The Shared Responsibility Model governs how operations (which security is a part of) work in the cloud. In this live stream, we explore the realities of the model and how to verify AWS is fulfilling their responsibilities.
Reasonably Accurate 馃馃 Transcript
Morning, everybody. How you doing today? A different camera today because this one doesn鈥檛 seem to want to respond. I鈥檓 going to see if we can fix that real quick and troubleshooting on the fly always a fun thing and hopefully that will do it. If not, we are looking directly into the webcam which gives us some reasonable feed.
That鈥檚 fine. It鈥檚 no big deal as we are live here on LinkedIn. We have the comments set up and I don鈥檛 know why I always point to my screen but I do with the common set up on LinkedIn. So if you have any questions as we鈥檙e going on a monitor.
Please, let me know and we will take them on the fly at ATS a really important part of the process. We鈥檝e done three of these already where we鈥檝e covered just a gentle kick-off like hey, that鈥檚 what we鈥檙e going to do this year a leading up to reinvent and we鈥檝e also had a one on the heat to be slammed though.
We didn鈥檛 intro on YouTube that was kind of cool and we worked on some basic coding talked about land at work. And then set up a trigger from S3 where you dropped a violin and then you would see output in in the logs, which was awesome then two days ago on Monday.
We did a to b a c a l. I we introduced the concept of the sea Eliza mirror of the API great way to start kind of easing your way into a AWS and we did some basic stuff like we upload a file using a the CLI and we also did some translation translation.
I also classic floppy floppy disks for coasters the translation by the CLI. What do they was pretty cool. So today we are going to tackle the shared-responsibility model. And as I said the comments already that is way more interesting than it sounds and because everyone just shared responsibility model.
Here we go. How we going to deal with this? Let鈥檚 let鈥檚 start by actually walking through with AWS considers to be the shared-responsibility model. Then I鈥檒l give you my take on it to simplify things and to make it stuff easier and thanks for jumping on the livestream everybody appreciate it.
If you have any questions, please by all means jump in totally comfortable to fly. The idea of this is casual. There鈥檚 so much stuff going on leading up to reinvent that I wanted to help you guys out. I wanted to sort of get a better idea for myself even of what鈥檚 going on.
I鈥檓 kind of help bridge some of the gaps in the cloud. So am I did put a link right off the bat Sam. I just updated my website finally went through and cleaned some stuff up, but I have a page up for me and that is where I鈥檓 collecting all things reinvent.
And then you can see here. We鈥檝e got a countdown timer click through to the ultimate guide that I鈥檝e been writing a Four Eyes Upon a cloud Guru blog and but it is the sort of The Ultimate Guide to the show and we can see what鈥檚 going on as far as activities during the show themselves and but more importantly at is keeping track of the live streams so you can see here.
We鈥檝e got out of the replace from the previous ones as well as what鈥檚 up next for doing this one right now, but if you click on to the replay, you鈥檒l see the embed from YouTube which is great and then also actually translated or transcribed for the machine so lots of mistakes in there but some interesting stuff none the less.
So let鈥檚 go and Andrew has already hit it on that timer is not powered Bailando. That is good old school JavaScript really simple and the whole websites. It鈥檚 an S3 though, and we鈥檙e going to talk about that on the next step. Where to talk about past 3 I think in general, but Andrew is already hit it out of the out of the park at the shared-responsibility ability model from AWS is ugly.
It鈥檚 worse than ugly Andrew. It is counterproductive. It鈥檚 too complicated a tries to get across a very simple concept but it has done. So by having a generous helping of either engineering or marketing. I鈥檓 not quite sure which one or maybe they鈥檙e both fighting and this is generally been there their way of presenting the shared-responsibility model how you鈥檙e going to see this in the AWS documentation.
I鈥檒l show you their actual date of your site for shared responsibility middle of the two key points and let me move myself over to the other side so you can see here the two critical points. This does get across is the concept of security of the cloud Security in the cloud now, That鈥檚 good.
I鈥檓 going to highlight that that鈥檚 a good thing. That鈥檚 what I like about this diagram. I don鈥檛 like anything else about it. And the reason being is it鈥檚 only talking about security. The shared-responsibility model is more than just security but also the ad is just too many things going on here and doesn鈥檛 get across the core concept.
That is absolutely critical when we are talking about this about this concept in this is the shared-responsibility model is how everything works in the AWS Cloud. So let鈥檚 I shall leave myself over here. Let me a flip over and show you how AWS presents that model so they have a page and compliance / shared-responsibility model and if you scroll down you鈥檙e going to get the whole blurb about security compliance is a shared responsibility between 8 lbs in the customer hundred percent correct operations is also a shared responsibility and it works on this model and I don鈥檛 like You guys have followed me for any like the time you know that I really have a challenge in the way that security is always put off to the side you like.
Oh, here鈥檚 all this stuff in their security as well. It鈥檚 a fundamental integrated part. There鈥檚 no separation security at just one aspect of building. Well and for me, it comes down to my definition the goal of cybersecurity to make sure whatever you鈥檝e built that works as intended and only as intended.
It鈥檚 just something that I think we need to hammer home time and time again. So while this model is presented in the concept of security, it really applies to everything and they鈥檝e got the big giant diagram here at talking about security of the cloud vs Security in the cloud and this was stemmed from very early days in AWS.
They had a huge amount of pushback from customer is saying the services are not secure. I have nothing could have been further from the truth at that time. Let alone today it鈥檒l be us has proven themselves time and time again to be world-class as far as operations organizations Go including security.
I鈥檓 so this concept of security of the cloud. What鈥檚 the rate of US build into this Cloud offerings? What AWS does themselves for security and Security in the cloud. That鈥檚 what you was a customer need to do. You need to build Security in the cloud and which is a really really important at thing.
So Andrew just dropped a great Link in the in the comments here definitely check that out. He鈥檚 got the very simplified model of the shared-responsibility model and I love it and highlighting the and let me actually pull that up for you guys. Cuz I think it鈥檚 definitely worth calling out on the stream itself scuse my messaging I always hate that with the with LinkedIn there we going what鈥檚 course we can鈥檛 do that.
