On June 25, 2026, the European Commission told Amazon and Microsoft that it preliminarily believes Amazon Web Services and Microsoft Azure should be designated as Digital Markets Act gatekeepers for cloud computing services in the European Union. The finding is not final, and both companies can still argue their case before Brussels locks in the designation. But the direction of travel is unmistakable: Europe is preparing to treat cloud infrastructure less like a neutral utility market and more like a strategic control point. For WindowsForum readers, that makes this more than another Brussels-versus-Big-Tech headline; it is a signal that the operating environment for Azure, Microsoft 365, AI workloads, enterprise procurement, and sovereign cloud strategy is changing.
The Digital Markets Act was born in the era of app stores, search engines, browsers, marketplaces, social networks, and messaging platforms. Its political target was the consumer-facing bottleneck: the platform that sits between a business and its users, sets the rules, and becomes too essential to ignore. Cloud computing never fit that image quite as cleanly.
That is precisely why this preliminary designation matters. The Commission is arguing that the same gatekeeper logic applies beneath the visible internet, in the infrastructure layer where databases, identity systems, compute instances, storage buckets, AI services, developer tools, and enterprise software integrations now live. AWS and Azure may not look like consumer platforms, but they increasingly determine which businesses can scale, which vendors can interoperate, and which customers can leave without a painful rebuild.
The Commission’s move follows market investigations launched in November 2025 into whether Amazon and Microsoft should be designated as gatekeepers for AWS and Azure despite not meeting the DMA’s standard quantitative thresholds. That caveat is the core of the story. Brussels is not merely applying a checklist; it is testing whether the DMA can reach companies that function as strategic gateways even when the law’s original numerical triggers do not map neatly onto cloud markets.
This is the moment when cloud stops being treated as background infrastructure and becomes a regulatory front line. For Microsoft, in particular, Azure is no longer just the growth engine behind the company’s enterprise story. It is also becoming one of the places where Europe will scrutinize the company’s leverage across Windows, Microsoft 365, identity, developer tooling, cybersecurity, and AI.
Brussels is taking a different route. It is saying that market structure matters as much as arithmetic. AWS is the largest cloud computing service in the EU, Azure is the second largest, and both appear to hold durable positions that competitors cannot easily dislodge. The Commission’s theory is that a cloud service can be an important gateway even if the conventional gatekeeper thresholds were designed with more visible digital services in mind.
That is a significant legal and political bet. The EU is effectively arguing that the DMA is not just a statute about today’s dominant screens, stores, and feeds. It is a tool for identifying durable control points in the digital economy, even when those control points are buried in procurement contracts, architecture diagrams, and migration roadmaps.
For enterprise customers, this tracks reality. Nobody chooses a hyperscaler the way they install a casual mobile app. Once workloads, data pipelines, identity policies, monitoring systems, compliance controls, and internal developer practices are built around one cloud, switching becomes a technical, financial, and organizational event. The user count may not look like a consumer platform’s user count, but the dependency can be deeper.
This is why cloud regulation has always been harder than app-store regulation. A phone user can see the platform. A CIO sees the platform in invoices, egress fees, licensing terms, committed spend agreements, API dependencies, and architectural gravity. The Commission is now trying to turn that operational reality into regulatory doctrine.
It is also what makes regulators nervous. A customer adopting Azure is often not just buying cloud compute. It may be deepening an existing relationship that already runs through desktop productivity, directory services, endpoint security, collaboration, development workflows, and licensing agreements. The cloud purchase becomes one more layer in a Microsoft-centered operating model.
The company can argue, reasonably, that integration is what customers want. IT departments do not buy identity, endpoint management, productivity, compliance, and cloud services as abstract policy units. They buy systems that work together, reduce friction, and let small teams manage sprawling estates. Microsoft’s entire modern enterprise pitch is that it can make that bundle feel coherent.
