In a traditional data center, an enterprise exercises total control over its facility and assumes full responsibility for infrastructure security and operation. But with the public cloud, that all changes, and now, many users need to grow accustomed to the AWS shared responsibility model.
Public cloud adopters can shed the expense and management burden of traditional IT infrastructure in favor of on-demand, pay-as-you-go services. But they also surrender control and insight into that infrastructure and must trust the provider to ensure availability and security.
While AWS says it can provide secure cloud infrastructure, it cannot guarantee the security of workloads in the cloud. It's a subtle but profound distinction that delineates the separation between providers and users. When you migrate workloads and data to the cloud, it doesn't absolve you of regulatory compliance and corporate governance obligations. The provider can deliver tools and technologies necessary to protect an environment, but it's up to users to implement them to secure workloads and data.
Thus, AWS and its users share security responsibilities. See how much you know about the AWS shared responsibility model and your cloud accountability with this brief quiz.