Correct, this is meaningless. It's purely to provide a facade for companies and countries who are still fully in bed with US big tech, so they have something to point at and can delay the inevitable for longer.
Another goal with this is to muddy the waters on the word "sovereign" in relation to tech e.g. "cloud". This is a big reason why they've chosen this exact name. Now every discussion regarding it is more prone to devolve into "but what does it really mean!? Amazon has a 'sovereign cloud'!!". Taking time away from discussing the core and actual sovereign cloud.
It's the umpteenth despicable play by US big tech. It doesn't matter what guarantees they give, the US is in charge of anything remotely related to Amazon, even if they set up "independent subsidiaries", do everything through "local partners" and what not.
The point of setting it up as a German legal entity with US AWS having no special access is to avoid that.
All the relevant part of the CLOUD Act does is make it so when a US legal entity is asked to provide data that it controls it doesn't matter where it has stored that data. For example suppose I run an online forum. I decide to archive some records to cloud storage and remove my local copies.
I archive some of them to AWS in the US. I archive some more to a cloud provider that is in some other country and does not have any US data centers or offer services in the US (I'm going through a VPN with an endpoint in their country so they only see me using a local to them IP, and I pay via some method that doesn't tip them off that I'm American).
I get legally ordered to give copies of those archived records to law enforcement. Under the CLOUD Act I have to retrieve copies from both cloud providers and turn those over.
Note that from the foreign cloud provider's point of view nothing unusual is happening. All they see is a customer retrieving some data that that the customer previously put there, using the normal APIs that are provided for customers to do that with. They have no idea why the customer is retrieving the data.
From the way they are describing it in the article and in their FAQ at https://aws.eu/faq/ it sounds like they are setting up a German company and giving that company the rights to use a bunch of AWS technology which will be run on infrastructure owned and operated by the German company and with no operational access for US AWS. That would make it pretty much equivalent to the foreign cloud service in the example above.
The reason earlier I said "relevant part of the CLOUD Act" is that it actually did two things. One is what is described above, which for some reason is what most people focus on even though it wasn't very controversial.
The other part, which is what most opposition was over, concerned "mutual legal assistance treaties" (MLATs). These are agreements between countries to, as you might guess from the name, assist each other in law enforcement. The CLOUD Act made it so MLATs could be created through executive agreements, just requiring the Attorney General and the Secretary of State to agree that the other country had protections in place to protect US citizens.
Before the CLOUD Act MLATs were created by the executive branch negotiating the terms and then the agreement had to be ratified as a treaty by Congress, so this was a huge change.
Ofcourse the real issue that every American is a potential CIA spy. We know this from history.
Its really not that different from China. Every American will always cooperate like a good little patriot. I don't even blame them for it that is how they are brought up.
Humm no. OVH is French, OVH US is not, both are two different subsidiaries. In fact, you cannot order OVH US infrastructures with a European OVH account, you need to create a US account.
Silly to assume no data crosses the boundary also considering how US is acting like trusting any US company is pretty silly as well.
If that orange clown stays in power it won’t belong before we are at war and then you will lose access to everything overnight and all your data is theirs
Yeah, kinda, but the moment it crosses the "war" threshold the pain rapidly escalates to things like "I hope you weren't using the Texas refineries, because half of them are now on fire".
It's not like Europe isn't looking at the effect Ukraine has been having on Russia and going "hmmm, interesting". Obviously I'm still over-simplifying, anything I'm aware of will have been war-gamed do death and back.
After tipping their hands too much over prosecuting and removing Joe Nacchio, the Qwest CEO who refused the NSA, I think that any company that does as much business with the federal government as Amazon or any telecom, gets pre-vetted.
Likely the first one will immediately fold to avoid jail.
But for context the head of the FED is currently investigated for criminal charges, governors, mayors, judges etc. Why is a CEO of a company so special? Within hours the board can appoint another one.
The one thing I’ve learned without it taking a stupid long time is that there’s no more things that are too ridiculous to imagine happening. The American regime is an irrational actor. They’ll do whatever.
