Introduction
The AWS Shared Responsibility Model shows who is in charge of what when it comes to security in the cloud.
It's easy to forget - but critical to understand. Especially for:
- AWS certifications 🧠
- Interviews 🤝
- Actually securing your cloud ☁️🔐 So lets break it down with a real-life analogy and my trick to remember it forever.
What It Is
When you host something on AWS, security is a shared job:
- AWS is responsible for the security of the cloud
- You are responsible for the security in the cloud
My Analogy: An Apartment Building
Think of AWS as an apartment complex
| Who | Responsibility |
|---|---|
| AWS (Landlord) | Locks the front gate, maintains security cameras, keeps the building safe |
| You (Tenant) | Lock your apartment door, don't leave the stove on, decide who gets your Wi-Fi password |
Memory Trick
Saying out loud: "AWS secures the cloud. I secure what's IN the cloud"
Or if you're more of a visual learner:
AWS = hardware, networking, data center
You = data, access, app logic, configsMnemonic
- OF the Cloud = Operations & Facilities
- IN the Cloud = Instances & Networks
Real Examples
Here are some real examples to put into practice
| AWS Service | AWS Responsibility | Your Responsibility |
|---|---|---|
| EC2 | Physical Servers, Hypervisor | Patching OS, firewall settings |
| S3 | Infrastructure, Uptime | Bucket Policies, Encryption Settings |
| RDS | DB engine updates | SQL Injection protection, User Permissions |
Conclusion
You don't have to memorize every line of the AWS docs - just remember:
👉 AWS secures the cloud. You secure what’s in it.
Get that right, and you’re ahead of 80% of people trying to pass their cert or nail the “basic cloud security” interview question.
I’m sharing more bite-sized AWS concepts as I study for my Developer Associate cert — follow along and feel free to drop your own memory tricks in the comments!
