AWS European Sovereign Cloud GmbH is 100% owned by Amazon.com Inc.[1] It launched in January 2026 with improved technical isolation, EU-resident operations, and a thinner managed-service catalog than the commercial AWS track.[2] Microsoft’s Sovereign Public Cloud sits in the same architectural category.[3] Neither severed the US parent-company chain. Microsoft France told the French Senate under oath on June 10, 2025, that the company cannot guarantee EU data sovereignty against US authority requests. The CLOUD Act (18 U.S.C. § 2713) and FISA Section 702 (50 U.S.C. § 1881a) apply regardless of where the data sits.[4]

On April 17, 2026, the European Commission awarded framework contracts under its Cloud III procurement, worth up to €180 million, to handle sensitive EU institutional workloads over six years.[5] Four consortia were prequalified. [6] Ten Percent Sovereign surfaced Canadian jurisdiction dependencies in the Proximus and OVHcloud consortia; they are not considered here.[7] The two clean awardees — Scaleway (Iliad/Niel) and StackIT (Schwarz Digits) — clear the SEAL-3 "Digital Resilience" bar and the legal-pathway test cleanly: no US parent, no US technology dependency at the substrate, no extraterritorial chain. The Commission's framework names this divide and prices nothing else. The buyer who reads SEAL-3 as "compliant for sensitive workloads" is also committing to a different architectural stack, one that hyperscalers cannot deliver within the sovereign lane. That commitment is the Builder Tax. It is paid in productivity. It is partially redeemed in portability. The framework prices neither.

What SEAL Is Selecting For, And What It Isn’t

Ten Percent Sovereign examined the April 17 award as a procurement signal rather than a sovereignty signal. This piece extends to the cost of the signal not surfacing.

After member states failed to agree on a European cybersecurity certification scheme for cloud services (EUCS),[9] the Commission needed an internal-market-compatible substitute it could deploy unilaterally. The Cloud Sovereignty Framework methodology, published October 20, 2025,[8] does that work. SEAL — Sovereignty Effectiveness Assurance Levels — runs from SEAL-0 (no sovereignty) to SEAL-4 (full EU supply chain from chips to software).[10] It is the measurable yardstick the Commission applied to the Cloud III procurement track without waiting for Council unanimity.

The framework’s eight objectives cover strategic, legal-and-jurisdictional, data-and-AI, operational, supply-chain, technology, security-and-compliance, and environmental dimensions, weighted to a 100% sovereignty score.[11] SEAL-3 — “Digital Resilience” — is defined as immunity from supply-chain disruption by non-EU third parties.[12]

That is a procurement signal, not a technical one. SEAL-3 says: this provider’s stack would not break if a non-EU government attempted to coerce it. It does not say: "This provider can run the workload you actually have, on the architecture you actually use.”

The framework gets the legal-pathway leg right by design. Scaleway and StackIT have no extraterritorial chain at any layer of the stack. AWS Sovereign Cloud and Azure Sovereign Cloud — the two principal hyperscaler-built alternatives — share the same legal posture: improved technical separation, EU-resident operations, customer-managed encryption. And a US parent that the CLOUD Act and FISA reach, regardless. The two products are technically distinct, legally identical. The clean SEAL-3 pool is genuinely more sovereign in the dimension the framework measures.

That is the leg the framework names. What it does not name is the cost, or what the cost incidentally delivers.

The argument matters now, not in retrospect, because mini-competitions have not yet begun. The April 17 award was the prequalification, not the workload assignment.[13] Before the first sovereign-track workload is committed to a SEAL-3 provider, the Commission will publish an updated Cloud Sovereignty Framework. Member states preparing their own procurement under CADA — the forthcoming Cloud and AI Development Act, expected on May 27, 2026, under Article 114 TFEU[14] — will look to that updated framework as a template.

The Architectural Fork

Sovereignty is a stack philosophy, not a smaller catalog. The buyer who procures sovereignty under the SEAL-3 frame is committing, without the framework saying so, to a different architectural posture. The hyperscaler-sovereign tracks cannot match it inside the sovereign lane. The clean awardees can match it only because the open-source ecosystem they participate in is cross-vendor by definition. SEAL-3 says: this provider’s stack is sovereign. What it does not say is that the architecture the buyer must run on that stack is the cloud-native commodity stack, and only that stack.