Well I didn't say they wouldn't cooperate (very likely they would cave to any national security letter), I said there's no way they'd end up in jail. Politicians want their donations.
Yes let's talk about all the billionaire CEOs that get sent to prison.
Anyway, the entire structure and premise of this business is that they cannot do that. A court cannot put a CEO in jail just because partner businesses do not follow his orders. Do you think it is maybe remotely possible, that Amazons lawyers and architects understand this a little bit better than you do?
I'm thinking they checked it out, they checked it out a couple of times.
Edit/note: The main point AWS makes is indeed by whom/where this offering is operated. But, Microsoft stated that even though they made an environment so that the data lives entirely within the EU they may be compelled to transmit the data back.
This issue can be resolved on the European side by effectively making the transfer of EU->US data illegal and, if detected, nationalizing the entire EU subsidiary of the US company. Would this trigger a US-EU war? Certainly, but only the blind cannot see that relations are no longer those between two allies.
Not a lawyer but from what I understand the EU law makers are acting in response to US behavior. The US has laws intended to protect US citizens that do not apply to foreigners, a system where money buys access to anything and a lust for hoarding data. Meanwhile in the EU people use US tech for everything, probably for various not very good reasons. It's kinda sad really, it should have just been properly organized. US Tech companies should really have the customers and the EU the services.
> A court cannot put a CEO in jail just because partner businesses do not follow his orders.
In the US, rule of law does not matter any more in practice. That is the problem. You can't even say it's "rule by mob" - at least the mob had an honor codex, the current administration doesn't give a single flying fuck about anything any more. Might makes right.
If Amazon is down in the US, would this work? The fact that they mention “any Amazon customer can access this” makes me think it’s intermingled / not cleanly separated and isolated from US infrastructure
AWS has the notion of "partitions", which is a technical boundary encompassing multiple regions. This mostly doesn't come up, but it does poke through in certain implementation details, like how AMI manifests for groups of regions (partitions) need to be encrypted for different public keys. Each partition has a specific region which must be targeted for certain partition-wide actions, such as managing IAM endpoints in other regions.
Normal AWS (`aws`) traces to `us-east-1`. AWS GovCloud (US) (`aws-us-gov`) is distinct, based in `us-gov-west-1`. AWS in China (`aws-cn`) is distinct again, based in `cn-north-1`.
The AWS European Sovereign Cloud is implemented as a distinct partition – `aws-eusc` based in `eusc-de-east-1` – so it has exactly as much in common with normal AWS as AWS GovCloud (US) or AWS in China.
The docs explicitly describe this cloud's independence from the US.
> The AWS European Sovereign Cloud will be capable of operation without dependency on global AWS systems so that the AWS European Sovereign Cloud will remain viable for operating workloads indefinitely even in the face of exceptional circumstances that could isolate the AWS European Sovereign Cloud from AWS resources located outside the EU, such as catastrophic disruption of transatlantic communications infrastructure or a military or geopolitical crisis threatening the sovereignty of EU member states.
From what I’m understanding, it won’t be dependent anymore on us-east-1, but this isn’t mentioned explicitly. This is great, especially if you consider that some cut cable in the ocean could literally turn off a big part of the companies in a whole continent.
The real question is whether AWS European Sovereign Cloud IAM data is still hosted in us-east-1 with zero HA. Because this is exactly the case right now if you start any workloads in the Dublin region, for example.
If the IAM in us-east-1 goes down, every non-public object or workload that needs any kind of AWS authentication will fail immediately. That is: world-readable S3 buckets are fine, but your RDS database is most likely inaccessible.
Since it is a US company, it is still subject to cloud act, US intelligence full access, and Trumps ability to ignore any and all laws and contracts.
Microsoft execs, who have similar offerings, have confirmed this under oath.
So either this is a valiant attempt by AWS that is ultimately misguided, or it is an attempt to capture customers without even a hint of legal expertise.
AWS, Azure and GC stand to lose all EU customers in the next years. They simply must, given that no data with them is secure from Trump’s admin or industrial espionage.
This does not help that
> We’re gradually transitioning the AWS European Sovereign Cloud to be operated exclusively by EU citizens located in the EU. During this transition period, we will continue to work with a blended team of EU residents and EU citizens located in the EU.
