On November 18, 2025, the European Commission opened three Digital Markets Act market investigations into cloud computing, including probes into whether Amazon Web Services and Microsoft Azure should be treated as gatekeepers despite missing the DMA’s automatic thresholds. That is the dry regulatory version. The real story is sharper: Brussels is testing whether cloud infrastructure has become too important to be governed only by market-share arithmetic. For Windows administrators, enterprise architects, and anyone paying a hyperscaler invoice, this is not an abstract European competition fight; it is a direct challenge to the economics of lock-in.
The Digital Markets Act was built around a familiar picture of platform power: app stores, search engines, social networks, messaging systems, marketplaces, browsers, and operating systems. These are places where users gather, businesses are forced to appear, and the platform owner can quietly change the rules. Cloud computing never fit that picture perfectly, because most users do not “visit” AWS or Azure in the same way they visit an app store.
But enterprises do live inside cloud platforms. Their databases, identity systems, storage buckets, Kubernetes clusters, AI pipelines, backup policies, disaster recovery plans, billing models, and compliance controls become bound to a provider’s technical and commercial vocabulary. Once that happens, cloud is no longer merely rented compute. It becomes the operating terrain on which a company’s own software business runs.
That is why the Commission’s decision to investigate AWS and Azure despite their not meeting the DMA’s quantitative gatekeeper thresholds matters. The regulator is effectively saying that the cloud market may create dependency in ways the original threshold tests do not fully capture. In plain English: if the numbers do not describe the bottleneck, Brussels may still go looking for the bottleneck.
The move also widens the DMA’s political ambition. Until now, the law’s most visible battles have been with consumer-facing empires: Apple over iOS, Google over search and Android, Meta over data use, Amazon over marketplace conduct, Microsoft over Windows-linked services. Cloud pushes the law into the back office, where competition problems are less visible to consumers but arguably more consequential for the digital economy.
That description is true and incomplete. Competition in cloud is not only about whether alternatives exist; it is about whether customers can realistically use those alternatives without paying a technical, financial, and organizational penalty so large that “choice” becomes theoretical. The Commission’s probe appears aimed at that gap between available options and practical mobility.
AWS and Azure dominate different parts of the enterprise imagination. AWS remains the archetypal hyperscaler, the platform that turned elastic infrastructure into a default assumption for developers and startups. Azure, meanwhile, sits in a Microsoft ecosystem that already includes Windows Server, Active Directory, Entra ID, Microsoft 365, SQL Server, Visual Studio, GitHub, Dynamics, Defender, and a growing portfolio of AI and developer tooling.
For Windows-heavy organizations, Azure is not just another cloud provider in a comparison table. It is often the path of least resistance for identity integration, licensing, management tooling, security posture, and procurement. That can be perfectly legitimate product integration, but it can also become the kind of gravitational force regulators scrutinize when customers find it hard to leave or rivals find it hard to compete.
AWS has a different kind of gravity. Its service catalog, developer mindshare, partner ecosystem, certification economy, and maturity in infrastructure primitives give it enormous staying power. Even where AWS does not “lock in” a customer by contract, it may lock them in through architecture, skills, managed services, automation scripts, observability stacks, and years of operational habit.
That flexibility is now the center of the cloud fight. AWS and Azure not meeting the automatic thresholds does not end the inquiry; it starts a more interesting one. The Commission is asking whether the formal measures of gatekeeper status understate how cloud power works.
This is a crucial distinction. Consumer platforms often demonstrate power through user numbers. Cloud platforms demonstrate power through dependency depth. A single enterprise tenant may represent thousands of employees, millions of customers, regulated data flows, production systems, software supply chains, and years of accumulated technical decisions.
That makes cloud a poor fit for blunt user-count logic. A consumer messaging app can be measured by how many people open it. A cloud platform may need to be measured by how hard it is for businesses to move away from it, how much value accumulates inside its proprietary services, and how strongly its pricing and licensing rules shape the competitive field.
The Commission’s third investigation, into whether the DMA’s existing cloud framework is adequate, is therefore not a footnote. It is an admission that the law may need interpretive adaptation for infrastructure markets. The EU is not merely asking whether AWS and Azure fit the DMA; it is asking whether the DMA’s current categories fit cloud computing.
The trouble begins when convenience compounds into captivity. A workload that starts on commodity virtual machines can be moved with effort. A workload built around a provider’s managed database semantics, storage APIs, IAM model, event bus, observability stack, AI service, and deployment pipeline is far more entangled. The customer has not merely rented infrastructure; it has written its business logic into the provider’s worldview.
Egress fees have long been the most visible symbol of this problem. Charging customers to move data out of a platform can make switching or multi-cloud architectures more expensive, especially for data-heavy workloads. Several providers have softened or changed data-transfer policies under competitive and regulatory pressure, but the broader issue is not limited to a single line item on a bill.
