15 minutes
Shared Responsiblity Model
It is a cloud security framework that defines the security obligation of the customer as compared to the Cloud Service Provider. Note that Shared Responsiblity Model may vary across different CSPs as well as the service offerings of an individual CSP.
Customers are responsible for Security IN the cloud while AWS is responsible for Security OF the cloud.
Responsiblities of a Customer
Customers are responsible for Security IN the cloud, and configuration of all the required services.
| Task | Item |
|---|---|
| Configuration of managed services and other 3rd party software | Platform/Application/IAM config |
| --- | --- |
| Configuration of Virtual Infrastructure and networking system | O.S./Network/Firewall |
| --- | --- |
| Security config of Data | Client-Side Data, Server-Side Data, Network Traffic Protection, Customer Data |
Responsiblities of AWS
AWS is responsible for Security OF the cloud, and making sure that services and hardware are physically secure and highly-available.
| Task | Item |
|---|---|
| Software | Compute, Storage, DB, Network |
| --- | --- |
| Hardware | Region, AZ, Edge Location and Physical Security |
Author note: Open this image in new tab if it is not visible
