Background
- I need to store encrypted API key secrets in DB
- The encrypted secrets will be decrypted and used in program frequently
- Network latency matters
- I plan to use AWS KMS for this
Problem
- We need to do decryption frequently, but sending encrypted data to KMS to decrypt every time will result in higher accumulated latency and cost (from AWS)
- How to do this safely and with minimal cost/latency