The regulatory counterargument is that coherence can become captivity. If the best price, best compatibility, or easiest deployment path consistently appears when a customer stays inside the Microsoft estate, rival cloud providers and independent software vendors may struggle to compete on the merits. The Commission’s preliminary designation suggests it sees Azure not merely as a successful cloud platform, but as a gateway reinforced by Microsoft’s broader enterprise ecosystem.
For Windows admins, that is the part worth watching. The practical effects of any final DMA obligations may show up not as a dramatic “Azure breakup” moment, but as changes to interoperability, self-preferencing, data portability, licensing behavior, and the way Microsoft connects cloud services to its surrounding stack. The boring clauses could matter more than the headline.
That makes AWS the cleaner test of the Commission’s cloud theory. If Azure raises concerns because of Microsoft’s ecosystem leverage, AWS raises concerns because of hyperscale gravity itself. Its strength comes from breadth, maturity, global infrastructure, partner ecosystems, technical familiarity, and the confidence customers place in a platform that has been battle-tested for years.
AWS will argue that punishing scale risks punishing success. Cloud markets are capital intensive, and hyperscalers spend staggering sums on data centers, chips, networking, power, security, and regional expansion. If Europe imposes obligations that make dominant providers less willing to invest or more cautious in launching services, customers could feel that too.
But the Commission’s concern is not simply that AWS is big. It is that big cloud platforms can become hard to leave, hard to compete with, and hard to negotiate against. If a market depends on a handful of providers whose operational capacity and investment far outpace rivals, then the competitive question is no longer whether alternatives technically exist. It is whether those alternatives can win meaningful workloads without customers absorbing unacceptable migration costs or performance penalties.
In that sense, AWS and Azure are complementary test cases. One represents the cloud-native incumbent with unmatched scale; the other represents the enterprise software giant whose cloud is woven into a broader productivity and identity empire. Brussels is signaling that both forms of power can qualify as gatekeeping.
This changes the political stakes. A business that builds on a hyperscaler’s proprietary AI services may not simply be renting compute. It may be adopting model APIs, vector databases, data governance tools, inference infrastructure, security controls, developer frameworks, and marketplace integrations that are difficult to reproduce elsewhere. The cloud provider becomes the venue through which AI capability is delivered.
For Europe, that raises an uncomfortable question: if the continent’s public administrations, regulated industries, startups, and AI developers depend on a small number of US-based hyperscalers, how much room does Europe really have to shape its own digital future? The answer is not solved by slogans about sovereignty or by pretending local providers can immediately match hyperscaler scale. But the question is now central to EU technology policy.
Microsoft understands this well. Its AI strategy is inseparable from Azure. OpenAI workloads, Copilot services, Azure AI tooling, enterprise data integration, and Microsoft 365 automation all reinforce the idea that Azure is where business AI becomes operational. That makes Azure more valuable, but also more strategically sensitive.
AWS has a parallel story through Bedrock, custom silicon, AI infrastructure, and a large ecosystem of model providers and enterprise AI services. Both companies can plausibly say they are expanding choice by giving customers access to more AI tools. Regulators can just as plausibly reply that those tools may deepen dependency on the same hyperscale platforms already dominating cloud infrastructure.
The Commission’s preliminary designation is therefore not just about cloud as it exists today. It is about cloud as the control plane for the next decade of AI adoption.
The exact obligations that bite hardest will depend on how the Commission applies the DMA to cloud services. The law was not written as a cloud portability manual, so the fight will likely be over interpretation. What counts as fair access? What counts as self-preferencing in a cloud marketplace? What does meaningful interoperability mean when the service catalog spans compute, storage, networking, identity, analytics, AI, security, and managed databases?
For customers, the answer may eventually surface in small but consequential ways. Contract terms could become more transparent. Switching and multi-cloud operations could receive more regulatory backing. Hyperscalers may face closer scrutiny when they bundle services, privilege their own products, restrict interoperability, or make it expensive to move data and workloads elsewhere.
