Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Shared Responsibility Model to Secure Cloud Architecture #1178

Merged
merged 2 commits into from
Aug 25, 2023

Conversation

Josh-Beck
Copy link
Contributor

Content

This PR covers issue #1173. Added a section explaining the 3 main levels of the shared responsibility model, and made a small tweak to the self-managed tooling section to reflect the new section.

Review

One thing I would like a specific eye on is ensuring I have correctly explained/covered the nuances between the "as a Service" model and fully managed vs self-managed systems. There is significant overlap, but "as a Service" covers the differences from the developer and security responsibility set, and the levels of management refer to specific product groupings by cloud companies (ex: DynamoDB is "fully managed", but could be considered PaaS or SaaS).

Additionally, any suggestions for specific pros/cons in each section are welcome. It's hard to identify pros/cons in a provider agnostic manner.

@utilimatt Would you be willing to review this?

Thanks y'all!

@Josh-Beck
Copy link
Contributor Author

@utilimatt Would you be willing to review this?

@Josh-Beck
Copy link
Contributor Author

Looks like Matt may not be able to review. Any other folks y'all have for review?

@jmanico jmanico merged commit 77a1d81 into OWASP:master Aug 25, 2023
@jmanico
Copy link
Member

jmanico commented Aug 25, 2023

BOOM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants