ai-benchmark/tests/summarization/www.infoq.com_news_2026_01_aws-european-sovereign-cloud.txt

Amazon Web Services has launched its European Sovereign Cloud to general availability, marking a €7.8 billion investment in physically and logically separated infrastructure. The service, now available in Brandenburg, Germany, aims to address European regulatory requirements and growing geopolitical concerns about U.S. access to data. While AWS emphasizes that the cloud will be operated exclusively by EU residents under a new German parent company structure, significant questions persist about whether this separation can truly protect against U.S. government data requests. The infrastructure uses partition name aws-eusc and region name eusc-de-east-1, operating completely separately from AWS's global regions. All components, including dedicated IAM, billing systems, and Route 53 name servers using European Top-Level Domains, remain within EU borders. AWS European Sovereign Cloud GmbH, a new German parent company with three subsidiaries handling infrastructure, certificate management, and employment, manages the operations. Stéphane Israël, an EU citizen, serves as managing director alongside Stefan Hoechbauer, vice president of AWS Germany and Central Europe. An AWS software development engineer who deployed services to the European Sovereign Cloud confirmed that the technical isolation exists in practice. Writing on Hacker News, the engineer explained: AWS has set up proper boundaries between the European Sovereign Cloud (ESC) and global AWS. Since I'm based out of the US, I can't see anything going on in ESC, even in the service we develop. To fix an issue there, we have to play telephone with an engineer in ESC... All data is really 100% staying within ESC. The engineer also warned about trade-offs, noting that isolation "really slows down debugging issues. Problems that would be fixed in a day or two can take a month." Despite this technical isolation, practitioners and analysts have raised fundamental concerns about legal protection. Sam Newman, an independent technology consultant, wrote on LinkedIn: Unless I've misunderstood the US patriot act (which is possible), the new EU AWS Sovereign cloud offering does nothing to protect customer data from being accessed by the US government. So I'm not entirely sure what this is for, other than companies wanting to pay (I assume) a premium to look like they are doing something in the face of a more erratic US regime. Marko Teklic, an ICT solutions coordinator, echoed similar concerns, noting that under the Foreign Intelligence Surveillance Act and CLOUD Act, AWS, as a U.S.-headquartered company, remains subject to U.S. jurisdiction for its European operations. The CLOUD Act allows U.S. authorities to request data from cloud providers regardless of the cloud provider's physical location. Courts can require parent companies to produce data held by subsidiaries, which could make AWS European Sovereign Cloud GmbH's separate structure legally insufficient. A commenter in a Reddit thread outlined the mechanism: The act applies to 'all electronic communication service or remote computing service providers that operate or have a legal presence in the U.S.' Courts can require parent companies to provide data held by their subsidiaries. Some believe AWS's structure might offer protection. One Hacker News user suggested that, under European governance, Amazon could tell the U.S. government that EU employees refused to comply with data requests because doing so would violate EU law. Skeptics countered that AWS could work around this by obfuscating commands to local employees or by temporarily sending U.S. employees to Europe. Practitioners have posed pointed questions that AWS hasn't answered. S. Maud asked on Jeff Barr's LinkedIn post whether AWS would comply if the U.S. government issued a Cloud Act warrant for military operations data stored in the sovereign cloud. Sebastian Vogelsang raised technical concerns about remote intervention: What prevents a remote kill switch? If AWS corporate or the US government directed that this infrastructure be disabled, what technical or legal mechanism would prevent that? Is the software stack fully independent, or does it rely on licenses, updates, or control planes that could be revoked from outside the EU? The software trust issue extends beyond operations. While Hacker News commenters noted that AWS's Nitro hypervisor team is based in Berlin, questions remain about the