So now you see his very very simple diagram of and in love it simple the link is there. Check it out. Now. Let鈥檚 put that a big like right now pull that off the screen to make sure and so security of the cloud Security in the cloud getting great concept fine.
You keep scrolling down and they鈥檝e got a whole bunch of details on how they actually implement this. I got no problem with any of it since it鈥檚 it IT addresses the core issues. And then that鈥檚 the end of it. I think they sort of don鈥檛 put enough emphasis on this because of this model is absolutely critical to understanding everything that you do in the cloud.
So let me show you how I present the model. This is the diagram I use Okay, I use this one time and time again I have for years. It is changed very very little because I think it鈥檚 score. It鈥檚 it鈥檚 a fundamental principle is shared responsibility for security for operations for everything.
You鈥檙e doing normally just say this how the cloud works and then to find hey Securities not off on its own security is an absolutely critical part of everything that we鈥檙e doing. So we start on the left hand side of your screen with on premises and the way we introduces the saying there鈥檚 basically six areas.
Where you have to do something every day? Okay. Something has to be arson to that. It was let me reset. I was jumping ahead of myself. There are six areas where 6.76 areas where something has to be done basically day today. If not hourly to keep things working to keep the lights on to keep things safe and secure and we start with physical moving up the infrastructure virtualization OS apps and data if you think in a traditional environment at you need to make sure that the building is physically there is it safe is it secure is it, you know in an earthquake zone like there are considerations around physical for infrastructure or do you have redundant Heating and Cooling? Do you have redundant up links to the internet? Are you on a solid set of routing, you know, is that kind of infrastructure in place virtualization? Obviously, can you abstract away physical? Resources to make their consumption more efficient using virtual machines virtual istorage software-defined networking.
Then you get into the stuff that a lot more people are comfortable with operating systems. Are you packing them? Are you maintaining them? Are you configured incorrectly Target hardening them your apps that you either you鈥檙e installing off the shelf for your building yourself and then data and data is always your responsibility across all of these a different verticals.
So you got on promises and most people understand it, right and which is great and even in there the way you can sort of understand and yeah Brian, thank you. I think we all agree that you know, shared-responsibility model absolutely needs to be understood. The challenge is getting their rights of the way.
I was a reason why I start with on-premise is because people are used to collaborating whether they know it or not. So the way to break this down is going in your in your organization is today special for larger Enterprises. No one team is responsible for all this stuff.
You have a data center team that鈥檚 responsible for Police on the Davis Center for making sure the building is okay to make sure there鈥檚 enough Rackspace you鈥檝e got teams who are worried about the networking who are worried about the virtualization. They are you probably have a standard or a couple of standard OS teams, right? So this is something that you鈥檙e used to worrying about are used to delegating and working as a team and collaborating it.
So how does that shift when we move into the cloud on the cloud? We have three primary delivery models and traditionally, I asked a simple structures and service platform-as-a-service software-as-a-service and the complaints demonator vs started shifting their language a little while ago where a couple years back when they talk about infrastructure Services container services as before containers get super popular and but the service is that contain something and then abstract level services.
So hopefully they鈥檒l change that middle tier to some other name, but I think it was those are generally understood essentially. What happens is right off the bat when you move into the cloud at with an infrastructure level service you. Navigate half of your responsibilities are your teams responsibilities to the cloud provider? So you never know about the lease is on AWS data centers, right? You don鈥檛 even know specifically where the data centers.
Are you have his idea of availability zones within regions. You鈥檙e not worried about redundant up links. You鈥檙e not worried about Heating and Cooling same with the abstraction. Now that I primarily nitro with in AWS fantastic set of service at the they鈥檝e developed and deployed. They talk about it. Every once in awhile on Monday or Tuesday Night Live at James.
Hamilton is given a few phenomenal talks at reinvent. I Peter DeSantis have given some fantastic talks at reinvent for me wrs at sort of peeling back the covers and saying this is how we manage this aspect of the shared-responsibility model and they鈥檝e done some really amazing things make it was last year James Hamilton did like 10 minutes on how they figure out fiber multiplexing bandwidth within their cables, which is it absurd thing to think of but if their scale Made a ton of sense and put that CID is right off the bat.
If you were just standing up an instance in ec2 half of the daily responsibilities are pushed off to somebody else. That鈥檚 the deal you鈥檙e making with your cloud provider. Now, it鈥檚 different than a traditional Outsourcing Outsourcing tends to suck. It鈥檚 always sucked because there鈥檚 a service layer in between that doesn鈥檛 work nearly as well.
The AWS service layer is an API you it鈥檚 consistent. It may not always be accurate but it鈥檚 consistently inaccurate when it is not accurate, but that鈥檚 that鈥檚 the deal you make it right? So when you spit up and listen to ec2 you are responsible for the operating system for the app you install and then the day to you put in it.
So if you want to then configure your OS to be a the password for the route for the main user to be password you can do it. It鈥檚 a stupid thing to do. I do not recommend. It pro tip is don鈥檛 do that. But if you wanted to you can cuz it鈥檚 your responsibility, right and that鈥檚 how the shared responsibility.
Did you need to understand your sort of cut off in the layer of where you where you take over if you move into container level Services, you鈥檙e responsible for the app that you put on top of them and then the date and then if you go all the way over to abstract services, are you responsible for the data you put in so if you think of something like ask 3 you鈥檙e responsible to see whether or not the data you put in your comfortable with the security controls in place and that brings us to service configuration right for service configuration.
You are always responsible for configuring the options in the knobs in the levers that are presented you so when it comes to ask 3 a.m. You are you making the access control proper? Are you turning everything to public cuz you probably shouldn鈥檛 be doing that unless you have a very specific intention of making that happen.
Right and this comes to you know to Augustus, took data should always be treated as it is super value on absolutely. Everything else is replaceable. Your data is the one critical thing that you need to protect you. No notice in the shared responsibility. Model you are responsible for your data all the time at you are also responsible for service configuration all of the time.
So if we take something like AWS Lambda, in fact with flip over the Lambda console and so when we going to Lambda and if this is I鈥檓 looking at a specific sample, we made this actually in the first one. I am responsible for the data, which is this code you see on the screen.
