Which option is a responsibility of AWS under the AWS shared responsibility model?

Explanations:

Application data security is primarily the responsibility of the customer. AWS provides the tools and infrastructure, but securing the data within applications is up to the user.

Patch management for applications running on Amazon EC2 instances is the customer’s responsibility. AWS manages the underlying infrastructure but not the applications deployed on it.

AWS is responsible for patch management of the underlying infrastructure for managed services. This includes services like RDS or Lambda, where AWS manages the infrastructure and applies necessary patches.

Application identity and access management is the responsibility of the customer. Users must manage their own identity and access configurations within their applications.