On the presentation you presented on the AWS Responsibility Model the AWS Responsibility is Layer 1 and Layer 2 others are Customer Responsible. Whereas, I saw some documentation from Trend Micro the Layers responsible by AWS is Layer 1-3 others are Customer Responsibility.
URL Is below
https://www.trendmicro.com/aws/aws-waf-and-deep-security/deep-security-aws-waf-osi-model/
2 Answers
Hi Babon,
There are no hard rules on mapping the OSI model to AWS’s Shared Responsibility Model–at least that I’ve seen from AWS. In the video, I use the OSI model to help describe WHY certain networking concepts aren’t supported on AWS like multicast or broadcast. I also mention there are cases were both AWS and customers reach across that line, like DHCP for example.
The diagram you refer to is in the context of WAF, which is a Layer 7 service. If you look at the documentation for AWS Shield for example, they refer to that service offering protection and alerts for customers of DDoS attacks at Layer 3 and Layer 4.
https://docs.aws.amazon.com/waf/latest/developerguide/ddos-overview.html
–Scott
I agree with Scott there is not a direct mapping with the Shared Responsibility Model and the OSI Model. Here is the link to the Shared Responsibility Model from AWS.
https://aws.amazon.com/compliance/shared-responsibility-model/