Hyperscalers compete on proprietary managed-service depth. AWS Bedrock for managed multi-vendor proprietary-frontier-model APIs. Amazon SageMaker for a full-lifecycle ML platform. AWS Lambda for serverless compute with a deep ecosystem of triggers and integrations. DynamoDB, Aurora, Step Functions, Kinesis. Azure equivalents: Azure OpenAI Service, Azure Machine Learning, Azure Functions, Cosmos DB. Google Cloud equivalents: Vertex AI, Cloud Run, Spanner. The buyer who builds on these primitives captures real productivity gains and accepts lock-in by construction.[15] Migration cost rises with every proprietary primitive consumed, because the application architecture is shaped by the primitive’s API surface rather than by an open standard.

The clean SEAL-3 awardees cannot match that proprietary depth. They do not have the engineering scale, the R&D budget, or the ten-year head start. Scaleway publishes approximately 60 distinct services; StackIT publishes 42.[16] The hyperscalers publish more than 200 each.[17] What Scaleway and StackIT can offer — and offer cleanly — is the open-source commodity stack: Kubernetes, S3-compatible object storage, PostgreSQL-compatible managed databases, Kafka-compatible streaming, OpenSearch, OpenTelemetry, Prometheus and Grafana, vLLM and SGLang for open-weight model inference, Confidential Computing primitives where available. Open standards. Portable workloads. No managed-primitive lock-in.

This is not a smaller catalog. This is a different stack philosophy.

The objection is real and worth answering directly: hyperscalers offer Kubernetes, too. Amazon EKS runs in the AWS European Sovereign Cloud region. Azure Kubernetes Service runs in Microsoft Sovereign Public Cloud. A buyer can, in principle, run pure Kubernetes on AWS Sovereign and capture portability while staying inside the hyperscaler track. The objection collapses on price and rationale. The 15% sovereign premium buys the sovereignty wrapper around the proprietary catalog above the Kubernetes layer — Bedrock, SageMaker, Lambda, the deep managed-service depth that justifies the AWS procurement decision. A buyer paying that premium for pure Kubernetes-and-open-source on AWS Sovereign is paying for sovereignty assurances, the legal pathway analysis already deemed insufficient — the parent-company chain still reaches via § 2713 — to run a workload that commodity infrastructure delivers cheaper elsewhere. The architectural fork cuts both ways.

Lock-in operates through two mechanisms. The catalog constraint: only certain primitives are natively available, and consuming them shapes the application architecture. The contract gate: production at scale requires an enterprise commitment. Hyperscaler proprietary catalogs operate simultaneously. Bedrock shapes the application around its API surface. SageMaker ties productivity gains to the enterprise commitment level. Lambda triggers lock the hardest — applications written against Lambda’s trigger ecosystem cannot be ported without rewriting the trigger logic.

The clean SEAL-3 stack has no equivalent catalog constraint. The application architecture is shaped by the open-source API, which is the same API that the buyer can deploy on Hetzner, on IONOS, on bare-metal infrastructure in a customer-controlled colocation, or migrate to a future SEAL-3 awardee. The architecture is not lock-in-shaped because the open-source standard does the work that the managed-service catalog would otherwise do.

This is what the Commission’s framework implicitly procures without naming. SEAL-3 says: this provider’s stack is sovereign. What the provider can actually deliver, given its scale and its catalog, is the cloud-native commodity stack. So the framework selects providers that — by architectural necessity, not by buyer choice — force a implement a commodity-stack architecture for every workload that lands on them. The framework prices the sovereignty. It does not name that sovereignty equals architectural commitment.

The Productivity Cost

The productivity cost is real, and it falls on the typical sensitive-workload buyer harder than on the frontier-AI workload buyer.

The managed multi-vendor proprietary-frontier-model API category is the sharpest. A buyer wanting to A/B-test Claude against GPT, Mistral, and Cohere through a single API — with managed billing, rate limits, observability, and safety filters — has that capability natively on the hyperscaler commercial track. The clean SEAL-3 pool runs no managed frontier-model service at all. Scaleway runs open-weight LLMs through its own managed inference; StackIT serves open-weight LLMs through AI Model Serving. Neither runs a multi-vendor-through-one-API service.

