VMware Cloud on AWS is part of the portfolio of VMware Cloud Services, which also includes associated services such as VMware HCX and VMware Site Recovery. Security of VMware Cloud Services is of utmost importance. Ensuring the security of the VMware cloud offerings and customer data held within requires a wide array of tools, processes, and capabilities, all expertly designed to balance the desires of the business with a focus on customer satisfaction, product efficiency, product deadlines, revenue, shareholder expectations, and the need for security VMware balances these needs with a set of controls and management processes designed to both mitigate risk and enhance its product offerings
The controls and processes were created using a set of driving principles, which provide the underlying general rules and guidelines for security within VMware Cloud Services.
VMware Cloud Services uses a shared responsibility model for security.
This matrix of responsibility ensures a higher security model and eliminates single points of failure. Amazon Web Services is responsible for security of the underlying physical infrastructure of the data center, across all regions and availability zones, as well as edge locations. VMware is responsible for ensuring all facets of security for the management layer above. Customers continue to own and operate the security and compliance of the actual workloads by extending their successful policies and controls to public cloud locations. More details on the shared security model can be found in the Security section of the VMware Cloud on AWS Service Description.
To provide focus for VMware security responsibilities as a cloud service provider, we have established a security framework This framework helps abstract the levels of detail typically found in security implementations, categorize the control elements, and frame the elements in a meaningful order. The document titled VMware Cloud Services On Amazon Web Services Security Overview details each element of the framework, describing key controls implemented in VMware Cloud Services