The AWS European Sovereign Cloud

AWS has taken a significant step to support sovereignty: with an investment of 7.8 billion euros, the AWS European Sovereign Cloud will go live in Germany by the end of 2025. This initiative not only represents a financial commitment to the European market, but also marks a paradigm shift in the way cloud services can be offered to regulated sectors in Europe.

The recent announcements at the AWS Summit in Hamburg and on the AWS web regarding the governance structure and sovereignty controls of the European Sovereign Cloud illustrate the commitment to create a truly European cloud solution that meets the highest standards of data protection, compliance and operational autonomy. This opens up completely new opportunities for regulated industries and the public sector to take advantage of the cloud without having to compromise on sovereignty or compliance.
 

The AWS European Sovereign Cloud is more than just another AWS region. It is a completely independent cloud environment that is operated exclusively in the EU and is subject to European law. The physical infrastructure will be located in the state of Brandenburg, Germany, and is completely separate from other AWS regions.

What makes the European Sovereign Cloud special is its ability to offer the full performance and extensive service portfolio of AWS while meeting stringent digital sovereignty requirements. Customers get access to the same familiar architecture, APIs, and innovations as the AWS Nitro system, but with the assurance that their data and metadata will not leave the EU and will be operated exclusively by EU personnel.
 

At the beginning of June 2025, AWS presented the independent European governance structure for the AWS European Sovereign Cloud. This includes the establishment of a new parent company and three subsidiaries in Germany:

1. An infrastructure subsidiary that owns and operates the underlying infrastructure
2. A research and development subsidiary
3. A certification subsidiary that manages EU-based root certificates and trust services

The parent company is headed by Kathrin Renz, a German national who is currently Vice President of AWS Industries in Munich. The management team also includes a security and data protection officer, and all managers are EU citizens residing in the EU.

One particularly innovative element is the independent advisory board, which is legally obliged to act in the best interests of the AWS European Sovereign Cloud. This advisory board consists of four members, all EU citizens residing in the EU, including at least one independent member with no connection to Amazon. The Advisory Board acts as an expert body and ensures accountability in relation to sovereignty-related aspects of the business. This structure is complemented by a dedicated European Security Operations Center (SOC), which monitors and ensures the security of the platform.
 

The AWS Landing Zone Accelerator is a central component for the success of the AWS European Sovereign Cloud, especially for regulated areas. AWS recently announced new regional implementations of the Landing Zone Accelerator specifically designed to support digital sovereignty.

From the third quarter of 2025, a C5-compliant Landing Zone Accelerator will be available for Germany to support customers in meeting the requirements of the Cloud Computing Compliance Criteria Catalogue (C5). This implementation will be available in the AWS European Sovereign Cloud and will provide automated infrastructure templates aligned with regional security and compliance frameworks.

The Landing Zone Accelerator significantly simplifies cloud adoption for organizations with strict regulatory requirements. It helps companies to quickly implement compliant cloud environments, it also reduces technical complexity and it creates data sovereignty when using AWS cloud services.

The AWS European Sovereign Cloud offers specific advantages for various regulated sectors:

Public sector

Authorities and public institutions need guarantees for sovereign and legally compliant data processing. AWS has developed the AWS European Sovereign Cloud in close cooperation with European government agencies. It provides the legal and technical guarantees required for sensitive administrative and defense data. Operational autonomy in Germany and certifications such as BSI C5 make the platform ideal for use in a government environment.

Critical infrastructures (KRITIS)

Operators of critical infrastructures in areas such as energy, healthcare, and transport are subject to special supervision. Among other things, they must comply with the EU Network and Information Security Directive (NIS2) and the security standards of the German Federal Office for Information Security (BSI). The AWS European Sovereign Cloud addresses these requirements with its security concept and exclusive operation in the EU. KRITIS companies can use cloud resources without jeopardizing control over vital systems.

Financial service provider

Banks and insurers are subject to strict compliance and data protection requirements. These include the Banking Supervisory Requirements for IT (BAIT), the Digital Operational Resilience Act (DORA), the Minimum Requirements for Risk Management (MaRisk) and the guidelines of the European Banking Authority (EBA). The AWS European Sovereign Cloud offers financial institutions a solution for regulatory sensitive outsourcing abroad. It enables them to benefit from the scalability and innovative power of the AWS cloud without having to compromise on sovereignty and security.

The AWS European Sovereign Cloud removes the main barriers that have so far prevented regulated sectors from using cloud services.

Technical and legal independence

The complete physical and logical separation from other AWS regions ensures that the AWS European Sovereign Cloud can be operated without critical dependencies on non-EU infrastructure. The ability to continue operations indefinitely, even if the connection to the rest of the world is interrupted, offers an unprecedented level of autonomy.

Compliance with European data protection standards

Thanks to full data residency in the EU and operation by EU companies, the AWS European Sovereign Cloud meets the strict requirements of the General Data Protection Regulation (EU GDPR) regarding third country access. Personal data of European customers remains within the scope of the EU law, which avoids problems in connection with international data transfers.

Operational autonomy and resilience

The AWS European Sovereign Cloud has several availability zones with independent power supply, network, facilities, and security functions. This architecture has already proven its worth in critical situations; for example in supporting Ukrainian government services or developing early warning systems with artificial intelligence for flood protection.

The AWS European Sovereign Cloud represents a significant step forward for digital sovereignty in Europe. With its independent governance structure, comprehensive sovereignty controls and Landing Zone Accelerator integration, it offers a compelling solution for regulated sectors that previously had concerns about cloud usage.

The investment of 7.8 billion euros underlines AWS's long-term commitment to the European market. AWS has forecasted a significant economic impact: according to the cloud provider's estimates, the investment will contribute around 17.2 billion euros to Germany's gross domestic product by 2040. Over the same period, 2,800 full-time jobs will be created in the region—outside of AWS.

For European organizations in regulated sectors, the AWS European Sovereign Cloud opens up new opportunities to benefit from the cloud without having to compromise on sovereignty, compliance or performance. It represents an important step towards a sovereign yet innovative digital future for Europe.

As an AWS Premier Tier Services Partner with a strong sovereignty agenda, T-Systems welcomes the AWS initiative and will offer Managed Services and Professional Services for the new AWS European Sovereign Cloud right from the start.
 

Find out how External Key Management enables full control over encryption and thus supports data protection, compliance and digital sovereignty. Watch the video to learn how T-Systems helps companies meet regulatory requirements while leveraging the power of AWS. The video is in English.