Correct, this is meaningless. It's purely to provide a facade for companies and countries who are still fully in bed with US big tech, so they have something to point at and can delay the inevitable for longer.
Another goal with this is to muddy the waters on the word "sovereign" in relation to tech e.g. "cloud". This is a big reason why they've chosen this exact name. Now every discussion regarding it is more prone to devolve into "but what does it really mean!? Amazon has a 'sovereign cloud'!!". Taking time away from discussing the core and actual sovereign cloud.
It's the umpteenth despicable play by US big tech. It doesn't matter what guarantees they give, the US is in charge of anything remotely related to Amazon, even if they set up "independent subsidiaries", do everything through "local partners" and what not.
Likely the first one will immediately fold to avoid jail.
But for context the head of the FED is currently investigated for criminal charges, governors, mayors, judges etc. Why is a CEO of a company so special? Within hours the board can appoint another one.
The one thing I’ve learned without it taking a stupid long time is that there’s no more things that are too ridiculous to imagine happening. The American regime is an irrational actor. They’ll do whatever.
Yes let's talk about all the billionaire CEOs that get sent to prison.
Anyway, the entire structure and premise of this business is that they cannot do that. A court cannot put a CEO in jail just because partner businesses do not follow his orders. Do you think it is maybe remotely possible, that Amazons lawyers and architects understand this a little bit better than you do?
I'm thinking they checked it out, they checked it out a couple of times.
Edit/note: The main point AWS makes is indeed by whom/where this offering is operated. But, Microsoft stated that even though they made an environment so that the data lives entirely within the EU they may be compelled to transmit the data back.
> A court cannot put a CEO in jail just because partner businesses do not follow his orders.
In the US, rule of law does not matter any more in practice. That is the problem. You can't even say it's "rule by mob" - at least the mob had an honor codex, the current administration doesn't give a single flying fuck about anything any more. Might makes right.
> We’re gradually transitioning the AWS European Sovereign Cloud to be operated exclusively by EU citizens located in the EU. During this transition period, we will continue to work with a blended team of EU residents and EU citizens located in the EU.
I find it fascinating that the goal is to staff this exclusively with EU citizens, thereby excluding non-citizen residents of the EU.
It's similar to FedRAMP systems like AWS GovCloud (US), which can only be accessed by someone who is a US person (US citizen or lawful permanent resident) and on US soil (physically in the US at the time of access).
> Replicating a broadly practiced mitigation mechanism that is established in EU institution and government hiring practices, operational control and access will be restricted to EU citizens located in the EU to ensure that all operators have enduring ties to the EU and to meet the needs of our customers and partners.
If Amazon is down in the US, would this work? The fact that they mention “any Amazon customer can access this” makes me think it’s intermingled / not cleanly separated and isolated from US infrastructure
AWS has the notion of "partitions", which is a technical boundary encompassing multiple regions. This mostly doesn't come up, but it does poke through in certain implementation details, like how AMI manifests for groups of regions (partitions) need to be encrypted for different public keys. Each partition has a specific region which must be targeted for certain partition-wide actions, such as managing IAM endpoints in other regions.
Normal AWS (`aws`) traces to `us-east-1`. AWS GovCloud (US) (`aws-us-gov`) is distinct, based in `us-gov-west-1`. AWS in China (`aws-cn`) is distinct again, based in `cn-north-1`.
The AWS European Sovereign Cloud is implemented as a distinct partition – `aws-eusc` based in `eusc-de-east-1` – so it has exactly as much in common with normal AWS as AWS GovCloud (US) or AWS in China.
The docs explicitly describe this cloud's independence from the US.
> The AWS European Sovereign Cloud will be capable of operation without dependency on global AWS systems so that the AWS European Sovereign Cloud will remain viable for operating workloads indefinitely even in the face of exceptional circumstances that could isolate the AWS European Sovereign Cloud from AWS resources located outside the EU, such as catastrophic disruption of transatlantic communications infrastructure or a military or geopolitical crisis threatening the sovereignty of EU member states.
From what I’m understanding, it won’t be dependent anymore on us-east-1, but this isn’t mentioned explicitly. This is great, especially if you consider that some cut cable in the ocean could literally turn off a big part of the companies in a whole continent.
> Two market investigations will assess whether Amazon and Microsoft should be designated as gatekeepers for their cloud computing services, Amazon Web Services and Microsoft Azure, under the DMA, in other words whether they act as important gateways between businesses and consumers, despite not meeting the DMA gatekeeper thresholds for size, user number and market position.
EU, as a US citizen, go all in and ditch the US as much as you can. Not only will this bring competition, it also means that the US Government cannot grab the balls of Amazon and squeeze the EU market.
I wouldn't trust Amazon with my data if I was an EU citizen. As a US citizen I don't even trust Amazon with my own data. This is why I support de-Google, de-Microsoft, and de-Apple computing.
They’ve been planning this for a while. These datacentres and organisations don’t spring up overnight, especially at this scale.
