Amazon confirmed Wednesday that three of its AWS data centers in the Middle East sustained damage from Iranian drone strikes, marking the first time a major cloud provider's physical infrastructure has been targeted in a military conflict. The Bahrain facility suffered collateral damage from a nearby strike, while two UAE data centers took direct hits. Iranian state media claims the attacks targeted infrastructure supporting U.S. military operations, raising urgent questions about the vulnerability of global cloud services that power everything from enterprise applications to AI workloads.
Amazon Web Services is scrambling to assess the damage after confirming that Iranian military drones struck three of its Middle Eastern data centers on Wednesday, according to a statement reported by CNBC. The Bahrain facility took collateral damage from a drone strike that hit nearby, while two data centers in the United Arab Emirates were directly targeted.
Iranian state media quickly claimed responsibility, framing the strikes as retaliation against infrastructure they allege supports U.S. military operations in the Gulf region. The accusation, whether accurate or not, demonstrates how cloud providers have become entangled in geopolitical tensions despite positioning themselves as neutral infrastructure operators. Amazon has long maintained that AWS serves commercial customers and complies with all applicable laws regarding government contracts.
The physical damage to AWS facilities represents a watershed moment for the cloud industry. While cyberattacks on cloud infrastructure have become routine, kinetic military strikes on data centers cross a threshold that most security planners hadn't seriously contemplated. AWS operates 33 geographic regions globally with 105 availability zones, but this incident exposes the vulnerability of concentrated infrastructure in politically volatile regions.
Amazon hasn't disclosed the extent of service disruptions or which customer workloads might be affected. The company's Middle East (Bahrain) region, launched in 2019, serves customers across the Gulf Cooperation Council countries. The UAE regions handle growing demand from enterprises expanding into the Middle East and companies seeking data residency compliance with local regulations. Any prolonged outage would ripple through financial services, oil and gas operations, and the growing number of AI startups that have flocked to the region.