This is the date of that I put into the service is this data appropriate? Yes. This is just a centrally reading an incoming event and making a decision based on that event. But I鈥檓 also responsible for the service configuration. So there鈥檚 the option to create environmental variables. Well, these are readable not just buy my function but anyone who has access to this account, so I shouldn鈥檛 be putting secret information in here unless I鈥檝e encrypted it right and there are other ways to do that in a different manner.
I鈥檓 also responsible for the role that I鈥檓 using. So am I giving this Lambda function the appropriate permissions, this is all Under service configuration same within my placing this function into a VPC or not. Am I putting in a virtual private Cloud? I need to decide these things because they鈥檙e firmly in my area of the shared-responsibility model.
They are not in Aid of your asses. What AWS is handling for us here in Lambda. If we flip back to the model is the application that runs Lambda there鈥檚 a whole host of containers that fire up to execute your function and then shut down and the operating system that those containers are running on and the OS in those containers.
That鈥檚 all I ask of you is his responsibility same with the Nitro layer for virtualization the infrastructure the physical that鈥檚 not my problem. And the beauty of this is that I get to run my code that you see here for you no $0.20 for every million executions, but I am responsible for that coat.
That鈥檚 the date. I put into the service and I鈥檓 responsible for the service configuration. So have I made the right choices with run time have I made Right choices with my environmental variables with tagging with using the permissions in the rolls. So that鈥檚 roughly how the shared-responsibility model works.
Now if any of you are pure security folk with your tinfoil hats on you鈥檙e probably going we鈥檒l wait a minute. I don鈥檛 just blindly trust in that is absolutely 100% true. You need to verify that all of these great out areas here. The AWS is responsible for that. They鈥檙e actually doing what they said they鈥檙e going to do cuz this model there is an implicit trust right you trust that when you spin up an ec2 instance, you will have a virtualization covered infrastructure covered and physical covered and I鈥檓 just checking is Andrew made a great, here.
I should snack on that code absolutely but it鈥檚 Nick find the problem with for nested if statements. I need to hang up my coat and hat but yes Nixa phenomenal reference service really great. If you haven鈥檛 checked them out you absolutely should. Great way to verify open source vulnerabilities in your Downstream dependencies in a really really smooth manner in your pipeline a snake.
IO, I think it鈥檚 a website being Google LinkedIn too for their team great tool. But yeah, if I if this level of code requires in-depth testing and then I鈥檓 I鈥檓 in trouble and and also I put some if so, I made sure I did. Okay. I have been back to the challenge at hand here is that you need to make sure the AWS is holding up their end of the bargain.
If 8 is not holding up their end of the bargain this whole thing falls down Pro tip their 100% holding up their end of the bargain cuz if they did they would be making so much money people would be leaving them in droves, but there is a service that we are going to dive into today and we鈥檝e got probably about 10 minutes left and I don鈥檛 think we鈥檙e going to take that whole time but this is one of my all-time favorite services.
So if we go back into our account here and is there a demo count so we鈥檒l see we鈥檝e never actually use this. We are going to pull up AWS artifact. Most people have never heard of this service. And which is a shame cuz like I said, it鈥檚 my absolute favorite.
So we click on artifact. This is the extent of the service will see there is agreements and reports. They鈥檝e actually added agreements which is nice and I鈥檓 so you have the account agreements around Australia鈥檚 and notifiable data breach and the business associate Amendment at for hip hop in the states.
And then my Japanese is not as slick as it should be at but this is the Japanese Privacy Law Amendment. I鈥檓 or agreement for being a service provider. So if you need copies of that that鈥檚 their butt artifact is the way that you was the user verify that a w I was doing what they say.
They鈥檙e doing and the reason being is that artifact provide you with the AWS side of the report. That hand yeah address is coming that he knows a bunch of people or ahold Pro shirts and they don鈥檛 know about artifact hundred percent get it. It鈥檚 a ridiculous service when you think of it is literally a list of buttons, but it鈥檚 absolutely critical because if we scroll down here to get to something more reasonable, so this is a good one time if we look at the cloud computing compliance controls catalog or C5 and this was developed by Germany in a national security Authority and it basically says any cloud provider needs to adhere to these controls.
What if we click the blue get this artifact button what鈥檚 going to happen is that we have to accept a non-disclosure agreement. Now I have actually read this. I鈥檓 just scrolling through for the impact here. I just cuz I鈥檓 not going to walk you guys through it, but I am a nerd like that.
I have read this agreement before I cannot blindly accepting it. But as soon as you accept it at what ends up happening is you see down here we got this nice little PDF. I鈥檓 in let me make sure I open it in something safe. What鈥檚 going to happen is due preview is open this up.
Perfect. Okay, so I鈥檓 going to switch over my screen for a second. This might be a little disorienting and it should be this is an example of what you鈥檙e going to get from artifact. If you go down and scroll you鈥檙e going to see that鈥檚 just the non-disclosure to make sure that I get my artifact.
If you eventually get this to work what鈥檚 going to happen? Yes, you will get open finder. I want to see if I actually get the artifact what you should be getting and I got the disclosure agreement again. All right, there鈥檚 a little challenge here. I will dig into that afterwards.
But the point is what you end up getting is 8 of your asses side of a various. I鈥檓 report and that鈥檚 a great question answers ask me. How many licks does it get take to get into the artifact. I apparently don鈥檛 know cuz I can鈥檛 seem to do it.
But if you keep scrolling down you鈥檒l see there鈥檚 two things like the W-9 the government of Canada partner package. We made the list and ISO certification. These ones are where people are more familiar with so if you look at them, we鈥檙e just going to flip helps if I go back to Chrome here.
So for back in the AWS, that鈥檚 what I was talking about. Just keep scrolling down and let鈥檚 just see the iso 27001 statements which are great. But if you come back to the 8th of u.s. Compliance website and you go to compliance programs what you鈥檙e going to see here is logo soup.
K logo soup Andrews is playing on I have to open up an Adobe PDF which is ridiculous, but it could point. So if you go through here, you鈥檒l see all the logos that they have attestations for and you got like sock level one level 3 PCI DSS all that kind of stuff what you鈥檙e going to get is a matching document in artifact and that will tell you what is going on with all of the it鈥檚 situated all of the various items.
So while we鈥檙e talking here, I鈥檓 actually going to install Dobies good old acrobat cuz I鈥檝e got the Creative Suite unfortunately and that鈥檚 going to let us open the if these of these is a document but basically what I鈥檓 telling you here is it for each one of these there鈥檚 almost always a matching document on artifact and that鈥檚 going to give you the details of how AWS fulfills their side of the shared-responsibility model.
Now another way to do this or another way to check in a non-official ways. If you go to the AWS whitepapers and what you鈥檙e going to see is under security. There is a number of documents, especially in the AWS. Well architected framework that overview how AWS is covering off various security responsibilities.
So they鈥檝e got best practices for detox resiliency and which explains what they鈥檙e doing on the deed outside and then let me just see if my other PDF reader is going to open up this guy. I鈥檒l see you in a sec. I鈥檓 so the you鈥檝e got these various white papers in here.
And there鈥檚 a really good one on security add that I will have to figure out the actual I鈥檓 Ops resilience and something like there鈥檚 a security overview of Lambda. There鈥檚 a generic version of this and for various Security Services, but this tells you so you can see right here shared-responsibility model is one of the core aspects that are horrible diagram again, but this document walkthrough what AWS is doing to fulfill their side of the shared-responsibility model until you have the lamp to run time works.
It tells you where your responsibilities start and there鈥檚 a overall document that cover security for this an operations for a very services and as well as the specific one sitting in artifact. So good old creative Cloud鈥檚 taking forever to install a acrobat by a man has given us some great info in the comments here that if you鈥檙e using the official Acrobat PDF opener and it will get you past the non-disclosure agreement.
You鈥檒l actually be able to open up the artifacts themselves, maybe post a screenshot or something like that. But you guys get the point when it comes to the shared-responsibility model these areas Below in the gray AWS is responsible for you need to make sure that you understand where that line is.
Right? If you don鈥檛 know where that line is you鈥檙e in trouble operationally end from a security perspective and that鈥檚 absolutely critical. So if you are running an instance in ec2, you are responsible from the OS which means like this week or Microsoft release to critical patches, you need to apply them to your window systems or not.
You鈥檙e going to happen automatically, where is if you were running in a pass level service or something like RDS and for SQL Server that鈥檚 running on Windows 8 lbs takes care of that patching. You have to worry about that cuz they鈥檙e patching the OS you have to worry about the AV app in the data on top of it.
Right? And if you move all the way over to the data side, you need to like me song. Amanda is my code. Okay, am I putting it in there? You know, I had an Andrew suggested great one, you know, if you鈥檙e not sure about the quality that day that you can run something like snake against your code.
If you鈥檙e an S3. The question is is this is top-secret information in my comfortable with that and then as always always always always always you鈥檙e responsible for service configuration and you need to understand that AWS provides a bunch of great lovers and knobs and things like that for you to have take advantage of so at you need to get there and then actually brings us to a whole service area the security identity and compliance.
Are you hear that you see on screen these guys their tools the AWS has provided or services are features that a TBS provides to help you fulfill your aspect of the shared-responsibility model. That鈥檚 the goal of these things. They don鈥檛 automatically do security for you. They help you fulfill your responsibilities and security vendor.
So I work for a Trend Micro. We鈥檙e on advanced technology partner from a TBI. I鈥檝e been forever. I鈥檓 all the security Partners. You see any in the APN in the Amazon partner or any of his partner Network. We鈥檙e all trying to help you fulfill your aspect of the shared-responsibility model same with these sets of services.
So if you look at like Secrets manager Secrets manager is trying to help you manage secrets so that when you can figure things like a Lambda function, you don鈥檛 need to put the secret in the code, right? You don鈥檛 need to put the secret in the data. You can have it in an area where you鈥檙e more comfortable same with inspector is looking at your instances to make sure your os鈥檚 are up-to-date your apps are up to date and not vulnerable to something these entire Suite of services are trying to help you fulfill your area of this shared-responsibility model, but I far prefer I do not like presenting it like this.
I like Andrews version of this. Diagram if you want to go out of the cloud in the cloud, but I think if you鈥檙e talking about it with teams, if you鈥檙e trying to understand yourself, I think this is far simpler. I think it is very much straightforward. And this is what you should be at.
Tattoo wrap your head around nowhere. This line is for infrastructure OSN up platformer container a pin-up Sasser abstract stuff data and up so data and service configuration absolutely critical that you understand this not just for security, but for operations as well with that we鈥檝e hit at 10:30. We鈥檙e going to call it on this stream the link I dropped the star the start that鈥檚 where I鈥檓 tracking all of this stuff right all the way up Google LinkedIn on the updated site.
So you鈥檒l see it on the all things reinvent page tracking existing stream. So I鈥檒l put this one up there and then the next dream might be this week or next week. I鈥檒l look at my schedule. I鈥檓 trying to get a little ahead. So you guys have a better idea instead of just randomly get those LinkedIn notifications I have but as far as topics go fire them off in the comments here on LinkedIn if you鈥檙e watching this in the replay on YouTube in the description below and because of building I don鈥檛 I want to know what makes sense for you guys and what I鈥檓 thinking for the next time is a deeper dive in Amazon S3 supposed to Clear and configuration.
I am an understanding your part of the shared-responsibility model, which is why I wanted to tackle that today. I really appreciate you guys jumping on the stream sticking with us. It鈥檚 great. I love the comments. I Andrew just fired up one more here on using systems manager for Amherst or it is free, but there are challenges with that as Secrets manager offer also offers rotations, and there鈥檚 something to be said for separation of Duties and separation of data storage, but we鈥檒l cover that on another stream.
And yes, Augusto. I will absolutely share this slide out. I鈥檓 just as a straight image. I鈥檓 so that you guys can use it and maybe put it up somewhere in the cloud off center so that people understand it and email it to all your friends all that kind of stuff so that you drill this model home at thank you very much for joining us a really really appreciate it through the super trippy.
