IaaS Responsibility Matrix - S3 Object Storage
Here is the RACI matrix for the shared responsibility model between the client and Cloud Temple for using the Cloud Temple S3 Object Storage platform.
Definition of the different roles
Here is a reminder of the different RACI roles:
| Role | Description |
|---|---|
| (R) Executes | __R__uns the process |
| (A) Approves | __A__pproves the process execution |
| (C) Consults | __C__onsulted during the process |
| (I) Informed | __I__nformed of the process results |
Define your requirements
| Activity | Client Role | Cloud Temple Role |
|---|---|---|
| Validate that the S3 Object Storage product meets the application's requirements | RA | CI |
| Subscribe to the service with the necessary information | RA | I |
Implement the Service
| Activity | Client Role | Cloud Temple Role |
|---|---|---|
| Maintain operational readiness of the S3 Object Storage platform | I | RA |
| Maintain security readiness of the S3 Object Storage platform | I | RA |
| Create objects | RA | |
| Create access keys and assign associated permissions | RA |
Recurring Operations
| Activity | Client Role | Cloud Temple Role |
|---|---|---|
| Ensure operational maintenance of the S3 Object Storage platform | I | RA |
| Ensure security maintenance of the S3 Object Storage platform | I | RA |
| Ensure accessibility of the S3 Object Storage service | I | RA |
| Retain and make available the logs of the S3 Object Storage platform | RA | |
| Monitor the proper functioning of the S3 Object Storage platform | I | RA |
| Track the lifecycle of objects | RA | |
| Track the lifecycle of object permissions | RA | |
| Manage logical security of objects | RA | |
| Manage incidents on the S3 Object Storage service | I | RA |
| Manage problems on the S3 Object Storage service | I | RA |
| Manage capacity for the S3 Object Storage service | I | RA |
| Manage changes for the S3 Object Storage service | I | RA |
Encryption Management
| Activity | Client Role | Cloud Temple Role |
|---|---|---|
| Manage data encryption before deployment to the S3 Object Storage service | RA | |
| Manage encryption on the storage space allocated by the S3 Object Storage service | A | R |
Business Continuity
| Activity | Client Role | Cloud Temple Role |
|---|---|---|
| Ensure business continuity of the S3 object storage service | I | RA |
| Ensure data backup | RA | |
| Perform periodic data restoration tests | RA | |
| Maintain the business continuity and disaster recovery plan for applications | RA |
Reversibility
| Activity | Client Role | Cloud Temple Role |
|---|---|---|
| Implement the reversibility project (planning, tools, methods, targets,...) | RA | |
| Export data from the S3 Object Storage service | RA | |
| Delete data on the S3 Object Storage service | RA | |
| Destroy storage media at end of life or in case of error | RA |