The deeper lock-in is operational. Teams train on one provider. Security policies are written around one provider’s controls. Procurement commits to one provider’s discount structures. Compliance evidence is generated from one provider’s dashboards. Disaster recovery plans assume one provider’s regions and services. Over time, the cost of leaving becomes not only financial but institutional.
That is why cloud competition cannot be judged solely by whether a customer could, in theory, redeploy elsewhere. The real test is whether switching is commercially and technically plausible before the incumbent’s advantages become self-reinforcing. Regulators are increasingly skeptical of markets where the answer is “yes, but only after an expensive multi-year migration that nobody has budgeted for.”
Windows Server, SQL Server, Active Directory, Microsoft 365, Defender, Intune, Entra ID, Power Platform, Teams, and GitHub all feed into Azure’s strategic position. Microsoft can argue, with reason, that customers benefit when these products work better together. The integration story is one of Microsoft’s strongest advantages, especially for organizations that do not want to stitch together identity, endpoint management, productivity, analytics, and security from separate vendors.
But integration becomes controversial when it affects the price or feasibility of using competing clouds. The UK Competition and Markets Authority has already put particular scrutiny on Microsoft’s software licensing practices in cloud markets, including concerns that running Microsoft software on rival clouds can be less attractive than running it on Azure. That issue matters because Windows Server and SQL Server are not niche products; they are part of the enterprise substrate.
If regulators conclude that Microsoft’s software estate helps Azure compete unfairly, the remedies could reach beyond Azure’s dashboard. They could affect licensing terms, portability commitments, interoperability requirements, and how Microsoft bundles cloud credits or technical advantages with broader enterprise agreements. For IT departments, that would be a far more practical outcome than a symbolic slap on the wrist.
Microsoft’s challenge is that the company has spent years presenting Azure as the natural home for the Microsoft customer. That strategy has worked. It has also made Azure harder to separate from the rest of Microsoft’s enterprise machine when regulators ask whether customers are being steered, nudged, or economically pressured into one cloud.
That defense will resonate with many technologists. AWS did not become central to cloud computing by accident. It gave developers tools that were faster, more programmable, and more scalable than traditional enterprise IT procurement. It built a platform that rewarded experimentation and then converted that experimentation into production dependency.
But being first and being good do not immunize a company from gatekeeper scrutiny. If AWS has become an unavoidable route to market for certain classes of software companies, or if its technical and pricing structures make competitive alternatives less viable, regulators can still ask whether intervention is justified. Dominance earned through innovation can still become dominance protected by switching costs.
AWS also benefits from ecosystem lock-in that does not require a Microsoft-style software estate. Certifications, partner practices, reference architectures, marketplace offerings, startup credits, managed services, procurement channels, and accumulated operational familiarity all make AWS sticky. The question for Brussels is whether that stickiness reflects healthy customer satisfaction or market power that forecloses rivals.
Amazon will likely argue that cloud remains intensely competitive, with price cuts, rapid innovation, and major rivals investing aggressively. That argument is not frivolous. The cloud market is not a static monopoly. But regulators are increasingly focused on whether competition happens mostly at the moment a customer chooses a provider, while fading once the workload is deeply embedded.
The UK framework is not identical to the EU’s DMA. Britain’s “strategic market status” regime is its own post-Brexit digital competition tool. But the similarities are obvious enough that AWS and Microsoft now face a pincer movement: one inquiry from Brussels under the DMA, and another competition policy current from London under the UK’s digital markets regime.
This matters because large technology companies can often absorb one jurisdiction’s rules as a local compliance exercise. Two major European regulators circling the same cloud practices make that harder. If the UK and EU converge on similar concerns, the companies may find themselves adjusting global commercial practices rather than maintaining bespoke European exceptions.
It also gives smaller cloud providers a stronger political narrative. European cloud firms have long argued that hyperscaler dominance is not merely the result of better products, but also the result of structural barriers that prevent customers from moving workloads or comparing prices cleanly. The UK findings gave that argument institutional weight. The EU probe gives it continental scale.
Still, regulators will need to avoid confusing frustration with proof. Cloud buyers complain about bills, complexity, licensing, egress, and support across nearly every provider. The task is to distinguish normal enterprise dissatisfaction from conduct that unlawfully entrenches dominant platforms. That is harder than it sounds, and the remedies could be messy.
The most obvious target is portability. Regulators may want customers to move data and workloads more easily, with fewer contractual or technical penalties. That could mean pressure on data egress practices, migration tooling, interface documentation, and barriers that make multi-cloud designs impractical.
Interoperability is more complicated. Cloud providers do not merely host standardized compute and storage anymore. They offer managed databases, proprietary serverless runtimes, AI APIs, analytics platforms, security tools, and identity services. Forcing interoperability across such services is not like requiring a messaging app to talk to another messaging app. It risks running into genuine engineering differences, security boundaries, and product-design tradeoffs.
Fair access could also become a battlefield. If a hyperscaler runs a marketplace, offers first-party services, controls procurement incentives, and observes customer usage patterns, rivals will want assurances that the platform is not tilting the field toward its own products. That concern has parallels with app stores and online marketplaces, but cloud adds the extra complexity of infrastructure security and enterprise contracting.
