Skip to main content

Prime Sentinel System

Prime strives to provide a proper fallback customer experience by showing relevant error content and proper navigation to continue shopping on Amazon, in the worst case error scenarios. We will settle for a proper and a relevant fallback CX as against a broken CX to give right context to the customer.

In order to ensure site availability, Prime has built monitoring strategies through AWS Canary tests that continuously check for health of the partner systems and keeps the availability status updated asynchronously. If partner is facing any issues, then Prime shows a graceful fallback page within Amazon system. This solution will help in graceful fallback handling on Prime end. Prime depends on partner to get data on availability of their functionalities.

Prime suggests to use following client authentication mechanism.

This endpoint will be behind AWS API Gateway and will require AWS SigV4 based authentication. Partner will allowlist Prime IAM ARN to ensure only Prime calls this endpoint. Prime will have to generate the SigV4 signature and pass it as request header while invoking partner availability check endpoint.

Sentinel System

HMAC

HTTP MAC Access is another mechanism for service/partner integrations. Since it is signature-based and the secret key never traverses the wire. Their implementation follows the original IETF draft with the following specifications:

  • HMAC-SHA256 must be used as the MAC algorithm.
  • Only the path segment of the URL is used when building the normalized request string.

Prime will be provided with three fields to store & use when making requests to the partner availability check endpoint:

* MAC Identifier - a string of the form sv:v1:<uuid>
* MAC Secret Key - an alphanumeric string representing the shared secret
* MAC Issue Timestamp - timestamp that the MAC token was generated in epoch seconds

All three fields are used when calculating the request signature (full details of the signing algorithm can be found in the IETF specification); however, the MAC identifier is the only value that is actually transmitted as part of the HTTP Authorization header. (As a signature-based implementation, both sides have requisite information to calculate/validate the same request signature, so there is no need for the shared secret to be included in the request.)

Prime will store partner secret key in AWS KMS which will be used to generate HMAC signature sent as part of request header while invoking partner availability endpoint.