Sovereign Cloud 2026 Compared: AWS European Sovereign Cloud, STACKIT, IONOS & Co.
If you’re looking for a sovereign cloud in 2026, the honest answer is: there is no single the sovereign cloud — there are three paths with very different degrees of sovereignty. First, the US hyperscalers with a European substructure — above all the AWS European Sovereign Cloud, generally available since January 14, 2026, technically serious, but with roughly a 15% price premium and a legally unresolved CLOUD Act question. Second, German and European providers like STACKIT, IONOS, T-Systems, and OVHcloud, which offer genuine ownership-level sovereignty but not the full hyperscaler catalog. Third, price-performance specialists like Hetzner and Scaleway for everyone whose priority is running independent and cheap. Which path fits depends on what “sovereign” actually has to mean for you — and that’s exactly what we break down here.
TL;DR
- The AWS European Sovereign Cloud has been live since January 14, 2026 (Brandenburg region, its own partition, EU-only staff, dedicated German legal entities) — but at launch only ~90 services instead of 240+, two Availability Zones, no CloudFront, barely any GPUs, and a ~15% price premium.
- Whether this construct actually neutralizes the US CLOUD Act is legally unresolved — the parent company remains Amazon.com Inc.
- The German alternatives have grown up: STACKIT is investing EUR 11 billion in data centers, IONOS has been cooperating with the BSI (Germany’s Federal Office for Information Security) since January 2026 and is building an air-gapped cloud for ~200 federal agencies, and T-Systems runs several sovereignty models in parallel.
- Only five providers hold the Gaia-X Label Level 3 (headquartered in Europe and beyond the reach of third-country laws like the CLOUD Act) — OVHcloud is one of them.
- Price-performance: according to Callista (Feb. 2026), Hetzner delivers ~14.3x the compute value of AWS — but raised prices by 30–37% on April 1, 2026 (DRAM crisis).
- The market is exploding: Gartner projects ~USD 80 billion in sovereign cloud IaaS spending for 2026 (+35.6%). This article is an assessment, not legal advice.
Why did cloud sovereignty suddenly become a board-level issue in 2026?
Three developments are pushing the topic out of the IT department and into the executive suite. First, the money: Gartner puts sovereign cloud IaaS spending at around USD 80 billion for 2026 — up 35.6%. This is no longer a niche market.
Second, the EU is creating measurable yardsticks for the first time. The Cloud Sovereignty Framework from DG DIGIT (the European Commission’s digital services directorate, October 2025) defines 8 sovereignty objectives and five levels from SEAL-0 to SEAL-4. “Sovereign” can no longer be claimed at will — it has to be rated. On top of that comes the Cloud and AI Development Act, on the table as a Commission proposal since June 3, 2026 — with the goal, among others, of tripling EU data center capacity.
Third, Gaia-X has used its labels to make a hard truth visible: the highest label, Level 3, requires a headquarters in Europe and that the provider sits beyond the reach of third-country laws like the US CLOUD Act. Only five providers currently clear that bar — among them OVHcloud, Europe’s largest cloud provider. Anything with a US parent company cannot, by definition, reach Level 3, no matter how European the setup is built.
AWS European Sovereign Cloud: real substance, one open question
The AWS European Sovereign Cloud (ESC) has been generally available since January 14, 2026; the first region is Brandenburg (eusc-de-east-1). And let’s be fair: this is not a marketing sticker but a construct in its own right. The ESC runs in its own partition (aws-eusc), physically and logically separated from the rest of AWS, operated exclusively by EU staff through dedicated German legal entities, and overseen by an advisory board made up entirely of EU citizens. AWS plans to invest EUR 7.8 billion and create around 2,800 jobs by 2040.
The reality still has rough edges. A Cloudvisor analysis from January 2026 lists the key limitations:
- Only ~90 services at launch — versus 240+ in the standard EU regions
- Two Availability Zones instead of the usual three
- No CloudFront (CDN) and barely any GPU instances — a real problem for AI workloads right now
- ~15% price premium on core services like EC2, S3, RDS, and Lambda
And then there’s the question no one can answer with a straight face: does this construct neutralize the US CLOUD Act? The parent company remains Amazon.com Inc., and whether the legal separation would hold up when it matters is simply unresolved. Anyone promising you absolute certainty here — in either direction — is selling you an opinion as a fact.
What do the German providers offer?
STACKIT (Schwarz Group — the retail group behind Lidl and Kaufland — Heilbronn) positions itself as a “sovereign hyperscaler” for mid-market companies and the public sector. The numbers behind it deserve to be taken seriously: EUR 11 billion in data center investment (completion in 2027), seven data centers across Europe, and expansion into at least three more countries in 2026. With the European Sovereign Stack Standard (ES3) introduced in 2026 and its four maturity levels, STACKIT is also trying to give the industry its own sovereignty benchmark.
IONOS signed a cooperation agreement with the BSI in January 2026 and is the first German provider with a BSI C5 attestation (Germany’s cloud security audit standard). For ITZBund, the German federal government’s central IT service provider, IONOS is building an air-gapped private cloud for around 200 federal agencies — and with the AI Model Hub, it offers a platform for sovereign AI inference, meaning AI models that run entirely on German infrastructure.
T-Systems is running several tracks at once: T Cloud Public as a sovereign hyperscaler alternative, an Nvidia-powered “Industrial AI Cloud” (which increases GPU capacity in Germany by 50%), the OpenStack-based Open Telekom Cloud — plus a “Sovereign Cloud powered by Google Cloud,” including an air-gapped variant. That’s pragmatic: you choose the degree of sovereignty, not the vendor choosing it for you.
