What is the Shared Responsibility Model?
The Shared Responsibility Model represents the responsibilities that the customer has while using AWS, as well as the responsibilities that AWS has while providing it’s services.
What is AWS responsible for?
AWS is responsible for the security of the cloud. This means:
- Protecting infrastructure (hardware, software, facilities and networking) that run all AWS services;
What is the customer responsible for?
The customer is responsible of the security in the cloud. This means:
- For EC2 instances, the customer is responsible for management of the guest OS, firewall, network configuration and IAM;
- Encrypting application data.
What are both responsible for?
Both AWS and the customer are responsible for:
- Patch management;
- Configuration management;
- Awareness & Training of staff.
Note: For more detailed information, see AWS - Shared Responsibility Model.