You can use KMS as part of your own secret manager, but you would have to store the actual secrets somewhere else, like GCS or Datastore. KMS stores encryption keys, and has an API for encrypting/decrypting. For example to retrieve a secret using KMS you would get the encrypted data from where it is stored, like Datastore, and send it to KMS to have KMS decrypt the data. Secret Manager actually stores the secret, so a single API call can retrieve the decrypted value. Secret Manager also has versioning, which is important when rotating secrets. If you were building your own solution around KMS you would need to do versioning in your storage schema, wherever you end up storing the secrets.
You can also use AWS Parameter Store with KMS (SecureString type) to store secrets in Parameter Store. Of course this doesn't offer rotation of the secrets although KMS will handle key rotation.
KMS manages encryption keys. A secrets manager gives you an API for storing and referencing arbitrary named secret values with audit logs, etc. for them, which are encrypted using KMS.
For example, this might be something like “store a secret ‘my app remote API key’ encrypted with a regularly rotated key and allow ‘my app container’ to retrieve the value”.
You can use KMS as part of your own secret manager, but you would have to store the actual secrets somewhere else, like GCS or Datastore. KMS stores encryption keys, and has an API for encrypting/decrypting. For example to retrieve a secret using KMS you would get the encrypted data from where it is stored, like Datastore, and send it to KMS to have KMS decrypt the data. Secret Manager actually stores the secret, so a single API call can retrieve the decrypted value. Secret Manager also has versioning, which is important when rotating secrets. If you were building your own solution around KMS you would need to do versioning in your storage schema, wherever you end up storing the secrets.