We will talk to you soon and keep those comments coming. Thanks again. Morning, everybody. How you doing today at different camera today because this one doesn鈥檛 seem to want to respond. I鈥檓 going to see if we can fix that real quick Uno troubleshooting on the Fly always a fun thing and hopefully that will do it.
If not, we are looking directly into the webcam which gives us some reasonable feed. That鈥檚 fine. It鈥檚 no big deal as we are live here on LinkedIn. We have the comments set up and I don鈥檛 know why I always point to my screen but I do with the common set up on LinkedIn.
So if you have any questions as we鈥檙e going on a monitor. Please, let me know and we will take them on the fly at ATS a really important part of the process. We鈥檝e done three of these already where we鈥檝e covered just a gentle kick-off like hey, that鈥檚 what we鈥檙e going to do this year a leading up to reinvent and we鈥檝e also had a one on the heat to be slammed though.
We didn鈥檛 intro on YouTube that was kind of cool and we worked on some basic coding talked about land at work. And then set up a trigger from S3 where you dropped a violin and then you would see output in in the logs, which was awesome then two days ago on Monday.
We did a to b a c a l. I we introduced the concept of the sea Eliza mirror of the API great way to start kind of easing your way into a AWS and we did some basic stuff like we upload a file using a the CLI and we also did some translation translation.
I also classic floppy floppy disks for coasters the translation by the CLI. What do they was pretty cool. So today we are going to tackle the shared-responsibility model. And as I said the comments already that is way more interesting than it sounds and because everyone just shared responsibility model.
Here we go. How we going to deal with this? Let鈥檚 let鈥檚 start by actually walking through with AWS considers to be the shared-responsibility model. Then I鈥檒l give you my take on it to simplify things and to make it stuff easier and thanks for jumping on the livestream everybody appreciate it.
If you have any questions, please by all means jump in totally comfortable to fly. The idea of this is casual. There鈥檚 so much stuff going on leading up to reinvent that I wanted to help you guys out. I wanted to sort of get a better idea for myself even of what鈥檚 going on.
I鈥檓 kind of help bridge some of the gaps in the cloud. So am I did put a link right off the bat Sam. I just updated my website finally went through and cleaned some stuff up, but I have a page up for me and that is where I鈥檓 collecting all things reinvent.
And then you can see here. We鈥檝e got a countdown timer click through to the ultimate guide that I鈥檝e been writing a Four Eyes Upon a cloud Guru blog and but it is the sort of The Ultimate Guide to the show and we can see what鈥檚 going on as far as activities during the show themselves and but more importantly at is keeping track of the live streams so you can see here.
We鈥檝e got out of the replace from the previous ones as well as what鈥檚 up next for doing this one right now, but if you click on to the replay, you鈥檒l see the embed from YouTube which is great and then also actually translated or transcribed for the machine so lots of mistakes in there but some interesting stuff none the less.
So let鈥檚 go and Andrew has already hit it on that timer is not powered Bailando. That is good old school JavaScript really simple and the whole websites. It鈥檚 an S3 though, and we鈥檙e going to talk about that on the next step. Where to talk about past 3 I think in general, but Andrew is already hit it out of the out of the park at the shared-responsibility ability model from AWS is ugly.
It鈥檚 worse than ugly Andrew. It is counterproductive. It鈥檚 too complicated a tries to get across a very simple concept but it has done. So by having a generous helping of either engineering or marketing. I鈥檓 not quite sure which one or maybe they鈥檙e both fighting and this is generally been there their way of presenting the shared-responsibility model how you鈥檙e going to see this in the AWS documentation.
I鈥檒l show you their actual date of your site for shared responsibility middle of the two key points and let me move myself over to the other side so you can see here the two critical points. This does get across is the concept of security of the cloud Security in the cloud now, That鈥檚 good.
I鈥檓 going to highlight that that鈥檚 a good thing. That鈥檚 what I like about this diagram. I don鈥檛 like anything else about it. And the reason being is it鈥檚 only talking about security. The shared-responsibility model is more than just security but also the ad is just too many things going on here and doesn鈥檛 get across the core concept.
That is absolutely critical when we are talking about this about this concept in this is the shared-responsibility model is how everything works in the AWS Cloud. So let鈥檚 I shall leave myself over here. Let me a flip over and show you how AWS presents that model so they have a page and compliance / shared-responsibility model and if you scroll down you鈥檙e going to get the whole blurb about security compliance is a shared responsibility between 8 lbs in the customer hundred percent correct operations is also a shared responsibility and it works on this model and I don鈥檛 like You guys have followed me for any like the time you know that I really have a challenge in the way that security is always put off to the side you like.
Oh, here鈥檚 all this stuff in their security as well. It鈥檚 a fundamental integrated part. There鈥檚 no separation security at just one aspect of building. Well and for me, it comes down to my definition the goal of cybersecurity to make sure whatever you鈥檝e built that works as intended and only as intended.
It鈥檚 just something that I think we need to hammer home time and time again. So while this model is presented in the concept of security, it really applies to everything and they鈥檝e got the big giant diagram here at talking about security of the cloud vs Security in the cloud and this was stemmed from very early days in AWS.
They had a huge amount of pushback from customer is saying the services are not secure. I have nothing could have been further from the truth at that time. Let alone today it鈥檒l be us has proven themselves time and time again to be world-class as far as operations organizations Go including security.
I鈥檓 so this concept of security of the cloud. What鈥檚 the rate of US build into this Cloud offerings? What AWS does themselves for security and Security in the cloud. That鈥檚 what you was a customer need to do. You need to build Security in the cloud and which is a really really important at thing.
So Andrew just dropped a great Link in the in the comments here definitely check that out. He鈥檚 got the very simplified model of the shared-responsibility model and I love it and highlighting the and let me actually pull that up for you guys. Cuz I think it鈥檚 definitely worth calling out on the stream itself scuse my messaging I always hate that with the with LinkedIn there we going what鈥檚 course we can鈥檛 do that.
