aws-secretsmanager-get-secrets
aws-secretsmanager-get-secrets is a GitHub Action that retrieves secrets from AWS Secrets Manager and exposes them as masked environment variables within GitHub workflow jobs. It supports retrieving secrets by ARN, name, or name prefix (with wildcards), up to 100 matching secrets per prefix. The action can parse JSON secret values into individual environment variables or pass the entire string as a single variable, and converts binary secrets to strings by default. Environment variable names are auto-generated from secret names and sanitized to contain only uppercase letters, numbers, and underscores, though custom names can be assigned. A name-transformation option allows uppercase, lowercase, or none conversion. The action requires AWS credentials to be configured in the workflow using the configure-aws-credentials action, ideally with GitHub OIDC for short-lived credentials. The IAM role must have GetSecretValue and ListSecrets permissions, plus optional Decrypt access for customer-managed KMS keys. To deb