Cloud · Flashcard

What is the AWS shared responsibility model?

  • AAWS secures the cloud infrastructure while you secure what you put in the cloud
  • BAWS secures everything including your data, so you never configure any security
  • CYou secure the physical data centers while AWS secures your applications and data
  • DA third-party auditor is fully responsible for securing both AWS and your workloads

Why this is the answer

AWS is responsible for security 'of' the cloud (hardware, facilities, managed services) and you are responsible for security 'in' the cloud (your data, IAM, OS patching, configuration). AWS does not secure your data for you, you never manage AWS's data centers, and auditors verify controls but don't own them.

Official docs
Study in Gnoseed →