For the first time in history, a nation-state has deliberately launched sustained military strikes against the commercial cloud infrastructure of a private technology company. Since March 1, 2026, Iran’s Islamic Revolutionary Guard Corps (IRGC) has attacked Amazon Web Services facilities in the United Arab Emirates and Bahrain on multiple occasions, causing structural damage, power failures, and cascading outages felt by banks, consumers, and enterprises across the globe.

The April 1–2 strike on a Bahrain telecom facility hosting AWS infrastructure is the latest in a series of attacks that have fundamentally altered how geopolitical risk must be factored into cloud strategy. AWS confirmed the disruption, citing “drone activity,” and once again urged customers to migrate workloads away from its Middle East regions.

A Chronology of Attacks

Feb 28, 2026
The United States and Israel launch joint strikes on Iran — dubbed Operation Epic Fury — killing Supreme Leader Ali Khamenei and triggering Tehran’s vow of retaliation against American assets in the region.
March 1, 2026
Iranian Shahed 136 drones strike two AWS data centres in the UAE (ME-CENTRAL-1 region), knocking out two of three availability zones. A third facility in Bahrain sustains collateral damage. This is confirmed as the first deliberate military attack on a hyperscale cloud provider in history.
March 11, 2026
IRGC-affiliated Tasnim News Agency publishes a list of 30 Big Tech locations across the Middle East designated as “enemy technology infrastructure,” citing their alleged roles in supporting US and Israeli military AI systems.
March 24, 2026
AWS publicly acknowledges a second disruption in Bahrain due to further drone activity. The company had already waived all March usage charges for its Middle East region — an unprecedented move by any major cloud provider.
March 31 – April 1, 2026
The IRGC publishes a Telegram post naming 18 US technology, finance, and defence companies as “legitimate military targets,” instructing employees to evacuate immediately. Targets include Microsoft, Google, Apple, Meta, Nvidia, Oracle, IBM, Cisco, JP Morgan, Boeing, Tesla, and others. Amazon is notably absent from the list — yet is struck again.
April 1–2, 2026
An Iranian strike hits the headquarters of Batelco, Bahrain’s leading telecom provider and AWS infrastructure partner. The Financial Times reports AWS facilities are damaged. Bahrain’s Interior Ministry confirms civil defence teams were “extinguishing a fire in a facility of a company as a result of the Iranian aggression.” AWS declines to comment on the specific strike.

A popular assumption among engineers had been that it would take a meteor strike to knock out an entire AWS region. The Gulf events tested — and in parts exposed — the limits of that model.

— TechNext Analysis, April 2, 2026

Who Was Affected

The outages cascaded far beyond the data centres themselves. Because AWS’s redundancy model is designed to survive the loss of a single availability zone — not a coordinated attack across an entire geographic region — standard failover protections proved insufficient. Dozens of services across banking, payments, logistics, and enterprise software were knocked offline.

Confirmed Disruptions
  • Bank Abu Dhabi Commercial Bank (ADCB) — mobile banking and contact centre unavailable
  • Bank Emirates NBD — phone banking impacted; services partially restored next day
  • Bank First Abu Dhabi Bank — reported platform disruptions
  • Fintech Alaan — corporate payments app fully offline; cited “critical AWS outage”
  • Fintech Hubpay — customers unable to log in during disruption window
  • Fintech Sarwa (investing app) — disruptions reported; core services restored next day
  • Fintech SadaPay (Pakistan) — went fully offline; entire backbone ran on AWS Bahrain
  • Transport Careem (ride-sharing & delivery) — widespread service failures across UAE
  • Enterprise Snowflake — elevated connectivity issues and error rates; resolution pending power restoration
  • Telecom Batelco (Bahrain) — headquarters struck directly in April 2 attack

AWS core services impacted across both Middle East regions included EC2, S3, DynamoDB, AWS Lambda, Kinesis, CloudWatch, RDS, the AWS Management Console, and the command-line interface. As of April 2, only 34 of 39 impacted Bahrain services have been resolved, while in the UAE, just three of 51 disrupted services were fully restored.

