When it comes to security in the AWS cloud☁️, the responsibilities are shared between the customer and AWS itself. But who handles what?
Customers are responsible for security within the cloud - including the services and data they put in AWS. Customers manage security for:
- Platforms, applications, and identity/access management
- Operating systems, network and firewall configurations
- Encrypting and protecting data integrity on the client side
AWS is responsible for the security of the cloud itself. AWS handles security for:
- Server-side encryption to protect data at rest 💾
- Network protection like encryption and identity management 🔐
- Global infrastructure including regions, availability zones and edge locations 🌎
AWS provides core cloud computing services including compute power, storage, databases, networking. But how customers use these services is up to them. Customers control their guest OS, platforms, and apps.
So AWS provides 🛡️ tools and best practices for security, but customers must configure them properly. Customers can enable firewalls, DDoS protection, data encryption and more.