The European frontier-model precedent worth naming is Mistral itself. In February 2024, Mistral premiered Mistral Large first on Azure, and its frontier deployment posture has historically been multi-cloud, with Azure first.[20] Mistral Compute — restructured around 13,800 NVIDIA GB300 GPUs at the Eclairion-operated Bruyères-le-Châtel site — is now in the planning phase, not yet in commercial operation as of publication date.[21] The CIO who wants a managed frontier-model service in 2026 chooses between a hyperscaler-sovereign service (delivered partially, with US-parent exposure) and a clean SEAL-3 service (open-weight inference, self-managed).

The full-lifecycle ML platform category matches the same pattern. The hyperscaler reference is a managed, end-to-end platform that covers data preparation, training, deployment, monitoring, and governance through a single console. The clean SEAL-3 pool offers IaaS GPU access, managed Kubernetes, and open-source ML tooling (Kubeflow, MLflow, Ray, KServe). The buyer assembles the lifecycle from open-source components rather than consuming a managed abstraction. That cost hits teams shipping their first model in weeks. It disappears for teams running mature ML platforms where the open-source assembly is already in place.

The thinner managed-platform depth across managed-Kafka, FaaS with rich trigger ecosystems, managed-streaming pipelines, and multi-region active-active is the commodity-layer cost. Scaleway can offer managed Kubernetes, but its managed Kafka offering is newer and less feature-rich than its AWS counterpart. StackIT has managed PostgreSQL and managed object storage, but does not run a counterpart to Step Functions or Cosmos DB.[22] Both providers can run workloads that hyperscalers can run. Neither can run every workload. The gap is concentrated in the proprietary layer. Confidential Computing runs asymmetrically: StackIT’s Confidential Kubernetes exceeds what the hyperscaler-sovereign tracks offer in the same form factor, while AWS Nitro Enclaves and Azure Confidential VMs cover the commercial regions in ways the clean awardees do not.[22]

The engineering capacity to operate commodity-stack architecture is the second cost. A team assembling Kubernetes, vLLM, and Kafka on a SEAL-3 provider is doing more architectural work than a team consuming Bedrock, SageMaker, and Lambda on AWS commercial. In practice, this means additional DevOps and platform engineering hires—or retraining existing staff—to manage infrastructure that the hyperscaler’s managed services would otherwise abstract away. That cost falls on engineering organizations that did not budget for it when the procurement decision was made on legal-pathway grounds alone.

The productivity cost is not catastrophic. It is unevenly distributed across workload categories and is absent from the framework’s signal.

The Exit Optionality

The opposite leg of the trade is what re-architecture into the commodity stack delivers: exit from hyperscaler lock-in.

CNCF and FinOps Foundation research on cloud-native architecture has consistently shown that workloads built on standard Kubernetes APIs and open-source data infrastructure carry materially lower migration costs than workloads built on hyperscaler proprietary primitives.[23] The mechanism is straightforward: open API contracts, portable data formats, provider-agnostic observability. Migration from one Kubernetes deployment to another is a redeploy. Migration across hyperscaler proprietary stacks is a rewrite. A streaming pipeline built on Kafka-on-Kubernetes with open-source consumers can move from Scaleway to StackIT by redeploying manifests. The same pipeline built on Amazon MSK with Kinesis triggers and Lambda consumers requires rewriting every integration point.

Sovereign procurement forces commoditization. Commoditization delivers portability. The buyer that lands on Scaleway’s commodity stack today can migrate to StackIT, to a future SEAL-3 awardee, to a Hetzner deployment with BSI credentials, or to a customer-controlled colocation — at redeploy cost, not rewrite cost. The buyer on AWS Commercial who has consumed the hyperscaler-managed service stack has no equivalent path. Even the migration from AWS commercial to AWS European Sovereign Cloud is not free — the Bedrock catalog differs, GPU instances are absent, and the Lambda trigger ecosystem in the sovereign region is a subset of the commercial one.

This is the option value, not the exercise value. Most enterprise migrations do not happen. But every workload carries an embedded option to migrate, and the strike price of that option is the migration cost — a rewrite for hyperscaler-proprietary workloads, a redeploy for commodity-stack workloads. The option does not become more likely to be exercised by being cheaper to exercise. It just becomes cheaper to exercise. Pricing it as if every workload will eventually migrate overstates the benefit; pricing it at zero understates it.