Companies on Iran’s Threat List

Beyond what has already been struck, the IRGC’s April 1 Telegram post named 18 entities as forthcoming targets. The list spans Big Tech, AI infrastructure, aerospace, defence, and finance:

Company Sector Status
MicrosoftCloud / Enterprise Software Threatened; denied any hits
Google (Alphabet)Cloud / AI Threatened
AppleConsumer Tech Threatened
MetaSocial / AI Threatened
NvidiaAI Chips Threatened
OracleCloud / Database Threatened
IBMEnterprise Cloud Threatened
CiscoNetworking Threatened
DellHardware / Cloud Threatened
HPHardware / Enterprise Threatened
PalantirAI / Defence Analytics Threatened
JP Morgan ChaseFinance Threatened
BoeingAerospace / Defence Threatened
TeslaEV / AI / Robotics Threatened
GEIndustrial / Energy Threatened
Spire Solutions (Dubai)IT Services Threatened
G42 (UAE)AI / Cloud Threatened
Amazon / AWSCloud Already struck — not on list

Why This Changes Everything

The strategic significance of these attacks cannot be overstated. Iran’s IRGC has justified the strikes by asserting that AWS facilities host US military AI systems — including, it has claimed, Anthropic’s Claude — used for intelligence analysis and war simulations. AWS and the companies involved have not confirmed this characterisation.

Crucially, the attacks exposed that cloud availability zones, while geographically separated within a region, are not separated enough when an entire region becomes a theatre of conflict. Engineers and disaster-recovery planners had long assumed a single region could withstand almost any natural disaster. A sustained military campaign invalidates that assumption entirely.

Many companies had no meaningful Middle East presence. Their cloud workloads were simply routed through the region — invisible to them until now.

— TechPolicy.Press, March 2026

Amazon’s response has been unprecedented on two fronts. First, it waived all usage charges for its Middle East region for the entire month of March 2026 — the first time a major cloud provider has forgiven an entire month of billing. Second, it has repeatedly urged customers to migrate workloads to regions in the US, Europe, or Asia-Pacific, effectively acknowledging that its Middle East infrastructure cannot be relied upon for the foreseeable future.

Geopolitical Escalation Continues

The conflict shows no sign of de-escalation. President Trump addressed the nation on April 2, vowing further strikes on Iran “extremely hard over the next two to three weeks.” Iran’s President Pezeshkian, in an open letter to the American people, described the attacks on Iran as targeting ordinary citizens and characterised Iran’s retaliation as “legitimate self-defense.” The British Embassy in Saudi Arabia simultaneously warned nationals to avoid US-linked businesses and facilities.

The IRGC has also stated that “every assassination” of an Iranian leader or official will trigger a corresponding attack on an American company — creating a self-perpetuating cycle of escalation with direct consequences for the private technology sector.

What Companies Should Do Now

Immediate Actions

Any organisation with workloads in AWS me-south-1 (Bahrain) or me-central-1 (UAE) should activate disaster recovery plans and migrate to alternate regions immediately. AWS has provided migration guidance and confirmed it is assisting customers in doing so.

Structural Changes

The deeper lesson is architectural. Single-region cloud deployments in or near conflict zones are now a liability. The path forward is multi-region, and preferably multi-cloud, deployment — spreading workloads across geographies so that no single military or geopolitical event can cause total failure. Companies should also review whether their insurance policies cover acts of war, as most standard business interruption policies explicitly exclude them.

Know Your Cloud Footprint

Many affected companies did not know their services were running in the Middle East. Workloads routed through a region for latency or cost reasons may not appear on any internal infrastructure map. A full audit of cloud dependencies — including third-party SaaS providers — is now essential risk management, not optional due diligence.

— ✦ —

The strikes on Amazon’s cloud infrastructure are not merely a story about one company or one conflict. They are the opening chapter of a new era in which digital infrastructure is a front line — as much a target as a bridge, a power grid, or a military base. The rules of engagement for the information age are being written right now, in real time, in the smoke rising over Bahrain.