Summary

To review, the three different models discussed in this chapter were the shared responsibility model for infrastructure services, the shared responsibility model for container services, and the shared responsibility model for abstract services. It is clear to see that across these models, from infrastructure to abstract, the level of security responsibility shifted more toward AWS and away from the customer. This is down to the fact that AWS has more control over the level of management of services falling within the container and abstract models.

It is certainly worth understanding these models and being able to differentiate between them; this will serve you in good stead when you come to implement your security strategies across different solutions. You will have a clear understanding of where your responsibility ends and where AWS' starts. This will help to ensure that you do not leave any vulnerabilities across your AWS infrastructure within your accounts.

In the next chapter, we will be looking at access control within AWS and one of the key security services—AWS IAM. I will explain the core components of this service and show you how to create and configure IAM users, groups, roles, and multi-factor authentication.