Cannot access Secrets Manager from Lightsail

I have a Lightsail instance with a very small Python script for testing. The script looks like:

import boto3
import json
region_name = "us-east-1"
secret_name = "arn:aws:secretsmanager:us-east-1:XXXXXX:XXXX"
client = boto3.client(service_name='secretsmanager',region_name=region_name)
response = client.get_secret_value(SecretId=secret_name)
secrets1 = json.loads(response['SecretString'])
print(secrets1['Password'])

When I run the above code, I get the following error:

An error occurred (AccessDeniedException) when calling the GetSecretValue operation: User: arn:aws:sts::XXXXXXXX:assumed-role/AmazonLightsailInstanceRole/XXXXXXX is not authorized to perform: secretsmanager:GetSecretValue on resource: arn:aws:secretsmanager:us-east-1:XXXXXXXX:secret:XXXXXX because no resource-based policy allows the secretsmanager:GetSecretValue action

I have tried:

• creating a Lightsail role in IAM with "SecretsManagerReadWrite" policy attached. One problem with this approach is that I didn't see a Lightsail option when selecting an AWS Service, so I selected ec2.
• running the code as root user
• creating another IAM user with proper permissions (full access to Lightsail and SecretsManagerReadWrite)
• scouring several forums looking for answers. I find some cases that are similar to mine, but haven't found a solution I can use fully (although I have used bits and pieces with no luck).

None of the above worked (although I can't guarantee I put all the pieces together correctly).

So my question is: How can I access a secret in my Secrets Manager service and use it in my Python code in Lightsail?

This is all done within a single AWS account. I am very new to the AWS framework and am admittedly confused by the IAM roles and users and how I provision permission for a Lightsail instance to access Secrets Manager.

Thanks for any help.