AWS European Sovereign Cloud

Build, migrate and manage your applications and workloads on secure-by-design infrastructure backed by a dedicated Security Operations Centre with independent compliance validation and assurance. This includes key certifications, such as ISO/IEC 27001:2022, SOC 1/2/3 reports and BSI C5 attestation, all validated regularly by independent auditors to ensure that our controls are designed appropriately and operate effectively to help you satisfy your compliance obligations.

Find out more about AWS European Sovereign Cloud compliance programmes

Benefit from continuous AWS innovation, including the comprehensive service portfolio, security, availability, performance, familiar architecture, European partner solutions and APIs.

Deploy workloads with no critical dependencies on infrastructure outside of the EU, with enhanced data residency and operational resilience within the EU. Keep all your content and the metadata you create (such as the roles, permissions, resource labels and configurations you use to run AWS) in the EU.

Access technical support and customer service from within the EU. With zero operational control outside of EU borders, only AWS employees residing in the EU will control day-to-day operations, including access to data centres, technical support and customer service for the AWS European Sovereign Cloud.

Though separate, the AWS European Sovereign Cloud offers the same industry-leading architecture built for security and availability as other AWS Regions. This will include multiple Availability Zones (AZs), infrastructure that is placed in separate and distinct geographic locations, with enough distance to significantly reduce the risk of a single event impacting customers’ business continuity. Each AZ has multiple layers of redundant power and networking to provide the highest level of resiliency. All AZs in the AWS European Sovereign Cloud are interconnected with fully redundant, dedicated metro fibre, providing high-throughput, low-latency networking between AZs. All traffic between AZs is encrypted.

In addition, AWS has announced plans to add AWS Local Zones in Belgium, the Netherlands, and Portugal. These Local Zones will be connected to the AWS European Sovereign Cloud German Region using the Amazon redundant and very high-bandwidth private network, giving applications running in Local Zones fast, secure, and seamless access to the rest of AWS services.

Customers who have more stringent isolation or residency needs will have the option to use AWS Local Zones, AWS Dedicated Local Zones or AWS Outposts to extend AWS European Sovereign Cloud infrastructure in locations they select including their own on-premises data centres.

The AWS European Sovereign Cloud is designed to help customers meet their digital sovereignty requirements, including data residency within the EU, operational autonomy and management by EU-based personnel. However, regulatory requirements can vary depending on your country,
jurisdiction, industry or use case. While the AWS European Sovereign Cloud provides tools to support compliance, we recommend customers work closely with their compliance and security teams to ensure all applicable requirements are met for their particular situation.

As with all existing AWS Regions, the AWS European Sovereign Cloud will provide customers with control over the storage, transfer and encryption of their data to meet their data sovereignty needs. With AWS European Sovereign Cloud, AWS is going further and enabling customers to keep all the metadata they create (such as the roles, permissions, resource labels and configurations that they use to run AWS) in the EU. Because the AWS European Sovereign Cloud is an independent AWS Region, no customer-created metadata will leave the Region without customer permission. The AWS European Sovereign Cloud also has independent Identity and Access Management, billing and metering systems.

One of the foundational components of how AWS European Sovereign Cloud enables verifiable trust of technical controls and delivers assurance is through our compliance programmes and assurance frameworks. These programmes help customers understand the robust controls in place at AWS European Sovereign Cloud to maintain security and compliance of the cloud. The AWS European Sovereign Cloud will maintain key certifications such as ISO/IEC 27001:2022, System and Organisation Controls (SOC) reports and Cloud Computing Compliance Criteria Catalogue (C5) attestation, all validated regularly by independent auditors to assure our controls are designed appropriately, operate effectively and can help customers satisfy their compliance obligations.

Access more FAQ here.