I have created a simple NodeJS REST API using express and AWS lambda. I started off using environmental variables and now I have process.env all over my API.
However, Im just starting out testing the secretmanager in AWS. It seems to be working fine. I built a module getAWSsecrets.js which I can easily access by simple running:
async function testFunc() {
let credentials = await getSecrets();
console.log(credentials);
}
This is working as intended and the getSecrets() method returns a json object with all the secrets I need. But at each location in my app I need to make this API request to get the secrets. Is there possibly a better way to somehow cache the secrets to avoid having to call the secretmanager over and over.
Having said this, perhaps it is the most secure? How do I proceed, what is considered best practice? Perhaps this is no issue, it is simply my gut feeling saying that this seems "clunky".
On every cold start (first run) fetch all secrets and use them.
let credentials;
let coldstart = false;
exports.handler = async (event, context) => {
if(!coldstart){
credentials = await getSecrets();
coldstart=true;
}
}