Compliance Requirements that Vary Among AWS Services

aws/compliance aws/security aws/concept

💡 Definition

Compliance requirements that vary among AWS services refers to how an organization's responsibilities for meeting regulatory and industry standards change depending on the specific AWS service being used, particularly in the context of the Shared Responsibility Model. The level of shared responsibility shifts based on whether the service is Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS).

🔑 Key Concepts

⚙️ How it Works

When planning to use an AWS service, an organization must understand its compliance obligations for that specific service. For example, deploying a database on an EC2 instance (IaaS) means the customer is responsible for patching the database OS, whereas using RDS (PaaS) offloads much of that responsibility to AWS. This understanding informs security controls, audit processes, and overall compliance strategy.

🎯 Use Cases

💰 Pricing Model

📝 Exam Tips (CLF-C02)


See Also: * Shared Responsibility Model * AWS Compliance * IaaS * PaaS * SaaS