Explanation

In the AWS shared responsibility model:

AWS Responsibility (Security OF the Cloud):

• Monitor the health of an Availability Zone - AWS is responsible for the physical infrastructure and availability of AWS services
• Protect the infrastructure that runs Amazon EC2 instances - AWS manages the underlying hardware, networking, and facilities

Customer Responsibility (Security IN the Cloud):

• Patch an Amazon EC2 instance operating system - Customer is responsible for patching guest operating systems and applications
• Configure a security group - Customer manages security group configurations and network access controls
• Manage access to the data in an Amazon S3 bucket - Customer controls data access permissions and encryption settings

This division ensures AWS handles the security of the cloud infrastructure, while customers manage security within their cloud environment.