Shared Controls– Controls which apply to both the infrastructure layer and customer layers,
but in completely separate contexts or perspectives
Patch Management– AWS is responsible for patching and fixing flaws within
the infrastructure, but customers are responsible for patching their guest OS and
applications
Configuration Management– AWS maintains the configuration of its
infrastructure devices, but a customer is responsible for configuring their own guest
operating systems, databases, and applications
Service and Communications Protection is an example of a customer specific control
Storage system patching is an AWS responsibility
Physical and Environmental controls is an example of an inherited control (a customer fully
inherits from AWS)