AWS Secrets Manager now supports VPC endpoint policies

AWS Secrets Manager now supports VPC endpoint policies, making it easier for you to restrict egress of secrets from your Amazon VPC. When you create a VPC endpoint for Secrets Manager, you can attach an endpoint policy to define the Secrets Manager actions that can be performed, the secrets these actions can be performed on, the IAM users or roles that can perform these actions, and the accounts that can be accessed via the VPC endpoint.