Like in every AWS service, the link with an IAM role is seamless, thus allowing you to grant exact permissions to credentials stored in Secrets Manager to a specific instance/container/etc.
It is managed quite easily and even integrates with other services, such as existing RDS instances, automatically. It allows rotating credentials a much easier task.
I did not find any features I do not like with SM at the moment. The service is at its very early stages, and so is our usage. However, we are certain that upon further usage we might find a few hiccups here and there.
We used to spin up different Jenkins slaves (built via different Dockerfiles) for various jobs.
Each of these containers only differed by the Amazon credentials they stored.
Now, we are spinning up a single slave - and it grabs the correct credentials from the SM service using the appropriate IAM permission role (attached via CloudFormation).
We are also close to integrate it with some of our other applications, especially those utilizing RDS for hosting MySQL DBs, so in the future we can rotate credentials without having to change code/app version to support that.