We had to develop a set of APIs, a game website with an admin panel, Twitch integration, and critical tournament game features like matchmaking, real-time chat, friend & party management, ranking, etc.
Plus, taking into account the cloud infrastructure of the game’s social aspect, we had to enhance its security to detect and prevent possible DDoS attacks, and at the same time, reduce infrastructure costs.
We have integrated AWS GameLift to manage match searching queues and how it shuffles the players and places them in the lobby before joining the game.
We have used API Gateway Websockets to develop a real-time chat system for players to communicate seamlessly during the game.
Developed how players interact within the platform, add each other to friends lists, send messages, follow, block, etc.
We have automated the rank and tier calculation based on the results of the matches by ELO methodology.
Made a roulette wheel that payers could spin and receive random discount % from purchasing a mouse.
Players could connect their Twitch account and stream the game in real-time.
We’ve designed and developed an admin panel to manage game season start, purchases, access keys, activations, and deactivations.
We’ve ensured that users and workloads follow the least-privilege principle and have access only to the actions they need so we could trace changes to the workload configurations.
With CIS AWS Foundations Benchmark and AWS Security Hub, we’ve set up constant cloud assessment and an overview of CloudTrail logging and its coverage, the status of enforcing password policies and permission boundaries, abandoned and misconfigured EC2 instances, and other workloads.
In addition, We’ve used AWS GuardDuty to detect any suspicious requests from blocklisted IPs. We’ve also enabled WAF (Web Application Firewall) to cut these requests as they show up thanks to a pre-defined set of rules with all known types of attacks like shuffle the players and placeXSS (cross-site scripting), SQL injections, etc.
Games like this cannot work correctly without APIs that help essential parts of the game communicate. With our help, Aim Gods got: