Design an image upload and download service for web and mobile clients. Specify: ( 1) APIs (e.g., POST /images for single and multipart uploads, GET /images/{id}, GET /images/{id}/variants; support presigned URLs); ( 2) storage choices (object storage vs. block/file, metadata schema, IDs, deduplication); ( 3) processing pipeline (asynchronous resizing/thumbnailing, queues/workers, EXIF handling, virus scan, idempotency, retries); ( 4) delivery (CDN, caching, range requests, ETag/versioning, cache invalidation); ( 5) security and compliance (authN/Z, rate limits/quotas, signed URLs, encryption in transit/at rest, content validation, PII considerations); ( 6) reliability and consistency (multipart uploads, checksums, retries, eventual consistency handling, disaster recovery/backups); ( 7) scalability and cost (throughput estimates, partitioning/sharding, storage tiering); ( 8) observability and SLOs (metrics, logs, traces, alerts); ( 9) edge cases (partial/failed uploads, duplicate files, hot objects, very large images, deletions/retention). Provide a high-level architecture diagram description, data models, and key trade-offs.

This question evaluates a candidate's competency in system design, distributed storage and processing, API design, scalability, security, reliability, and observability for production-grade services.

How do I approach System Design interview questions?

System Design questions require understanding of core concepts and practice. PracHub provides solutions with explanations to help you master system design interviews.

What difficulty level is this interview question?

This is a hard difficulty System Design question, commonly asked during Onsite rounds at Microsoft.

What role is this question designed for?

This question is commonly asked for Software Engineer candidates at Microsoft during technical interviews.

Design an image upload/download service | Microsoft Interview Question

System Design: Image Upload and Download Service

Context

Design a production-grade image service used by web and mobile clients. The service must support secure, scalable image uploads and fast downloads of originals and resized variants. Assume multi-tenant use, public/private access controls, and global users.

Requirements

Specify the following:

APIs

Define REST endpoints for: single and multipart uploads; metadata retrieval; variant listing; deletes; and presigned URL flows (direct-to-storage PUT/GET).

Storage choices

Choose object vs. block/file storage. Define metadata schema, ID strategy, deduplication approach.

Processing pipeline

Asynchronous resizing/thumbnailing. Use queues and workers. Handle EXIF, antivirus scanning, idempotency, and retries.

Delivery

CDN integration, caching headers, range requests, ETag/versioning, and cache invalidation strategy.

Security and compliance

Authentication/authorization, rate limits/quotas, signed URLs, encryption in transit/at rest, content validation, and PII/privacy considerations.

Reliability and consistency

Multipart uploads, checksums, retries/backoff, eventual consistency handling, disaster recovery/backups.

Scalability and cost

Throughput estimates, partitioning/sharding, lifecycle/tiering to optimize cost.

Observability and SLOs

Metrics, logs, traces, and alerts. Define SLOs.

Edge cases

Partial/failed uploads, duplicate files, hot objects, very large images, deletions/retention.

Also provide:

High-level architecture diagram description (textual).
Data models (metadata schemas).
Key trade-offs and alternatives.

System Design: Image Upload and Download Service

Context

Requirements

Specify the following:

APIs

Define REST endpoints for: single and multipart uploads; metadata retrieval; variant listing; deletes; and presigned URL flows (direct-to-storage PUT/GET).

Storage choices

Choose object vs. block/file storage. Define metadata schema, ID strategy, deduplication approach.

Processing pipeline

Asynchronous resizing/thumbnailing. Use queues and workers. Handle EXIF, antivirus scanning, idempotency, and retries.

Delivery

CDN integration, caching headers, range requests, ETag/versioning, and cache invalidation strategy.

Security and compliance

Authentication/authorization, rate limits/quotas, signed URLs, encryption in transit/at rest, content validation, and PII/privacy considerations.

Reliability and consistency

Multipart uploads, checksums, retries/backoff, eventual consistency handling, disaster recovery/backups.

Scalability and cost

Throughput estimates, partitioning/sharding, lifecycle/tiering to optimize cost.

Observability and SLOs

Metrics, logs, traces, and alerts. Define SLOs.

Edge cases

Partial/failed uploads, duplicate files, hot objects, very large images, deletions/retention.

Also provide:

High-level architecture diagram description (textual).
Data models (metadata schemas).
Key trade-offs and alternatives.

Design an image upload/download service

Quick Overview

System Design: Image Upload and Download Service

Context

Requirements

Solution

Comments (0)

Design an image upload/download service

Quick Overview

System Design: Image Upload and Download Service

Context

Requirements

Solution

Comments (0)