-agent-browser": "^3.972.8", "@aws-sdk/util-user-agent-node": "^3.973.14", "@smithy/config-resolver": "^4.4.13", "@smithy/core": "^3.23.13", "@smithy/fetch-http-handler": "^5.3.15", "@smithy/hash-node": "^4.2.12", "@smithy/invalid-dependency": "^4.2.12", "@smithy/middleware-content-length": "^4.2.12", "@smithy/middleware-endpoint": "^4.4.28", "@smithy/middleware-retry": "^4.4.46", "@smithy/middleware-serde": "^4.2.16", "@smithy/middleware-stack": "^4.2.12", "@smithy/node-config-provider": "^4.3.12", "@smithy/node-http-handler": "^4.5.1", "@smithy/protocol-http": "^5.3.12", "@smithy/smithy-client": "^4.12.8", "@smithy/types": "^4.13.1", "@smithy/url-parser": "^4.2.12", "@smithy/util-base64": "^4.3.2", "@smithy/util-body-length-browser": "^4.2.2", "@smithy/util-body-length-node": "^4.2.3", "@smithy/util-defaults-mode-browser": "^4.3.44", "@smithy/util-defaults-mode-node": "^4.2.48", "@smithy/util-endpoints": "^3.3.3", "@smithy/util-middleware": "^4.2.12", "@smithy/util-retry": "^4.2.13", "@smithy/util-utf8": "^4.2.2", "tslib": "^2.6.2" } }, "sha512-c7ZSIXrESxHKx2Mcopgd8AlzZgoXMr20fkx5ViPWPOLBvmyhw9VwJx/Govg8Ef/IhEon5R9l53Z8fdYSEmp6VA=="],
+
    "@aws-sdk/client-sesv2/@aws-sdk/core/@aws-sdk/xml-builder/fast-xml-parser": ["fast-xml-parser@5.5.8", "", { "dependencies": { "fast-xml-builder": "^1.1.4", "path-expression-matcher": "^1.2.0", "strnum": "^2.2.0" }, "bin": { "fxparser": "src/cli/cli.js" } }, "sha512-Z7Fh2nVQSb2d+poDViM063ix2ZGt9jmY1nWhPfHBOK2Hgnb/OW3P4Et3P/81SEej0J7QbWtJqxO05h8QYfK7LQ=="],

    "@aws-sdk/client-sesv2/@aws-sdk/credential-provider-node/@aws-sdk/credential-provider-ini/@aws-sdk/credential-provider-login": ["@aws-sdk/credential-provider-login@3.972.24", "", { "dependencies": { "@aws-sdk/core": "^3.973.24", "@aws-sdk/nested-clients": "^3.996.14", "@aws-sdk/types": "^3.973.6", "@smithy/property-provider": "^4.2.12", "@smithy/protocol-http": "^5.3.12", "@smithy/shared-ini-file-loader": "^4.4.7", "@smithy/types": "^4.13.1", "tslib": "^2.6.2" } }, "sha512-sIk8oa6AzDoUhxsR11svZESqvzGuXesw62Rl2oW6wguZx8i9cdGCvkFg+h5K7iucUZP8wyWibUbJMc+J66cu5g=="],