Shared Responsibility Model Flashcards
Shared Responsibility Model - AWS Responsibility
- Security of the cloud
- Infrastructure (HW, SW, Facilities, and networking)
- Managed services (S3, DynamoDB, RDS, etc.)
Share Responsibility Model - Customer Responsibility
- Security in the Cloud
- Management of the guest OS, firewall, network config, IAM
- Data encryption
Shared Responsibility Model - Shared Controls
- Patch Management
- Config Management
- Awareness and training
Shared Responsibility Model - RDS
** AWS **
* Manage underlying EC2 instance, disable SSH access
* Automated DB & OS patching
* Audit underlying instance and disk
You
* Check ports, IP, security group inbound rules in DB’s Security group
* In-database user creation and permissions
* Creating a database with or without public access
* Data encryption
Shared Responsibility Model - S3
AWS
* Guarantee unlimited storage
* Guarantee encryption
* Ensure separation of data between different customers
* Ensure AWS employees can’t access your data
You
* Bucket configuration
* Bucket policy/public setting
* IAM user and roles
* Enabling encryption