I know at least one major European bank made it a requirement upon AWS to provide essentially this service. I believe back around 2020 or maybe a bit earlier.
It is an attempt to not lose European customers that might be tempted to migrate to Europe-based solutions in the current political climate. In the event of a serious trade war (like you suggested) and/or a real war, it gives some assurances; which is smart based on the threats from the current unpredictable and authoritarian U.S. administration.
But it probably started as a way to comply with EU laws more easily, so it works on multiple levels.
How much can we trust this so-called sovereign cloud? That's a sincere question. I can't think of a more American company than Amazon, and I find it hard to believe that it could be completely independent from its American headquarters.
I really hope that Europe will get its act together rather than relying on this half-hearted solution.
They claim the "AWS European Sovereign Cloud represents a physically and logically separate cloud infrastructure, with all components located entirely within the EU" and that it operates entirely under German laws, but I think your skepticism is warranted.
I think Europe should push for its own solutions rather than fuel oligarchy/authoritarianism, if they are serious about their own security and preserving liberal values.
If you think deeply and logically, you will see that those text and even some legal details are just marketing that aims smart people. because in case of war or some serious conflict, they will be obeying the parent company and orders of usa government. see ICJ prosecutors and microsoft, you have real proof live, if you can connect some dots.
Physically separate infrastructure as well as local employees help to some extent. But it is not really sovereign cloud. There is no guarantee that employees would know if some commands are illegal. Plus parent company can fly anyone there if needed.
I wrote this on linkedin recently, even though it is focused on Microsoft, it feels prescient as ever:
Fuck, man. Imagine potentially losing a country because you couldn’t be bothered to host your own mail.
I’ve been banging on for at least a decade (to anyone who will listen) about how handing over every email, document, and operational process to US tech companies was a catastrophic strategic mistake.
Now Mr. Trump’s threatening tariffs against European allies for conducting military exercises… in their own territories... Suddenly everyone’s talking about “sovereign clouds” (btw: its still US tech giants, whom are beholden to the “CLOUD act”; which if you didn’t know: gives the US govt access to all of your data winkwink).
Funny how that works. Funny the timing of it.
I understand how it happened: CFOs saw Office 365 and saw “dollar signs”… cheaper IT, less compliance risk!! Heads of state saw American tech leadership and saw safety. IT professionals saw Microsoft certifications and saw career security. What we actually bought was dependence dressed up as convenience, and we’re now paying the bill with our negotiating position.
Sweden, like the rest of Europe, voluntarily put nearly every organisation’s communications, files, and operational data into American hands. We didn’t need to be invaded. We subscribed.
The US soft power here is monumental. Why bother with tanks when you already own the infrastructure we run our societies on?
We spent decades choosing comfort over sovereignty because we genuinely believed the post-Cold War order was permanent. Turns out “nobody ever got fired for buying Microsoft” had a rather significant asterisk: unless geopolitics gets spicy again.
Surprise.
So what now? We can’t unwind a decade of procurement decisions overnight, but we can stop digging. Every new SaaS contract that puts European data on American infrastructure deepens the dependency. Every IT professional who specs another Microsoft solution without considering alternatives is choosing their CV over sovereignty.
If you’re a CTO, audit what you actually control versus what you’re renting from Redmond. If you’re in procurement, ask vendors where the data lives and who has jurisdiction. If you’re a developer, contribute to European open source alternatives instead of assuming American platforms are fate.
The hard times are here. The only way back to good ones is building our way out, one procurement decision at a time.
And if that sounds difficult or inconvenient? Good. We chose easy for a couple of decades. Now we do it the hard way.
Seems like a lot of work to still have data that can be exfiltrated by the US.
Another goal with this is to muddy the waters on the word "sovereign" in relation to tech e.g. "cloud". This is a big reason why they've chosen this exact name. Now every discussion regarding it is more prone to devolve into "but what does it really mean!? Amazon has a 'sovereign cloud'!!". Taking time away from discussing the core and actual sovereign cloud.
It's the umpteenth despicable play by US big tech. It doesn't matter what guarantees they give, the US is in charge of anything remotely related to Amazon, even if they set up "independent subsidiaries", do everything through "local partners" and what not.
They’ll get a national security letter for sure, but no one’s going to jail.
But for context the head of the FED is currently investigated for criminal charges, governors, mayors, judges etc. Why is a CEO of a company so special? Within hours the board can appoint another one.
Anyway, the entire structure and premise of this business is that they cannot do that. A court cannot put a CEO in jail just because partner businesses do not follow his orders. Do you think it is maybe remotely possible, that Amazons lawyers and architects understand this a little bit better than you do?
I'm thinking they checked it out, they checked it out a couple of times.
There are some details in this comment from the other day: https://news.ycombinator.com/item?id=46641592
Transcribed (not translated): https://www.senat.fr/compte-rendu-commissions/20250609/ce_co...
