Shared Responsibility Model
AWS runs a shared responsibility model:
-
Customer
- Customer Data
- Client side data encryption and integrity
-
AWS
- Platform and app management
- OS and network config
- AWS foundational services: compute, storage, databases, network
- Global infrastructure: regions, availability zones, edge locations
Who is Responsible
-
Amazon manages security of the cloud.
-
You manage security in the cloud.
-
You are responsible to update your instance. You are also responsible for the software you installed on your instances, patching the software etc
-
You are responsible for getting everything done right from an OS and application level.