If you’ve been following the news, you might have learned about Iranian drone and missile strikes on three Amazon Web Services (AWS) data centers in the United Arab Emirates (UAE) and Bahrain, which caused a severe, cascading impact on AWS and its customers. Because the attacks caused physical damage to multiple infrastructure sites simultaneously, standard cloud redundancy models failed, leading to widespread regional and global disruptions.
Just as we covered the impact of current geopolitical issues on submarine cables in the Strait of Hormuz, this post discusses the impact of the war in Iran on data centers and cloud architecture.
What is the impact of drone and missile strikes on AWS cloud services?
Cloud architecture relies heavily on Availability Zones (AZs)—distinct physical data centers within a single geographic region designed to act as backups for one another in case of a localized failure like a fire or power outage. Customers are responsible for their own remote backups. The simultaneous strikes took out two of the three AZs in the UAE region (me-central-1) and impaired one AZ in the Bahrain region (me-south-1). This unprecedented simultaneous loss broke standard multi-AZ disaster recovery plans, triggering massive outages across core AWS services like EC2, S3, DynamoDB, Lambda, and RDS.
The facilities sustained heavy structural, fire, and water damage. As a result, AWS warned that recovery would be prolonged. AWS explicitly instructed affected clients to restore their systems using remote backups. Customers were also instructed to migrate their workloads and reroute application traffic entirely out of the Middle East to alternate AWS regions, such as in Europe, the U.S., or Asia Pacific. What impact does this have for workloads and application traffic in terms of performance? Wouldn’t the latency introduced have an impact on service performance?
.png?width=600&height=603&name=unnamed%20(3).png)
On-ramps are dedicated connections to cloud service provider networks located in a colocation facility.
What about the AWS customers with data residency requirements?
Many AWS customers (such as local government agencies, financial institutions, healthcare providers) are subject to strict data residency rules, which require them to keep their data within their own national borders. For them, the drone and missile strikes on the AWS facilities created a worst-case scenario, and forced them into a lose-lose situation: They couldn't legally move their data to a functioning international region to restore their services, meaning they simply had to suffer the prolonged downtime and degraded performance while the local facilities remained offline.
Who else was affected?
The infrastructure damage affected not only customers subject to data residency requirements. Consumer-facing digital services across the Gulf faced a cascading series of problems, paralyzing parts of the region's digital economy. Major financial institutions including Abu Dhabi Commercial Bank, Emirates NBD, and First Abu Dhabi Bank, as well payment platforms like Hubpay and Alaan, reported significant operational outages. The ride-hailing and food-delivery platform Careem went down, severely disrupting the daily lives of millions of residents in the UAE.
.png?width=600&height=548&name=unnamed%20(4).png)
How will this affect cloud services in the future?
For cloud architects and enterprise customers, the attacks served as a harsh wake-up call that single-region deployments are highly vulnerable to modern warfare. The event has forced many customers to fundamentally rethink their cloud architecture, driving them to abandon single-region setups and absorb the high costs of multi-region disaster recovery to ensure true resilience.
Historically, cloud engineers choose regions based primarily on three factors: latency (proximity to users), cost (cheaper compute rates), and regulatory compliance. Moving forward, a fourth factor must be considered: geopolitical threat modeling. Unfortunately for enterprises, this means more spending on cloud services.
Some industry experts note that customers subject to data residency rules are in a tough spot.: Do they keep their data entirely local in order to comply with the law, and risk losing it to a missile strike? Or do they back it up to a foreign region (like London or Frankfurt) to ensure business continuity, but face severe regulatory fines? Long-term, we may see governments forced to amend data residency laws to allow such foreign backups.
Another thing to consider: Large enterprises may procure cloud services from multiple providers in order to avoid having all their eggs in one basket. Instead of relying solely on AWS, a company may host its primary infrastructure on AWS in the Middle East, but then maintain emergency disaster recovery on Microsoft Azure or Google Cloud in Europe.
Planned cloud infrastructure in the Middle East
After a slow start, the Middle East has shown quite a bit of activity in the cloud market. As recently as 2018, there was only one cloud data center in the region (Alibaba, in Dubai). But as of March 2026, 18 new cloud regions have been brought online. Plans are afoot to launch three more regions in the Middle East. Two are planned for Saudi Arabia and another is planned for Israel. Most of the major cloud service providers—Alibaba, AWS, Google, Huawei, Microsoft, Oracle and Tencent—operate cloud regions in the Middle East.
Check out our interactive Cloud Infrastructure Map for more details on global cloud infrastructure.
More cloud, WAN, and data center insights
This analysis was informed by TeleGeography's data and analysis platforms. Cloud and WAN Research Service delivers data, analysis, and forecasts on international cloud connectivity and WAN services, and global WAN market size. Data Center Research Service offers global data center capacity, service providers, and pricing trends.