The broader European commodity-stack market makes the optionality concrete. Hetzner Online GmbH operates one of the largest commodity cloud businesses in Europe, is classified by BSI as a critical infrastructure operator under KRITIS, and holds C5 Type 2 certification as of March 25, 2026.[24] IONOS Cloud Solutions generated €177 million in segment revenue in fiscal 2024, holds BSI C5 and IT-Grundschutz certifications, won the federal sovereign cloud contract for ITZBund in April 2024, and signed a strategic cooperation agreement with the BSI in January 2026.[25] Neither was prequalified for the Cloud III award. Both run the same commodity stack as the SEAL-3 awardees. A workload deployed on Scaleway or StackIT can migrate to either platform without rewriting the deployment manifests, only the application.

A company that has re-architected onto the commodity stack is less locked into any individual cloud provider than one running on hyperscaler managed services. Vendor concentration risk is lower. Migration-cost contingencies in the diligence model are lower. Exit optionality at the infrastructure layer is higher. None of this is in the SEAL designation. All of it is in the architectural pattern of the SEAL designation forces.

What Mini-Competitions Will Reveal

The SEAL-3 framework has not yet been operationally tested. The April 17 award was the prequalification. Workload mini-competitions will follow over the coming months and quarters. Three questions arise.

First: Will the productivity cost be operationally confirmed? If more than thirty percent of mini-competitions over the next twelve months produce fewer than two qualifying bids — concentrated in workloads that depend on managed frontier-model APIs, full-lifecycle ML platforms, or Lambda-trigger-shaped serverless architectures — the cost is confirmed and binding.[27]

Second: Will the carve-out volume reveal where the framework selects against itself? Workloads the SEAL-3 pool cannot serve will be granted exemptions to use SEAL-2 providers. If those exemptions accumulate into a parallel track that quietly does most of the high-value work, the framework’s signal is inconsistent with its own selection criteria.

Third: Is the optionality leg empirically real? Workloads that land on a SEAL-3 provider and subsequently migrate to a different SEAL-3 provider — or to a non-prequalified European commodity-stack provider — will demonstrate the migration-cost asymmetry the architectural fork predicts.

If mini-competitions produce competitive bids across all workload categories, if exemption volume stays marginal, and if no observable migration-cost asymmetry emerges between the commodity-stack pool and the proprietary-stack pool, the thesis is wrong and the Builder Tax does not exist.

The Builder Tax

Sovereignty in the EU cloud, on April 28, 2026, is a two-track procurement choice with a trade neither side names.

One track: AWS Sovereign Cloud and Azure Sovereign Cloud. Improved technical separation. US legal chain intact. A thinner version of the proprietary catalog, a 15% premium, and the same parent-company exposure as the CLOUD Act and FISA reach.

The other track: Scaleway and StackIT. Legal-pathway test cleared by construction. A commodity stack — Kubernetes, S3-compatible storage, open-source data infrastructure, open-weight inference — that costs the buyer the proprietary catalog’s productivity gains and delivers, in exchange, exit from the lock-in that catalog enforces. The exit is not theoretical: Hetzner and IONOS run the same commodity stack outside the SEAL-3 pool, and a workload built on open standards can move between any of them at redeploy cost.

The framework names neither side of the trade. It rates the providers and sends a signal — that SEAL-2 carve-outs are equivalent options for sensitive workloads — that flattens the divide the legal-pathway analysis surfaces. Mini-competitions will reveal what the framework has been quiet about.

The Builder Tax is the productivity loss on the managed-service layer that the clean awardees cannot deliver. It is partially redeemed by portability — exit from hyperscaler lock-in — that the commodity-stack architecture delivers. The Tax falls harder on CTOs running mature managed-service platforms, where the productivity cost is the binding constraint, than on CISOs, who should weigh the legal-pathway leg more heavily and treat the productivity cost as cost-of-compliance. Diligence should weigh exit optionality even more heavily.

I would recommend applying two tests to any SEAL-tier vendor evaluation. First, evaluate which managed primitives the provider can deliver natively, which require rearchitecture, and which are unavailable. Second, clarify the legal-pathway exposure of the proposed architecture — parent-company chain, supplier chain, EU-only operational independence — for the workload’s data sensitivity. A SEAL-3 designation that does not answer those questions is a sovereignty score, not a procurement signal.