I find it fascinating that the goal is to staff this exclusively with EU citizens, thereby excluding non-citizen residents of the EU.
> Replicating a broadly practiced mitigation mechanism that is established in EU institution and government hiring practices, operational control and access will be restricted to EU citizens located in the EU to ensure that all operators have enduring ties to the EU and to meet the needs of our customers and partners.
It's similar to FedRAMP systems like AWS GovCloud (US), which can only be accessed by someone who is a US person (US citizen or lawful permanent resident) and on US soil (physically in the US at the time of access).
Fundamentally, Amazon will not promise you they will break the law. They are subject to US regulations as well as German ones (in this case). If these regulations demand your data be accessed or removed or keys compromised, it will happen. Not because of US, Germany or Amazon but because that’s how jurisdictions work. Beaides, there is no reasonably feasible method for learning what these regulations actually say on a given day, a lot of it is in bylaws and you just can’t keep track of all ministerial orders of all the applicable jurisdictions. Amazon does have an algorithm to determine course of action in case of compliance conflict, but they will not publish it for obvious reasons.
> Two market investigations will assess whether Amazon and Microsoft should be designated as gatekeepers for their cloud computing services, Amazon Web Services and Microsoft Azure, under the DMA, in other words whether they act as important gateways between businesses and consumers, despite not meeting the DMA gatekeeper thresholds for size, user number and market position.
This should be a wake-up call to a lot of SaaS companies.
It's becoming fairly clear that keeping app data purely server-side is no longer viable for customers with data sovereignty requirements.
Having a toggle button saying 'Keep my data in Europe' won't be enough either if local-first apps can actually guarantee data location, and allow users to specify which API endpoints they use.
With network monitoring verifying application behavior, privacy reduces to OS-level security.
EU, as a US citizen, go all in and ditch the US as much as you can. Not only will this bring competition, it also means that the US Government cannot grab the balls of Amazon and squeeze the EU market.
I wouldn't trust Amazon with my data if I was an EU citizen. As a US citizen I don't even trust Amazon with my own data. This is why I support de-Google, de-Microsoft, and de-Apple computing.
It is an attempt to not lose European customers that might be tempted to migrate to Europe-based solutions in the current political climate. In the event of a serious trade war (like you suggested) and/or a real war, it gives some assurances; which is smart based on the threats from the current unpredictable and authoritarian U.S. administration.
But it probably started as a way to comply with EU laws more easily, so it works on multiple levels.
How much can we trust this so-called sovereign cloud? That's a sincere question. I can't think of a more American company than Amazon, and I find it hard to believe that it could be completely independent from its American headquarters.
I really hope that Europe will get its act together rather than relying on this half-hearted solution.
They claim the "AWS European Sovereign Cloud represents a physically and logically separate cloud infrastructure, with all components located entirely within the EU" and that it operates entirely under German laws, but I think your skepticism is warranted.
I think Europe should push for its own solutions rather than fuel oligarchy/authoritarianism, if they are serious about their own security and preserving liberal values.
If you think deeply and logically, you will see that those text and even some legal details are just marketing that aims smart people. because in case of war or some serious conflict, they will be obeying the parent company and orders of usa government. see ICJ prosecutors and microsoft, you have real proof live, if you can connect some dots.
Physically separate infrastructure as well as local employees help to some extent. But it is not really sovereign cloud. There is no guarantee that employees would know if some commands are illegal. Plus parent company can fly anyone there if needed.
They’ve been planning this for a while. These datacentres and organisations don’t spring up overnight, especially at this scale.
I know at least one major European bank made it a requirement upon AWS to provide essentially this service. I believe back around 2020 or maybe a bit earlier.
I'm using OVH Cloud for a customer. There's a bit of uncertainty about the CLOUD Act. As OVH has a US subsidiary, they are still doing business in the US and I have seen claims that this makes also their EU offering susceptible to the CLOUD Act. Does anyone know more details?
Earlier discussion (4 days ago, 67 comments): https://news.ycombinator.com/item?id=46640462
It's AWS. Would it not still be subject to the CLOUD act? https://en.wikipedia.org/wiki/CLOUD_Act
Seems like a lot of work to still have data that can be exfiltrated by the US.
Correct, this is meaningless. It's purely to provide a facade for companies and countries who are still fully in bed with US big tech, so they have something to point at and can delay the inevitable for longer.
Another goal with this is to muddy the waters on the word "sovereign" in relation to tech e.g. "cloud". This is a big reason why they've chosen this exact name. Now every discussion regarding it is more prone to devolve into "but what does it really mean!? Amazon has a 'sovereign cloud'!!". Taking time away from discussing the core and actual sovereign cloud.
It's the umpteenth despicable play by US big tech. It doesn't matter what guarantees they give, the US is in charge of anything remotely related to Amazon, even if they set up "independent subsidiaries", do everything through "local partners" and what not.
So it's sovereign in the sense that the Democratic People's Republic of Korea is democratic.
The rule of thumb I got taught at school was that any country with "Democratic" in its official name is usually not.
The point of setting it up as a German legal entity with US AWS having no special access is to avoid that.
All the relevant part of the CLOUD Act does is make it so when a US legal entity is asked to provide data that it controls it doesn't matter where it has stored that data. For example suppose I run an online forum. I decide to archive some records to cloud storage and remove my local copies.
I archive some of them to AWS in the US. I archive some more to a cloud provider that is in some other country and does not have any US data centers or offer services in the US (I'm going through a VPN with an endpoint in their country so they only see me using a local to them IP, and I pay via some method that doesn't tip them off that I'm American).
I get legally ordered to give copies of those archived records to law enforcement. Under the CLOUD Act I have to retrieve copies from both cloud providers and turn those over.
Note that from the foreign cloud provider's point of view nothing unusual is happening. All they see is a customer retrieving some data that that the customer previously put there, using the normal APIs that are provided for customers to do that with. They have no idea why the customer is retrieving the data.
From the way they are describing it in the article and in their FAQ at https://aws.eu/faq/ it sounds like they are setting up a German company and giving that company the rights to use a bunch of AWS technology which will be run on infrastructure owned and operated by the German company and with no operational access for US AWS. That would make it pretty much equivalent to the foreign cloud service in the example above.
The reason earlier I said "relevant part of the CLOUD Act" is that it actually did two things. One is what is described above, which for some reason is what most people focus on even though it wasn't very controversial.
The other part, which is what most opposition was over, concerned "mutual legal assistance treaties" (MLATs). These are agreements between countries to, as you might guess from the name, assist each other in law enforcement. The CLOUD Act made it so MLATs could be created through executive agreements, just requiring the Attorney General and the Secretary of State to agree that the other country had protections in place to protect US citizens.
Before the CLOUD Act MLATs were created by the executive branch negotiating the terms and then the agreement had to be ratified as a treaty by Congress, so this was a huge change.
Ofcourse the real issue that every American is a potential CIA spy. We know this from history.
Its really not that different from China. Every American will always cooperate like a good little patriot. I don't even blame them for it that is how they are brought up.
This is absurd and frankly offensive.
AWS is subject to CLOUD the same way European providers like OVH, Hetzner, or Stack it are. All of these companies operate in the US.
Humm no. OVH is French, OVH US is not, both are two different subsidiaries. In fact, you cannot order OVH US infrastructures with a European OVH account, you need to create a US account.
So essentially like AWS' European setup?
Well the parent company in OVH's case is European, so it's the other way around.
How sovereign is a data center owned by a US firm? What does sovereign mean in this context?
it's whitewashing. The US Cloud Act means they can still take the data.
The EU sovereign partition is run by a German entity and only EU residents have access.
A German entity that reports to AWS?
AWS EU reports to amazon.com in the USA. They are legally obligated to provide any data the US government requests.
And the managing director in the EU is legally obligated not to provide the data.
The more interesting question is if a conflict will ever get public?
They can provide any data available to Amazon employees in the US. They can't provide what they do not have.
Silly to assume no data crosses the boundary also considering how US is acting like trusting any US company is pretty silly as well.