No serious enterprise should expect an immediate liberation from cloud complexity. The DMA will not rewrite application architectures, normalize every API, eliminate skills gaps, or make multi-cloud cheap. But it could change the negotiation context. A customer asking for portability, interoperability, or non-discriminatory access may have more regulatory wind at its back than it did before.
That is why the final designation matters even before enforcement actions arrive. Regulation often changes behavior through anticipation. Hyperscalers, rivals, and customers all start adjusting once the likely rules of the road become visible.
Azure is bound up with Microsoft Entra ID, Intune, Defender, Azure Virtual Desktop, Windows 365, server workloads, hybrid identity, and Microsoft 365 administration. Many organizations do not experience Azure as a standalone cloud provider; they experience it as the administrative extension of the Microsoft estate. That is exactly why regulatory scrutiny of Azure could eventually touch decisions that Windows admins make every day.
Licensing is the most obvious pressure point. Microsoft has already faced scrutiny in Europe over cloud licensing practices, including concerns from rivals that Windows Server and other Microsoft software can be more costly or harder to run on competing clouds. Any final DMA designation would not automatically settle those disputes, but it would place Azure inside a broader gatekeeper framework where tying, preferential treatment, and switching friction become more politically charged.
Identity is the quieter issue. Entra ID has become one of the central chokepoints in Microsoft’s enterprise platform. It governs access to Microsoft 365, Azure resources, SaaS applications, conditional access policies, device compliance, and security workflows. If regulators begin asking how Azure functions as a gateway, identity will inevitably be part of the practical conversation, even if the legal designation is formally about cloud computing services.
Then there is the cloud desktop. Windows 365 and Azure Virtual Desktop sit at the intersection of Windows licensing, virtualization, identity, endpoint management, and Azure infrastructure. They are useful products, especially for distributed workforces and contractors, but they also deepen the logic of Microsoft cloud dependency. In a DMA world, the way Microsoft packages and advantages those experiences may receive more scrutiny.
This does not mean Windows shops should panic. It does mean they should understand that Microsoft’s enterprise convenience story and Europe’s competition concerns are now describing the same architecture from opposite sides.
Multi-cloud is expensive. It requires duplicated skills, governance models, observability tooling, security practices, network design, cost management, data architecture, and incident response playbooks. Even when workloads are containerized and infrastructure is described as code, the managed services that make cloud attractive often remain provider-specific. The more a team uses the best native services from AWS or Azure, the harder pure portability becomes.
That reality does not invalidate the Commission’s concern. It sharpens it. If cloud lock-in is partly a natural byproduct of useful managed services, then regulators must distinguish between legitimate product differentiation and artificial switching barriers. That distinction is easy to state and hard to enforce.
A managed database that performs better because a provider invested heavily in engineering is not the same as a contract term that penalizes customers for moving. A proprietary AI service that customers willingly choose is not the same as a licensing rule that makes rival clouds uneconomical. A deeply integrated security suite can be a customer benefit and a competitive moat at the same time.
The Commission’s challenge will be to avoid flattening those differences. If it treats every integration as suspicious, it risks discouraging useful engineering. If it treats every switching cost as natural, the gatekeeper label becomes decorative. The hard work lies between those extremes.
This is not hypocrisy. It is the modern cloud dilemma. Hyperscalers are both indispensable infrastructure and competitive bottlenecks. They lower barriers for companies that need world-class infrastructure quickly, while raising barriers for competitors that cannot match their capital intensity and ecosystem depth.
European cloud providers have long argued that the market is tilted against them by egress fees, software licensing rules, bundled services, marketplace dynamics, and procurement habits that favor the largest platforms. AWS and Microsoft counter that customers choose them because they offer better capabilities, broader service portfolios, and stronger investment. Both arguments contain truth.
The Commission is trying to create room for competition without detonating the infrastructure that European customers already use. That is a delicate task. Too soft an approach will leave the market structure unchanged. Too aggressive an approach could create uncertainty for customers and slow investments that Europe also needs.
