Which task is the customers responsibility According to the AWS shared responsibility model

Posted on September 17, 2021 by Admin Leave a comment

Last Updated on September 17, 2021 by Admin

According to the AWS shared responsibility model, which task is the customer’s responsibility?

  • Maintaining the infrastructure needed to run AWS Lambda
  • Updating the operating system of Amazon DynamoDB instances
  • Maintaining Amazon S3 infrastructure
  • Updating the guest operating system on Amazon EC2 instances

0 0 votes

Article Rating

Subscribe

Login

Notify of

0 Comments

Inline Feedbacks

View all comments

« Auto Scaling requests are signed with a _________ signature calculated from the request and the user’s private key.

The following policy can be attached to an IAM group. It lets an IAM user in that group access a “home directory” in AWS S3 that matches their user name using the console. »

Which task is the customers responsibility According to the AWS shared responsibility model

The AWS shared responsibility model defines what you (as an AWS account holder/user) and AWS are responsible for when it comes to security and compliance.

Security and Compliance is a shared responsibility between AWS and the customer. This shared model can help relieve customer’s operational burdens as AWS operates, manages, and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates.

The customer assumes responsibility and management of the guest operating system (including updates and security patches), other associated application software as well as the configuration of the AWS provided security group firewall.

AWS are responsible for “Security of the Cloud” .

  • AWS is responsible for protecting the infrastructure that runs all the services offered in the AWS Cloud.
  • This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.

Customers are responsible for “Security in the Cloud”.

  • For EC2 this includes network level security (NACLs, security groups), operating system patches and updates, IAM user access management, and client and server-side data encryption.

The following diagram shows the split of responsibilities between AWS and the customer:

Which task is the customers responsibility According to the AWS shared responsibility model

Inherited Controls – Controls which a customer fully inherits from AWS.

  • Physical and Environmental controls.

Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in separate contexts or perspectives.

In the AWS shared security model, a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services.

Examples  of shared controls include:

  • Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.
  • Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.
  • Awareness & Training – AWS trains AWS employees, but a customer must train their own employees.

Customer Specific – Controls which are solely the responsibility of the customer based on the application they are deploying within AWS services. .

Examples of customer specific controls include:

  • Service and Communications Protection or Zone Security which may require a customer to route or zone data within specific security environments.

What is a customer responsibility under the AWS shared responsibility model when using AWS Lambda?

Shared responsibility Customers themselves are responsible for the security of their code, the storage and accessibility of sensitive data, and identity and access management (IAM) to the Lambda service and within their function.

Which of the following is an responsibility under the shared responsibility model?

Under this model, the customer is primarily responsible for firewall configuration and properly protecting their data (i.e. using encryption and access management).

Which one is responsible of customer AWS?

While AWS manages the security of the cloud, security in the cloud is the responsibility of the customer. Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks.