As if a €7.8 billion investment wasn’t enough indication that AWS is serious about the European Sovereign Cloud, the company also hammered home the importance of Europe and its sovereign cloud proposition in our region during re:Invent 2024. In addition, it made an important announcement that should drive the European Sovereign Cloud’s rollout once it formally goes live. We spoke at the event with Max Peterson of AWS, the VP Sovereign Cloud tasked with leading this project.
In an earlier article that we wrote based on a conversation with AWS’ general manager in the Benelux, Danielle Gorlick, we talked at length about the company’s ambitions in the Benelux and in Europe. Europe and the AWS European Sovereign Cloud play an important role in AWS’s strategy, even though the company is the last hyperscaler to actively pursue the creation of a sovereign cloud.
Not the first, but a very serious player
At first, AWS didn’t really feel the need to offer a sovereign cloud. In a conversation with us, Steve Schmidt, the Chief Security Officer of all of Amazon, was very clear about this as recently as the summer of 2022. According to him, the AWS cloud infrastructure was and is sovereign by design, thanks in part to the way the company developed the Nitro hypervisor. However, a 7.8 billion investment down the road this viewpoint seems to have changed.
Mind you, AWS is spreading the investment over a number of years, up to 2040. By hyperscaler standards, that’s not an exorbitant amount, if you hear how much money goes into developing a hyperscaler’s “normal” offerings. However, it certainly isn’t an amount to sneeze at either.
AWS European Sovereign Cloud is on track
With the above as context, we enter the conversation with Peterson. He has been working at AWS since 2012, for a long time in the company’s service provider business. However, after the Digital Sovereignty Pledge that AWS sent out just before re:Invent 2022, the company was looking for someone to lead the pack around (data) sovereignty. So that became Peterson. “Customers regularly asked us about it, too,” according to him, so it was a logical step for AWS to take. “We wanted to give customers the controls to help them with sovereignty,” he continues. The basis of this, by the way, is still just largely the Nitro base that AWS has always had, but within a separate offering, he reiterates. “Now, however, it was mostly about how sovereign-by-design could be used by customers,” according to him.
The launch of the AWS European Sovereign Cloud took place in October 2023. That is, that is when AWS announced it. It will become generally available at the end of 2025 (in December), a goal that AWS is also likely to meet as things stand, we hear from Peterson. You don’t set up a sovereign cloud overnight, that much is clear. It requires discussions with a host of regulators in Europe, among other things. That’s quite a big job in itself. Peterson is well aware of the fact that while Europe (more specifically, the EU) is a single bloc, it is made up of a wide variety of countries.
How is AWS tackling the European Sovereign Cloud?
AWS is certainly not going about it overnight. It wants to take a thorough approach to this project. “For economic growth and innovation, access to cloud technology is super important,” Peterson outlines the need for this thorough approach. This includes determining the amount of control customers want, demand and need in the various parts. “We want to give customers a spectrum of choices and give them as much control as they need,” he said.
To achieve this, AWS obviously keeps an eye on EU laws and regulations. Think of things like DORA and NIS2. In addition, countries often have additional requirements. In the Netherlands, for example, there is BIO, which stands for Baseline Informatiebeveiliging Overheid, which translate to Baseline Information Security Government. This is a framework for the public sector, which does not necessarily include the same things as guidelines coming from the EU, although there will obviously be some overlap. AWS also wants to integrate these things per country into the sovereign offering. “These are extensions that we build per country and add to the zones there. Customers can then implement this themselves, or leave it to AWS partners,” Peterson added.
When it comes to partners for the European Sovereign Cloud, AWS obviously has the global partners like Deloitte and Accenture, but also works with local partners and with parties like T-Systems. Those partners basically already have all the infrastructure and such in place to roll it out to customers, so for them it’s an interesting additional entry point with their customers.
AWS Digital Sovereignty Competency: a stamp of approval for partners
AWS has obviously made all sorts of agreements with all its partners about how they can and should offer the company’s offerings to customers. For the European Sovereign Cloud, however, it wants to go a step further. To that end, AWS is announcing today during re:Invent a new AWS specialization: AWS Digital Sovereignty Competency.
AWS Digital Sovereignty Competency aims to connect customers with trusted partners who can best help them with their needs and requirements around compliance and other issues. Peterson sees partners playing a crucial role in the success of the European Sovereign Cloud and wants to leave as little as possible to chance. We gather from his words that he expects there will be quite a lot of differences between customers in what they need. Simply choosing the strictest interpretation and rolling it out widely does not send the right signal to customers, in his opinion. It should really be possible to configure this almost per customer.
