diff --git a/secrets/awssecretsmanager.go b/secrets/awssecretsmanager.go
index 7148b05a42..68d9c6c940 100644
--- a/secrets/awssecretsmanager.go
+++ b/secrets/awssecretsmanager.go
@@ -2,6 +2,7 @@ package secrets
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
@@ -31,14 +32,15 @@ func NewAWSSecretsManager(client *secretsmanager.SecretsManager) *AWSSecretsMana
 // - kms:Decrypt
 func (s *AWSSecretsManager) SetSecret(name string, secret []byte) error {
 	name = strings.ReplaceAll(name, ":", "_")
+
 	_, err := s.client.CreateSecretWithContext(context.TODO(), &secretsmanager.CreateSecretInput{
 		Name:         &name,
 		SecretBinary: secret,
 	})
 	if err != nil {
-		if aerr, ok := err.(awserr.Error); ok {
-			switch aerr.Code() {
-			case secretsmanager.ErrCodeResourceExistsException:
+		var aerr awserr.Error
+		if errors.As(err, &aerr) {
+			if aerr.Code() == secretsmanager.ErrCodeResourceExistsException {
 				// try replacing instead
 				_, err = s.client.UpdateSecretWithContext(context.TODO(), &secretsmanager.UpdateSecretInput{
 					SecretBinary: secret,
@@ -47,12 +49,14 @@ func (s *AWSSecretsManager) SetSecret(name string, secret []byte) error {
 				if err != nil {
 					return fmt.Errorf("update secret: %w", err)
 				}
+
 				return nil
 			}
 		}
 
 		return fmt.Errorf("creating secret: %w", err)
 	}
+
 	return nil
 }
 
@@ -61,17 +65,20 @@ func (s *AWSSecretsManager) SetSecret(name string, secret []byte) error {
 // kms:Decrypt - required only if you use a customer-managed Amazon Web Services KMS key to encrypt the secret
 func (s *AWSSecretsManager) GetSecret(name string) (secret []byte, err error) {
 	name = strings.ReplaceAll(name, ":", "_")
+
 	sec, err := s.client.GetSecretValueWithContext(context.TODO(), &secretsmanager.GetSecretValueInput{
 		SecretId: &name,
 	})
 	if err != nil {
-		if aerr, ok := err.(awserr.Error); ok {
-			switch aerr.Code() {
-			case secretsmanager.ErrCodeResourceNotFoundException:
+		var aerr awserr.Error
+		if errors.As(err, &aerr) {
+			if aerr.Code() == secretsmanager.ErrCodeResourceNotFoundException {
 				return nil, nil
 			}
 		}
+
 		return nil, fmt.Errorf("get secret: %w", err)
 	}
+
 	return sec.SecretBinary, nil
 }
diff --git a/secrets/awssecretsmanager_test.go b/secrets/awssecretsmanager_test.go
index b9133eaae3..c1231e6e66 100644
--- a/secrets/awssecretsmanager_test.go
+++ b/secrets/awssecretsmanager_test.go
@@ -14,23 +14,29 @@ import (
 func waitForSecretsManagerReady(t *testing.T, ssm *secretsmanager.SecretsManager) {
 	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
 	defer cancel()
+
 	for {
+		// nolint
 		resp, err := http.Get(ssm.Client.Endpoint)
 		// server responds with 404 and body of status running 😂
 		if err == nil {
 			b, err := ioutil.ReadAll(resp.Body)
 			resp.Body.Close()
+
 			if err == nil {
 				if strings.Contains(string(b), "running") {
 					return // ready!
 				}
 			}
 		}
+
 		if ctx.Err() != nil {
 			t.Error("timeout waiting for secrets manager to be ready")
 			t.FailNow()
+
 			return
 		}
+
 		time.Sleep(100 * time.Millisecond)
 	}
 }
diff --git a/secrets/secrets_test.go b/secrets/secrets_test.go
index 148cb1ebea..10cbe4d27d 100644
--- a/secrets/secrets_test.go
+++ b/secrets/secrets_test.go
@@ -50,6 +50,7 @@ func setup() {
 	if testing.Short() {
 		return
 	}
+
 	var containerID string
 
 	// setup localstack