Abstract
<jats:p>The paper examines the problem of designing scalable and secure user authorization systems in cloud environments using serverless computing. The relevance of this research is driven by the increasing demand for high-performance services that remain cost-effective and reliable under varying workloads. Traditional server-based solutions no longer fully address these requirements, which has led to the growing adoption of Function-as-a-Service (FaaS) models. AWS Lambda was selected as the core platform, offering automatic scaling, event-driven execution, and a pay-per-use model. For credential validation, the architecture inte-grates with Amazon Aurora PostgreSQL, a high-availability managed database compatible with PostgreSQL, while AWS Systems Manager Parameter Store ensures secure storage and centralized management of configuration parameters and secrets.The proposed architecture processes user credentials through an API Gateway that triggers Lambda functions, validates the input against Aurora, and generates JSON Web To-kens (JWT) to authorize user access. Experimental evaluation focused on the effects of allo-cated memory, cold versus warm starts, and calls to external services on execution time and overall cost. The results revealed an exponential decrease in response latency when memory was increased from 128 MB to 2048 MB: execution time dropped from several seconds to un-der one second, while costs remained nearly constant. Aurora queries demonstrated stable low-latency performance, JWT generation reached optimal efficiency at 1024–2048 MB, and the Parameter Store introduced the highest delays, indicating the importance of caching and optimized secret management.The findings confirm the feasibility of AWS Lambda as the foundation for cloud-based authorization services. The combination of Lambda, Aurora, and Parameter Store creates a robust, secure, and cost-efficient architecture that adapts dynamically to workload changes. The proposed approach is particularly relevant for cross-platform mobile and web applica-tions, where scalability, data security, and low response time are critical. Future research should focus on optimizing cold start mitigation strategies, improving cost-performance trade-offs, and enhancing the resilience of serverless architectures under next-generation workloads.</jats:p>