The European Commission has fired a warning shot across the bow of the cloud computing industry, provisionally designating Amazon Web Services and Microsoft Azure as “gatekeepers” under the Digital Markets Act — a move that could fundamentally reshape how global hyperscalers operate in the bloc’s €100 billion cloud market. Announced on June 25, 2026, the preliminary finding triggers a market investigation that within six months may legally compel the two dominant providers to overhaul their cloud practices, from licensing and interoperability to data portability and self-preferencing.

This is the first time the Commission has directly targeted infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) providers under the DMA, which until now has focused on consumer-facing digital platforms like search engines, social networks, and app stores. The provisional opinion asserts that both AWS and Azure each hold an “entrenched and durable position” in the EU’s cloud market, meeting the quantitative thresholds for active business users and meeting qualitative criteria that suggest gatekeeper power.

The DMA’s Expanding Reach

Adopted in 2022, the Digital Markets Act aims to curb anti-competitive behavior by large online platforms that act as gateways between businesses and consumers. Under the law, the European Commission can designate companies as gatekeepers if they provide a core platform service, have a significant impact on the internal market, and possess an entrenched position. Core platform services already covered include online intermediation, search engines, social networking, video sharing, number-independent interpersonal communications, operating systems, web browsers, virtual assistants, cloud computing, and online advertising.

While the first wave of designations in September 2023 focused on Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft for their consumer services, cloud computing was conspicuously absent. At the time, the Commission noted it was investigating whether Microsoft’s Azure and Amazon’s AWS – as well as potentially Google Cloud – met the thresholds for the cloud computing service category. Today’s announcement makes good on that warning.

According to the Commission’s statement, AWS and Azure each have more than 10,000 yearly active business users in the EU and an annual Union turnover above €7.5 billion for the last three fiscal years, meeting the quantitative presumptions. Moreover, the preliminary investigation found that the firms possess “gatekeeper power” in the cloud market, evidenced by high switching costs, ecosystem lock-in, and their ability to dictate terms to a large swath of European businesses and public-sector organizations.

What Gatekeeper Status Means for AWS and Azure

If the designations become final, likely by early 2027, both companies must comply with a slate of do’s and don’ts within six months. Key obligations include:

  • Interoperability and portability: Gatekeepers must allow business users to access data generated through their activities and provide effective data portability. For cloud, this could mean customers can more easily migrate workloads to rival providers without data egress fees or technical barriers.
  • No self-preferencing: AWS cannot give preferential treatment to its own higher-margin services — such as Amazon Aurora or Redshift — over competing databases or analytics tools available on its marketplace. Similarly, Microsoft would be prohibited from steering Azure customers toward services like Power BI, Teams, or Microsoft 365 in ways that exclude third-party alternatives.
  • Fair access: Business users must be allowed to offer the same products or services to end users through third-party online intermediation services at prices or conditions different from those offered through the gatekeeper’s services. This directly targets practices where cloud providers tie discounts or support to using their broader ecosystem.
  • Transparency in advertising and pricing: Gatekeepers must provide advertisers and publishers with clear performance metrics and pricing information. In the cloud context, this applies to how cloud services are advertised and sold, ensuring business users can make like-for-like comparisons.
  • Ban on combining personal data across services without consent: For consumer-facing services, but less relevant for purely B2B infrastructure. However, Azure’s integration with Microsoft’s consumer services might raise data combination issues.

The DMA also empowers the Commission to impose tailored remedies if structural compliance is insufficient. For cloud, this could theoretically mean forced divestitures of certain business units, though such extreme measures are rare.

A Cloud Seismic Shift for EU Businesses and Developers

The immediate impact will be felt by the thousands of European startups, enterprises, and government agencies that rely daily on AWS and Azure. Compliance could bring lower costs and more flexibility — but also short-term uncertainty.

“The designation could finally end the wildly egregious egress fees that make it prohibitively expensive to leave a major cloud,” said Claudia Meier, a Berlin-based antitrust consultant, speaking on condition of anonymity. “But the real test is whether the Commission can articulate technically feasible interoperability standards without stifling innovation.”

One of the most anticipated changes is the unbundling of cloud services from software licenses. Microsoft, for example, has long faced complaints that it charges more for Windows Server and SQL Server licenses when they run on non-Azure clouds, a practice known as “Azure Hybrid Benefit” restrictions. Under the DMA, such license tying would almost certainly be prohibited, forcing Microsoft to offer economically equivalent license terms regardless of the underlying infrastructure.

For developers, the requirement for data portability could spur a new wave of multi-cloud tooling. Startups could build tools to automate migration between clouds, confident that the gatekeepers cannot erect deliberate technical obstacles. However, critics warn that overly prescriptive interoperability mandates might force commoditization, reducing the incentive for any provider to invest in advanced, differentiated services.

For the European startup ecosystem, the DMA’s cloud rules could be a double-edged sword. While easier data portability might embolden founders to start cloud-agnostic companies, the compliance burden on giant providers could reduce the availability of certain advanced services — like serverless computing or AI/ML platforms — if providers deem the EU’s regulatory environment too onerous for continued investment.

Microsoft’s Tightrope: Balancing Azure and Windows

For Windows enthusiasts, the DMA’s cloud chapter carries profound implications. Azure is not just a standalone public cloud; it is deeply intertwined with the Windows ecosystem — from Windows Server and Active Directory to the entire Microsoft 365 suite and the Windows 11 client experience. Microsoft has carefully crafted technical and commercial synergies that encourage customers to adopt an end-to-end Microsoft stack.

