Under the AWS shared responsibility model, AWS is indeed responsible for the physical security of the infrastructure that runs all of the services offered in the AWS Cloud. This includes data centers, the hardware, the physical network, and the facilities that house and maintain that hardware. Customers are responsible for securing their data within the cloud – for example, setting proper permissions, encrypting data if necessary, and following best practices in application security.