DEV Community

Cover image for Who is responsible for the security of the AWS cloud infrastructure?
Anurag Vishwakarma
Anurag Vishwakarma

Posted on

Who is responsible for the security of the AWS cloud infrastructure?

When it comes to security in the AWS cloud☁️, the responsibilities are shared between the customer and AWS itself. But who handles what?

AWS Shared Resposibility Model

Customers Security Within 🚪

Customers are responsible for security within the cloud - including the services and data they put in AWS. Customers manage security for:

  • Platforms, applications, and identity/access management
  • Operating systems, network and firewall configurations
  • Encrypting and protecting data integrity on the client side

AWS Safeguards the Cloud Itself 🌩️

AWS is responsible for the security of the cloud itself. AWS handles security for:

  • Server-side encryption to protect data at rest 💾
  • Network protection like encryption and identity management 🔐
  • Global infrastructure including regions, availability zones and edge locations 🌎

Security is Better Together 🤝

AWS provides core cloud computing services including compute power, storage, databases, networking. But how customers use these services is up to them. Customers control their guest OS, platforms, and apps.

So AWS provides 🛡️ tools and best practices for security, but customers must configure them properly. Customers can enable firewalls, DDoS protection, data encryption and more.

Top comments (0)