diff --git a/src/rules/__snapshots__/index.test.ts.snap b/src/rules/__snapshots__/index.test.ts.snap
index b13b7d6e..bac00dac 100644
--- a/src/rules/__snapshots__/index.test.ts.snap
+++ b/src/rules/__snapshots__/index.test.ts.snap
@@ -48,6 +48,7 @@ exports[`all > should match everything 1`] = `
   "aws.redshift",
   "aws.s3",
   "aws.sagemaker",
+  "aws.secretsmanager",
   "aws.sns",
   "aws.sqs",
   "aws.timestream",
diff --git a/src/rules/db/aws.secretsmanager.ts b/src/rules/db/aws.secretsmanager.ts
new file mode 100644
index 00000000..f8f07bc0
--- /dev/null
+++ b/src/rules/db/aws.secretsmanager.ts
@@ -0,0 +1,22 @@
+import { register } from '../../register.js';
+
+register({
+  tech: 'aws.secretsmanager',
+  name: 'AWS Secrets Manager',
+  type: 'db',
+  dependencies: [
+    { type: 'npm', name: '@aws-cdk/aws-secretsmanager' },
+    { type: 'npm', name: '@aws-sdk/client-secrets-manager' },
+    { type: 'rust', name: 'aws-sdk-secretsmanager' },
+    { type: 'ruby', name: 'aws-sdk-secretsmanager' },
+    {
+      type: 'golang',
+      name: 'github.com/aws/aws-sdk-go-v2/service/secretsmanager',
+    },
+    {
+      type: 'terraform.resource',
+      name: /^aws_secretsmanager_/,
+      example: 'aws_secretsmanager_secret',
+    },
+  ],
+});
diff --git a/src/rules/db/index.ts b/src/rules/db/index.ts
index ad4403dc..0f5e4f41 100644
--- a/src/rules/db/index.ts
+++ b/src/rules/db/index.ts
@@ -12,6 +12,7 @@ import './aws.neptune.js';
 import './aws.opensearch.js';
 import './aws.rds.js';
 import './aws.redshift.js';
+import './aws.secretsmanager.js';
 import './aws.timestream.js';
 import './clickhouse.js';
 import './cockroachdb.js';
diff --git a/src/rules/spec/golang/__snapshots__/lockfile.test.ts.snap b/src/rules/spec/golang/__snapshots__/lockfile.test.ts.snap
index a8262d55..f2f8a3e2 100644
--- a/src/rules/spec/golang/__snapshots__/lockfile.test.ts.snap
+++ b/src/rules/spec/golang/__snapshots__/lockfile.test.ts.snap
@@ -25,6 +25,7 @@ exports[`golang (lockfile) > should match everything 1`] = `
   "aws.redshift",
   "aws.s3",
   "aws.sagemaker",
+  "aws.secretsmanager",
   "aws.sns",
   "aws.sqs",
   "aws.timestream",
@@ -335,6 +336,11 @@ exports[`golang (lockfile) > should match everything 2`] = `
     "github.com/aws/aws-sdk-go-v2/service/sagemaker",
     "v1.0.0",
   ],
+  [
+    "golang",
+    "github.com/aws/aws-sdk-go-v2/service/secretsmanager",
+    "v1.0.0",
+  ],
   [
     "golang",
     "github.com/aws/aws-sdk-go-v2/service/sns",
diff --git a/src/rules/spec/nodejs/__snapshots__/component.test.ts.snap b/src/rules/spec/nodejs/__snapshots__/component.test.ts.snap
index 71ececb6..5733b257 100644
--- a/src/rules/spec/nodejs/__snapshots__/component.test.ts.snap
+++ b/src/rules/spec/nodejs/__snapshots__/component.test.ts.snap
@@ -33,6 +33,7 @@ exports[`npm > should match everything 1`] = `
   "aws.redshift",
   "aws.s3",
   "aws.sagemaker",
+  "aws.secretsmanager",
   "aws.sns",
   "aws.sqs",
   "aws.timestream",
@@ -315,6 +316,11 @@ exports[`npm > should match everything 2`] = `
     "@aws-cdk/aws-sagemaker",
     "0.0.0",
   ],
+  [
+    "npm",
+    "@aws-cdk/aws-secretsmanager",
+    "0.0.0",
+  ],
   [
     "npm",
     "@aws-cdk/aws-sns",
@@ -445,6 +451,11 @@ exports[`npm > should match everything 2`] = `
     "@aws-sdk/client-sagemaker",
     "0.0.0",
   ],
+  [
+    "npm",
+    "@aws-sdk/client-secrets-manager",
+    "0.0.0",
+  ],
   [
     "npm",
     "@aws-sdk/client-sns",
diff --git a/src/rules/spec/ruby/__snapshots__/lockfile.test.ts.snap b/src/rules/spec/ruby/__snapshots__/lockfile.test.ts.snap
index 9b25dfcc..6e3c7345 100644
--- a/src/rules/spec/ruby/__snapshots__/lockfile.test.ts.snap
+++ b/src/rules/spec/ruby/__snapshots__/lockfile.test.ts.snap
@@ -27,6 +27,7 @@ exports[`ruby (component) > should match everything 1`] = `
   "aws.redshift",
   "aws.s3",
   "aws.sagemaker",
+  "aws.secretsmanager",
   "aws.sns",
   "aws.sqs",
   "aws.timestream",
@@ -261,6 +262,11 @@ exports[`ruby (component) > should match everything 2`] = `
     "aws-sdk-sagemaker",
     "1.0.0",
   ],
+  [
+    "ruby",
+    "aws-sdk-secretsmanager",
+    "1.0.0",
+  ],
   [
     "ruby",
     "aws-sdk-sns",
diff --git a/src/rules/spec/rust/__snapshots__/component.test.ts.snap b/src/rules/spec/rust/__snapshots__/component.test.ts.snap
index e749acc0..705109e3 100644
--- a/src/rules/spec/rust/__snapshots__/component.test.ts.snap
+++ b/src/rules/spec/rust/__snapshots__/component.test.ts.snap
@@ -29,6 +29,7 @@ exports[`rust (component) > should match everything 1`] = `
   "aws.redshift",
   "aws.s3",
   "aws.sagemaker",
+  "aws.secretsmanager",
   "aws.sns",
   "aws.sqs",
   "aws.timestream",
@@ -206,6 +207,11 @@ exports[`rust (component) > should match everything 2`] = `
     "aws-sdk-sagemaker",
     "1.0.0",
   ],
+  [
+    "rust",
+    "aws-sdk-secretsmanager",
+    "1.0.0",
+  ],
   [
     "rust",
     "aws-sdk-sns",
diff --git a/src/rules/spec/terraform/__snapshots__/resource.test.ts.snap b/src/rules/spec/terraform/__snapshots__/resource.test.ts.snap
index 1368bdf4..b88b68ab 100644
--- a/src/rules/spec/terraform/__snapshots__/resource.test.ts.snap
+++ b/src/rules/spec/terraform/__snapshots__/resource.test.ts.snap
@@ -27,6 +27,7 @@ exports[`terraform (resource) > should match everything 1`] = `
   "aws.redshift",
   "aws.s3",
   "aws.sagemaker",
+  "aws.secretsmanager",
   "aws.sns",
   "aws.sqs",
   "aws.timestream",
diff --git a/src/types/techs.ts b/src/types/techs.ts
index fc46a055..eed596a0 100644
--- a/src/types/techs.ts
+++ b/src/types/techs.ts
@@ -59,6 +59,7 @@ export type AllowedKeys =
   | 'aws.redshift'
   | 'aws.s3'
   | 'aws.sagemaker'
+  | 'aws.secretsmanager'
   | 'aws.sns'
   | 'aws.sqs'
   | 'aws.timestream'