← Concepts
Security, Compliance, and Governance for AI SolutionsAIF-C01 · Task 5.1

AWS shared responsibility model — AIF-C01

Who owns what between AWS and the customer, how duties shift across service types, and the misconception the AIF-C01 exam tests.

What it is

The AWS shared responsibility model divides security and compliance duties into two distinct zones. AWS is responsible for security of the cloud — the underlying infrastructure including hardware, software, networking, and the physical facilities that run AWS services. Customers are responsible for security in the cloud — everything they place on top of that infrastructure, including configuration, access control, and their data.

Mental model

Think of it as a lease on a managed office building. The landlord (AWS) secures the building itself: the locks on the front door, the electrical systems, the fire suppression. The tenant (you) secures your suite: who has a key, what's on the desks, whether the filing cabinets are locked. Neither party can fulfill the other's obligations.

When to use it

The boundary shifts depending on which AWS service type you are using. The more abstracted the service, the more AWS takes on, and the less the customer needs to manage at the infrastructure level — but the customer always retains responsibility for their own data and access configuration.

Responsibility areaAWS (security of the cloud)Customer (security in the cloud)
Physical facilities and hardwareFully owned by AWSInherited; no customer action needed
Hypervisor / host operating systemFully owned by AWSInherited
Guest operating system (e.g., on EC2)Not applicableCustomer patches and manages
Application software on EC2Not applicableCustomer installs and secures
Managed service platform (e.g., S3, DynamoDB)AWS operates the OS and platformCustomer manages data classification, encryption options, and IAM
Network firewall (security group configuration)AWS provides the toolingCustomer configures rules
Data (all service types)Not applicableAlways the customer's responsibility
IAM: identities, permissions, policiesAWS provides IAM as a serviceCustomer defines and enforces

The official documentation identifies three control categories worth knowing:

  • Inherited controls — customers fully inherit from AWS; physical and environmental controls are the canonical example.
  • Shared controls — both parties act in separate contexts; patch management and configuration management are examples.
  • Customer-specific controls — solely the customer's responsibility; data routing decisions and zone-level security fall here.

Common misconception

The most consequential trap is assuming that choosing a fully managed AWS service transfers all security responsibility to AWS. It does not. According to the official model, even for highly abstracted services such as Amazon S3 and Amazon DynamoDB — where AWS operates the infrastructure layer, operating system, and platform — customers remain solely responsible for their data (including choosing and applying encryption options), classifying their assets, and configuring IAM access controls.

A related error is treating the model as binary: "either AWS is responsible or I am." The official model explicitly describes a third category — shared controls — where both parties each maintain separate obligations for the same control domain (for example, patch management at different layers of the stack).

How it shows up on the exam

Questions in this area test whether you can correctly identify who owns a specific security control in a described scenario. The cognitive target is application of the model, not recall of the definition.

A common pattern presents a scenario involving a managed AI or ML service and asks which security tasks remain with the customer. Candidates who have internalized "managed = AWS handles security" will incorrectly offload data governance, encryption configuration, or IAM to AWS. The official documentation is clear that these remain with the customer regardless of service abstraction level.

Signal phrases to watch for in question stems: "who is responsible for," "whose responsibility is it to," "the customer is responsible for," "AWS manages," "shared responsibility." When a stem describes a highly managed service (including AI/ML services), default to checking whether the responsibility in question is data, access control, or configuration — those are reliably in the customer's zone.

Related concepts

Sources

Every claim on this page traces to the public exam blueprint and official documentation:

CutScore is an independent study tool and is not affiliated with, authorized by, endorsed by, or sponsored by Amazon Web Services. “AWS” and “AWS Certified AI Practitioner” are trademarks of Amazon.com, Inc. or its affiliates. All content is independently authored from the public exam blueprint and official documentation — no real exam content is used.

The exam-readiness instrument. Know if you’re ready before you book.

Product
PricingConceptsBlog
Legal
PrivacyTermsRefund policy
Company
Contact
© 2026 The Plain Works Co.AWS and AWS Certified AI Practitioner are trademarks of Amazon.com, Inc. or its affiliates. CutScore is independent and not affiliated with, endorsed by, or sponsored by Amazon Web Services.