AWS Shared responsibility model - inherited controls

Hi, I hope you are well.

Inherited Controls: These are all of the controls the user inherits from AWS like the physical and environmental security controls used by Amazon.

Some of your controls are inherited from AWS, many of the controls are shared inheritance between you as a customer and AWS. Control responsibility is as follows:

• Shared Responsibility: You will provide security and configurations of your software components and AWS will provide security for its infrastructure.

• Customer-Only Responsibility: You are fully responsible for guest operating systems, deployed applications, and select networking resources (for example, firewalls). More specifically, you are solely responsible for configuring and managing your security in the cloud.

• AWS-Only Responsibility: AWS manages the cloud infrastructure, including the network, data storage, system resources, data centers, physical security, reliability, and supporting hardware and software. Applications built on top of the AWS system inherit the features and configurable options that AWS provides. AWS is solely responsible for configuring and managing security of the cloud.

For example, the AWS Artifact is an AWS service that helps you to understand the privacy-related controls that you inherit from AWS. (AWS Artifact provides access to AWS security and compliance reports, such as System and Organization Controls (SOC) reports and payment card)

Regards,

Hi,

thank you for the fast reply, i understand the meaning of inherited controls, but i don't get when it applies?

Is this like a default rule, applying to all services? When does the shared responsibilty model & when the inherited, customer specific?

Or do they all apply at the same time?

Sorry to be so annoying, but this is the only point i don't understand at the moment and it annoys me personally a lot because even after googling it i didn't understand it

Best regards, Dejan