In Chapter 1, Introduction to Cloud Security, we learned about the shared responsibility model of the cloud. We saw that security is always a shared responsibility, where some areas go into the account of the customer and some areas go into the account of the cloud provider.
In IaaS, a customer is responsible for managing security from the compute layer to the application layer, which includes OS, network, storage, application, and so on.
In PaaS, the cloud provider is responsible for managing the security of the platform. The customer is responsible for managing the security for the application they run on this platform.
In PaaS, a customer does not have control of the underlying infrastructure of the platform. However, we can define our custom parameter to run our application. For example, we use MySQL RDS, where we can define custom parameters by defining custom parameter groups. We can also enable encryption for specific or all connections.
In AWS, almost all the services...