Under the AWS shared responsibility model, AWS is responsible for the infrastructure that runs all of the services offered in the AWS Cloud. This includes the operational security of managed services like Amazon RDS, such as database patching, firewall configuration, and physical security of the hardware. The customer is responsible for certain aspects like managing access controls and setting up encryption, which relate to the use of the service. It is important for candidates to understand that responsibility is shared and can shift depending on the type of service being used (i.e., IaaS, PaaS, SaaS).