DEV Community

Cover image for What is Security and the AWS Shared Responsibility Model
Manohar Vishwakarma
Manohar Vishwakarma

Posted on

What is Security and the AWS Shared Responsibility Model

When you work with the AWS Cloud, managing security and compliance is a shared responsibility between AWS and you. To depict this shared responsibility, AWS created the shared responsibility model. The distinction of responsibility is commonly referred to as security of the cloud as compared to security in the cloud.

Image description

Security and compliance are a shared responsibility between AWS and you.

AWS responsibility

AWS is responsible for security of the cloud. This means that AWS protects and secures the infrastructure that runs the services offered in the AWS Cloud. AWS is responsible for the following

-Protecting and securing AWS Regions, Availability Zones, and data centers, down to the physical security of the buildings

-Managing the hardware, software, and networking components that run AWS services, such as the physical servers, host operating systems, virtualization layers, and AWS networking components

The level of responsibility that AWS has depends on the service. AWS classifies services into two categories.

Image description

Customer responsibility

Customers are responsible for security in the cloud. When using any AWS service, the customer is responsible for properly configuring the service and their applications, in addition to ensuring that their data is secure.

Image description

Due to the varying levels of effort, customers must consider which AWS services they use and review the level of responsibility required to secure each service. They must also review how the AWS shared responsibility model aligns with the security standards in their IT environment in addition to any applicable laws and regulations.

A key concept is that customers maintain complete control of their data and are responsible for managing the security related to their content.

  • Choosing a Region for AWS resources in accordance with data sovereignty regulations

  • Implementing data-protection mechanisms, such as encryption and scheduled backups

  • Using access control to limit who can access your data and AWS resources

I hope you will enjoy!

Top comments (0)