If the final designation forces Azure to operate more like a neutral utility, Microsoft may have to decouple several integrations that today appear seamless. For instance, Windows 11’s built-in integration with Azure Active Directory (now Microsoft Entra ID) for device management, single sign-on, and security policies could be challenged if a competitor claims that Microsoft’s control over the OS gives Azure an unfair advantage in the identity market. Similarly, the tight bundling of Azure Arc with Windows Admin Center might be seen as self-preferencing.

Microsoft’s “Azure Hybrid Benefit,” which allows customers to use on-premises licenses in Azure at reduced cost, could require a broader neutralization: Microsoft might have to offer the same benefit to any cloud provider, a move that would undercut a major Azure sales incentive.

For system administrators managing on-premises Windows Server farms alongside Azure virtual machines, the DMA could upend long-standing licensing models. A common complaint is that failing to purchase Software Assurance and/or using Azure Hybrid Benefit makes running Windows Server on AWS substantially more expensive. If the DMA forces Microsoft to equalize license terms across all clouds, it could lower costs for non-Azure IaaS users overnight, encouraging more multi-cloud deployments. However, Microsoft might respond by raising prices across the board to compensate, a move that itself could attract the Commission’s scrutiny.

The company has already signaled its concern. In a blog post responding to the preliminary finding, Microsoft’s deputy general counsel Rima Alaily wrote: “We respectfully disagree with this preliminary assessment. The European cloud market is vibrant, with increasing competition from Google Cloud, Oracle, and a new generation of European-based providers. Imposing heavy-handed regulation risks dampening innovation and harming the very businesses the DMA seeks to protect.”

Amazon similarly pushed back, with an AWS spokesperson stating: “AWS has consistently delivered pricing reductions and new services that benefit European customers. The cloud market is not ‘winner-takes-all’ — we see customers using multiple providers for different workloads. Designating AWS as a gatekeeper would be a mistake based on a misunderstanding of how customers use cloud.”

The Investigation Timeline and Compliance Hurdles

The Commission’s preliminary designation launches a market investigation that must conclude within 12 months, though the Commission has signaled it expects to issue final decisions by December 2026. During this period, AWS, Microsoft, and any interested third parties can submit evidence and arguments. Designated gatekeepers then have six months to demonstrate compliance, with possible extensions if the Commission agrees the adjustments are technically complex.

The biggest compliance challenge lies in defining “effective interoperability” and “data portability” in a cloud context. Unlike a social network where API access is relatively straightforward, cloud workloads often involve complex architectures with proprietary management tools, networking configurations, and dependent services. The Commission will likely need to issue detailed technical specifications, potentially drawing on existing standards like the CNCF’s Cloud Events or the work of the European standardization bodies.

Defining technical interoperability standards for cloud services is a monumental task. Unlike consumer apps, enterprise cloud environments involve thousands of APIs, proprietary database formats, and security protocols. The Commission will need to work with industry bodies like the Cloud Native Computing Foundation and the European Telecommunications Standards Institute to develop specifications that balance openness with security and performance. A misstep could inadvertently expose EU clouds to vulnerabilities or degrade performance, hurting the very businesses the DMA aims to protect.

Enforcement will be key. The DMA gives the Commission the power to fine gatekeepers up to 10% of their global annual turnover for non-compliance, rising to 20% for repeated infringements, and to impose structural remedies. With Microsoft’s fiscal 2025 revenue at $211 billion and Amazon’s at $638 billion, even a 10% penalty would be historic.

Global Ripples: Will Other Regulators Follow?

The EU’s move is being closely watched in Washington, London, and Tokyo. The UK’s Digital Markets Unit, operating under the DMCC Act, has similar powers and has already indicated it may launch a cloud market study later this year. In the United States, the Federal Trade Commission under the current administration has shown increased appetite for regulating big tech, though the focus remains on consumer platforms. However, the EU’s action could embolden state attorneys general or Congress to examine cloud vendor lock-in more seriously.

For the cloud industry, the DMA’s extension to IaaS/PaaS could become a de facto global standard, much as GDPR became the template for data privacy. Both AWS and Azure, having poured billions into building differentiated global infrastructure, will need to reconcile EU-specific compliance with a global service architecture. The result may be a “splinternet” of cloud services, where EU customers get a more open, interoperable version while others do not — or, more likely, the providers will harmonize globally to avoid the cost of dual systems.

The Bottom Line: Competition or Confusion?

The provisional gatekeeper designation for AWS and Azure signals that regulators no longer view cloud infrastructure as a naturally competitive market. The DMA’s architects argue that high switching costs, egress fees, and proprietary ecosystems create lock-in that harms innovation and raises costs for European businesses. By demanding interoperability and fair play, the EU hopes to spur a new wave of competition — not just from Google and Oracle, but from a nascent ecosystem of smaller, specialized European cloud providers.

Yet the road ahead is fraught with technical and legal minefields. Writing effective cloud interoperability regulations is uncharted territory. Too rigid, and the rules could standardize the cloud to the point that all providers become indistinguishable, killing innovation. Too lax, and gatekeepers will find workarounds. The European Commission will need to walk a fine line, drawing on deep technical expertise and engaging continuously with the cloud community.

For now, the cloud computing market in Europe braces for its biggest regulatory shakeup since GDPR. The designations may only be preliminary, but the direction is unmistakable: cloud giants will no longer get a free pass under competition law. The coming months will determine whether that leads to a more open, dynamic digital infrastructure — or a regulatory quagmire that ultimately serves no one.