How do I approach System Design interview questions?

System Design questions require understanding of core concepts and practice. PracHub provides solutions with explanations to help you master system design interviews.

What difficulty level is this interview question?

This is a medium difficulty System Design question, commonly asked during Onsite rounds at Microsoft.

What role is this question designed for?

This question is commonly asked for Software Engineer candidates at Microsoft during technical interviews.

Design a cloud console main page | Microsoft Interview Question

Q: Design a cloud console main page

This question evaluates a candidate's understanding of designing a secure, multi-tenant cloud console main page, emphasizing authentication, authorization/permissions (including RBAC and scoped roles), audit logging, end-to-end request flow, and scaling for low-latency and high availability.

Scenario

You are building the main landing page (home page) of a cloud service console that a user sees immediately after logging in (e.g., similar to a cloud provider dashboard).

The interviewer cares especially about:

Authentication (how the user proves who they are)
Authorization/permissions (what the user is allowed to see/do)
Audit logging (tracking sensitive actions and access)

Requirements

Functional

After login, show a personalized main page with:
- The user’s accessible projects/accounts/tenants
- A summary of key resources (e.g., VMs, databases, buckets) the user has permission to view
- Recent activity / notifications (optional)
Enforce multi-tenancy isolation : user must never see resources from tenants they don’t have access to.
Support common permission models:
- Role-based access control (RBAC) at minimum (e.g., Owner/Admin/Viewer)
- Preferably allow resource- or project-scoped roles
Produce audit logs for security-relevant events (at least):
- Login/logout, token issuance/refresh
- Viewing sensitive pages or listing sensitive resources (state your stance)
- Permission changes / role assignments
- Resource create/update/delete actions triggered from the console

Non-functional (assume reasonable scale)

Low latency for home page render (e.g., p95 < 500–1000 ms)
High availability (e.g., 99.9%+)
Secure by default (least privilege, strong session handling)
Audit logs are tamper-resistant and queryable by security/compliance

Deliverables

Describe:

End-to-end request flow from login to home page render
Core services/components and APIs
Permission checks (where/how enforced)
Audit log pipeline (what you log, where it goes, how to secure it)
Key data models and scaling considerations

Scenario

You are building the main landing page (home page) of a cloud service console that a user sees immediately after logging in (e.g., similar to a cloud provider dashboard).

The interviewer cares especially about:

Authentication (how the user proves who they are)
Authorization/permissions (what the user is allowed to see/do)
Audit logging (tracking sensitive actions and access)

Requirements

Functional

After login, show a personalized main page with:
- The user’s accessible projects/accounts/tenants
- A summary of key resources (e.g., VMs, databases, buckets) the user has permission to view
- Recent activity / notifications (optional)
Enforce multi-tenancy isolation : user must never see resources from tenants they don’t have access to.
Support common permission models:
- Role-based access control (RBAC) at minimum (e.g., Owner/Admin/Viewer)
- Preferably allow resource- or project-scoped roles
Produce audit logs for security-relevant events (at least):
- Login/logout, token issuance/refresh
- Viewing sensitive pages or listing sensitive resources (state your stance)
- Permission changes / role assignments
- Resource create/update/delete actions triggered from the console

Non-functional (assume reasonable scale)

Low latency for home page render (e.g., p95 < 500–1000 ms)
High availability (e.g., 99.9%+)
Secure by default (least privilege, strong session handling)
Audit logs are tamper-resistant and queryable by security/compliance

Deliverables

Describe:

End-to-end request flow from login to home page render
Core services/components and APIs
Permission checks (where/how enforced)
Audit log pipeline (what you log, where it goes, how to secure it)
Key data models and scaling considerations

Design a cloud console main page

Quick Overview

Scenario

Requirements

Functional

Non-functional (assume reasonable scale)

Deliverables

Solution

Comments (0)

Design a cloud console main page

Quick Overview

Scenario

Requirements

Functional

Non-functional (assume reasonable scale)

Deliverables

Solution

Comments (0)