Question #1254
Which task is the customer's responsibility, according to the AWS shared responsibility model?
Configure security group rules for an Amazon EC2 instance.
Manage the physical security of AWS data centers.
Maintain the underlying hypervisor for AWS services.
Ensure the physical integrity of AWS hardware.
Explanation
In the AWS shared responsibility model, AWS manages the security of the cloud (e.g., physical infrastructure, hardware, hypervisor), while customers handle security in the cloud.
- A (Correct): Configuring security group rules for EC2 instances is the customer's responsibility. Security groups act as virtual firewalls, and customers must define inbound/outbound rules to control traffic.
- B, D (Incorrect): Physical security of data centers and hardware integrity are AWS's responsibilities.
- C (Incorrect): AWS maintains the hypervisor underlying services like EC2. Customers do not interact with it.
Key Takeaway: Customers manage application-level configurations (e.g., security groups, IAM policies), while AWS handles global infrastructure and foundational services.
Answer
The correct answer is: A