This is why the preliminary nature of the designation matters. Amazon and Microsoft will now make their case, and they will likely frame the issue around investment, innovation, security, and customer choice. The Commission will frame it around fairness, openness, and the risk that cloud control becomes a private chokepoint in Europe’s digital economy.
Neither side is arguing about a marginal market. They are arguing about the substrate on which everything else is being built.
In cloud, openness is slippery. A workload can run on Linux, use Kubernetes, authenticate through standards-based protocols, and still be deeply dependent on proprietary services. A customer can export data, but still face prohibitive costs and engineering risk in moving it. A marketplace can include rival software, while the platform owner’s own services enjoy structural advantages in billing, integration, defaults, or procurement.
The DMA pushes regulators toward a more behavioral definition of openness. It asks whether business users can realistically reach customers without being trapped by a gatekeeper’s rules. Applied to cloud, that means the Commission will likely care less about abstract compatibility claims and more about practical exit rights, fair terms, and whether rivals can interoperate on commercially viable terms.
For Microsoft, this could become especially uncomfortable where Azure is adjacent to Microsoft’s own applications and services. The company can say customers are free to choose alternatives. Regulators may ask whether those alternatives face subtle disadvantages when competing against a platform owner with control over identity, licensing, administration, security integrations, and procurement channels.
For AWS, the issue may be less about adjacent productivity software and more about the sheer depth of the platform’s native service catalog. AWS can say customers are free to use open-source tools, third-party partners, and hybrid architectures. Regulators may ask whether the economics of moving data, rebuilding architectures, or matching managed-service functionality make that freedom theoretical for many customers.
The gatekeeper label is therefore not just a badge. It is a claim that the platform owner’s definition of openness can no longer be the only one that counts.
Too many organizations discover lock-in after the architecture is already built. They learn that backups, logs, identity flows, data gravity, proprietary APIs, committed spend agreements, and staff skills all point in one direction. By then, “cloud choice” is a phrase in a procurement policy rather than an operational fact.
The Commission’s move should encourage customers to ask harder questions before the next renewal, migration, or AI rollout. What services are genuinely portable? Which workloads depend on provider-specific APIs? What would it cost to move data out? Are licensing terms different across clouds? Does the organization have a tested exit plan, or just a theoretical one?
For Windows-heavy environments, the questions should be even more specific. How tightly are Azure, Entra ID, Intune, Defender, Microsoft 365, Windows 365, and server licensing bound together in the organization’s operating model? Which integrations are delivering real administrative value, and which are narrowing future options? Where does Microsoft convenience become Microsoft dependency?
Regulation may eventually improve the market, but it will not replace internal discipline. The smartest customers will use the DMA process as leverage for better terms and clearer architecture, not as an excuse to postpone hard cloud governance decisions.
That last point is the most important. The Commission is not waiting for cloud to become a perfect fit for yesterday’s platform categories. It is adapting its theory of gatekeeping to the market as it now exists. Whether courts, companies, and customers accept that theory will shape how aggressively Europe can regulate the next generation of digital infrastructure.
There is a risk of overreach. Cloud platforms are complex, capital-intensive, and deeply technical. Badly designed obligations could create compliance theater, slow product improvements, or give customers more paperwork without more freedom. Europe’s regulators will need to prove they can distinguish between harmful gatekeeping and useful integration.
But there is also a risk of underreach. If regulators treat hyperscale cloud as too technical to govern, then the most important control points in the digital economy may drift outside meaningful competition oversight. The result would be a market where businesses can choose between a few giants, but cannot easily discipline any of them.
The Commission has chosen to test that boundary now, before AI makes the dependency even harder to unwind.
Brussels Moves the DMA from App Stores to the Server Room
The Digital Markets Act was born in the era of app stores, search engines, browsers, marketplaces, social networks, and messaging platforms. Its political target was the consumer-facing bottleneck: the platform that sits between a business and its users, sets the rules, and becomes too essential to ignore. Cloud computing never fit that image quite as cleanly.That is precisely why this preliminary designation matters. The Commission is arguing that the same gatekeeper logic applies beneath the visible internet, in the infrastructure layer where databases, identity systems, compute instances, storage buckets, AI services, developer tools, and enterprise software integrations now live. AWS and Azure may not look like consumer platforms, but they increasingly determine which businesses can scale, which vendors can interoperate, and which customers can leave without a painful rebuild.