If that orange clown stays in power it won’t belong before we are at war and then you will lose access to everything overnight and all your data is theirs
Yeah, kinda, but the moment it crosses the "war" threshold the pain rapidly escalates to things like "I hope you weren't using the Texas refineries, because half of them are now on fire".
It's not like Europe isn't looking at the effect Ukraine has been having on Russia and going "hmmm, interesting". Obviously I'm still over-simplifying, anything I'm aware of will have been war-gamed do death and back.
Ultimately everyone reports to the CEO. They will just put enough Amazon CEOs to jail, until one grants access.
After tipping their hands too much over prosecuting and removing Joe Nacchio, the Qwest CEO who refused the NSA, I think that any company that does as much business with the federal government as Amazon or any telecom, gets pre-vetted.
This avoids any difficulties later.
On the list of the things I doubt nowadays, an Amazon or Amazon subsidiary CEO going to jail is way up at the top.
They’ll get a national security letter for sure, but no one’s going to jail.
Likely the first one will immediately fold to avoid jail.
But for context the head of the FED is currently investigated for criminal charges, governors, mayors, judges etc. Why is a CEO of a company so special? Within hours the board can appoint another one.
The one thing I’ve learned without it taking a stupid long time is that there’s no more things that are too ridiculous to imagine happening. The American regime is an irrational actor. They’ll do whatever.
You know that your president is about to put the head of the federal reserve in prison on trumped up charges?
The US is not s country with rule of law anymore. It is a country that is rules by power.
That still hasn't made its way through the courts.
You don't get to be the size of amazon and not be completely cooperative with the three letter agencies.
Thinking Amazon is going to be some sort of resistance is just incredibly naive. They are an extension of US power, not an independent entity.
Well I didn't say they wouldn't cooperate (very likely they would cave to any national security letter), I said there's no way they'd end up in jail. Politicians want their donations.
Yes let's talk about all the billionaire CEOs that get sent to prison.
Anyway, the entire structure and premise of this business is that they cannot do that. A court cannot put a CEO in jail just because partner businesses do not follow his orders. Do you think it is maybe remotely possible, that Amazons lawyers and architects understand this a little bit better than you do?
I'm thinking they checked it out, they checked it out a couple of times.
There are some details in this comment from the other day: https://news.ycombinator.com/item?id=46641592
MS lawyers could not do it (MS testified in France that they cannot). What make us believe that Amazon lawyers can?
Adding source for this:
Transcribed (not translated): https://www.senat.fr/compte-rendu-commissions/20250609/ce_co...
Video: https://videos.senat.fr/video.5460497_6847c70b82594
Reports by third parties:
https://www.theregister.com/2025/07/25/microsoft_admits_it_c...
https://www.forbes.com/sites/emmawoollacott/2025/07/22/micro...
Edit/note: The main point AWS makes is indeed by whom/where this offering is operated. But, Microsoft stated that even though they made an environment so that the data lives entirely within the EU they may be compelled to transmit the data back.
This issue can be resolved on the European side by effectively making the transfer of EU->US data illegal and, if detected, nationalizing the entire EU subsidiary of the US company. Would this trigger a US-EU war? Certainly, but only the blind cannot see that relations are no longer those between two allies.
Not a lawyer but from what I understand the EU law makers are acting in response to US behavior. The US has laws intended to protect US citizens that do not apply to foreigners, a system where money buys access to anything and a lust for hoarding data. Meanwhile in the EU people use US tech for everything, probably for various not very good reasons. It's kinda sad really, it should have just been properly organized. US Tech companies should really have the customers and the EU the services.
> A court cannot put a CEO in jail just because partner businesses do not follow his orders.
In the US, rule of law does not matter any more in practice. That is the problem. You can't even say it's "rule by mob" - at least the mob had an honor codex, the current administration doesn't give a single flying fuck about anything any more. Might makes right.
> Do you think it is maybe remotely possible, that Amazons lawyers and architects understand this a little bit better than you do?
