diff --git a/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts b/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts
index c4539cca154ea..1e6bf8d2441a5 100644
--- a/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts
+++ b/packages/@aws-cdk/aws-secretsmanager/lib/secret.ts
@@ -1,6 +1,6 @@
 import * as iam from '@aws-cdk/aws-iam';
 import * as kms from '@aws-cdk/aws-kms';
-import { Construct, IConstruct, IResource, RemovalPolicy, Resource, SecretValue, Stack } from '@aws-cdk/core';
+import { Construct, IConstruct, IResource, RemovalPolicy, Resource, SecretValue, Stack, Token } from '@aws-cdk/core';
 import { ResourcePolicy } from './policy';
 import { RotationSchedule, RotationScheduleOptions } from './rotation-schedule';
 import * as secretsmanager from './secretsmanager.generated';
@@ -596,8 +596,13 @@ export interface SecretStringGenerator {
 
 /** Parses the secret name from the ARN. */
 function parseSecretName(construct: IConstruct, secretArn: string) {
-  const resourceName = Stack.of(construct).parseArn(secretArn).resourceName;
+  const resourceName = Stack.of(construct).parseArn(secretArn, ':').resourceName;
   if (resourceName) {
+    // Can't operate on the token to remove the SecretsManager suffix, so just return the full secret name
+    if (Token.isUnresolved(resourceName)) {
+      return resourceName;
+    }
+
     // Secret resource names are in the format `${secretName}-${SecretsManager suffix}`
     const secretNameFromArn = resourceName.substr(0, resourceName.lastIndexOf('-'));
     if (secretNameFromArn) { return secretNameFromArn; }
diff --git a/packages/@aws-cdk/aws-secretsmanager/test/test.secret.ts b/packages/@aws-cdk/aws-secretsmanager/test/test.secret.ts
index 1b7c1e3063ed9..523ce501b9126 100644
--- a/packages/@aws-cdk/aws-secretsmanager/test/test.secret.ts
+++ b/packages/@aws-cdk/aws-secretsmanager/test/test.secret.ts
@@ -482,6 +482,30 @@ export = {
     test.done();
   },
 
+  'import by secretArn supports tokens for ARNs'(test: Test) {
+    // GIVEN
+    const app = new cdk.App();
+    const stackA = new cdk.Stack(app, 'StackA');
+    const stackB = new cdk.Stack(app, 'StackB');
+    const secretA = new secretsmanager.Secret(stackA, 'SecretA');
+
+    // WHEN
+    const secretB = secretsmanager.Secret.fromSecretArn(stackB, 'SecretB', secretA.secretArn);
+    new cdk.CfnOutput(stackB, 'secretBSecretName', { value: secretB.secretName });
+
+    // THEN
+    test.equals(secretB.secretArn, secretA.secretArn);
+    expect(stackB).toMatch({
+      Outputs: {
+        secretBSecretName: {
+          Value: { 'Fn::Select': [6, { 'Fn::Split': [':', { 'Fn::ImportValue': 'StackA:ExportsOutputRefSecretA188F281703FC8A52' }] }] },
+        },
+      },
+    });
+
+    test.done();
+  },
+
   'import by attributes'(test: Test) {
     // GIVEN
     const stack = new cdk.Stack();