The Commission’s move follows market investigations launched in November 2025 into whether Amazon and Microsoft should be designated as gatekeepers for AWS and Azure despite not meeting the DMA’s standard quantitative thresholds. That caveat is the core of the story. Brussels is not merely applying a checklist; it is testing whether the DMA can reach companies that function as strategic gateways even when the law’s original numerical triggers do not map neatly onto cloud markets.
This is the moment when cloud stops being treated as background infrastructure and becomes a regulatory front line. For Microsoft, in particular, Azure is no longer just the growth engine behind the company’s enterprise story. It is also becoming one of the places where Europe will scrutinize the company’s leverage across Windows, Microsoft 365, identity, developer tooling, cybersecurity, and AI.
The Thresholds Failed, So the Commission Reached for Market Reality
The most interesting part of the Commission’s preliminary view is that AWS and Azure reportedly do not meet the DMA’s quantitative thresholds for designation. Under a mechanical reading of platform regulation, that could have ended the matter. If the numbers do not fit, the platform escapes the label.Brussels is taking a different route. It is saying that market structure matters as much as arithmetic. AWS is the largest cloud computing service in the EU, Azure is the second largest, and both appear to hold durable positions that competitors cannot easily dislodge. The Commission’s theory is that a cloud service can be an important gateway even if the conventional gatekeeper thresholds were designed with more visible digital services in mind.
That is a significant legal and political bet. The EU is effectively arguing that the DMA is not just a statute about today’s dominant screens, stores, and feeds. It is a tool for identifying durable control points in the digital economy, even when those control points are buried in procurement contracts, architecture diagrams, and migration roadmaps.
For enterprise customers, this tracks reality. Nobody chooses a hyperscaler the way they install a casual mobile app. Once workloads, data pipelines, identity policies, monitoring systems, compliance controls, and internal developer practices are built around one cloud, switching becomes a technical, financial, and organizational event. The user count may not look like a consumer platform’s user count, but the dependency can be deeper.
This is why cloud regulation has always been harder than app-store regulation. A phone user can see the platform. A CIO sees the platform in invoices, egress fees, licensing terms, committed spend agreements, API dependencies, and architectural gravity. The Commission is now trying to turn that operational reality into regulatory doctrine.
Azure’s Strength Is Also Microsoft’s Exposure
Microsoft enters this fight with a uniquely complicated profile. Azure is not an isolated product line; it is part of a vast enterprise stack that includes Windows Server, Windows client management, Microsoft Entra ID, Microsoft 365, Teams, Defender, GitHub, Visual Studio, Power Platform, SQL Server, Dynamics, and a rapidly expanding set of AI services. That breadth is Microsoft’s commercial superpower.It is also what makes regulators nervous. A customer adopting Azure is often not just buying cloud compute. It may be deepening an existing relationship that already runs through desktop productivity, directory services, endpoint security, collaboration, development workflows, and licensing agreements. The cloud purchase becomes one more layer in a Microsoft-centered operating model.
The company can argue, reasonably, that integration is what customers want. IT departments do not buy identity, endpoint management, productivity, compliance, and cloud services as abstract policy units. They buy systems that work together, reduce friction, and let small teams manage sprawling estates. Microsoft’s entire modern enterprise pitch is that it can make that bundle feel coherent.
The regulatory counterargument is that coherence can become captivity. If the best price, best compatibility, or easiest deployment path consistently appears when a customer stays inside the Microsoft estate, rival cloud providers and independent software vendors may struggle to compete on the merits. The Commission’s preliminary designation suggests it sees Azure not merely as a successful cloud platform, but as a gateway reinforced by Microsoft’s broader enterprise ecosystem.
