We have a back end program in Java which processes thousands of requests per minute where encryption and decryption via AWS KMS is involved. What we are avoiding is multiple calls to AWS KMS programmatically which might have a considerable effect in performance.
We initially thought of retrieving the AWSKMS object on startup, then store it in memory and use this same object to all succeeding encryptions and decryptions. Would this work? It's something like this:
AWSKMS kmsClient = AWSKMSClientBuilder.standard().withRegion(Regions.fromName(region)).withCredentials(new ProfileCredentialsProvider(filePath, profileName)).build();
//store kmsClient in memory (or as a static param in a parent class)
//for succeeding encrypts and decrypts, use this same object
AWSKMS kmsClient = ....retrieve from memory
EncryptRequest req = new EncryptRequest()
.withKeyId(keyId)
.withPlaintext(ByteBuffer.wrap(key.getBytes()));
EncryptResult res = kmsClient.encrypt(req);
We tried looking for implementations like this but havent found any. Would this work?
We are using aws sdk version 1.12.17
