AWS European Sovereign Cloud puts data, operations, and oversight inside the EU

Amazon has made the AWS European Sovereign Cloud generally available to customers across the European Union, backed by a €7.8 billion investment. According to AWS, the funding will support infrastructure buildout, staffing, and long-term operations, and is expected to drive regional economic activity and job creation over the coming years.

A separate cloud built for EU requirements

The AWS European Sovereign Cloud operates as a distinct cloud environment. Infrastructure, services, and operations are located entirely within the EU. AWS designed the platform to function independently from its existing global regions. The company said the cloud can continue operating even if connectivity to infrastructure outside the EU becomes unavailable.

The first deployment is located in the German state of Brandenburg. The region includes multiple availability zones with redundant power and networking. AWS plans additional sovereign Local Zones in Belgium, the Netherlands, and Portugal. These zones are intended to support workloads that require in-country processing and lower latency.

Governance under European legal entities

Dedicated European legal entities have been established to operate the sovereign cloud. These entities are incorporated under German law and handle daily operations, service delivery, and customer support. Operational roles are held by personnel based in the EU, with a longer-term transition toward staffing exclusively with EU citizens.

The governance model includes an independent advisory board composed of EU citizens. The board provides oversight on operational integrity and compliance commitments, supporting regulatory expectations around jurisdiction and accountability.

Controls for data residency and access

“As with our existing AWS Regions around the world, all your content remains within the Region you select unless you choose otherwise. Beyond content, customer-created metadata including roles, permissions, resource labels, and configurations also stays within the EU. The infrastructure features its own dedicated AWS Identity and Access Management (IAM) and billing system, all operating independently within European borders,” said Sébastien Stormacq, VP for Germany and Central Europe at Amazon Web Services.

Certificate authority services are handled by European trust service providers. Domain Name System services use European top-level domains. These design choices aim to support sovereignty requirements across networking, identity, and cryptographic services.

Compliance programs and independent audits

The AWS European Sovereign Cloud is undergoing third-party audits. AWS reported alignment with widely used security and assurance standards, including ISO and SOC reporting frameworks. National information security authorities are involved in attestation processes for the environment.

AWS also published a Sovereign Reference Framework. This framework documents controls related to governance independence, operational authority, and technical isolation. The company said the framework is intended to provide transparency for customers assessing risk and compliance obligations.