Amazon Web Services (AWS) has unveiled the independent European governance structure for the AWS European Sovereign Cloud, the creation of a dedicated Security Operations Center, and the establishment of a new parent company that will be led by European Union (EU) citizens and bound by local legal requirements. Kathrin Renz, who currently serves as vice president of AWS Industries, will serve as the company’s first managing director.
The AWS European Sovereign Cloud will be the only fully-featured, independently operated sovereign cloud, backed by strong technical controls, sovereign assurances, and legal protections. Customers and partners using the AWS European Sovereign Cloud will benefit from the full power of AWS including the same service portfolio, security, availability, performance, familiar architecture, APIs, and innovations such as the AWS Nitro System. Launching by the end of 2025, the AWS European Sovereign Cloud will combine operational autonomy with expansive AWS services to meet the stringent sovereignty needs of European governments and enterprises.
European-based control, governance, and operations
AWS will establish a new European organisation and operating model for the AWS European Sovereign Cloud, with a new parent company and three subsidiaries incorporated in Germany. The management team leading this new parent company will include the managing director and a government security and privacy official, who will all be EU citizens residing in the EU.
AWS will establish an independent advisory board for the AWS European Sovereign Cloud, legally obligated to act in the best interest of the AWS European Sovereign Cloud. Reinforcing the sovereign control of the AWS European Sovereign Cloud, the advisory board will consist of four members, all EU citizens residing in the EU, including at least one independent board member who is not affiliated with Amazon. The advisory board will act as a source of expertise and provide accountability for AWS European Sovereign Cloud operations, including strong security and access controls and the ability to operate independently in the event of disruption.
Building on deep experience running AWS services for the most sensitive workloads around the world, the AWS European Sovereign Cloud is designed with the unmatched operational resilience our customers expect from AWS. The design of the AWS European Sovereign Cloud enables it to continue operations indefinitely, even in the event of a connectivity interruption between the AWS European Sovereign Cloud and the rest of the world.
European customers and governments benefit from the resilient AWS architecture that features multiple Availability Zones with independent power, networking, facilities, and security capabilities that make these critical operations possible. To support continuity even under extreme circumstances, authorized AWS employees of the AWS European Sovereign Cloud, who are EU residents, will have independent access to a replica of the source code needed to maintain the AWS European Sovereign Cloud services.
Experienced European leadership
Kathrin Renz, the first managing director of the AWS European Sovereign Cloud, is a German national who brings deep global and European expertise to the position with more than two decades of experience in the global technology sector, including key roles in European technology and large enterprises. Based in Germany and acting as the most senior leader of the AWS European Sovereign Cloud, Renz will be legally bound to act in the best interest of the AWS European Sovereign Cloud and will be responsible for overseeing decisions related to corporate governance, compliance, and security, while ensuring the AWS European Sovereign Cloud complies with all applicable laws and regulations in Germany and the EU.
“We’re taking a unique approach with AWS European Sovereign Cloud. Customers tell us they don’t want to choose between feature-limited solutions or the full power of AWS, so we’ve designed the AWS European Sovereign Cloud to address European digital sovereignty requirements while maintaining the services portfolio, security, reliability, and performance that customers expect from AWS,” said Kathrin Renz, managing director of AWS European Sovereign Cloud.
“Our investment in the AWS European Sovereign Cloud reinforces our commitment to Europe’s digital future – driving cloud and AI adoption is at the heart of Europe’s innovation agenda, and this solution will enable customers to accelerate innovation, while meeting their digital sovereignty needs.”
Operational autonomy in Europe
AWS is committed to independent and continuous operations; the AWS European Sovereign Cloud will have no critical dependencies on non-EU infrastructure. Everything needed to operate the AWS European Sovereign Cloud is in the EU: the talent, the technology, the infrastructure, and the leadership. In addition to independent infrastructure, there will be zero operational control outside of EU borders; only AWS employees, residing in the EU, will control day-to-day operations, including access to data centres, technical support, and customer service for the AWS European Sovereign Cloud.
The AWS European Sovereign Cloud will have dedicated networking infrastructure and connectivity from European providers via AWS Direct Connect, allowing customers to have an autonomous connection to the AWS European Sovereign Cloud. The AWS European Sovereign Cloud will have its own dedicated Amazon Route 53, providing customers with a highly available and scalable Domain Name System (DNS), domain name registration, and health-checking web services.
The Route 53 name servers for the AWS European Sovereign Cloud will use only European Top Level Domains (TLDs) for their own names. AWS will also launch a dedicated “root” European Certificate Authority, so that the key material, certificates, and identity verification needed forSecure Sockets Layer/Transport Layer Security (SSL/TSL) certificates can all run autonomously within the AWS European Sovereign Cloud. AWS Direct Connect, Amazon Route 53, and the AWS European Certificate Authority will be available at launch on the AWS European Sovereign Cloud.
Secured in Europe
The AWS European Sovereign Cloud will be secured by a dedicated European Security Operations Center (SOC) that mirrors global security practices. Security is foundational to digital sovereignty and AWS is architected to be the most secure global cloud infrastructure on which to build, migrate, and manage applications and workloads.
AWS has always been secure by design, defining industry-leading practices, technologies, and controls that are deeply integrated across all layers, from the physical data centres to the network design, and service architectures, ensuring robust security and data protection for customers’ applications and data. The SOC will be supported by a dedicated security leader who will be an EU citizen residing in the EU. The security leader will be responsible for advising the managing director and supporting customers and regulators in Europe on security-related matters.
To satisfy customer requirements for the AWS European Sovereign Cloud, we are introducing the Sovereign Requirements Framework (SRF). The SRF is a comprehensive set of technical, legal, and operational sovereignty controls that were developed from the sovereignty expectations of our customers, requirements of regulatory bodies across the EU, industry leading framework guidance, and the needs of our implementation partners. Customers will have access to assurance reports via AWS Artifact, ensuring full traceability of control design and operational effectiveness.
Longstanding commitment to Europe
Amazon’s roots in Europe run deep, and we’ve been contributing to economic growth and job creation for more than 25 years. This includes investing more than €250 billion since 2010 and employing more than 225,000 people across the continent. Many of these employees have been with us for more than a decade and play a role in some of the foundational services we build for customers. For example, the teams at our research and development centers in Ireland and Germany help contribute to developing cutting-edge technology for Amazon Elastic Compute Cloud (Amazon EC2), including the AWS Nitro System that powers all our modern EC2 instances, and Amazon Linux.
Our approach to digital sovereignty is to continue to make AWS sovereign-by-design – as it has been from day one – and for our existing Regions in Europe to operate through European corporate entities subject to local laws. The first AWS European Sovereign Cloud Region builds on this rich European history and will launch in the State of Brandenburg, Germany, by the end of 2025, backed by a €7.8 billion investment. The AWS European Sovereign Cloud will offer a comprehensive suite of services and a wide range of AWS Partner Solutions, allowing customers to take full advantage of the breadth and depth of AWS.
Learn more about the AWS European Sovereign Cloud at aws.eu.
See more stories here.