The biggest unknown is how prescriptive Brussels will be. A light-touch designation might push providers toward clearer portability commitments and less punitive switching costs. A more aggressive regime could force changes to licensing, bundling, APIs, marketplace ranking, or technical documentation. The investigation’s twelve-month timeline means cloud buyers may spend much of 2026 planning around uncertainty.
AWS has long been one of Amazon’s most important sources of operating income, giving the company financial flexibility beyond retail. Azure, while reported inside Microsoft’s broader cloud and server categories rather than always as a clean standalone number, is central to Microsoft’s growth story, AI ambitions, and enterprise valuation. Any regulatory regime that affects cloud pricing, bundling, interoperability, or portability could touch high-margin revenue streams.
That does not mean the EU probe will blow a hole in either company’s financial model. Antitrust and digital regulation often move slowly, and remedies can be narrower than critics hope. The companies also have the resources to comply, litigate, adapt contracts, and turn regulatory obligations into standardized enterprise features.
But the direction of travel matters. If regulators make it easier for customers to move workloads, negotiate licenses, avoid punitive data-transfer costs, or mix cloud providers, then hyperscalers may have to compete harder after the initial sale. That could pressure margins over time, especially for services whose profitability depends on customer inertia.
Investors should therefore watch not only the final designation decision, but also the remedy language. A gatekeeper label is important. The obligations attached to it are where the economics live.
In cloud computing, the control plane is where decisions are made: identity, permissions, deployment, billing, monitoring, policy, automation, and orchestration. Whoever owns that layer has influence far beyond raw compute. They shape how developers build, how administrators secure, how finance teams budget, and how executives understand risk.
That is why cloud dominance feels different from the old monopoly fights over browsers or media players. A browser monopoly shaped access to the web. A cloud control-plane monopoly can shape how companies build the web, run AI systems, store regulated data, defend against attackers, and recover from outages. It is less visible and more embedded.
The Commission’s probe implicitly recognizes that the next generation of platform power may sit below the user interface. Users may never see Azure Resource Manager, AWS IAM, S3 policies, VPC architectures, Entra integrations, or reserved-instance commitments. But those mechanisms can still determine whether a competitor gets a fair shot.
This is also where the AI boom sharpens the stakes. Cloud providers are now the landlords for much of the AI economy, selling GPUs, model-hosting platforms, vector databases, data pipelines, and integrated developer services. If cloud markets are already sticky, AI workloads may make them stickier. The provider that hosts the data, identity, models, and deployment environment may gain an even stronger grip.
If Brussels wants a more contestable cloud market, it must be careful not to mistake portability mandates for a full industrial strategy. Making it easier to leave AWS or Azure helps only if credible destinations exist at the necessary scale, compliance level, and service breadth. Otherwise, portability becomes a right that customers admire and rarely use.
Smaller providers also face a brutal capital problem. Cloud infrastructure is expensive. Regions, data centers, fiber, chips, energy contracts, security operations, compliance certifications, and support organizations require enormous investment. Even if regulators reduce switching barriers, challengers still need to convince customers that they can run mission-critical workloads reliably for years.
That said, competition does not require every provider to match AWS and Azure service-for-service. A healthier market could include specialized clouds for sovereignty, regulated industries, high-performance computing, privacy-sensitive workloads, edge deployments, or open-source-oriented platforms. The goal should not be to clone the hyperscalers. It should be to prevent the hyperscalers from becoming the only realistic answer to every infrastructure question.
For administrators and architects, that means the practical response is not to wait for Brussels. It is to design with exit costs in mind. The companies that benefit most from any future portability rules will be the ones that have already documented dependencies, separated data layers where possible, avoided unnecessary proprietary coupling, and understood the true cost of migration before regulators force the issue.
Procurement teams should pay close attention to renewal timing. A twelve-month investigation window means many enterprise agreements signed in 2026 could run across a period of regulatory uncertainty. Customers negotiating with AWS or Microsoft may find it useful to ask more directly about portability assistance, licensing flexibility, egress exposure, data-export tooling, and the treatment of workloads that might move to rival clouds.
Technical teams should revisit the difference between deliberate lock-in and accidental lock-in. Choosing a proprietary managed service can be rational if the productivity gain is real and the exit cost is understood. The danger is not using first-party cloud services; the danger is using them casually, then discovering later that the bill for leaving was never estimated.
Security teams should also be part of this conversation. Multi-cloud and portability are often sold as resilience strategies, but badly implemented multi-cloud can expand attack surfaces, fragment identity, complicate logging, and create inconsistent policy enforcement. Regulatory enthusiasm for switching should not blind organizations to the operational risk of spreading workloads across providers without mature governance.