Or they just want to make lots of money
If Amazon is down in the US, would this work? The fact that they mention “any Amazon customer can access this” makes me think it’s intermingled / not cleanly separated and isolated from US infrastructure
AWS has the notion of "partitions", which is a technical boundary encompassing multiple regions. This mostly doesn't come up, but it does poke through in certain implementation details, like how AMI manifests for groups of regions (partitions) need to be encrypted for different public keys. Each partition has a specific region which must be targeted for certain partition-wide actions, such as managing IAM endpoints in other regions.
https://docs.aws.amazon.com/whitepapers/latest/aws-fault-iso...
Normal AWS (`aws`) traces to `us-east-1`. AWS GovCloud (US) (`aws-us-gov`) is distinct, based in `us-gov-west-1`. AWS in China (`aws-cn`) is distinct again, based in `cn-north-1`.
The AWS European Sovereign Cloud is implemented as a distinct partition – `aws-eusc` based in `eusc-de-east-1` – so it has exactly as much in common with normal AWS as AWS GovCloud (US) or AWS in China.
The docs explicitly describe this cloud's independence from the US.
> The AWS European Sovereign Cloud will be capable of operation without dependency on global AWS systems so that the AWS European Sovereign Cloud will remain viable for operating workloads indefinitely even in the face of exceptional circumstances that could isolate the AWS European Sovereign Cloud from AWS resources located outside the EU, such as catastrophic disruption of transatlantic communications infrastructure or a military or geopolitical crisis threatening the sovereignty of EU member states.
From what I’m understanding, it won’t be dependent anymore on us-east-1, but this isn’t mentioned explicitly. This is great, especially if you consider that some cut cable in the ocean could literally turn off a big part of the companies in a whole continent.
The real question is whether AWS European Sovereign Cloud IAM data is still hosted in us-east-1 with zero HA. Because this is exactly the case right now if you start any workloads in the Dublin region, for example.
If the IAM in us-east-1 goes down, every non-public object or workload that needs any kind of AWS authentication will fail immediately. That is: world-readable S3 buckets are fine, but your RDS database is most likely inaccessible.
This is hilarious
Since it is a US company, it is still subject to cloud act, US intelligence full access, and Trumps ability to ignore any and all laws and contracts. Microsoft execs, who have similar offerings, have confirmed this under oath.
So either this is a valiant attempt by AWS that is ultimately misguided, or it is an attempt to capture customers without even a hint of legal expertise.
AWS, Azure and GC stand to lose all EU customers in the next years. They simply must, given that no data with them is secure from Trump’s admin or industrial espionage. This does not help that
Even though it’s marketing, i think they should not be allowed to call it sovereign.
Perhaps one could sue them for that.
It's marketing. Less informed CIOs or orgs with nasty migrations off of AWS will use it
> is an attempt to capture customers without even a hint of legal expertise
That's been the (very successful) business model of all those GDPR "consent management" providers.
> We’re gradually transitioning the AWS European Sovereign Cloud to be operated exclusively by EU citizens located in the EU. During this transition period, we will continue to work with a blended team of EU residents and EU citizens located in the EU.
I find it fascinating that the goal is to staff this exclusively with EU citizens, thereby excluding non-citizen residents of the EU.
It's a regulatory requirement:
> Replicating a broadly practiced mitigation mechanism that is established in EU institution and government hiring practices, operational control and access will be restricted to EU citizens located in the EU to ensure that all operators have enduring ties to the EU and to meet the needs of our customers and partners.
- https://www.aboutamazon.eu/news/aws/aws-european-sovereign-c...
It's similar to FedRAMP systems like AWS GovCloud (US), which can only be accessed by someone who is a US person (US citizen or lawful permanent resident) and on US soil (physically in the US at the time of access).
Doesn't make sense to staff it with US or North Koreans now, does it?
> AWS European Sovereign Cloud is located in the state of Brandenburg, Germany, and is generally available today.
Appears to be in Massen: https://www.lr-online.de/lausitz/finsterwalde/investition-in...