Below, for completeness, you can see a picture with the logos of all launch partners for AWS Digital Sovereignty Competency:
Partners who receive a stamp of approval within this new specialization should deliver what AWS wants to achieve in this space. Peterson emphasizes at this point, by the way, that the European Sovereign Cloud basically offers everything to customers that is now also offered from AWS. In other words, there is no intention to compromise. The European Sovereign Cloud will also offer more than 90 services to customers. This includes services like SageMaker, Amazon Bedrock and Amazon Q. The difference from AWS’ generic cloud offerings is mainly in things like IAM and billing, to name two things. AWS builds an IAM environment separate from the variant it uses globally. The same goes for billing.
Expanding the role of AWS Outposts
When it comes to data sovereignty and control over data, it’s not just about major regions, availability zones and local zones. Peterson is also talking about dedicated local zones, or local zones for specific organizations. Furthermore, Peterson sees an interesting new role for AWS Outposts. These edge instances of the AWS public cloud are becoming a lot more important, especially in industries where data sovereignty and laws and regulations weigh heavily.
In part to get AWS Outposts ready for deployment as part of the European Sovereign Cloud, AWS has made some announcements in recent days/weeks that should be mentioned here. These are Static Stability and Satellite Resiliency.
Static Stability and Satellite Resiliency for AWS Outposts
The names of the new features of Outposts already hint at the intent of them. Static Stability means that AWS Outposts will continue to function even if the connection to the cloud is (temporarily) lost. Normally, there is almost always a connection to an AWS region. Workloads running on EC2 on Outposts that also have an EC2 instance running in the background (in the cloud region or local zone) will continue to work. Note that it does not work when using Amazon EBS volumes in the background.
Satellite Resiliency also makes it possible to have connectivity to the cloud in environments where it is not obvious or where it is lost. This is possible through a connection made to low-orbit satellites.
A final recent development around AWS Outposts that has to do with providing sovereignty to customers is about the storage that customers attach to it. There may be certain needs and requirements associated with that as well. The storage offered by AWS itself is then not always an option. That is why it is now making Outposts suitable for use with third-party storage. More specifically, AWS Outposts will also support block storage arrays from NetApp and Pure Storage.
Why should customers choose the AWS European Sovereign Cloud?
Clearly, AWS is serious when it comes to the European Sovereign Cloud. Even though they didn’t really seem to believe in it before, if customers are asking for it and there is increasing pressure from laws and regulations, it will simply have to come up with a proposition as well. Otherwise, it’s going to cost AWS serious revenue in the long run. And that, of course, is never the intention.
However, AWS is not the only hyperscaler to come up with a sovereign cloud. Microsoft Azure, Google Cloud and Oracle have also announced some things. So the key question we ask Peterson is why he is convinced customers will choose AWS. “We offer more services, a huge partner ecosystem and the tools customers want to use in their own region anyway,” he answers.
AWS vs Microsoft, Google Cloud, Oracle and VMware
Dissecting Peterson’s answer, we can certainly see relative to Microsoft and Google Cloud that AWS seems to go much further in its offerings. With those other two, it still remains mostly somewhat half-hearted attempts. Think of Microsoft Cloud for Sovereignty (which we previously called a wash) from an Azure perspective. Or collaborations with parties such as T-Systems (Google Cloud) and Atos (Microsoft) in individual member states (Germany and France, respectively). It is not always clear which services are offered and which are not.
Oracle, on the other hand, has fully gone for a sovereign cloud offering. In terms of completeness, this is comparable to the AWS European Sovereign Cloud. That is, Oracle also claims that it offers a complete set of services. In this comparison, it is mainly AWS’ ecosystem that is a lot more comprehensive. It is many times larger in global cloud revenue than Oracle’s OCI anyway. That also irrevocably translates into a broader partner ecosystem.
The last alternative we want to briefly mention here is VMware. With the status that company has in private clouds, it has a good and very natural story around sovereign clouds. It doesn’t suffer from perceived outside access anyway. It only provides the technology; partners have to do the rest themselves. In addition, with more than 20 years of history, VMware also has a large partner ecosystem (even though Broadcom has done its best recently to change that). However, VMware cannot match AWS’ service offerings. With its focus on VCF, it is building it out (think Private AI), but is nowhere near the level that AWS is at. The question is also whether it will ever get there.
AWS shows promise, once the European Sovereign Cloud is available
All in all, then, AWS definitely seems well-positioned to make the European Sovereign Cloud a success. According to Peterson, it stands out mainly in the transparency it offers about what it is and what it is not: “Other providers announce things while not being clear about exactly what services are offered. We are very clear about that.”
Whether transparency, a broad offering and a large partner ecosystem are going to be enough to convince customers is, of course, the question. What matters most is what customers expect and demand from a sovereign cloud. If that is also covered by other players in the market, the battle is not easily won. In that respect, it is a good move by AWS to further expand Outposts with new capabilities and support for storage from other players. That’s typically something customers like to see.
For now, however, the first thing is for AWS to actually make the European Sovereign Cloud generally available. For that, we need to be patient for another year. A lot can happen in a year. Not only at AWS, but also at competitors.