DEV Community

Alec Dutcher
Alec Dutcher

Posted on • Edited on

Section 2.1 - AWS Certified Cloud Practitioner Study Guide

This series is intended to be a personal study guide. Information may not be comprehensive or accurate. I am sharing it in case others find it useful. Please feel free to comment if any information is inaccurate.

Return to Exam Guide

2.1 Define the AWS Shared Responsibility Model

AWS Shared Responsibility Model

Image description

Recognize the elements of the shared responsibility model

  • Customer responsibility - security “in” the cloud
    • customer is responsible for securing their own cloud resources and data
  • AWS responsibility - security “of” the cloud
    • AWS is responsible for securing the supporting infrastructure
  • Inherited controls - customer fully inherits from AWS
  • Shared controls - AWS provides infrastructure, customers provide control implementation for services
  • Patch management
    • AWS - patching infrastructure
    • Customer - patching guest OS and apps
  • Configuration management
    • AWS - configures infrastructure devices
    • Customer - configures guest OS, databases, and apps
  • Awareness and training
    • AWS - trains its employees
    • Customers - trains their employees
  • Customer-specific - controls which are solely the responsibility of the customer

Describe the customer’s responsibility on AWS

  • Describe how the customer’s responsibilities may shift depending on the service used (for example with RDS, Lambda, or EC2)
  • Service determines the amount of configuration work a customer must do
  • IaaS such as EC2 requires the customer to perform all of the necessary security configuration and management tasks
    • management of guest operating system
    • security patches and updates
    • application software or utilities
    • configuration of firewall on each instance
  • Abstracted services such as storage customers
    • manage the data
    • classify assets
    • apply appropriate permissions

Describe AWS responsibilities

  • Configure, maintain, and secure physical devices and infrastructure

Return to Exam Guide

Top comments (0)