What are AWS’s Security Responsibilities, Anyway?
ACM.144 A deeper dive into the shared responsibility model
Part of my series on Automating Cybersecurity Metrics. The Code.
Free Content on Jobs in Cybersecurity | Sign up for the Email List
In my last post I covered how to potentially prevent CreateUser privilege abuse in an AWS environment.
There are some potential pitfalls that we’ll want to consider but first, I’m going to write up a post on how to figure out how AWS secures their side of the AWS Responsibility Model. We need to understand this when evaluating threats in our AWS account and what to do about them.
The AWS Shared Responsibility Model
When you work in a cloud environment, it is your responsibility to secure certain things and the cloud provider is responsible for securing some things on their side. I wrote about that here in more detail in my post What is Cloud: