Skip to main content
  1. Posts/

Secrets Manager API vs Lambda Extension: performance comparison

·689 words·4 mins· loading · loading ·
The indie coder
Author
The indie coder
Cloud Architect

More than one and half year ago AWS announced the launch of the AWS Parameters and Secrets Lambda Extension.

This extension allows you to retrieve secrets and parameters from AWS Secrets Manager and AWS Systems Manager, respectively, without using the APIs. By doing so, you can avoid the associated costs and the need to manage the caching of values manually.

The announcement claims that using these extensions instead of the APIs can improve performance and decrease costs.

To verify the accuracy of these claims, I decided to use AWS Lambda Power Tuning, specifically leveraging the comparison function provided by the UI tool.

Is it true that using Lambda Extensions will improve performance and decrease costs?

Let’s find out!

The tool for the test: AWS Lambda Power Tuning
#

AWS Lambda Power Tuning is a user-friendly and opensource tool that helps you to improve the performance of your Lambda functions.

You simply specify the Lambda function you want to enhance and the memory values you want to test. Then, the tool runs multiple versions of your function with different memory settings. It measures their execution time and calculates the associated costs, providing insights into performance improvements.

You can find comprehensive documentation on how to deploy and execute AWS Lambda Power Tuning in the repo linked below.

alexcasalboni/aws-lambda-power-tuning

AWS Lambda Power Tuning is an open-source tool that can help you visualize and fine-tune the memory/power configuration of Lambda functions. It runs in your own AWS account - powered by AWS Step Functions - and it supports three optimization strategies: cost, speed, and balanced.

JavaScript
5467
378

The test
#

For this test, I have created two lambdas:

  • getSecretWithSecretsManagerAPI: it retrieves the secret using the Secrets Manager API (sdk v3).
  • getSecretWithLambdaExtension: it retrieves the secret using the Secrets Lambda Extension.

Both functions:

  • Use nodejs20.x runtime
  • Use arm64 architecture
  • Are deployed in eu-west-1 region

To perform the test, I configured and executed an AWS Step Functions state machine. The state machine allowed me to specify memory values to allocate to the Lambda functions. I chose to run the state machine for memory values ranging from 128 MB to 3008 MB.

After running the state machine once for each Lambda function, I used the tool’s UI to compare the results.

While understanding AWS Step Functions is not necessary for comprehending the results of this article, it’s worth mentioning how the test was conducted for transparency. The focus here is on interpreting the test results rather than the technical details of the testing process.

The results
#

The execution time for the lambda that retrieves the secret using the Secrets Manager API varies from 46 seconds with 128 MB to 24 seconds with 512 MB. Beyond 512 MB, the execution time remains more or less stable at 24 seconds.

On the other hand, the execution time for the lambda that retrieves the secret using Lambda Extension ranges from 23 milliseconds with 128 MB to 5 seconds with 512 MB. Beyond 512 MB, the execution time remains stable at around 5 seconds.

AWS-Lambda-Power-Tuning-Results

The test confirms the expectations: the lambda that retrieves the secret using Lambda Extension is always more performant and cheaper than the lambda that retrieves the secret using Secrets Manager API.

Below are two tables comparing the execution time and costs for the two functions.

On average, the Lambda function that uses Lambda Extension to retrieve the secret is 282% faster than the one using the Secrets Manager API.

On average, the Lambda that uses Lambda Extension to retrieve the secret is 271% cheaper than the one using Secrets Manager API.

Conclusions
#

At the beginning of the article we aimed to answer to the question:

Is it true that using Lambda Extensions will improve performance and decrease costs?

The test show that yes, using Lambda Extension for retrieving secrets from Secrets Manager is consistently faster and more cost-effective across different memory configurations.

That’s all folks! 🚀

If you have questions or would like to provide feedback, email me at martina.theindiecoder@gmail.com.

Resources
#