Skip to main

You are here

AWS unveils independent governance model for European sovereign cloud

Amazon Web Services (AWS) has advanced its digital sovereignty strategy with the formal launch of a new governance structure for the AWS European Sovereign Cloud, set to go live by the end of 2025. The initiative includes the establishment of a German-incorporated parent company, a dedicated Security Operations Center (SOC), and a leadership team entirely composed of EU citizens residing within the bloc.

Heading the new entity will be Kathrin Renz, a German national and current AWS vice president of industries, who will serve as managing director. Amazon claim Renz will be legally bound to act in the interest of the sovereign cloud business, with responsibility for governance, compliance, and security operations.

The AWS European Sovereign Cloud is designed to provide European customers—particularly public sector organisations and highly regulated industries—with the full capabilities of AWS services while meeting strict sovereignty requirements. According to AWS, the platform will feature independent operational infrastructure, legally mandated EU-only access controls, and no critical dependencies on non-EU systems.

"We’re taking a unique approach," said Renz. “Customers tell us they don’t want to choose between feature-limited solutions or the full power of AWS, so we’ve designed the AWS European Sovereign Cloud to address European digital sovereignty requirements while maintaining the services portfolio, security, reliability, and performance that customers expect from AWS.”

To reinforce operational autonomy, AWS will deploy a dedicated European Certificate Authority and its own instance of Amazon Route 53, while authorised personnel will retain access to replicated source code for continuity in the event of global disruption. A legally independent advisory board made up exclusively of EU citizens will oversee compliance and governance, including at least one independent member unaffiliated with Amazon.

A recent survey by UK cloud firm Civo revealed that over 60% of UK IT leaders believe the government should cease procuring cloud services from U.S. providers, citing data sovereignty and the potential risks associated with foreign control over critical infrastructure. Central to these apprehensions is the U.S. CLOUD Act, which permits U.S. authorities to access data stored overseas by American companies, potentially conflicting with the European Union's General Data Protection Regulation (GDPR) . This legal dichotomy has prompted European organizations to reevaluate their cloud strategies to ensure compliance and protect sensitive information.

The first region of the AWS European Sovereign Cloud will launch in Brandenburg, backed by a €7.8 billion investment. It is part of a wider €250 billion investment Amazon says it has made across Europe since 2010.