For Windows admins, that is the part worth watching. The practical effects of any final DMA obligations may show up not as a dramatic “Azure breakup” moment, but as changes to interoperability, self-preferencing, data portability, licensing behavior, and the way Microsoft connects cloud services to its surrounding stack. The boring clauses could matter more than the headline.
AWS Is the Cleaner Target, Which Makes the Case Broader
Amazon’s cloud business presents a different regulatory story. AWS is less entangled with desktop operating systems or productivity software than Azure, but it is the original hyperscale cloud powerhouse. It has the largest market position, the deepest service catalog, enormous operational capacity, and a long history of becoming the default answer for startups and enterprises alike.That makes AWS the cleaner test of the Commission’s cloud theory. If Azure raises concerns because of Microsoft’s ecosystem leverage, AWS raises concerns because of hyperscale gravity itself. Its strength comes from breadth, maturity, global infrastructure, partner ecosystems, technical familiarity, and the confidence customers place in a platform that has been battle-tested for years.
AWS will argue that punishing scale risks punishing success. Cloud markets are capital intensive, and hyperscalers spend staggering sums on data centers, chips, networking, power, security, and regional expansion. If Europe imposes obligations that make dominant providers less willing to invest or more cautious in launching services, customers could feel that too.
But the Commission’s concern is not simply that AWS is big. It is that big cloud platforms can become hard to leave, hard to compete with, and hard to negotiate against. If a market depends on a handful of providers whose operational capacity and investment far outpace rivals, then the competitive question is no longer whether alternatives technically exist. It is whether those alternatives can win meaningful workloads without customers absorbing unacceptable migration costs or performance penalties.
In that sense, AWS and Azure are complementary test cases. One represents the cloud-native incumbent with unmatched scale; the other represents the enterprise software giant whose cloud is woven into a broader productivity and identity empire. Brussels is signaling that both forms of power can qualify as gatekeeping.
AI Turned Cloud Lock-In into a Sovereignty Problem
The Commission’s emphasis on AI is not incidental. In the 2010s, cloud lock-in was mostly a procurement and architecture concern. In the 2020s, it has become a sovereignty concern, because the cloud is where advanced AI models are trained, hosted, integrated, governed, and sold.This changes the political stakes. A business that builds on a hyperscaler’s proprietary AI services may not simply be renting compute. It may be adopting model APIs, vector databases, data governance tools, inference infrastructure, security controls, developer frameworks, and marketplace integrations that are difficult to reproduce elsewhere. The cloud provider becomes the venue through which AI capability is delivered.
For Europe, that raises an uncomfortable question: if the continent’s public administrations, regulated industries, startups, and AI developers depend on a small number of US-based hyperscalers, how much room does Europe really have to shape its own digital future? The answer is not solved by slogans about sovereignty or by pretending local providers can immediately match hyperscaler scale. But the question is now central to EU technology policy.
Microsoft understands this well. Its AI strategy is inseparable from Azure. OpenAI workloads, Copilot services, Azure AI tooling, enterprise data integration, and Microsoft 365 automation all reinforce the idea that Azure is where business AI becomes operational. That makes Azure more valuable, but also more strategically sensitive.
AWS has a parallel story through Bedrock, custom silicon, AI infrastructure, and a large ecosystem of model providers and enterprise AI services. Both companies can plausibly say they are expanding choice by giving customers access to more AI tools. Regulators can just as plausibly reply that those tools may deepen dependency on the same hyperscale platforms already dominating cloud infrastructure.
The Commission’s preliminary designation is therefore not just about cloud as it exists today. It is about cloud as the control plane for the next decade of AI adoption.
