How would you design a scalable file upload service?
Reported in TomTom European engineering loops. Design question around large files, durability, and secure uploads.
Interview scenario
Context for TomTom candidates:
Users upload profile images and large documents; service should handle spikes and resumable uploads.
Model answer
Try answering aloud first
Cover trade-offs, structure, and a concrete example before revealing the baseline response.
How to frame this at TomTom: Connect your answer to measurable impact, clarity of thought, and trade-offs the team cares about. Below is a strong baseline response you can adapt with your own project examples.
Use pre-signed object storage URLs so clients upload directly to blob storage, reducing API server load. The API issues upload sessions, validates metadata, and records file ownership and status.
Support multipart uploads for large files with chunk retries and checksum validation. After upload completion, trigger async processing (virus scan, thumbnail generation, format conversion) through an event queue.
Security controls include size/type validation, content scanning, short-lived signed URLs, and strict ACL mapping from user identity to object paths.
Discussion
Comments (0)
Share how this question came up in your loop, or add tips for others preparing.
Log in to comment on this question.