So now you see his very very simple diagram of and in love it simple the link is there. Check it out. Now. Let鈥檚 put that a big like right now pull that off the screen to make sure and so security of the cloud Security in the cloud getting great concept fine.
You keep scrolling down and they鈥檝e got a whole bunch of details on how they actually implement this. I got no problem with any of it since it鈥檚 it IT addresses the core issues. And then that鈥檚 the end of it. I think they sort of don鈥檛 put enough emphasis on this because of this model is absolutely critical to understanding everything that you do in the cloud.
So let me show you how I present the model. This is the diagram I use Okay, I use this one time and time again I have for years. It is changed very very little because I think it鈥檚 score. It鈥檚 it鈥檚 a fundamental principle is shared responsibility for security for operations for everything.
You鈥檙e doing normally just say this how the cloud works and then to find hey Securities not off on its own security is an absolutely critical part of everything that we鈥檙e doing. So we start on the left hand side of your screen with on premises and the way we introduces the saying there鈥檚 basically six areas.
Where you have to do something every day? Okay. Something has to be arson to that. It was let me reset. I was jumping ahead of myself. There are six areas where 6.76 areas where something has to be done basically day today. If not hourly to keep things working to keep the lights on to keep things safe and secure and we start with physical moving up the infrastructure virtualization OS apps and data if you think in a traditional environment at you need to make sure that the building is physically there is it safe is it secure is it, you know in an earthquake zone like there are considerations around physical for infrastructure or do you have redundant Heating and Cooling? Do you have redundant up links to the internet? Are you on a solid set of routing, you know, is that kind of infrastructure in place virtualization? Obviously, can you abstract away physical? Resources to make their consumption more efficient using virtual machines virtual istorage software-defined networking.
Then you get into the stuff that a lot more people are comfortable with operating systems. Are you packing them? Are you maintaining them? Are you configured incorrectly Target hardening them your apps that you either you鈥檙e installing off the shelf for your building yourself and then data and data is always your responsibility across all of these a different verticals.
So you got on promises and most people understand it, right and which is great and even in there the way you can sort of understand and yeah Brian, thank you. I think we all agree that you know, shared-responsibility model absolutely needs to be understood. The challenge is getting their rights of the way.
I was a reason why I start with on-premise is because people are used to collaborating whether they know it or not. So the way to break this down is going in your in your organization is today special for larger Enterprises. No one team is responsible for all this stuff.
You have a data center team that鈥檚 responsible for Police on the Davis Center for making sure the building is okay to make sure there鈥檚 enough Rackspace you鈥檝e got teams who are worried about the networking who are worried about the virtualization. They are you probably have a standard or a couple of standard OS teams, right? So this is something that you鈥檙e used to worrying about are used to delegating and working as a team and collaborating it.
So how does that shift when we move into the cloud on the cloud? We have three primary delivery models and traditionally, I asked a simple structures and service platform-as-a-service software-as-a-service and the complaints demonator vs started shifting their language a little while ago where a couple years back when they talk about infrastructure Services container services as before containers get super popular and but the service is that contain something and then abstract level services.
So hopefully they鈥檒l change that middle tier to some other name, but I think it was those are generally understood essentially. What happens is right off the bat when you move into the cloud at with an infrastructure level service you. Navigate half of your responsibilities are your teams responsibilities to the cloud provider? So you never know about the lease is on AWS data centers, right? You don鈥檛 even know specifically where the data centers.
Are you have his idea of availability zones within regions. You鈥檙e not worried about redundant up links. You鈥檙e not worried about Heating and Cooling same with the abstraction. Now that I primarily nitro with in AWS fantastic set of service at the they鈥檝e developed and deployed. They talk about it. Every once in awhile on Monday or Tuesday Night Live at James.
Hamilton is given a few phenomenal talks at reinvent. I Peter DeSantis have given some fantastic talks at reinvent for me wrs at sort of peeling back the covers and saying this is how we manage this aspect of the shared-responsibility model and they鈥檝e done some really amazing things make it was last year James Hamilton did like 10 minutes on how they figure out fiber multiplexing bandwidth within their cables, which is it absurd thing to think of but if their scale Made a ton of sense and put that CID is right off the bat.
If you were just standing up an instance in ec2 half of the daily responsibilities are pushed off to somebody else. That鈥檚 the deal you鈥檙e making with your cloud provider. Now, it鈥檚 different than a traditional Outsourcing Outsourcing tends to suck. It鈥檚 always sucked because there鈥檚 a service layer in between that doesn鈥檛 work nearly as well.
The AWS service layer is an API you it鈥檚 consistent. It may not always be accurate but it鈥檚 consistently inaccurate when it is not accurate, but that鈥檚 that鈥檚 the deal you make it right? So when you spit up and listen to ec2 you are responsible for the operating system for the app you install and then the day to you put in it.
So if you want to then configure your OS to be a the password for the route for the main user to be password you can do it. It鈥檚 a stupid thing to do. I do not recommend. It pro tip is don鈥檛 do that. But if you wanted to you can cuz it鈥檚 your responsibility, right and that鈥檚 how the shared responsibility.
Did you need to understand your sort of cut off in the layer of where you where you take over if you move into container level Services, you鈥檙e responsible for the app that you put on top of them and then the date and then if you go all the way over to abstract services, are you responsible for the data you put in so if you think of something like ask 3 you鈥檙e responsible to see whether or not the data you put in your comfortable with the security controls in place and that brings us to service configuration right for service configuration.
You are always responsible for configuring the options in the knobs in the levers that are presented you so when it comes to ask 3 a.m. You are you making the access control proper? Are you turning everything to public cuz you probably shouldn鈥檛 be doing that unless you have a very specific intention of making that happen.
Right and this comes to you know to Augustus, took data should always be treated as it is super value on absolutely. Everything else is replaceable. Your data is the one critical thing that you need to protect you. No notice in the shared responsibility. Model you are responsible for your data all the time at you are also responsible for service configuration all of the time.
So if we take something like AWS Lambda, in fact with flip over the Lambda console and so when we going to Lambda and if this is I鈥檓 looking at a specific sample, we made this actually in the first one. I am responsible for the data, which is this code you see on the screen.
