Design a cloud console main page

Scenario

You are building the main landing page (home page) of a cloud service console that a user sees immediately after logging in (e.g., similar to a cloud provider dashboard).

The interviewer cares especially about:

• Authentication (how the user proves who they are)
• Authorization/permissions (what the user is allowed to see/do)
• Audit logging (tracking sensitive actions and access)

Requirements

Functional

1. After login, show a personalized main page with:
   • The user’s accessible projects/accounts/tenants
   • A summary of key resources (e.g., VMs, databases, buckets) the user has permission to view
   • Recent activity / notifications (optional)
2. Enforce multi-tenancy isolation : user must never see resources from tenants they don’t have access to.
3. Support common permission models:
   • Role-based access control (RBAC) at minimum (e.g., Owner/Admin/Viewer)
   • Preferably allow resource- or project-scoped roles
4. Produce audit logs for security-relevant events (at least):
   • Login/logout, token issuance/refresh
   • Viewing sensitive pages or listing sensitive resources (state your stance)
   • Permission changes / role assignments
   • Resource create/update/delete actions triggered from the console

Non-functional (assume reasonable scale)

• Low latency for home page render (e.g., p95 < 500–1000 ms)
• High availability (e.g., 99.9%+)
• Secure by default (least privilege, strong session handling)
• Audit logs are tamper-resistant and queryable by security/compliance

Deliverables

Describe:

• End-to-end request flow from login to home page render
• Core services/components and APIs
• Permission checks (where/how enforced)
• Audit log pipeline (what you log, where it goes, how to secure it)
• Key data models and scaling considerations