The AWS-shared responsibility model

In AWS, security is of paramount importance. Under the shared responsibility model, AWS provides a secure infrastructure, compute, storage, networking, database services, and some other high-level services. AWS customers are responsible for protecting the confidentiality, integrity, and availability of their data in the cloud for meeting specific business requirements for information protection. So in short, AWS manages the security of the cloud, and security in the cloud is the customer's responsibility. Here is the graphical information with regards to the shared responsibility model. This is taken from the AWS whitepaper:

In regards to the EC2 service, under the shared responsibility model, AWS is responsible for the host operating system virtualization layer down to the physical security of the facilities, and you would be responsible for the following:

• Operating systems
• Application software
• Data-in-transit
• Data-at-rest
• Data stores
• Access keys
• Policies and configurations
• Amazon Machine Images
• Security Groups
• Network ACL