AWS Shared Responsibility Model
The AWS Shared Responsibility Model defines the shared security and compliance responsibilities between AWS and its customers. The model helps ensure that AWS customers have the visibility and control they need to maintain the security and compliance of their workloads running in the AWS Cloud.
AWS Shared Responsibility Model Components
The AWS Shared Responsibility Model has three main components:
- AWS is responsible for the security of the cloud
- Customers are responsible for the security in the cloud
- AWS and customers are jointly responsible for the shared responsibility areas
AWS Responsibilities
AWS is responsible for protecting the infrastructure that supports the AWS Cloud. This includes providing:
- A secure physical infrastructure
- Secure software and services
- Tools and resources to help customers secure their workloads
Customer Responsibilities
Customers are responsible for protecting their data, applications, and other assets running in the AWS Cloud. This includes:
- Configuring security settings for their AWS resources
- Managing and patching their operating systems and applications
- Implementing security best practices
Shared Responsibility Areas
AWS and customers are jointly responsible for the following areas:
- Identity and access management
- Network security
- Logging and monitoring
- Security incident response