- Le plus récent
- Le plus de votes
- La plupart des commentaires
"host infrastructure" ... the infrastructure on which you are relying for the hosting of your services... includes servers, virtual machine environments, networking devices (both software-defined and hardware-defined), application gateways, firewalls, cloud hardware security modules, etc... basically... all the IaaS components you will be using.
Shared: It also includes (for example) operating systems on the networking equipment and hypervisors running on the hardware. The CSP often manages patches and updates to the VMs, firewalls, network devices, etc for you. You might apply various configurations on these and install various software on the servers. Such software can compromise the security of the system, so you have to do it responsibly. For network devices, you will configure public access to your VPC (for example), and it's your responsibility to make that this is done without making the infrastructure insecure e.g. leaving SQL Server ports accessible on a public EC2 instance. These applications that you install and expose to the internet can be exploited. For PaaS, if you look at S3, AWS will be ensuring that S3 infrastructure is secure (patched, and ensuring that the security features and encryption are working) but you might leave your bucket open to public access by incorrectly configuring things.
With all cloud service providers answering the question of who is responsible for what will depend on the specific service in question and whether it falls into the category of IaaS, PaaS, or SaaS. You can see that illustrated in the following diagram:
This diagram is excerpted from the following blog post which provides additional context: https://aws.amazon.com/blogs/industries/applying-the-aws-shared-responsibility-model-to-your-gxp-solution/
Hi - This should provide an in depth overview of Shared Responsibility Model https://aws.amazon.com/compliance/shared-responsibility-model/
Contenus pertinents
- demandé il y a un an
- demandé il y a 2 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 7 mois
- AWS OFFICIELA mis à jour il y a un an
Hi Nitin.
By the way, many thanks for the document link. It is a really good read: easy, clear, well-organized, and friendly formatting.