🗓 Thursday, October 30 – Shared Responsibility in Practice
🎯 Learning Intention
I will apply the Shared Responsibility Model to identify which tasks belong to the cloud provider and which belong to the customer.
✅ Success Criteria
- I can differentiate customer vs. provider duties for IaaS, PaaS, and SaaS.
- I can name one real-world example of each service model.
- I can explain why misconfigurations cause most security breaches.
☀️ Warm-Up (5 min)
“Who patches your Chromebook OS — you or Google?”
(Transition into provider/customer discussion.)
🧠 Mini-Lesson
Topic: Shared Responsibility Matrix
Key takeaways:
- Security is shared, not shifted.
- Hardware → Provider; Access & Data → Customer.
- Automation reduces but never removes risk.
📘 Detailed Notes
| Model |
Provider Manages |
Customer Manages |
Example |
| IaaS |
Networking, storage, physical hardware |
OS, data, apps |
Compute Engine |
| PaaS |
Infrastructure + runtime |
Data & application logic |
App Engine |
| SaaS |
Everything except usage & access |
Account security |
Gmail, Drive |
🧩 Team Task (25 min)
- In pairs, complete the Responsibility Scenario Cards in Classroom.