diff --git a/link2aws.js b/link2aws.js
index 3062f47..121286a 100644
--- a/link2aws.js
+++ b/link2aws.js
@@ -979,14 +979,11 @@ class ARN {
             },
             "secretsmanager": { // AWS Secrets Manager
                 "secret": () => {
-                    if (this.resource.indexOf("-") === -1) {
-                        // all the secrets I've seen have a "-" delimited suffix
-                        // in the ARN that isn't part of the secret name. For
-                        // now just throwing if the suffix is missing, please
-                        // update if needed.
-                        throw Error(`Secret ARN for ${this.resource} missing suffix`);
+                    const arnSuffix = /-\w{6}$/;
+                    if (!arnSuffix.test(this.resource)) {
+                        throw Error(`Secret ARN for "${this.resource}" appears invalid, should end with ${arnSuffix}`);
                     }
-                    const name = this.resource.split('-').slice(0, -1).join('-');
+                    const name = this.resource.replace(arnSuffix, "");
                     return `https://${this.region}.${this.console}/${this.service}/${this.resource_type}?name=${name}`;
                 },
             },
diff --git a/testcases/aws-negative.json b/testcases/aws-negative.json
index 4d05058..d05ecb4 100644
--- a/testcases/aws-negative.json
+++ b/testcases/aws-negative.json
@@ -39,5 +39,5 @@
     "arn:aws:ec2:us-ea*st-1:123456789012:instance/asdf",
     "arn:aws:ec2:us-ea#st-1:123456789012:instance/asdf",
     "arn:aws:ec2:us-ea\\st-1:123456789012:instance/asdf",
-    "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret9A3F29"
+    "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret9A3F29-adf"
 ]
\ No newline at end of file