upvote

points

by well_ackshually4 hours ago |
comments
upvoteby cedws4 hours ago|
[-]
I haven't looked into the details but I remember from the announcement that the EU cloud is owned specifically by an EU entity headed by EU citizens. There would be no point spinning up a 'sovereign cloud' beholden to the US.
reply
upvoteby Garlef3 hours ago|
parent|
[-]
... And this entity is again owned by AWS. And so the cloud act still applies.

> There would be no point spinning up a 'sovereign cloud' beholden to the US.

Of course: It gives (both sides) a narrative that let's them pretend everything is alright.

reply
upvoteby progbits2 hours ago|
parent|
next
[-]
Edit: Looks like the below is not true. However, such setup is technically possible and if they were serious about making it truly isolated from US influence, it can be done.

Original comment: No it's not owned by AWS. It's a separate legal entity with EU based board and they license the technology from the US company.

reply
upvoteby Garlef2 hours ago|
parent|
next
[-]
This source says it's 100% owned by AWS USA:

https://openregister.de/company/DE-HRB-G1312-40853

reply
upvoteby progbits1 hours ago|
parent|
[-]
Hmm I'm not sure how to interpret that page but it looks like you are right, I'll edit my comment. I was told by GCP PMs that is how the GCP/tsystems setup is structured (see sibling comment) and that it mirrored AWS setup, but maybe that was not correct.
reply
upvoteby overfeed2 hours ago|
parent|
prev|
[-]
How difficult would it be for the "independent" licensor to exfiltrate data from the "sovereign cloud" via logging or replication?

The control-planes have to be completely independent for anything approaching real independence, not just some legal fiction that's lightly different[1] from the traditional big-tech practice of having an Irish subsidiary licensing the parent company's tech for tax optimization purposes.

1. No different at all, according to sibling comment.

reply
upvoteby progbits1 hours ago|
parent|
[-]
I don't know about AWS but I dealt with some (small / tangential) aspects of the GCP setup: https://www.t-systems.com/dk/en/sovereign-cloud/solutions/so...

It is completely separate. There isn't a shared control plane. You don't manage this in the GCP console, its a separate white-label product.

Any updates GCP wants to push are sent as update bundles that must be reviewed and approved by the operator (tsystems). During an outage, the GCP oncall or product team has no access and talks to operator who can run commands or queries on their behalf, or share screenshots of monitoring graphs etc.

(This information is ~3 years stale, but this was such fundamental design principle that I strongly doubt it has changed)

reply
upvoteby UltraSane2 hours ago|
parent|
prev|
[-]
How would the cloud act apply if none of the employees of the AWS European Sovereign Cloud are US citizens?
reply
upvoteby Garlef2 hours ago|
parent|
[-]
> Courts can require parent companies to provide data held by their subsidiaries.

https://en.wikipedia.org/wiki/CLOUD_Act

reply
upvoteby UltraSane36 minutes ago|
parent|
[-]
But they would have no way to actually compel anyone who isn't a US citizen. The worst the US could do is fine Amazon until it complied.
reply