AWS shared responsibility model

2 min readApr 26, 2022

As they say, the AWS is responsible for the “security of the cloud” and the AWS customer is responsible for the “security in the cloud”.

The responsibility of handling the security of AWS is divided between AWS and AWS customers.

What is the amazon shared responsibility model?

The responsibility of security resources is divided between the customer and the AWS to maintain the cloud infrastructure better.

The shared responsibility model also applies to IT controls that are in use.

These are security controls inherited from AWS. Ex: Physical and Environmental Security Controls used by Amazon.

These are controls shared between the AWS and AWS customers. Example: Identity and Access Management (IAM)AWS responsibility: The IAM service must be secured, meet regulatory compliance and function as intended. AWS Customer Responsibility: The IAM policies should be well crafted by the customer.

Based on the services selected by the customer, specific security controls are assigned. Example: When you apply specific patches to one of your OS systems on an EC2 instance.

Host operating system.
Virtualization layer down to the security of the facilities in which the services operate.
Security of the cloud.
Infrastructure required.
Hardware and software are required to power the AWS service, networking and facilities used.
Client Responsibilities: (security in the cloud).
Customer data.
Platform, Application, IAM.
Guest Operating system.
Network and Firewall Configuration.
Client and Server-side encryption.
Networking Traffic protection (Encryption, Identity and integrity).