skip to Main Content


The customer is a small software company that specializes in the communication sector.
They focus on custom built applications for call traffic monitoring and their solutions are almost always deployed in the client’s on-site/cloud environments.
To make some specific capabilities more accessible and in order to move to a more on-demand pricing model they are exploring the use of HTTP API’s in some areas.
Instead of inline monitoring, these capabilities will provide auxiliary functions and will be easy to integrate into both their own future applications and those of other customers who will want to leverage the API’s directly.
Although some stakeholders are excited, others have raised concerns about security and specifically authentication mechanisms for service to service scenarios.
There’s also no clear vision on how to implement monetization and metering of usage.


  • Points: 20
  • Path: Cloud Engineer


  • Level: 2
  • Estimated time: 1-6 hours


  • A live AWS API Gateway deployment set-up based on the requirements

Prototype description:

As a first step the customer would like to see a working prototype with an authentication feature.
The team that will own the final project is familiar with AWS and manages some AWS infrastructure, such as their EC2 based R&D and Dev/Test environments.
They plan to design and deploy the future application infrastructure needed for the API’s in AWS and have a clear strategy around leveraging managed cloud services when possible.
For the above reason, the request is to deploy the first prototype by leveraging the AWS API Gateway service.


  • The prototype shall be deployed using the Amazon API Gateway solution.
  • The API DNS Name shall have the following structure:



  • The API shall be deployed in the closest proximity to the company’s current client base in Sydney, Australia. This in order to reduce latency as much as possible.
  • The API shall support authentication by using a key that is specified in the request header.
    API Key to configure as allowed access for the test:


    Request header that will be used in the test:

    x-api-key: "YpazbHRJmWuaWd7p5y2d"
  • A GET request with the above header and key to the following path:

    [API Gateway deployment path]/test

    should result in a 200 HTTP response code with an application/json response type with the following content:

    {"test" : "complete"}
  • Unauthenticated requests or those with the wrong API key to the above path should result in a response with a 403 HTTP code.

Your mission, if you choose to accept it,
is to create a prototype AWS Gateway deployment based on the requirements and share the URL with the customer.

Back To Top