right way to implement secrets caching in aws secrets manager

Question

Hi I have implemented secrets caching as per this repo. Essentially added the following piece of code:

session = boto3.session.Session()
    client = session.client(
        service_name='secretsmanager',
        region_name=region_name
    )
try: 
    # create a cache
    cache_config = SecretCacheConfig(secret_refresh_interval=14400) # refresh cache every 4 hours
    cache = SecretCache(config=cache_config, client=client)
    # get secret string from the cache
    get_secret_value_response = cache.get_secret_string(secret_name)
except ClientError as e:
    raise e 

But I am unsure if it is working, as the time taken by api call on subsequent requests has not decreased. It still stays the same (roughly) to what it was before caching.

Is there a way to verify to if caching is working or is it the right way to implement it?

--- Edit Before caching I was fetching secrets as follows:

secret_value_response = client.get_secret_value(
        SecretId=secret_name
    )

Basically I removed the above piece of code and added caching code instead of it.

Answer 1

You can use the environment variable to load the variables at the time of the initialization and use that variable in the project repo. This will help you organize your code as well as help you save costs in AWS by minimizing the number of requests to the secret manager. This can be configured using Github Action in CI/ CD pipeline.

Answer 2

You must not recreate the cache anytime. You create it once and reuse it later either with the method call or with the decorator: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_cache-decor-string.html