A company is building a generative AI application on Amazon Bedrock. Under the AWS shared responsibility model, which area is the responsibility of this company (the customer) ALONE?
A question about choosing the area the customer bears alone under the shared responsibility model.
Maintenance of the physical servers that host the model.
Maintenance of the physical servers and hardware that run the foundation model is the responsibility of AWS, which provides the cloud infrastructure.
This is not an area the customer bears alone, so this is incorrect.
Management and protection of its own data and access control.
Correct. Under the shared responsibility model, managing, protecting, and choosing the encryption of the data submitted to AWS, and controlling who can access it with IAM, are the customer's responsibility. When using Bedrock, the customer manages the data itself and the access permissions.
Physical security of the data center.
Facility management and physical security of the data center are part of the infrastructure AWS provides and are the responsibility of AWS.
This is not an area the customer bears, so this is incorrect.
Pretraining of the foundation model.
The pretraining of the foundation models provided in Bedrock is carried out by the side that develops and provides the model (AWS or the model provider).
This is not an area the customer bears alone, so this is incorrect.
The shared responsibility model (in the AI context) is: 'AWS = security "of" the cloud (infrastructure, physical, model hosting) / customer = security "in" the cloud (data, choice of encryption, IAM).' Split it by the principle that the data itself and who can access it are always the customer's.