For Windows-centric shops, the licensing angle deserves particular care. If a workload depends on Windows Server, SQL Server, Remote Desktop Services, Microsoft identity, or hybrid management tooling, the cost comparison between Azure and other clouds may be shaped by more than instance pricing. Administrators should model licensing, support, compliance, migration, and staff expertise as a single package rather than treating compute rates as the headline number.
This is where the Commission’s case may become uncomfortable for the hyperscalers. AWS and Microsoft can point to innovation, falling unit costs in some services, customer choice, and fierce competition for new workloads. Regulators will ask what happens after the customer is inside the estate.
Those are different stories. The sales story is about choice. The operations story is about dependency. The legal story will turn on whether dependency has crossed from ordinary product stickiness into gatekeeper power.
Customers should not expect Brussels to abolish complexity. Cloud computing is complex because modern infrastructure is complex. But regulators can still reduce artificial friction: unclear licensing, punitive exit economics, discriminatory terms, self-preferencing, or technical barriers that exist more to defend incumbency than to improve service quality.
The larger cultural change may be that cloud buyers begin asking harder questions before signing. For years, cloud adoption was framed as escape from the constraints of traditional enterprise IT. The irony is that many organizations now need a cloud exit strategy with the same seriousness they once applied to data-center migration plans.
Brussels Decides the Cloud Is Infrastructure, Not Just Another Platform
The Digital Markets Act was built around a familiar picture of platform power: app stores, search engines, social networks, messaging systems, marketplaces, browsers, and operating systems. These are places where users gather, businesses are forced to appear, and the platform owner can quietly change the rules. Cloud computing never fit that picture perfectly, because most users do not “visit” AWS or Azure in the same way they visit an app store.But enterprises do live inside cloud platforms. Their databases, identity systems, storage buckets, Kubernetes clusters, AI pipelines, backup policies, disaster recovery plans, billing models, and compliance controls become bound to a provider’s technical and commercial vocabulary. Once that happens, cloud is no longer merely rented compute. It becomes the operating terrain on which a company’s own software business runs.
That is why the Commission’s decision to investigate AWS and Azure despite their not meeting the DMA’s quantitative gatekeeper thresholds matters. The regulator is effectively saying that the cloud market may create dependency in ways the original threshold tests do not fully capture. In plain English: if the numbers do not describe the bottleneck, Brussels may still go looking for the bottleneck.
The move also widens the DMA’s political ambition. Until now, the law’s most visible battles have been with consumer-facing empires: Apple over iOS, Google over search and Android, Meta over data use, Amazon over marketplace conduct, Microsoft over Windows-linked services. Cloud pushes the law into the back office, where competition problems are less visible to consumers but arguably more consequential for the digital economy.
AWS and Azure Do Not Need to Own Everything to Shape Everything
The cloud market is often described as competitive because there are alternatives. Google Cloud exists. Oracle Cloud exists. IBM, Alibaba, OVHcloud, Scaleway, Hetzner, and many regional providers exist. Enterprises can also run workloads on-premises, in colocation facilities, or across hybrid architectures.That description is true and incomplete. Competition in cloud is not only about whether alternatives exist; it is about whether customers can realistically use those alternatives without paying a technical, financial, and organizational penalty so large that “choice” becomes theoretical. The Commission’s probe appears aimed at that gap between available options and practical mobility.
AWS and Azure dominate different parts of the enterprise imagination. AWS remains the archetypal hyperscaler, the platform that turned elastic infrastructure into a default assumption for developers and startups. Azure, meanwhile, sits in a Microsoft ecosystem that already includes Windows Server, Active Directory, Entra ID, Microsoft 365, SQL Server, Visual Studio, GitHub, Dynamics, Defender, and a growing portfolio of AI and developer tooling.
For Windows-heavy organizations, Azure is not just another cloud provider in a comparison table. It is often the path of least resistance for identity integration, licensing, management tooling, security posture, and procurement. That can be perfectly legitimate product integration, but it can also become the kind of gravitational force regulators scrutinize when customers find it hard to leave or rivals find it hard to compete.
AWS has a different kind of gravity. Its service catalog, developer mindshare, partner ecosystem, certification economy, and maturity in infrastructure primitives give it enormous staying power. Even where AWS does not “lock in” a customer by contract, it may lock them in through architecture, skills, managed services, automation scripts, observability stacks, and years of operational habit.
The Thresholds Were Never the Whole Law
The DMA’s quantitative thresholds are meant to identify obvious gatekeepers quickly. They look at size, reach, and market position, allowing the Commission to designate companies when the evidence is already overwhelming. But the law also gives Brussels room to conduct market investigations when a service may function as a gatekeeper even if it does not trip the automatic tests.That flexibility is now the center of the cloud fight. AWS and Azure not meeting the automatic thresholds does not end the inquiry; it starts a more interesting one. The Commission is asking whether the formal measures of gatekeeper status understate how cloud power works.
This is a crucial distinction. Consumer platforms often demonstrate power through user numbers. Cloud platforms demonstrate power through dependency depth. A single enterprise tenant may represent thousands of employees, millions of customers, regulated data flows, production systems, software supply chains, and years of accumulated technical decisions.
