Copyright (c) 2025 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.

5.1.2. The AWS Shared Responsibility Model for AI

First Principle: AWS is responsible for the security OF the cloud, while the customer is responsible for security IN the cloud; for AI, this means AWS secures the AI services, and the customer secures how they use them.

This is a fundamental concept for all of AWS, applied specifically to AI.

  • AWS's Responsibility (Security OF the Cloud):
    • Infrastructure: Securing the physical data centers, servers, networking, and storage that run the AI services.
    • Managed Services: Patching and maintaining the host operating systems and virtualization layers for services like Amazon SageMaker, Bedrock, and Rekognition.
    • Service Integrity: Ensuring the AI services themselves function correctly and securely.
  • Customer's Responsibility (Security IN the Cloud):
    • Data: You are responsible for your data. This includes classifying it, using IAM to control access, and encrypting it at rest and in transit.
    • Models: You are responsible for your custom models, including their intellectual property, securing the model artifacts in S3, and managing their behavior.
    • Access Control: Configuring IAM roles and policies to grant least-privilege permissions to users and services.
    • Network Configuration: Setting up VPCs, security groups, and network ACLs to control traffic flow to and from your AI resources.
    • Code: Securing your own application code, training scripts, and inference scripts.
    • Responsible AI: The responsibility for ensuring your use of AI is fair, unbiased, and ethical always lies with you, the customer.

Scenario: A company uses Amazon Rekognition to analyze images stored in an S3 bucket. A security audit is performed.

Reflection Question: Who is responsible for ensuring the Rekognition service itself is patched against vulnerabilities (AWS), and who is responsible for ensuring that only authorized applications can call the Rekognition API or access the S3 bucket (the customer)?

šŸ’” Tip: If you can configure it, you are responsible for it. This includes your data, IAM permissions, and network settings.