The Commission’s updated framework will determine whether the Builder Tax becomes a priced cost in EU public-sector AI infrastructure or remains silent inside a procurement signal. The decisions made in the next six months are the decisions that get templated into the regulatory architecture.

The framework scores sovereignty. It does not mention the productivity the buyer loses or the portability the buyer gains. Every company should decide whether the latter is worth paying for the former.

Notes

[1] AWS, “AWS Launches AWS European Sovereign Cloud and Announces Expansion Across Europe,” Potsdam, January 15, 2026. The AWS European Sovereign Cloud GmbH parent structure is detailed in AWS’s own published documentation; the operating entity is wholly owned by Amazon.com Inc. The Brandenburg datacenter region opened with two Availability Zones at GA. See also AWS Security Blog, “Opening the AWS European Sovereign Cloud,” January 15, 2026.

[2] AWS European Sovereign Cloud service catalog at general availability: approximately 90 services with plans to expand. Two Availability Zones at launch. Pricing premium of approximately 15% versus commercial EU regions, per independent benchmarking by tecRacer across EC2, S3, RDS, and Lambda price points (cited and analyzed by Cloudvisor). Bedrock available at GA but limited to Amazon Nova Lite and Nova Pro models — Anthropic Claude, Mistral, Meta Llama, and other proprietary frontier models are absent. No GPU instances. No CloudFront. Source: AWS European Sovereign Cloud documentation; comparative analysis per Cloudvisor, “Sovereignty as a Service: The AWS European Sovereign Cloud is Live,” published shortly after launch. AWS publishes “200+ services” globally; the comparison figure is Cloudvisor’s, not an AWS-published number. AWS European Sovereign Cloud also achieved SOC 2 Type 1 and C5 Type 1 attestation reports plus seven ISO certifications covering 69 services on March 16, 2026 — see AWS Security Blog, “AWS European Sovereign Cloud achieves first compliance milestone.”

[3] Microsoft Sovereign Public Cloud — the Microsoft-operated EU-Data-Boundary track — is generally available across European Azure datacenter regions for European customers, supporting Azure, Microsoft 365, Microsoft Security, and Power Platform. The track adds Data Guardian (EU-resident operator approval), External Key Management (customer-controlled encryption), and Regulated Environment Management to the commercial Azure platform. See Microsoft Learn, “What is Microsoft Sovereign Cloud?”. Distinguish from Microsoft Sovereign Private Cloud (Azure Local-based, customer-deployed) and National Partner Clouds — these are different products. The Sovereign Public Cloud is the AWS European Sovereign Cloud architectural analog for the comparison in this piece.

[4] AWS European Sovereign Cloud GmbH is 100% owned by Amazon.com Inc. per AWS’s published structure. Microsoft Sovereign Public Cloud runs on Microsoft Corporation infrastructure; Microsoft Corporation is a US-incorporated entity. The CLOUD Act’s compelled disclosure provision (18 U.S.C. § 2713) requires US-incorporated providers to produce data within their “possession, custody, or control” regardless of where the data is stored. FISA Section 702 (50 U.S.C. § 1881a) authorizes warrantless collection of non-US persons’ communications by US intelligence agencies. The Court of Justice of the European Union’s Schrems II ruling (Case C-311/18, July 16, 2020) cited Section 702 as incompatible with EU fundamental rights. Microsoft France told the French Senate under oath on June 10, 2025 that the company cannot guarantee EU data sovereignty against US authority requests; the testifying witnesses were Anton Carniaux (Director of Public and Legal Affairs, Microsoft France) and Pierre Lagarde (Technical Director, Public Sector). The hearing was held by the Senate inquiry commission on public procurement and digital sovereignty, chaired by Senator Simon Uzenat. Carniaux’s response to the question of whether Microsoft could guarantee that French citizens’ data would not be transmitted to US authorities without French consent was: “Non, je ne peux pas le garantir.” See SDxCentral, “Microsoft tells French lawmakers it can’t protect user data from US demands,” July 2025; Senate transcript at senat.fr. AWS contests the framing, citing its own Supplementary Addendum and zero-disclosure record since June 2020 (”there have been no data requests to AWS that resulted in disclosure of enterprise or government content data stored outside the U.S. to the U.S. government” — AWS, “Clarifying Lawful Overseas Use of Data Act,”). The legal exposure is statutory, not retrospective enforcement: the absence of past disclosure does not eliminate the possibility of future ones. For broader analysis of the AWS and Microsoft sovereign cloud legal architectures, see Julien Simon, “Two Sovereign Clouds, One Legal Wall,” February 2026.