That makes cloud a poor fit for blunt user-count logic. A consumer messaging app can be measured by how many people open it. A cloud platform may need to be measured by how hard it is for businesses to move away from it, how much value accumulates inside its proprietary services, and how strongly its pricing and licensing rules shape the competitive field.
The Commission’s third investigation, into whether the DMA’s existing cloud framework is adequate, is therefore not a footnote. It is an admission that the law may need interpretive adaptation for infrastructure markets. The EU is not merely asking whether AWS and Azure fit the DMA; it is asking whether the DMA’s current categories fit cloud computing.
Lock-In Has Become the Cloud’s Most Expensive Feature
Cloud lock-in is sometimes discussed as if it were a moral failing by lazy architects. That is unfair. Organizations choose managed databases, serverless platforms, proprietary monitoring tools, queueing systems, data warehouses, and identity integrations because those services save time and reduce operational burden. The entire promise of cloud is that customers should not have to rebuild everything themselves.The trouble begins when convenience compounds into captivity. A workload that starts on commodity virtual machines can be moved with effort. A workload built around a provider’s managed database semantics, storage APIs, IAM model, event bus, observability stack, AI service, and deployment pipeline is far more entangled. The customer has not merely rented infrastructure; it has written its business logic into the provider’s worldview.
Egress fees have long been the most visible symbol of this problem. Charging customers to move data out of a platform can make switching or multi-cloud architectures more expensive, especially for data-heavy workloads. Several providers have softened or changed data-transfer policies under competitive and regulatory pressure, but the broader issue is not limited to a single line item on a bill.
The deeper lock-in is operational. Teams train on one provider. Security policies are written around one provider’s controls. Procurement commits to one provider’s discount structures. Compliance evidence is generated from one provider’s dashboards. Disaster recovery plans assume one provider’s regions and services. Over time, the cost of leaving becomes not only financial but institutional.
That is why cloud competition cannot be judged solely by whether a customer could, in theory, redeploy elsewhere. The real test is whether switching is commercially and technically plausible before the incumbent’s advantages become self-reinforcing. Regulators are increasingly skeptical of markets where the answer is “yes, but only after an expensive multi-year migration that nobody has budgeted for.”
Microsoft’s Cloud Problem Is Also a Windows Problem
For WindowsForum readers, Microsoft’s place in this probe deserves special attention. Azure is not just Microsoft’s cloud business. It is the destination toward which much of the Microsoft enterprise stack has been gradually bent.Windows Server, SQL Server, Active Directory, Microsoft 365, Defender, Intune, Entra ID, Power Platform, Teams, and GitHub all feed into Azure’s strategic position. Microsoft can argue, with reason, that customers benefit when these products work better together. The integration story is one of Microsoft’s strongest advantages, especially for organizations that do not want to stitch together identity, endpoint management, productivity, analytics, and security from separate vendors.
But integration becomes controversial when it affects the price or feasibility of using competing clouds. The UK Competition and Markets Authority has already put particular scrutiny on Microsoft’s software licensing practices in cloud markets, including concerns that running Microsoft software on rival clouds can be less attractive than running it on Azure. That issue matters because Windows Server and SQL Server are not niche products; they are part of the enterprise substrate.
If regulators conclude that Microsoft’s software estate helps Azure compete unfairly, the remedies could reach beyond Azure’s dashboard. They could affect licensing terms, portability commitments, interoperability requirements, and how Microsoft bundles cloud credits or technical advantages with broader enterprise agreements. For IT departments, that would be a far more practical outcome than a symbolic slap on the wrist.
Microsoft’s challenge is that the company has spent years presenting Azure as the natural home for the Microsoft customer. That strategy has worked. It has also made Azure harder to separate from the rest of Microsoft’s enterprise machine when regulators ask whether customers are being steered, nudged, or economically pressured into one cloud.
AWS Faces a Cleaner but No Less Serious Accusation
Amazon’s cloud power is less entangled with desktop operating systems and productivity suites. That gives AWS a cleaner defense in some respects. It can say its position was earned through early execution, broad service availability, engineering maturity, and relentless infrastructure investment.That defense will resonate with many technologists. AWS did not become central to cloud computing by accident. It gave developers tools that were faster, more programmable, and more scalable than traditional enterprise IT procurement. It built a platform that rewarded experimentation and then converted that experimentation into production dependency.
But being first and being good do not immunize a company from gatekeeper scrutiny. If AWS has become an unavoidable route to market for certain classes of software companies, or if its technical and pricing structures make competitive alternatives less viable, regulators can still ask whether intervention is justified. Dominance earned through innovation can still become dominance protected by switching costs.
AWS also benefits from ecosystem lock-in that does not require a Microsoft-style software estate. Certifications, partner practices, reference architectures, marketplace offerings, startup credits, managed services, procurement channels, and accumulated operational familiarity all make AWS sticky. The question for Brussels is whether that stickiness reflects healthy customer satisfaction or market power that forecloses rivals.