This is the date of that I put into the service is this data appropriate? Yes. This is just a centrally reading an incoming event and making a decision based on that event. But I鈥檓 also responsible for the service configuration. So there鈥檚 the option to create environmental variables. Well, these are readable not just buy my function but anyone who has access to this account, so I shouldn鈥檛 be putting secret information in here unless I鈥檝e encrypted it right and there are other ways to do that in a different manner.
I鈥檓 also responsible for the role that I鈥檓 using. So am I giving this Lambda function the appropriate permissions, this is all Under service configuration same within my placing this function into a VPC or not. Am I putting in a virtual private Cloud? I need to decide these things because they鈥檙e firmly in my area of the shared-responsibility model.
They are not in Aid of your asses. What AWS is handling for us here in Lambda. If we flip back to the model is the application that runs Lambda there鈥檚 a whole host of containers that fire up to execute your function and then shut down and the operating system that those containers are running on and the OS in those containers.
That鈥檚 all I ask of you is his responsibility same with the Nitro layer for virtualization the infrastructure the physical that鈥檚 not my problem. And the beauty of this is that I get to run my code that you see here for you no $0.20 for every million executions, but I am responsible for that coat.
That鈥檚 the date. I put into the service and I鈥檓 responsible for the service configuration. So have I made the right choices with run time have I made Right choices with my environmental variables with tagging with using the permissions in the rolls. So that鈥檚 roughly how the shared-responsibility model works.
Now if any of you are pure security folk with your tinfoil hats on you鈥檙e probably going we鈥檒l wait a minute. I don鈥檛 just blindly trust in that is absolutely 100% true. You need to verify that all of these great out areas here. The AWS is responsible for that. They鈥檙e actually doing what they said they鈥檙e going to do cuz this model there is an implicit trust right you trust that when you spin up an ec2 instance, you will have a virtualization covered infrastructure covered and physical covered and I鈥檓 just checking is Andrew made a great, here.
I should snack on that code absolutely but it鈥檚 Nick find the problem with for nested if statements. I need to hang up my coat and hat but yes Nixa phenomenal reference service really great. If you haven鈥檛 checked them out you absolutely should. Great way to verify open source vulnerabilities in your Downstream dependencies in a really really smooth manner in your pipeline a snake.
IO, I think it鈥檚 a website being Google LinkedIn too for their team great tool. But yeah, if I if this level of code requires in-depth testing and then I鈥檓 I鈥檓 in trouble and and also I put some if so, I made sure I did. Okay. I have been back to the challenge at hand here is that you need to make sure the AWS is holding up their end of the bargain.
If 8 is not holding up their end of the bargain this whole thing falls down Pro tip their 100% holding up their end of the bargain cuz if they did they would be making so much money people would be leaving them in droves, but there is a service that we are going to dive into today and we鈥檝e got probably about 10 minutes left and I don鈥檛 think we鈥檙e going to take that whole time but this is one of my all-time favorite services.
So if we go back into our account here and is there a demo count so we鈥檒l see we鈥檝e never actually use this. We are going to pull up AWS artifact. Most people have never heard of this service. And which is a shame cuz like I said, it鈥檚 my absolute favorite.
So we click on artifact. This is the extent of the service will see there is agreements and reports. They鈥檝e actually added agreements which is nice and I鈥檓 so you have the account agreements around Australia鈥檚 and notifiable data breach and the business associate Amendment at for hip hop in the states.
And then my Japanese is not as slick as it should be at but this is the Japanese Privacy Law Amendment. I鈥檓 or agreement for being a service provider. So if you need copies of that that鈥檚 their butt artifact is the way that you was the user verify that a w I was doing what they say.
They鈥檙e doing and the reason being is that artifact provide you with the AWS side of the report. That hand yeah address is coming that he knows a bunch of people or ahold Pro shirts and they don鈥檛 know about artifact hundred percent get it. It鈥檚 a ridiculous service when you think of it is literally a list of buttons, but it鈥檚 absolutely critical because if we scroll down here to get to something more reasonable, so this is a good one time if we look at the cloud computing compliance controls catalog or C5 and this was developed by Germany in a national security Authority and it basically says any cloud provider needs to adhere to these controls.
What if we click the blue get this artifact button what鈥檚 going to happen is that we have to accept a non-disclosure agreement. Now I have actually read this. I鈥檓 just scrolling through for the impact here. I just cuz I鈥檓 not going to walk you guys through it, but I am a nerd like that.
I have read this agreement before I cannot blindly accepting it. But as soon as you accept it at what ends up happening is you see down here we got this nice little PDF. I鈥檓 in let me make sure I open it in something safe. What鈥檚 going to happen is due preview is open this up.
Perfect. Okay, so I鈥檓 going to switch over my screen for a second. This might be a little disorienting and it should be this is an example of what you鈥檙e going to get from artifact. If you go down and scroll you鈥檙e going to see that鈥檚 just the non-disclosure to make sure that I get my artifact.
If you eventually get this to work what鈥檚 going to happen? Yes, you will get open finder. I want to see if I actually get the artifact what you should be getting and I got the disclosure agreement again. All right, there鈥檚 a little challenge here. I will dig into that afterwards.
But the point is what you end up getting is 8 of your asses side of a various. I鈥檓 report and that鈥檚 a great question answers ask me. How many licks does it get take to get into the artifact. I apparently don鈥檛 know cuz I can鈥檛 seem to do it.
But if you keep scrolling down you鈥檒l see there鈥檚 two things like the W-9 the government of Canada partner package. We made the list and ISO certification. These ones are where people are more familiar with so if you look at them, we鈥檙e just going to flip helps if I go back to Chrome here.
So for back in the AWS, that鈥檚 what I was talking about. Just keep scrolling down and let鈥檚 just see the iso 27001 statements which are great. But if you come back to the 8th of u.s. Compliance website and you go to compliance programs what you鈥檙e going to see here is logo soup.
K logo soup Andrews is playing on I have to open up an Adobe PDF which is ridiculous, but it could point. So if you go through here, you鈥檒l see all the logos that they have attestations for and you got like sock level one level 3 PCI DSS all that kind of stuff what you鈥檙e going to get is a matching document in artifact and that will tell you what is going on with all of the it鈥檚 situated all of the various items.
