Physically & logically separated
Why important?
Reduces risk from shared platform/admin dependencies.
How measured?
Scale 0–5 + N/A:
- 0 = No separate environment (shared with global regions/control plane)
- 1 = Logical separation only (tenant isolation), no dedicated environment
- 2 = Partially dedicated components, but relevant shared services/dependencies
- 3 = Dedicated region/environment, but some shared/control-plane dependencies
- 4 = Strong physical & logical separation, only few non-critical shared services
- 5 = Fully physically & logically separated (including critical shared services/control plane)
- N/A = no reliable evidence
Sources / Evidence
- https://aws.amazon.com/blogs/aws/opening-the-aws-european-sovereign-cloud/
- https://aws.eu/de/
- https://www.ovhcloud.com/pl/bare-metal/secnumcloud/
- https://www.oracle.com/europe/cloud/eu-sovereign-cloud/faq/
- https://docs.oracle.com/en/solutions/learn-about-eusc/index.html
- https://news.microsoft.com/de-de/erste-souveraene-cloud-plattform-fuer-die-deutsche-verwaltung-auf-der-zielgeraden/
Validation questions (RFP)
- How is multi-tenancy implemented? Which shared services (IAM, monitoring, billing) are separated?
Scores comparison
| Providers | Score | |
|---|---|---|
| AWS European Sovereign Cloud | 4.0 | |
| Delos Cloud | 4.0 | |
| Oracle EU Sovereign Cloud | 4.0 | |
| SysEleven OpenStack Cloud | 3.0 | |
| Cloud Temple Trusted Cloud | 4.0 | Physically isolated operations in dedicated DC areas (stated). SecNumCloud requires strict isolation. 3 dedicated AZs in FR. Operations physically separated from other customers. |
| Infomaniak Public Cloud | 2.0 | OpenStack standard tenant isolation. Multi-tenant public cloud. No dedicated sovereign realm / physical separation. Self-operated DCs with high physical security (biometrics, airlock). |
| noris Sovereign Cloud | 3.0 | |
| IONOS Cloud | 2.0 | |
| Microsoft Sovereign Cloud | 2.0 | |
| OVHcloud Public Cloud (inkl. SecNumCloud) | 2.0 | |
| STACKIT | 2.0 | |
| T Cloud Public | 2.0 | |
| pluscloud open | 2.0 | |
| Exoscale | 1.0 | |
| Hetzner Cloud | 1.0 | |
| Scaleway | 1.0 | |
| UpCloud | 1.0 |