Amazon will likely argue that cloud remains intensely competitive, with price cuts, rapid innovation, and major rivals investing aggressively. That argument is not frivolous. The cloud market is not a static monopoly. But regulators are increasingly focused on whether competition happens mostly at the moment a customer chooses a provider, while fading once the workload is deeply embedded.
The UK Already Drew the Map Brussels Is Now Walking
The EU investigation follows a British regulatory path that has already identified cloud as a competition problem. The UK’s Competition and Markets Authority spent nearly two years examining the cloud infrastructure services market and concluded that competition was not working as well as it should. Its concerns included market concentration, data-transfer charges, technical barriers to switching and multi-cloud, and Microsoft’s software licensing practices.The UK framework is not identical to the EU’s DMA. Britain’s “strategic market status” regime is its own post-Brexit digital competition tool. But the similarities are obvious enough that AWS and Microsoft now face a pincer movement: one inquiry from Brussels under the DMA, and another competition policy current from London under the UK’s digital markets regime.
This matters because large technology companies can often absorb one jurisdiction’s rules as a local compliance exercise. Two major European regulators circling the same cloud practices make that harder. If the UK and EU converge on similar concerns, the companies may find themselves adjusting global commercial practices rather than maintaining bespoke European exceptions.
It also gives smaller cloud providers a stronger political narrative. European cloud firms have long argued that hyperscaler dominance is not merely the result of better products, but also the result of structural barriers that prevent customers from moving workloads or comparing prices cleanly. The UK findings gave that argument institutional weight. The EU probe gives it continental scale.
Still, regulators will need to avoid confusing frustration with proof. Cloud buyers complain about bills, complexity, licensing, egress, and support across nearly every provider. The task is to distinguish normal enterprise dissatisfaction from conduct that unlawfully entrenches dominant platforms. That is harder than it sounds, and the remedies could be messy.
Gatekeeper Status Would Turn Architecture Into Compliance
If AWS and Azure are designated as DMA gatekeepers for cloud services, the consequences would not stop at legal departments. The DMA can impose obligations around fair access, interoperability, data portability, self-preferencing, and restrictions on using business-user data in ways that disadvantage competitors. Translated into cloud terms, those concepts could affect how customers move workloads, how rival services interoperate, and how platform owners privilege their own services.The most obvious target is portability. Regulators may want customers to move data and workloads more easily, with fewer contractual or technical penalties. That could mean pressure on data egress practices, migration tooling, interface documentation, and barriers that make multi-cloud designs impractical.
Interoperability is more complicated. Cloud providers do not merely host standardized compute and storage anymore. They offer managed databases, proprietary serverless runtimes, AI APIs, analytics platforms, security tools, and identity services. Forcing interoperability across such services is not like requiring a messaging app to talk to another messaging app. It risks running into genuine engineering differences, security boundaries, and product-design tradeoffs.
Fair access could also become a battlefield. If a hyperscaler runs a marketplace, offers first-party services, controls procurement incentives, and observes customer usage patterns, rivals will want assurances that the platform is not tilting the field toward its own products. That concern has parallels with app stores and online marketplaces, but cloud adds the extra complexity of infrastructure security and enterprise contracting.
The biggest unknown is how prescriptive Brussels will be. A light-touch designation might push providers toward clearer portability commitments and less punitive switching costs. A more aggressive regime could force changes to licensing, bundling, APIs, marketplace ranking, or technical documentation. The investigation’s twelve-month timeline means cloud buyers may spend much of 2026 planning around uncertainty.
The Investor Story Is About Margins, Not Headlines
For investors, the immediate temptation is to treat this as another Big Tech regulatory headline. That understates what is at stake. AWS and Azure are not side businesses. They are central profit engines and strategic anchors for Amazon and Microsoft.AWS has long been one of Amazon’s most important sources of operating income, giving the company financial flexibility beyond retail. Azure, while reported inside Microsoft’s broader cloud and server categories rather than always as a clean standalone number, is central to Microsoft’s growth story, AI ambitions, and enterprise valuation. Any regulatory regime that affects cloud pricing, bundling, interoperability, or portability could touch high-margin revenue streams.
That does not mean the EU probe will blow a hole in either company’s financial model. Antitrust and digital regulation often move slowly, and remedies can be narrower than critics hope. The companies also have the resources to comply, litigate, adapt contracts, and turn regulatory obligations into standardized enterprise features.
But the direction of travel matters. If regulators make it easier for customers to move workloads, negotiate licenses, avoid punitive data-transfer costs, or mix cloud providers, then hyperscalers may have to compete harder after the initial sale. That could pressure margins over time, especially for services whose profitability depends on customer inertia.
Investors should therefore watch not only the final designation decision, but also the remedy language. A gatekeeper label is important. The obligations attached to it are where the economics live.
