https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html
Secrets Manager enables you to replace hardcoded credentials in your code, including passwords, with an API call to Secrets Manager to retrieve the secret programmatically. This helps ensure the secret can't be compromised by someone examining your code, because the secret no longer exists in the code. Also, you can configure Secrets Manager to automatically rotate the secret for you according to a specified schedule. This enables you to replace long-term secrets with short-term ones, significantly reducing the risk of compromise.
Using AWS Secret Manager you can inject your secrets inside the code without hardcoding them, retrieving them in your code through some APIs, and that can be accessed without a password by anyone that has an access on the machine (simply open a node / python console and invoke the APIs to know secrets).
Also with environment variables you can inject your secrets inside the code without hardcoding them, retrieving them in your code through some APIS (dotenv, process.env), and that can be accessed without a password by anyone that has an access on the machine (with the env command).
Why should I use AWS Secret Manager instead of simpler environment variables?
I prefer SSM Parameter Store to Secrets, since it's easier to use, allows nesting values, and you can manually recall what was what with ease.
And of course you can have encrypted or non-encrypted values stored there, and especially given that Secrets Manager is just not fun to work with in general, I prefer SSMPS 10 times out of 10.