Differences between SecretCache and Lambda Extension
In case of Java Lambdas, is there any practical benefit in using SecretCache (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_cache-java.html) over Secrets Lambda extension via layer (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_lambda.html) and viceversa?
I could not find any comparison documentation, thanks.
- Newest
- Most votes
- Most comments
Hi, I may be wrong (I didn't test in details) but I see at least one interesting difference:
- the Secret cache is local to your Lambda execution. So, it's useful if you make several calls to SecretManager to obtain same secret multiple time during the execution of your Lambda.
- The Lambda extensions can be shared across multiple executions: so, you get the benefits of caching (less cost due to less API calls, reduced latency) multiple times.
This article shows the results across multiple executions with AWS Lambda Extension for Secrets: https://www.element7.io/2022/12/boost-performance-and-reduce-costs-using-lambda-extensions/
On https://github.com/aws/aws-secretsmanager-caching-java, the recommendation is to use the Secret Cache with
private final SecretCache cache = new SecretCache();
In this form, it will go away at the end of each Lambda execution
Best, Didier
Relevant content
- asked a month ago
- asked 2 years ago
- asked a year ago
AWS OFFICIALUpdated a year ago- What's the difference between Lambda function execution role permissions and invocation permissions?AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
I think that execution reasoning makes sense, thanks :)