So while we鈥檙e talking here, I鈥檓 actually going to install Dobies good old acrobat cuz I鈥檝e got the Creative Suite unfortunately and that鈥檚 going to let us open the if these of these is a document but basically what I鈥檓 telling you here is it for each one of these there鈥檚 almost always a matching document on artifact and that鈥檚 going to give you the details of how AWS fulfills their side of the shared-responsibility model.
Now another way to do this or another way to check in a non-official ways. If you go to the AWS whitepapers and what you鈥檙e going to see is under security. There is a number of documents, especially in the AWS. Well architected framework that overview how AWS is covering off various security responsibilities.
So they鈥檝e got best practices for detox resiliency and which explains what they鈥檙e doing on the deed outside and then let me just see if my other PDF reader is going to open up this guy. I鈥檒l see you in a sec. I鈥檓 so the you鈥檝e got these various white papers in here.
And there鈥檚 a really good one on security add that I will have to figure out the actual I鈥檓 Ops resilience and something like there鈥檚 a security overview of Lambda. There鈥檚 a generic version of this and for various Security Services, but this tells you so you can see right here shared-responsibility model is one of the core aspects that are horrible diagram again, but this document walkthrough what AWS is doing to fulfill their side of the shared-responsibility model until you have the lamp to run time works.
It tells you where your responsibilities start and there鈥檚 a overall document that cover security for this an operations for a very services and as well as the specific one sitting in artifact. So good old creative Cloud鈥檚 taking forever to install a acrobat by a man has given us some great info in the comments here that if you鈥檙e using the official Acrobat PDF opener and it will get you past the non-disclosure agreement.
You鈥檒l actually be able to open up the artifacts themselves, maybe post a screenshot or something like that. But you guys get the point when it comes to the shared-responsibility model these areas Below in the gray AWS is responsible for you need to make sure that you understand where that line is.
Right? If you don鈥檛 know where that line is you鈥檙e in trouble operationally end from a security perspective and that鈥檚 absolutely critical. So if you are running an instance in ec2, you are responsible from the OS which means like this week or Microsoft release to critical patches, you need to apply them to your window systems or not.
You鈥檙e going to happen automatically, where is if you were running in a pass level service or something like RDS and for SQL Server that鈥檚 running on Windows 8 lbs takes care of that patching. You have to worry about that cuz they鈥檙e patching the OS you have to worry about the AV app in the data on top of it.
Right? And if you move all the way over to the data side, you need to like me song. Amanda is my code. Okay, am I putting it in there? You know, I had an Andrew suggested great one, you know, if you鈥檙e not sure about the quality that day that you can run something like snake against your code.
If you鈥檙e an S3. The question is is this is top-secret information in my comfortable with that and then as always always always always always you鈥檙e responsible for service configuration and you need to understand that AWS provides a bunch of great lovers and knobs and things like that for you to have take advantage of so at you need to get there and then actually brings us to a whole service area the security identity and compliance.
Are you hear that you see on screen these guys their tools the AWS has provided or services are features that a TBS provides to help you fulfill your aspect of the shared-responsibility model. That鈥檚 the goal of these things. They don鈥檛 automatically do security for you. They help you fulfill your responsibilities and security vendor.
So I work for a Trend Micro. We鈥檙e on advanced technology partner from a TBI. I鈥檝e been forever. I鈥檓 all the security Partners. You see any in the APN in the Amazon partner or any of his partner Network. We鈥檙e all trying to help you fulfill your aspect of the shared-responsibility model same with these sets of services.
So if you look at like Secrets manager Secrets manager is trying to help you manage secrets so that when you can figure things like a Lambda function, you don鈥檛 need to put the secret in the code, right? You don鈥檛 need to put the secret in the data. You can have it in an area where you鈥檙e more comfortable same with inspector is looking at your instances to make sure your os鈥檚 are up-to-date your apps are up to date and not vulnerable to something these entire Suite of services are trying to help you fulfill your area of this shared-responsibility model, but I far prefer I do not like presenting it like this.
I like Andrews version of this. Diagram if you want to go out of the cloud in the cloud, but I think if you鈥檙e talking about it with teams, if you鈥檙e trying to understand yourself, I think this is far simpler. I think it is very much straightforward. And this is what you should be at.
Tattoo wrap your head around nowhere. This line is for infrastructure OSN up platformer container a pin-up Sasser abstract stuff data and up so data and service configuration absolutely critical that you understand this not just for security, but for operations as well with that we鈥檝e hit at 10:30. We鈥檙e going to call it on this stream the link I dropped the star the start that鈥檚 where I鈥檓 tracking all of this stuff right all the way up Google LinkedIn on the updated site.
So you鈥檒l see it on the all things reinvent page tracking existing stream. So I鈥檒l put this one up there and then the next dream might be this week or next week. I鈥檒l look at my schedule. I鈥檓 trying to get a little ahead. So you guys have a better idea instead of just randomly get those LinkedIn notifications I have but as far as topics go fire them off in the comments here on LinkedIn if you鈥檙e watching this in the replay on YouTube in the description below and because of building I don鈥檛 I want to know what makes sense for you guys and what I鈥檓 thinking for the next time is a deeper dive in Amazon S3 supposed to Clear and configuration.
I am an understanding your part of the shared-responsibility model, which is why I wanted to tackle that today. I really appreciate you guys jumping on the stream sticking with us. It鈥檚 great. I love the comments. I Andrew just fired up one more here on using systems manager for Amherst or it is free, but there are challenges with that as Secrets manager offer also offers rotations, and there鈥檚 something to be said for separation of Duties and separation of data storage, but we鈥檒l cover that on another stream.
And yes, Augusto. I will absolutely share this slide out. I鈥檓 just as a straight image. I鈥檓 so that you guys can use it and maybe put it up somewhere in the cloud off center so that people understand it and email it to all your friends all that kind of stuff so that you drill this model home at thank you very much for joining us a really really appreciate it through the super trippy.
We will talk to you soon and keep those comments coming. Thanks again.
