Hmm... these numbers don't look good at all. I think there must be some configuration issue here. We've tested Cerbos internally with much higher loads and the p95 latencies were under 50ms. Granted, it wasn't on Lambda. But, I can't imagine it adds so much overhead. 🧵

Yes the lambda region is same,I havent checked the RTT yet,Are there any suggestions on how to use cerbos the best way on AWS

It looks like on the second graph there’re cold starts for requests after request #600. The AWS ECR repository, lambda itself, and the S3 bucket should be collocated in the same region for better start-up time. 1. How much memory is allocated for the Cerbos lambda? Did you try to increase it? 2. Do you run these tests in another lambda (in the same region)? 3. What’s the

updatePollInterval

config value if it is set?

1. For now memory is 1024MB 2. Yes the region is same for AWS ECR repository, lambda itself, and the S3 bucket 3. updatePollInterval for now is 1500s , what is the default??

• 1024MB is a lot more than Cerbos needs, but for AWS Lambda configuration, the amount of memory also determines the amount of virtual CPU. At 1769 MB, a function has the equivalent of one vCPU. It’s worth trying this value. ◦ Configuring provisioned concurrency can reduce the number of cold starts. • 1500s for

updatePollInterval

is good. Default is 0 - no polling.