[5] European Commission, “Commission advances cloud sovereignty through strategic procurement,” April 17, 2026. The Cloud III procurement is structured as a Dynamic Purchasing System with an estimated total value of up to €180 million over six years.

[6] Ibid. The Commission also prequalified two further consortia — a Post Telecom consortium with OVHcloud and CleverCloud, and a Proximus consortium that uses S3NS, Clarence and Mistral. This piece’s analysis focuses on Scaleway and StackIT as the clean reference pool because the other two prequalified consortia carry documented foreign-jurisdictional exposure (the OVHcloud Canadian subsidiary case examined in The Sovereignty Mirage, December 4, 2025; and the Datacenter United ownership structure following the February 28, 2025 Proximus datacenter sale to a Cordiant Capital-managed investment vehicle). The piece’s binary thesis tracks the cleanly comparable cases.

[7] Julien Simon, “Ten Percent Sovereign,” The AI Realist, April 17, 2026.

[8] European Commission, Cloud Sovereignty Framework, Version 1.2.1, October 20, 2025.

[9] On the EUCS deadlock and the Commission’s response, see European Cybersecurity Certification Scheme for Cloud Services (EUCS) drafting history at the Interoperable Europe Portal; ENISA, Cloud Cybersecurity Certification Scheme market and status pages, 2024–2025.

[10] The SEAL scoring scheme — SEAL-0 (no sovereignty), SEAL-1 (Jurisdictional Sovereignty), SEAL-2 (Data Sovereignty), SEAL-3 (Digital Resilience), SEAL-4 (Full Digital Sovereignty: complete EU control across the supply chain) — is documented in European Commission, Cloud Sovereignty Framework, Version 1.2.1 (October 20, 2025). For the April 17, 2026 procurement, the Commission set SEAL-2 as the minimum eligibility threshold; the prequalified Scaleway and StackIT consortia clear SEAL-3.

[11] The eight Cloud Sovereignty Framework objectives, with their published weights summing to 100% of the Sovereignty Score: SOV-1 Strategic Sovereignty (15%); SOV-2 Legal and Jurisdictional Sovereignty (10%); SOV-3 Data and AI Sovereignty (10%); SOV-4 Operational Sovereignty (15%); SOV-5 Supply Chain Sovereignty (20%); SOV-6 Technology Sovereignty (15%); SOV-7 Security and Compliance (10%); SOV-8 Environmental Sovereignty (5%). Source: European Commission, Cloud Sovereignty Framework, Version 1.2.1, October 20, 2025.

[12] European Commission, Cloud Sovereignty Framework, Version 1.2.1, SEAL-3 definition (Digital Resilience).

[13] European Commission, “Commission advances cloud sovereignty through strategic procurement,” April 17, 2026 announcement: “This is the first step. Mini-competitions will follow over the coming months.”

[14] CADA was originally listed for Q1 2026 in the European Commission’s 2026 Work Programme (October 20, 2025) under Article 114 TFEU. The proposal is now expected on May 27, 2026, per techUK’s “Dispatch from Brussels” (March 2026), as a flagship of the Commission’s “tech sovereignty package” — alongside a parallel revision of EU public procurement rules. Stated objectives include tripling EU data centre capacity, EU-wide eligibility requirements for cloud service providers, and a single EU-wide cloud policy for public administrations and procurement. See European Parliament Legislative Train Schedule, “Cloud and AI Development Act”; EPRS briefing, “Cloud and AI Development Act” (PE 779.251, December 2025).

[15] The Catalog-and-Contract Test framework was developed in the AI Tooling vertical of this publication; see Julien Simon, “Open Source, Closed Orbit: The Hardware Monopolist’s Guide to Owning Open Source,” The AI Realist, March 2026. The test originally targeted lock-in mechanisms in the consumer side of the AI ecosystem (model hosting, inference platforms, developer tooling); this piece extends the framework to the build side of the cloud stack, where the same dual-mechanism (catalog constraint + contract gate) operates.

[16] Scaleway product navigation, retrieved April 28, 2026. StackIT product documentation portal, retrieved April 28, 2026.

