06-01 Shared Responsibility Model
The Shared Responsibility Model is a cloud security framework that defines the
security obligations of the customer versa the Cloud Service Provider (CSP) e.g. AWS.
Each CSP has their own variant of the Shared Responsibility Model but they are all generally the same.
# AWS Shared Responsibility Model
# Customer
| Customer Responsibility for security 'in' the cloud. | Customer Data | |||
| Platform, Applications, IAM | ||||
| OS, Network & Firewall Config. | ||||
| Client-side Data Encryption & Data Integrity Authentication | Server-side Encryption | Network Traffic Protection | ||
| AWS Responsibility for security 'of' the cloud. | Software | |||
| Compute | Storage | Database | Networking | |
| Hardware/AWS Global Infr. | ||||
| Hardware | Availability Zone | Edge Locations | ||
The type of cloud deployment model and/or the scope of cloud service category
can result in specialized Shared Responsibility Models.
# tl;dr
- You are responsible for security in the cloud
- AWS is responsible for security of the cloud