# Configuration and Vulnerability Analysis in Amazon MWAA
Configuration and Vulnerability Analysis

Configuration and IT controls are a shared responsibility between AWS and you, our customer.

Amazon Managed Workflows for Apache Airflow periodically patches and upgrades Apache Airflow on your environments. Ensure that the appropriate access policies are used for your VPCs.

For more details, refer to the following resources:
+ [Compliance Validation for Amazon Managed Workflows for Apache Airflow](compliance-validation.md)
+ [Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/)
+ [Amazon Web Services: Overview of Security Processes](https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf)
+ [Infrastructure Security in Amazon MWAA](infrastructure-security.md)
+ [Security best practices on Amazon MWAA](security-best-practices.md)