The sovereign AWS European cloud made in Germany
- Expert Cloud
- Oct 7
- 5 min read
AWS European sovereign cloud, planned for the end of 2025 is emerging and get full support from Germany. The new German parent company will oversee everything from infrastructure and operational control to technical support and customer service, backed by a dedicated European Security Operations Center (SOC). The first cloud “region” will be launched in the state of Brandenburg.
The European Union is at the forefront of privacy and security legislation, and its privacy monitoring body launched an investigation last year into the public sector's use of cloud-based services to verify that they comply with its privacy safeguards.
Amazon had earlier been targeted by European regulators for failing to comply with EU rules on competition and data privacy.
But with the introduction of AWS European Sovereign Cloud and €7.8 billion of investment planned between now and 2040, Amazon is determined to comply with EU laws and regulations.
The CSP 's offer has strong support from several European countries, including Germany, Finland, the Czech Republic, and Romania.
The new AWS European sovereign cloud made in Germany
Amazon's cloud computing division is setting up a new parent company and three subsidiaries in Germany to operate the new European sovereign cloud, to meet the requirement of locating its headquarters in the EU.
What matters here is not so much the legal structure itself but rather the physical location of the data and services operated.
With the launch of this new European “sovereign” cloud, AWS ensures that customers will be able to keep all metadata in the EU, including roles, permissions, resource tags, and configurations.
Located and operated in European data centers, AWS European Sovereign Cloud will be physically and logically separated from existing AWS regions and will have a dedicated European Security Operations Center (SOC).
In addition to an independent infrastructure, AWS confirms that they will be no operational control outside the EU. Only AWS employees residing in the EU will control day-to-day operations, including data center access, technical support, and customer service for AWS's European sovereign cloud.
As for existing AWS regions, EU customers will have total control and assurance that Amazon won't access their data or may use it for any purpose without their consent.
The service will also have its own billing and usage measurement systems.
According to Max Peterson, Vice President of Sovereign Cloud at AWS. “For more than a decade, we have been working with governments and regulators across Europe to understand and respond to evolving needs in cybersecurity, data privacy and localization, and more recently, digital sovereignty.”
Sovereignty by design?
The AWS cloud will be sovereign by design. Customers who need more options to meet strict isolation and data localization requirements in their countries will be able to rely on existing offerings such as AWS Outposts or AWS Dedicated Local Zones.
This sovereign European cloud will offer multiple availability zones, infrastructure located in separate and distinct geographic locations, with sufficient distance to reduce the risk of an event impacting customer business continuity, while offering low latency for high-availability applications using multiple availability zones.
Each availability zone will have its own independent power supply, cooling system, and physical security, and will be connected by redundant, ultra-low-latency networks.
Germany's unwavering support
The BSI (German Federal Office for Information Security) is supporting this launch unconditionally. “AWS was the first cloud service provider to receive C5 certification.
In this respect, we are very pleased to support the local development of an AWS cloud, which will also contribute to the European sovereignty in terms of security” confirms Claudia Plattner, President of the BSI.
The BSI C5 (Catalog of Cloud Computing Compliance Criteria) has significantly shaped European cloud cybersecurity standards, so did the National French security agency (ANSSI) with its local SecNumCloud qualification.
It is legitimate to wonder whether the ANSSI will give AWS the same welcome when it will launch its sovereign cloud in France.
AWS's development of a European cloud will enable many public sector organizations and companies with high security and data protection requirements to use cloud services more easily. We are aware of the innovative power of today's cloud services and want to make them securely accessible in Germany and Europe. Claudia Plattner, President of the German Federal Office for Information Security (BSI).
Markus Richter, Chief Information Officer of the German Federal Government, said he was “very pleased to collaborate with AWS to implement sovereignty in a practical and collaborative manner in accordance with the German administration’s cloud strategy and the EVB-IT Cloud contractual standard.”
According to Stefan Schnorr, State Secretary at the German Federal Ministry for Digital Economy and Transport: "The German and European economies are on the path to digitalization. Germany's powerful Mittelstand (SME sector), in particular needs a sovereign digital infrastructure that meets the highest standards in order to remain competitive in the global market. Ensuring our digital independence requires computing power to be generated locally in Germany and more investment to be made in the digitalization of the local economy. We therefore welcome AWS's announcement to establish the European cloud in Germany."
A highly welcomed announcement from other European countries
Germany is not the only country offering its unconditional support for this AWS European launch. Jarkko Levasma, Chief Information Officer for the Finnish government at the Ministry of Finance, says that “AWS's announcement of an independent European cloud will offer organizations facing the strictest regulations more choice in their digital sovereignty strategy.”
The same sentiment was echoed in the Czech Republic by Tomas Krejci, Deputy Director of the National Cyber and Information Security Agency (NÚKIB): “AWS's announcement of an independent European cloud is indeed the right decision at the right time, which will ultimately also strengthen transatlantic collaboration.”
Dan Cimpean, director of Romania's National Cybersecurity Directorate, welcomes this initiative, which “represents a long-term investment in security and cloud computing skills in Europe.”
We might have expected European cloud providers and operators such as T-Systems, Telefonica, and Telia to react more cautiously to this announcement, but this was not the case.
The AWS solution will offer organizations greater choice when moving regulated workloads to the cloud and additional options to meet evolving digital governance requirements in the EU. Greg Hyttenrauch, Senior Vice President, Global Cloud Services at T-Systems
Technology alliances vs. sovereign clouds
Companies and public bodies are increasingly using data centers and US based technologies for public cloud services rather than building their own infrastructure. Microsoft, Orange, Cap Gemini ( with the Blue partnership), and Oracle have also launched their own “sovereign cloud” offerings for European government customers. The french CSP Thales has chosen to operate a cloud on a Google Cloud infrastructure (GCP) operated and secured in France.
Considering the investments made by hyperscalers to dominate the European sovereign cloud market, it will be increasingly difficult for medium-sized European players to gain market share, unless Europe decides to add a 100% European equity structure requirement to the existing requirements for the location of the parent company and data storage and processing.
The Eurostack initiative goes even further proposing a technically auditable framework to help policymakers distinguish real sovereignty from mere rhetoric.
Comments