I’m building a GAE app that requires a cryptographic key to operate. I would like to avoid storing the key in code or in a persistent datastore, and instead upload the key whenever I start my app so that it will only reside in memory for the duration of the app’s lifetime (from the time I upload the key until no instances are running.)
I understand that this is possible to do with a resident backend, but this seems too expensive (cheapest backend is currently 58$/month) just to keep one value in memory and serve it to other instances on demand.
Note that I’m not looking for a general robust shared-memory solution, just one value that is basically written once and read many times. Thanks.
I don’t think that this can work the way you hope. The sources of data in GAE:
1 and 4 are out, as per your question. 2 doesn’t work by itself because the starting and stopping of instances is out of your control (it wouldn’t scale otherwise), and persistent instances are expensive. 3 doesn’t work by itself because Memcache can be cleared at any time. 5 is really no different than the datastore, as it is permanently stored on the Google’s servers. Maybe you could try 6 (store it somewhere else), and retrieve it into per-instance memory during the instance startup. But I suspect that is no better security-wise (and, for that matter, doesn’t match with what you said that you wanted).