at least in our simple use case we just ended up creating a map with the secrets-key and values + expiration timestamp. at every lambda invocation within the same container we check if current time is past the expiration date and if so, we reload the key from ssm otherwise we use the cached one.

Of course you might want to implement something fancier like different caching periods for different keys or retry options if cache is outdated — but it should not be something too complicated. but so far we did not need such things :-)

Sport addicted, productivity obsessed, avid learner, travel enthusiast, expat, 2 kids. Technical Lead (NodeJs Serverless)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store