aws secret manager list-secret fails but create works

Question

I am new to aws secret manager, where i face this wierd issue that - create secret & describe secret works, but list-secret fails, see below the

aws secretsmanager create-secret --name 'test/dummy' --description "dummy secret" --secret-string 'mySecretValue'
{
    "ARN": "arn:aws:secretsmanager:us-east-1:1234567890:secret:test/dummy-pmdArR",
    "Name": "test/dummy",
    "VersionId": "f55b7e3e-614c-479b-a913-17a6ae960f11"
}

now when I list it fails

$ aws secretsmanager list-secrets --filters Key=name,Values=test/dummy

An error occurred (AccessDeniedException) when calling the ListSecrets operation: User: arn:aws:sts::1234567890:assumed-role/CustomRole-appSM/AssumedRole-appSM is not authorized to perform: secretsmanager:ListSecrets because no identity-based policy allows the secretsmanager:ListSecrets action

While the describe secret works well

aws secretsmanager describe-secret --secret-id test/dummy
{
    "ARN": "arn:aws:secretsmanager:us-east-1:1234567890:secret:test/dummy-pmdArR",
    "Name": "test/dummy",
    "Description": "dummy secret",
    "LastChangedDate": "2024-02-22T15:14:15.796000+05:30",
    "VersionIdsToStages": {
        "f55b7e3e-614c-479b-a913-17a6ae960f11": [
            "AWSCURRENT"
        ]
    },
    "CreatedDate": "2024-02-22T15:14:15.755000+05:30"
}

The policy document i have attached for the role I use is as below

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "secretsmanager:BatchGetSecretValue",
                "secretsmanager:CreateSecret",
                "secretsmanager:DeleteResourcePolicy",
                "secretsmanager:DeleteSecret",
                "secretsmanager:DescribeSecret",
                "secretsmanager:GetRandomPassword",
                "secretsmanager:GetResourcePolicy",
                "secretsmanager:GetSecretValue",
                "secretsmanager:ListSecretVersionIds",
                "secretsmanager:ListSecrets",
                "secretsmanager:PutResourcePolicy",
                "secretsmanager:PutSecretValue",
                "secretsmanager:RestoreSecret",
                "secretsmanager:RotateSecret",
                "secretsmanager:TagResource",
                "secretsmanager:UpdateSecret",
                "secretsmanager:UpdateSecretVersionStage",
                "secretsmanager:ValidateResourcePolicy"
            ],
            "Resource": "arn:aws:secretsmanager:us-east-1:1234567890:secret:test/*",
            "Effect": "Allow"
        }
    ]
}

The reason why I have specified the resource as arn:aws:secretsmanager:us-east-1:1234567890:secret:test/* is because I would like to restrict access only for the secret that starts with name test however if I update the resource to "*" works well with list-secrets. How can I make the listsecret also to work ?