broader AWS software stack. Has it been audited for backdoors? Could code developed in the U.S. contain mechanisms for remote access? When asked whether AWS European Sovereign Cloud resembles AWS's China regions, principal cloud architect Ivo Pinto confirmed it's "even a better comparison than govcloud." Yet there's a crucial difference: AWS China operates through independent Chinese companies (Sinnet and NWCD), while AWS European Sovereign Cloud remains wholly owned by Amazon.com Inc. Eric Swanson from CarMax explained what the offering actually achieves: US ownership and headquarters mean US law can still apply to the provider, regardless of where the infrastructure runs. Sovereign cloud offerings do not override the Patriot Act. They mainly reduce overlap across other contexts: data location, operational control, employee access, and customer jurisdiction. Organizations seeking sovereignty without U.S. ownership have European alternatives available, including German provider Hetzner, French provider Scaleway, Swiss provider Infomaniak, and StackIT by Schwarz Digits (Lidl's parent company), which multiple commenters on LinkedIn and Reddit highlighted as genuinely European sovereign cloud options. The service launches with approximately 90 AWS services, with plans to expand through sovereign Local Zones in Belgium, the Netherlands, and Portugal. AWS projects the €7.8 billion investment will contribute €17.2 billion to the European economy over 20 years. AWS now competes with Microsoft and Google Cloud's S3NS offering, developed with Thales. Mark Surrow noted on LinkedIn that Microsoft "had to admit it directly in a French court" that it cannot guarantee data sovereignty for EU customers. The fundamental question persists: can any U.S.-owned sovereign cloud protect European data from U.S. government access under the CLOUD Act and FISA? Until AWS answers this, organizations with strict sovereignty requirements may look elsewhere. About the Author Steef-Jan Wiggers Steef-Jan Wiggers is one of InfoQ's senior cloud editors and works as a Domain Architect at VGZ in the Netherlands. His current technical expertise focuses on implementing integration platforms, Azure DevOps, AI, and Azure Platform Solution Architectures. Steef-Jan is a regular speaker at conferences and user groups and writes for InfoQ. Furthermore, Microsoft has recognized him as a Microsoft Azure MVP for the past fifteen years. Show moreShow less
==============
Amazon представила европейский суверенный облачный сервис, вложив 7,8 миллиарда евро в инфраструктуру, разделенную на физическую и логическую. Сервис, доступный в Бранденбурге, Германия, предназначен для соответствия европейским нормативным требованиям и геополическим опасениям, связанным с доступом США к данным. Хотя AWS утверждает, что облако будет эксплуатироваться исключительно гражданами ЕС под новой немецкой структурой, остаются серьезные вопросы о том, может ли такая разделенность действительно защитить от запросов правительства США. Инфраструктура использует имя AWS-eusc и регион eusc-de-east-1, работающие полностью независимо от глобальных регионов AWS. Все компоненты, включая выделенные IAM, системы выставления счетов и DNS-серверы с использованием европейских доменных имен верхнего уровня, остаются в пределах ЕС. AWS European Sovereign Cloud GmbH, новая немецкая компания-материнская компания с тремя дочерними компаниями, занимающимися инфраструктурой, управлением сертификатами и трудоустройством, управляет операциями. Стефан Израэль, гражданин ЕС, является генеральным директором, работающим вместе со Стефаном Хохбауэром, вице-президентом AWS Germany и Central Europe. Инженер по разработке программного обеспечения AWS, развернувший сервисы в Европейском суверенном облаке, подтвердил, что техническая изоляция действительно существует. Несмотря на техническую изоляцию, эксперты и аналитики высказывают серьезные опасения по поводу юридической защиты. Существуют сомнения, могут ли суверенные облачные сервисы, принадлежащие американским компаниям, защитить данные клиентов от доступа правительства США. AWS, как компания, зарегистрированная в США, остается под юрисдикцией США, даже если инфраструктура размещена в ЕС. Предлагаемые альтернативные варианты европейских провайдеров, такие как Hetzner, Scaleway и Infomaniak, также рассматриваются как возможные решения. Вопрос о том, могут ли суверенные облачные сервисы, принадлежащие американским компаниям, защитить данные клиентов от доступа правительства США, остается открытым.