Fundamentally, Amazon will not promise you they will break the law. They are subject to US regulations as well as German ones (in this case). If these regulations demand your data be accessed or removed or keys compromised, it will happen. Not because of US, Germany or Amazon but because that’s how jurisdictions work. Beaides, there is no reasonably feasible method for learning what these regulations actually say on a given day, a lot of it is in bylaws and you just can’t keep track of all ministerial orders of all the applicable jurisdictions. Amazon does have an algorithm to determine course of action in case of compliance conflict, but they will not publish it for obvious reasons.
Commission launches market investigations on cloud computing services under the Digital Markets Act https://ec.europa.eu/commission/presscorner/detail/en/ip_25_...
> Two market investigations will assess whether Amazon and Microsoft should be designated as gatekeepers for their cloud computing services, Amazon Web Services and Microsoft Azure, under the DMA, in other words whether they act as important gateways between businesses and consumers, despite not meeting the DMA gatekeeper thresholds for size, user number and market position.
This should be a wake-up call to a lot of SaaS companies.
It's becoming fairly clear that keeping app data purely server-side is no longer viable for customers with data sovereignty requirements.
Having a toggle button saying 'Keep my data in Europe' won't be enough either if local-first apps can actually guarantee data location, and allow users to specify which API endpoints they use.
With network monitoring verifying application behavior, privacy reduces to OS-level security.
Dear smart people on HN, what do you make of this? I understand most of you are US based. Is that Amazon getting ready for serious trade war, US/EU?
EU, as a US citizen, go all in and ditch the US as much as you can. Not only will this bring competition, it also means that the US Government cannot grab the balls of Amazon and squeeze the EU market.
I wouldn't trust Amazon with my data if I was an EU citizen. As a US citizen I don't even trust Amazon with my own data. This is why I support de-Google, de-Microsoft, and de-Apple computing.
It is an attempt to not lose European customers that might be tempted to migrate to Europe-based solutions in the current political climate. In the event of a serious trade war (like you suggested) and/or a real war, it gives some assurances; which is smart based on the threats from the current unpredictable and authoritarian U.S. administration.
But it probably started as a way to comply with EU laws more easily, so it works on multiple levels.
How much can we trust this so-called sovereign cloud? That's a sincere question. I can't think of a more American company than Amazon, and I find it hard to believe that it could be completely independent from its American headquarters.
I really hope that Europe will get its act together rather than relying on this half-hearted solution.
They claim the "AWS European Sovereign Cloud represents a physically and logically separate cloud infrastructure, with all components located entirely within the EU" and that it operates entirely under German laws, but I think your skepticism is warranted.
I think Europe should push for its own solutions rather than fuel oligarchy/authoritarianism, if they are serious about their own security and preserving liberal values.
If you think deeply and logically, you will see that those text and even some legal details are just marketing that aims smart people. because in case of war or some serious conflict, they will be obeying the parent company and orders of usa government. see ICJ prosecutors and microsoft, you have real proof live, if you can connect some dots.
Physically separate infrastructure as well as local employees help to some extent. But it is not really sovereign cloud. There is no guarantee that employees would know if some commands are illegal. Plus parent company can fly anyone there if needed.
Plus some staff could be dual citizens with loyalty to the US
Not at all. Trump applies any leverage he can. "Nice US cloud you've got there... would be a shame if anything happened to it..."
It has already been discussed here a bit: https://news.ycombinator.com/item?id=46640462
They’ve been planning this for a while. These datacentres and organisations don’t spring up overnight, especially at this scale.
I know at least one major European bank made it a requirement upon AWS to provide essentially this service. I believe back around 2020 or maybe a bit earlier.
I'm using OVH Cloud for a customer. There's a bit of uncertainty about the CLOUD Act. As OVH has a US subsidiary, they are still doing business in the US and I have seen claims that this makes also their EU offering susceptible to the CLOUD Act. Does anyone know more details?
Same as AWS with their German subsidiary.
No, because the parent org is French.
[dead]
The Souvereign Cloud is as souvereign as the German Democratic Republic was democratic.
As a European citizen, AWS is forever American.
Also, “Come eat at the AWS Vegan Steakhouse!”
Jeff says it’s made from the finest vegan cows. “It’s not a trick or a word game, trust me! Oh god I really want those euros.”