You need to have a basic understanding of AWS services and IaaS, PaaS, and SaaS cloud service models. Having a good understanding of Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) will come into play as you learn about the nuances of the different models and how the responsibilities shift between the cloud provider (AWS in this case) and you, the customer.
You’ll begin this chapter with a breakdown of which sections of security you, the customer, and AWS, the cloud provider, are individually responsible for, depending on the type of service you are using on the platform.
The more customizable your service or platform, the more responsibilities you hold as the customer. The AWS service that you choose to use dictates your responsibility based on the amount of configuration that needs to be performed in the service tier.
Figure 1.2: A comparison of shared responsibility models
Figure 1.1 shows that infrastructure services, which are presented as an IaaS platform, including services such as EC2, hold many more customer responsibilities regarding security. The trade-off you receive for this more significant burden of responsibility is the flexibility and customization you are allowed in the layer. You can see that each of the different models is labeled directly underneath, and each of the models will be discussed in detail in the following pages.
The basis for what AWS is responsible for remains the same—that is, the hardware, AWS global infrastructure, and the AWS foundational services. This security foundation is what AWS refers to as Security in the Cloud and is described in detail below:
The customer is responsible for the Security of the Cloud, which varies based on the service you are working with. As you will see in the following sections, the more control and customization you get with the AWS service, the more responsibility you have.
Acedexam Training Policies
Learning resources
Other resources
Our Training Providers