Europe Is Trying to Regulate the Control Plane
The most interesting part of the EU’s move is conceptual. Brussels is not just policing cloud market share. It is beginning to regulate the control plane of modern business technology.In cloud computing, the control plane is where decisions are made: identity, permissions, deployment, billing, monitoring, policy, automation, and orchestration. Whoever owns that layer has influence far beyond raw compute. They shape how developers build, how administrators secure, how finance teams budget, and how executives understand risk.
That is why cloud dominance feels different from the old monopoly fights over browsers or media players. A browser monopoly shaped access to the web. A cloud control-plane monopoly can shape how companies build the web, run AI systems, store regulated data, defend against attackers, and recover from outages. It is less visible and more embedded.
The Commission’s probe implicitly recognizes that the next generation of platform power may sit below the user interface. Users may never see Azure Resource Manager, AWS IAM, S3 policies, VPC architectures, Entra integrations, or reserved-instance commitments. But those mechanisms can still determine whether a competitor gets a fair shot.
This is also where the AI boom sharpens the stakes. Cloud providers are now the landlords for much of the AI economy, selling GPUs, model-hosting platforms, vector databases, data pipelines, and integrated developer services. If cloud markets are already sticky, AI workloads may make them stickier. The provider that hosts the data, identity, models, and deployment environment may gain an even stronger grip.
Smaller Clouds Need More Than Regulatory Sympathy
European cloud providers and other challengers will welcome the Commission’s intervention, but regulation alone will not create a competitive cloud market. Customers do not choose hyperscalers only because they are trapped. They choose them because they are global, mature, feature-rich, well-documented, heavily staffed, and deeply integrated into enterprise procurement.If Brussels wants a more contestable cloud market, it must be careful not to mistake portability mandates for a full industrial strategy. Making it easier to leave AWS or Azure helps only if credible destinations exist at the necessary scale, compliance level, and service breadth. Otherwise, portability becomes a right that customers admire and rarely use.
Smaller providers also face a brutal capital problem. Cloud infrastructure is expensive. Regions, data centers, fiber, chips, energy contracts, security operations, compliance certifications, and support organizations require enormous investment. Even if regulators reduce switching barriers, challengers still need to convince customers that they can run mission-critical workloads reliably for years.
That said, competition does not require every provider to match AWS and Azure service-for-service. A healthier market could include specialized clouds for sovereignty, regulated industries, high-performance computing, privacy-sensitive workloads, edge deployments, or open-source-oriented platforms. The goal should not be to clone the hyperscalers. It should be to prevent the hyperscalers from becoming the only realistic answer to every infrastructure question.
For administrators and architects, that means the practical response is not to wait for Brussels. It is to design with exit costs in mind. The companies that benefit most from any future portability rules will be the ones that have already documented dependencies, separated data layers where possible, avoided unnecessary proprietary coupling, and understood the true cost of migration before regulators force the issue.
The Fine Print Now Belongs in Every Cloud Architecture Meeting
The EU probe turns cloud governance into a boardroom and architecture concern at the same time. It does not require immediate panic, and it does not mean AWS or Azure customers should rush for the exits. It does mean the assumptions behind long-term cloud commitments deserve fresh scrutiny.Procurement teams should pay close attention to renewal timing. A twelve-month investigation window means many enterprise agreements signed in 2026 could run across a period of regulatory uncertainty. Customers negotiating with AWS or Microsoft may find it useful to ask more directly about portability assistance, licensing flexibility, egress exposure, data-export tooling, and the treatment of workloads that might move to rival clouds.
Technical teams should revisit the difference between deliberate lock-in and accidental lock-in. Choosing a proprietary managed service can be rational if the productivity gain is real and the exit cost is understood. The danger is not using first-party cloud services; the danger is using them casually, then discovering later that the bill for leaving was never estimated.
Security teams should also be part of this conversation. Multi-cloud and portability are often sold as resilience strategies, but badly implemented multi-cloud can expand attack surfaces, fragment identity, complicate logging, and create inconsistent policy enforcement. Regulatory enthusiasm for switching should not blind organizations to the operational risk of spreading workloads across providers without mature governance.
For Windows-centric shops, the licensing angle deserves particular care. If a workload depends on Windows Server, SQL Server, Remote Desktop Services, Microsoft identity, or hybrid management tooling, the cost comparison between Azure and other clouds may be shaped by more than instance pricing. Administrators should model licensing, support, compliance, migration, and staff expertise as a single package rather than treating compute rates as the headline number.
The Cloud Bill Is Becoming a Competition Document
The most concrete lesson from the EU’s investigation is that cloud invoices are no longer just finance artifacts. They are evidence of how market power is exercised. Egress charges, committed-spend discounts, bundled credits, software license mobility, support tiers, marketplace fees, and managed-service dependencies all tell a story about whether customers can act freely after they choose a provider.This is where the Commission’s case may become uncomfortable for the hyperscalers. AWS and Microsoft can point to innovation, falling unit costs in some services, customer choice, and fierce competition for new workloads. Regulators will ask what happens after the customer is inside the estate.
