This is AWS shared responsibility Model-
- AWS take care for the managed services like RDS. It ask you configure the time for patch update. But it does not for the service for the ec2 Operating system, because client install the OS in ec2. So if you have installed the centos 6 in any ec2, AWS will not perform any update in any package installed OS.
- Basically, If you have installed the software, then it is your responsibility to secure and update that.
This part is very important to understand in aspect of responsibility.
“If you are on cloud , it doesn’t mean that you are secure and up-to-date. This is actually customer responsibility.”