[17] AWS publishes “200+ services” globally per its corporate communications. Microsoft Azure and Google Cloud publish comparable counts. Counts vary by methodology — distinct services, distinct API endpoints, or distinct billable units produce different numbers. For the purposes of this piece, the order-of-magnitude comparison is sufficient.

[19] AWS European Sovereign Cloud Bedrock catalog at GA: limited to Amazon Nova Lite and Nova Pro, per AWS European Sovereign Cloud documentation and Cloudvisor analysis. Anthropic Claude, Meta Llama, Mistral, and other proprietary or open-weight frontier models from third-party vendors are absent from the sovereign-region Bedrock catalog at GA.

[20] Microsoft Azure blog, “Microsoft and Mistral AI announce new partnership to accelerate AI innovation and introduce Mistral Large first on Azure,” February 26, 2024. Mistral Large premiered first on Azure AI before becoming available on other deployment surfaces.

[21] Mistral Compute press materials, 2025–2026. The original announcement contemplated 18,000 NVIDIA Grace Blackwell systems hosted via Scaleway. The structure was subsequently reorganized around approximately 13,800 NVIDIA GB300 GPUs at the Eclairion-operated Bruyères-le-Châtel site (44 MW), funded through a $830M (~€750M) debt facility from a seven-bank consortium (Bpifrance, BNP Paribas, Crédit Agricole CIB, HSBC, La Banque Postale, MUFG, Natixis CIB), announced March 30, 2026. See DatacenterDynamics, “Mistral AI raises $830m in debt financing for data center in Paris, France.” Operations expected to begin Q2 2026.

[22] StackIT product portfolio, retrieved April 28, 2026; Scaleway product documentation, retrieved April 28, 2026. Confidential Computing detail: StackIT publishes a Confidential Kubernetes offering that the hyperscaler-sovereign tracks do not match in the same managed-Kubernetes form factor; AWS Nitro Enclaves (AWS commercial regions), Azure Confidential VMs, and GCP Confidential VMs (commercial regions) provide managed Confidential Computing that the clean SEAL-3 pool does not match in the hyperscaler-managed-VM form factor. AWS European Sovereign Cloud’s launch catalog at GA does not include managed Confidential Computing as a top-line service offering.

[23] Cloud Native Computing Foundation, Annual Survey, 2024 and 2025 editions — documenting Kubernetes adoption in production at 66%+ of respondents and rising multi-cloud deployment as the dominant pattern. FinOps Foundation, State of FinOps reports, 2024 and 2025 editions — documenting that organizations running multi-cloud commodity-stack architectures report materially lower switching costs than those dependent on single-provider proprietary services. The comparative-cost mechanism is also analyzed in Mompo Redoli & Ullah, “Kubernetes in the Cloud vs. Bare Metal: A Comparative Study of Network Costs,” arXiv:2504.11007, April 2025.

[24] Hetzner Online GmbH, “Hetzner receives BSI C5 Type 2 certification,” March 25, 2026. Hetzner is classified as a critical infrastructure operator under the German KRITIS regime per BSI designation; see Hetzner information security documentation.

[25] IONOS Group SE FY2024 Annual Report: IONOS Cloud Solutions segment revenue €177 million; total IONOS Group revenue €1.56 billion. IONOS BSI C5 attestation achieved November 7, 2023; IONOS BSI IT-Grundschutz certification achieved September 2022. ITZBund framework contract awarded April 2, 2024 — see IONOS, “IONOS builds cloud solution for the German federal administration,” five-year term, €410M ceiling. BSI strategic cooperation agreement signed January 13, 2026, by BSI President Claudia Plattner and IONOS CTO Markus Noga; see BSI press release and IONOS newsroom.

[26] Disclosure: the author serves as AI Operating Partner at Fortino Capital, a European private equity firm whose portfolio includes companies whose cloud architecture decisions are within the scope of this piece’s analysis. This disclosure illustrates the structural diligence question the piece names; it is not an endorsement of any specific provider or procurement choice.

[27] Mini-competition outcome thresholds are derived from comparable EU framework procurement programs and represent an order-of-magnitude observable signal. The “thirty percent” threshold is the author’s calibration, not a Commission-defined metric. Note: the Commission does not systematically publish mini-competition bid counts. The first falsifiability condition depends on whether the Commission or member-state procurement authorities make bid data available — either directly or through parliamentary scrutiny of sovereign cloud procurement outcomes.