Those are different stories. The sales story is about choice. The operations story is about dependency. The legal story will turn on whether dependency has crossed from ordinary product stickiness into gatekeeper power.
Customers should not expect Brussels to abolish complexity. Cloud computing is complex because modern infrastructure is complex. But regulators can still reduce artificial friction: unclear licensing, punitive exit economics, discriminatory terms, self-preferencing, or technical barriers that exist more to defend incumbency than to improve service quality.
The larger cultural change may be that cloud buyers begin asking harder questions before signing. For years, cloud adoption was framed as escape from the constraints of traditional enterprise IT. The irony is that many organizations now need a cloud exit strategy with the same seriousness they once applied to data-center migration plans.
The Brussels Probe Gives Cloud Buyers a New Checklist
The investigation will take time, and the final outcome is uncertain. But the direction is already useful: regulators are validating concerns that many architects, CIOs, and administrators have raised for years about portability, licensing, and the real cost of switching. The near-term response should be disciplined preparation, not regulatory theater.- Organizations should inventory which workloads depend on provider-specific services that would be difficult to replace quickly.
- Procurement teams should ask AWS and Microsoft for explicit terms on data export, migration support, license mobility, and post-contract access.
- Windows-heavy enterprises should model the full cost of running Microsoft workloads on Azure versus rival clouds, including licensing and support assumptions.
- Security teams should treat multi-cloud plans as governance projects, not just resilience slogans.
- Developers should document cloud-specific APIs, identity dependencies, deployment scripts, and managed-service assumptions before they become institutional memory.
- Executives should view cloud portability as a negotiating asset even if they have no immediate plan to switch providers.
References
- Primary source: Crypto Briefing
Published: 2026-06-18T14:30:08.744209
Microsoft, Amazon Web Services face EU probe over cloud dominance
European Commission opens DMA investigations into AWS and Microsoft Azure cloud services, examining potential gatekeeper designations despite not meetingcryptobriefing.com - Related coverage: digital-strategy.ec.europa.eu
Commission launches market investigations on cloud computing services under the Digital Markets Act
The European Commission opened three market investigations on cloud computing services under the Digital Markets Act (DMA).digital-strategy.ec.europa.eu
- Related coverage: gov.uk
CMA announces package of actions on business software and cloud services - GOV.UK
CMA aims to create greater choice for UK businesses and public sector at pivotal time of advances in AI.www.gov.uk
- Related coverage: agenceurope.eu
Cloud sector could soon be subject to strictest DMA obligations | AGENCE EUROPE
The European Commission investigates Amazon and Microsoft's cloud services.agenceurope.eu
- Related coverage: investing.com
EU probes Amazon, Microsoft’s cloud services for potential curbs By Reuters
EU probes Amazon, Microsoft’s cloud services for potential curbswww.investing.com - Related coverage: aa.com.tr
EU launches market investigations into cloud services under bloc's digital rules
Probes to review Amazon, Microsoft as 'gateways,' between businesses, consumers | Anadoluwww.aa.com.tr
- Related coverage: datacenterdynamics.com
"Competition is not working well," says UK CMA concluding cloud market investigation - DCD
AWS and Microsoft to undergo further "strategic market status" investigationswww.datacenterdynamics.com - Related coverage: ppc.land
EU opens cloud gatekeeper probes for Amazon and Microsoft
European Commission launches three market investigations examining whether Amazon Web Services and Microsoft Azure should face Digital Markets Act regulation.ppc.land
- Related coverage: grcreport.com
EU Opens New Cloud Investigations Under the Digital Markets Act
Nov 20, 2025 - Compliance & Ethics - The European Commission is taking a look at the foundations of Europe’s cloud computing market, opening three new investigations that could reshape how major providers operate across the EU.www.grcreport.com - Related coverage: cincodias.elpais.com
Bruselas investiga el control de acceso de Amazon y Microsoft a sus servicios en la nube | Empresas | Cinco Días
La Comisión Europa estudia si las dos tecnológicas deben someterse a las reglas más estrictas de la ley europea de mercados digitalescincodias.elpais.com - Related coverage: tomshardware.com
Microsoft facing $2.8 billion UK lawsuit for overcharging 60,000 businesses using Microsoft Server on other clouds — Azure users allegedly received lower wholesale pricing | Tom's Hardware
Is the company charging a premium for users not on Azure?www.tomshardware.com - Related coverage: techradar.com
UK looks to stop "harmful" cloud domination by AWS, Microsoft - but the tech giants are hitting back | TechRadar
Microsoft and AWS hit back at CMA decisionwww.techradar.com - Related coverage: windowscentral.com
UK CMA questions cloud market as Azure revenue grows | Windows Central
This fiscal year, Azure and other Microsoft cloud services earned $75 billion in revenue.www.windowscentral.com - Related coverage: itpro.com
‘Misses the mark’: Microsoft, AWS hit out at CMA cloud competition report | IT Pro
The CMA claims Microsoft and AWS are harming competition – the duo strongly disagreewww.itpro.com
