diff --git a/aws/data_source_aws_secretsmanager_secret.go b/aws/data_source_aws_secretsmanager_secret.go
index b076b8d1cfd..1cba15188c3 100644
--- a/aws/data_source_aws_secretsmanager_secret.go
+++ b/aws/data_source_aws_secretsmanager_secret.go
@@ -8,6 +8,7 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/secretsmanager"
 	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/helper/structure"
 )
 
 func dataSourceAwsSecretsManagerSecret() *schema.Resource {
@@ -34,6 +35,10 @@ func dataSourceAwsSecretsManagerSecret() *schema.Resource {
 				Optional: true,
 				Computed: true,
 			},
+			"policy": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"rotation_enabled": {
 				Type:     schema.TypeBool,
 				Computed: true,
@@ -103,6 +108,24 @@ func dataSourceAwsSecretsManagerSecretRead(d *schema.ResourceData, meta interfac
 	d.Set("name", output.Name)
 	d.Set("rotation_enabled", output.RotationEnabled)
 	d.Set("rotation_lambda_arn", output.RotationLambdaARN)
+	d.Set("policy", "")
+
+	pIn := &secretsmanager.GetResourcePolicyInput{
+		SecretId: aws.String(d.Id()),
+	}
+	log.Printf("[DEBUG] Reading Secrets Manager Secret policy: %s", pIn)
+	pOut, err := conn.GetResourcePolicy(pIn)
+	if err != nil {
+		return fmt.Errorf("error reading Secrets Manager Secret policy: %s", err)
+	}
+
+	if pOut != nil && pOut.ResourcePolicy != nil {
+		policy, err := structure.NormalizeJsonString(aws.StringValue(pOut.ResourcePolicy))
+		if err != nil {
+			return fmt.Errorf("policy contains an invalid JSON: %s", err)
+		}
+		d.Set("policy", policy)
+	}
 
 	if err := d.Set("rotation_rules", flattenSecretsManagerRotationRules(output.RotationRules)); err != nil {
 		return fmt.Errorf("error setting rotation_rules: %s", err)
diff --git a/aws/data_source_aws_secretsmanager_secret_test.go b/aws/data_source_aws_secretsmanager_secret_test.go
index 7a0b24a5647..55accf3ce2f 100644
--- a/aws/data_source_aws_secretsmanager_secret_test.go
+++ b/aws/data_source_aws_secretsmanager_secret_test.go
@@ -69,6 +69,25 @@ func TestAccDataSourceAwsSecretsManagerSecret_Name(t *testing.T) {
 	})
 }
 
+func TestAccDataSourceAwsSecretsManagerSecret_Policy(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_secretsmanager_secret.test"
+	datasourceName := "data.aws_secretsmanager_secret.test"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceAwsSecretsManagerSecretConfig_Policy(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccDataSourceAwsSecretsManagerSecretCheck(datasourceName, resourceName),
+				),
+			},
+		},
+	})
+}
+
 func testAccDataSourceAwsSecretsManagerSecretCheck(datasourceName, resourceName string) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		resource, ok := s.RootModule().Resources[datasourceName]
@@ -86,6 +105,7 @@ func testAccDataSourceAwsSecretsManagerSecretCheck(datasourceName, resourceName
 			"description",
 			"kms_key_id",
 			"name",
+			"policy",
 			"rotation_enabled",
 			"rotation_lambda_arn",
 			"rotation_rules.#",
@@ -148,6 +168,35 @@ data "aws_secretsmanager_secret" "test" {
 `, rName)
 }
 
+func testAccDataSourceAwsSecretsManagerSecretConfig_Policy(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_secretsmanager_secret" "test" {
+  name   = "%[1]s"
+
+	policy = <<POLICY
+{
+  "Version": "2012-10-17",
+  "Statement": [
+	{
+	  "Sid": "EnableAllPermissions",
+	  "Effect": "Allow",
+	  "Principal": {
+		"AWS": "*"
+	  },
+	  "Action": "secretsmanager:GetSecretValue",
+	  "Resource": "*"
+	}
+  ]
+}
+POLICY
+}
+
+data "aws_secretsmanager_secret" "test" {
+  name   = "${aws_secretsmanager_secret.test.name}"
+}
+`, rName)
+}
+
 const testAccDataSourceAwsSecretsManagerSecretConfig_NonExistent = `
 data "aws_secretsmanager_secret" "test" {
   name = "tf-acc-test-does-not-exist"
diff --git a/website/docs/d/secretsmanager_secret.html.markdown b/website/docs/d/secretsmanager_secret.html.markdown
index ec8e23a3b57..115024f96a5 100644
--- a/website/docs/d/secretsmanager_secret.html.markdown
+++ b/website/docs/d/secretsmanager_secret.html.markdown
@@ -43,3 +43,4 @@ data "aws_secretsmanager_secret" "by-name" {
 * `rotation_lambda_arn` - Rotation Lambda function Amazon Resource Name (ARN) if rotation is enabled.
 * `rotation_rules` - Rotation rules if rotation is enabled.
 * `tags` - Tags of the secret.
+* `policy` - The resource-based policy document that's attached to the secret.