Introduction

From day one, Amazon Web Services (AWS) has given customers control over their data and choices for how they secure and manage that data in the cloud. In November 2022, we introduced the AWS Digital Sovereignty Pledge, our commitment to offering all AWS customers the most advanced set of sovereignty controls and features available in the cloud. We pledged to work to understand the evolving needs and requirements of both customers and regulators, and to rapidly adapt and innovate to meet them. AWS provides solutions that help our customers with the heavy lifting of compliance so that they can invest their valuable time and resources into the work of furthering their own organizational missions. The AWS European Sovereign Cloud is a direct result of that commitment and a new option to enable our customers to achieve their goals.

AWS offers secure, reliable, and extensive global cloud infrastructure. Our approach from the beginning has been to make AWS sovereign-by-design. We built data protection features and controls in the AWS Cloud with input from some of the world's most security- and data privacy-conscious organizations, including financial services, healthcare, and government customers. This has led to innovations such as the AWS Nitro System, which is a set of a specialized hardware, software, and firmware components that powers all our modern Amazon Elastic Compute Cloud (Amazon EC2) instances. The Nitro System provides a strong physical and logical security boundary to enforce access restrictions so that nobody, including AWS employees, can access customer data running in Amazon EC2 including in fulfillment of a law enforcement request.

"By design the Nitro System has no operator access. There is no mechanism for any system or person to log in to EC2 Nitro hosts, access the memory of EC2 instances, or access any customer data stored on local encrypted instance storage or remote encrypted EBS volumes. If any AWS operator, including those with the highest privileges, needs to do maintenance work on an EC2 server, they can only use a limited set of authenticated, authorized, logged, and audited administrative APIs. None of these APIs provide an operator the ability to access customer data on the EC2 server. Because these are designed and tested technical restrictions built into the Nitro System itself, no AWS operator can bypass these controls and protections."

— The Security Design of the AWS Nitro System whitepaper

The security design of the Nitro System has also been independently reviewed and affirmed by the NCC Group in a public report.

"AWS asserts several security claims regarding how the Nitro System is designed to prevent AWS employees from accessing customer data. The claims are enumerated in the Claims portion of this report. The Nitro System had been designed to achieve security goals covering these claims by providing a total system administration, management, and monitoring infrastructure that operates from the hardware level up through provisioning and deployment and end-of-life of systems. AWS has no secondary or alternative paths of access to Nitro EC2 host systems. This scale of thoroughness and the appropriate alignment of security goals with sustainable and achievable business practices enabled AWS to design a system that would support very strong security and customer privacy claims. As a matter of design, NCC Group found no gaps in the Nitro System that would compromise these security claims."

— NCC Group, Public Report – AWS Nitro System API & Security Claims, published May 3, 2023

With AWS, customers have always had control over the location of their data and choices for how they secure and manage that data in the cloud. For example, in Europe, customers have the choice to deploy their data to any of our eight existing AWS Regions (Ireland, Frankfurt, London, Paris, Stockholm, Milan, Zurich, and Spain) to keep their data securely in Europe. Six of these AWS Regions are in Member States of the European Union (EU). In these AWS Regions, customers can use the broadest and deepest portfolio of services, including AI, analytics, compute, database, Internet of Things (IoT), machine learning, mobile services, and storage. To further support customers, we've innovated to offer them more control and choice over their data. For example, we announced further transparency and assurances, and new dedicated infrastructure options with AWS Dedicated Local Zones.

We know that customers in Europe want to adopt the cloud but might need to comply with local and industry requirements such as data residency in the EU and Member States, European operational autonomy, resilience, and compliance programs (for example, ISO 27001, SOC 1 and 2, KRITIS, PCI-DSS, C5, CSA STAR, and so on). We believe that customers should not have to choose between the full power of AWS or feature-limited sovereign cloud solutions. Therefore, in October 2023, we announced our plans to launch the AWS European Sovereign Cloud, a new, independent cloud for Europe, designed to help public sector organizations and customers in highly regulated industries meet their evolving sovereignty and compliance needs. The AWS European Sovereign Cloud will launch its first AWS Region in the State of Brandenburg, Germany by the end of 2025. Available to all AWS customers, this effort is backed by a €7.8B investment in infrastructure, jobs creation, and skills development.

This document provides an overview of the planned design and goals of the AWS European Sovereign Cloud.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Design goals