Delos Cloud (an SAP subsidiary, operated by Arvato on a Microsoft stack) has had a second operations center in the Leipzig area for geo-redundancy since early 2026; the pilot customer is the Federal Employment Agency (Bundesagentur für Arbeit). What matters for you: Delos is exclusively for public administration — as a private-sector company, you simply can’t buy it.
What about price-performance? Hetzner, Scaleway, OVHcloud, Exoscale
Sovereignty doesn’t have to be expensive — quite the opposite. Hetzner is the price-performance leader: a Callista analysis from February 2026 credits it with roughly 14.3x the compute value of AWS, plus 20 TB of traffic included. The flip side: on April 1, 2026, Hetzner raised prices by 30–37% — driven by the DRAM crisis, in which server DRAM contract prices rose 43–48% in Q4 2025 alone. And Hetzner stays IaaS-focused: if you’re expecting a broad managed-PaaS portfolio, you won’t find it there.
Scaleway delivers ~4.8x the price-performance of AWS, plus ARM instances and generative AI APIs. OVHcloud, as Europe’s largest provider and a Gaia-X Level 3 holder, is the obvious choice when maximum legal independence is what counts — in France additionally backed by the SecNumCloud qualification (the French national security certification issued by ANSSI). Exoscale (A1 Group, Switzerland) deliberately targets SMEs, with zones in Frankfurt, Munich, and Vienna, among others.
The comparison at a glance
| Provider | Origin / owner | Sovereignty approach | What to watch out for |
|---|---|---|---|
| AWS ESC | USA (Amazon.com Inc.) | Own partition, EU staff, German legal entities | Only ~90 services, 2 AZs, ~15% premium, CLOUD Act question open |
| STACKIT | Germany (Schwarz Group) | “Sovereign hyperscaler”, ES3 standard, 7 data centers in Europe | Data center build-out still in progress (completion 2027) |
| IONOS | Germany | BSI cooperation, first BSI C5 attestation by a German provider, AI Model Hub | Air-gapped project targets federal agencies (ITZBund) |
| T-Systems | Germany (Telekom) | Multiple models up to air-gapped, Industrial AI Cloud | One sovereign variant is based on the Google Cloud stack |
| Delos Cloud | Germany (SAP/Arvato) | Microsoft stack, geo-redundant (Leipzig since early 2026) | Public administration only — not available to private companies |
| OVHcloud | France | Gaia-X Label Level 3, largest EU provider | SecNumCloud qualification applies in France |
| Hetzner | Germany | EU provider, price-performance leader (~14.3x vs. AWS), 20 TB traffic included | IaaS-focused, no broad managed PaaS, prices +30–37% since April 1, 2026 |
| Scaleway | France | EU provider, ARM instances, generative AI APIs | Price-performance ~4.8x vs. AWS — strong, but below Hetzner’s level |
| Exoscale | Switzerland (A1 Group) | SME focus, zones incl. Frankfurt, Munich, Vienna | Deliberately tailored to SMEs |
And Microsoft? The sovereignty-washing debate
Microsoft has delivered: the EU Data Boundary was completed on February 26, 2025, and the Sovereign Public Cloud and Sovereign Private Cloud have been generally available since late 2025. Still, one sentence hangs over the entire segment, and you should know it: on June 10, 2025, Anton Carniaux, chief legal officer of Microsoft France, declared under oath before the French Senate that he could not guarantee that data belonging to French citizens would never be handed over to US authorities without consent.
That’s not Microsoft-bashing — it’s the most honest public statement about the limits of what a US provider can contractually guarantee. And it applies structurally to the AWS construct just the same: as long as the parent company is subject to US law, a residual risk remains that no European subsidiary structure has demonstrably eliminated. That’s exactly why the Gaia-X Level 3 criterion is worded so strictly.
Which path fits your company?
Distilling what we see in our project work at Rocket-Monkeys:
- You need the full AWS toolbox and “sovereign enough” will do? Then the ESC is an option — budget for the ~15% premium, the two AZs, and the GPU gap, and check whether the services you actually need are among the ~90 available.
- Sovereignty is a hard requirement (regulators, tenders, customer demands)? Then look at STACKIT, IONOS, T-Systems, or OVHcloud — and for maximum legal independence, specifically at Gaia-X Level 3.
- Costs dominate and you have DevOps skills in-house? Hetzner and Scaleway deliver a multiple of the compute per euro — if you can live without managed PaaS.
- You want sovereign AI workloads? Here, IONOS (AI Model Hub) and T-Systems (Industrial AI Cloud) are currently more concrete than the ESC with its GPU shortage.
You’ll find a continuously updated overview of providers, labels, and decision criteria on our cloud sovereignty page.
Honesty also means saying this: a lot is in flux. Whether the ESC construct legally neutralizes the CLOUD Act is open. The Cloud and AI Development Act is only a Commission proposal so far. And the SEAL level model still has to prove itself in practice. This article is a technical and strategic assessment based on the state of play as of June 2026 — not legal advice. For contract and data protection questions, qualified legal counsel belongs at the table.
Want to talk it through, no strings attached?
If you want to know which degree of sovereignty your workloads actually need — and which one just costs money — let’s talk. In a free initial conversation, we at Rocket-Monkeys will look at your architecture, your compliance requirements, and the real costs of the alternatives together. Just drop us a line at info@rocket-monkeys.com. We look forward to hearing from you.