Video: https://videos.senat.fr/video.5460497_6847c70b82594
Reports by third parties:
https://www.theregister.com/2025/07/25/microsoft_admits_it_c...
https://www.forbes.com/sites/emmawoollacott/2025/07/22/micro...
Edit/note: The main point AWS makes is indeed by whom/where this offering is operated. But, Microsoft stated that even though they made an environment so that the data lives entirely within the EU they may be compelled to transmit the data back.
In the US, rule of law does not matter any more in practice. That is the problem. You can't even say it's "rule by mob" - at least the mob had an honor codex, the current administration doesn't give a single flying fuck about anything any more. Might makes right.
Or they just want to make lots of money
I find it fascinating that the goal is to staff this exclusively with EU citizens, thereby excluding non-citizen residents of the EU.
> Replicating a broadly practiced mitigation mechanism that is established in EU institution and government hiring practices, operational control and access will be restricted to EU citizens located in the EU to ensure that all operators have enduring ties to the EU and to meet the needs of our customers and partners.
- https://www.aboutamazon.eu/news/aws/aws-european-sovereign-c...
https://docs.aws.amazon.com/whitepapers/latest/aws-fault-iso...
Normal AWS (`aws`) traces to `us-east-1`. AWS GovCloud (US) (`aws-us-gov`) is distinct, based in `us-gov-west-1`. AWS in China (`aws-cn`) is distinct again, based in `cn-north-1`.
The AWS European Sovereign Cloud is implemented as a distinct partition – `aws-eusc` based in `eusc-de-east-1` – so it has exactly as much in common with normal AWS as AWS GovCloud (US) or AWS in China.
> The AWS European Sovereign Cloud will be capable of operation without dependency on global AWS systems so that the AWS European Sovereign Cloud will remain viable for operating workloads indefinitely even in the face of exceptional circumstances that could isolate the AWS European Sovereign Cloud from AWS resources located outside the EU, such as catastrophic disruption of transatlantic communications infrastructure or a military or geopolitical crisis threatening the sovereignty of EU member states.
Appears to be in Massen: https://www.lr-online.de/lausitz/finsterwalde/investition-in...
> Two market investigations will assess whether Amazon and Microsoft should be designated as gatekeepers for their cloud computing services, Amazon Web Services and Microsoft Azure, under the DMA, in other words whether they act as important gateways between businesses and consumers, despite not meeting the DMA gatekeeper thresholds for size, user number and market position.
I wouldn't trust Amazon with my data if I was an EU citizen. As a US citizen I don't even trust Amazon with my own data. This is why I support de-Google, de-Microsoft, and de-Apple computing.
I know at least one major European bank made it a requirement upon AWS to provide essentially this service. I believe back around 2020 or maybe a bit earlier.
But it probably started as a way to comply with EU laws more easily, so it works on multiple levels.
I really hope that Europe will get its act together rather than relying on this half-hearted solution.
I think Europe should push for its own solutions rather than fuel oligarchy/authoritarianism, if they are serious about their own security and preserving liberal values.
Fuck, man. Imagine potentially losing a country because you couldn’t be bothered to host your own mail.
I’ve been banging on for at least a decade (to anyone who will listen) about how handing over every email, document, and operational process to US tech companies was a catastrophic strategic mistake.
Now Mr. Trump’s threatening tariffs against European allies for conducting military exercises… in their own territories... Suddenly everyone’s talking about “sovereign clouds” (btw: its still US tech giants, whom are beholden to the “CLOUD act”; which if you didn’t know: gives the US govt access to all of your data winkwink).
Funny how that works. Funny the timing of it.
I understand how it happened: CFOs saw Office 365 and saw “dollar signs”… cheaper IT, less compliance risk!! Heads of state saw American tech leadership and saw safety. IT professionals saw Microsoft certifications and saw career security. What we actually bought was dependence dressed up as convenience, and we’re now paying the bill with our negotiating position.
Sweden, like the rest of Europe, voluntarily put nearly every organisation’s communications, files, and operational data into American hands. We didn’t need to be invaded. We subscribed.
The US soft power here is monumental. Why bother with tanks when you already own the infrastructure we run our societies on?
We spent decades choosing comfort over sovereignty because we genuinely believed the post-Cold War order was permanent. Turns out “nobody ever got fired for buying Microsoft” had a rather significant asterisk: unless geopolitics gets spicy again.
Surprise.
So what now? We can’t unwind a decade of procurement decisions overnight, but we can stop digging. Every new SaaS contract that puts European data on American infrastructure deepens the dependency. Every IT professional who specs another Microsoft solution without considering alternatives is choosing their CV over sovereignty.
If you’re a CTO, audit what you actually control versus what you’re renting from Redmond. If you’re in procurement, ask vendors where the data lives and who has jurisdiction. If you’re a developer, contribute to European open source alternatives instead of assuming American platforms are fate.
The hard times are here. The only way back to good ones is building our way out, one procurement decision at a time.
And if that sounds difficult or inconvenient? Good. We chose easy for a couple of decades. Now we do it the hard way.