The Six-Month Clock Would Put Compliance on an Enterprise Timetable
If the preliminary findings become final, Amazon and Microsoft would have six months to comply with the relevant DMA obligations for AWS and Azure. Six months is a short period in regulatory theater and a very short period in enterprise IT. For hyperscalers, it would mean translating broad legal obligations into product behavior, contract rules, documentation, engineering controls, and customer-facing processes.The exact obligations that bite hardest will depend on how the Commission applies the DMA to cloud services. The law was not written as a cloud portability manual, so the fight will likely be over interpretation. What counts as fair access? What counts as self-preferencing in a cloud marketplace? What does meaningful interoperability mean when the service catalog spans compute, storage, networking, identity, analytics, AI, security, and managed databases?
For customers, the answer may eventually surface in small but consequential ways. Contract terms could become more transparent. Switching and multi-cloud operations could receive more regulatory backing. Hyperscalers may face closer scrutiny when they bundle services, privilege their own products, restrict interoperability, or make it expensive to move data and workloads elsewhere.
No serious enterprise should expect an immediate liberation from cloud complexity. The DMA will not rewrite application architectures, normalize every API, eliminate skills gaps, or make multi-cloud cheap. But it could change the negotiation context. A customer asking for portability, interoperability, or non-discriminatory access may have more regulatory wind at its back than it did before.
That is why the final designation matters even before enforcement actions arrive. Regulation often changes behavior through anticipation. Hyperscalers, rivals, and customers all start adjusting once the likely rules of the road become visible.
The Windows Angle Is Identity, Licensing, and the Cloud Desktop
For WindowsForum readers, the temptation is to file this under “EU cloud policy” and move on. That would miss the Windows angle. Microsoft’s cloud strategy is deeply connected to how organizations deploy, secure, license, and manage Windows environments.Azure is bound up with Microsoft Entra ID, Intune, Defender, Azure Virtual Desktop, Windows 365, server workloads, hybrid identity, and Microsoft 365 administration. Many organizations do not experience Azure as a standalone cloud provider; they experience it as the administrative extension of the Microsoft estate. That is exactly why regulatory scrutiny of Azure could eventually touch decisions that Windows admins make every day.
Licensing is the most obvious pressure point. Microsoft has already faced scrutiny in Europe over cloud licensing practices, including concerns from rivals that Windows Server and other Microsoft software can be more costly or harder to run on competing clouds. Any final DMA designation would not automatically settle those disputes, but it would place Azure inside a broader gatekeeper framework where tying, preferential treatment, and switching friction become more politically charged.
Identity is the quieter issue. Entra ID has become one of the central chokepoints in Microsoft’s enterprise platform. It governs access to Microsoft 365, Azure resources, SaaS applications, conditional access policies, device compliance, and security workflows. If regulators begin asking how Azure functions as a gateway, identity will inevitably be part of the practical conversation, even if the legal designation is formally about cloud computing services.
Then there is the cloud desktop. Windows 365 and Azure Virtual Desktop sit at the intersection of Windows licensing, virtualization, identity, endpoint management, and Azure infrastructure. They are useful products, especially for distributed workforces and contractors, but they also deepen the logic of Microsoft cloud dependency. In a DMA world, the way Microsoft packages and advantages those experiences may receive more scrutiny.
This does not mean Windows shops should panic. It does mean they should understand that Microsoft’s enterprise convenience story and Europe’s competition concerns are now describing the same architecture from opposite sides.
The DMA Will Not Make Multi-Cloud Simple
One of the predictable reactions to the Commission’s move will be that Europe is trying to force a multi-cloud utopia into existence. That is not quite right. The DMA can pressure gatekeepers to reduce unfair barriers, but it cannot erase the real technical reasons companies consolidate on one cloud.Multi-cloud is expensive. It requires duplicated skills, governance models, observability tooling, security practices, network design, cost management, data architecture, and incident response playbooks. Even when workloads are containerized and infrastructure is described as code, the managed services that make cloud attractive often remain provider-specific. The more a team uses the best native services from AWS or Azure, the harder pure portability becomes.
That reality does not invalidate the Commission’s concern. It sharpens it. If cloud lock-in is partly a natural byproduct of useful managed services, then regulators must distinguish between legitimate product differentiation and artificial switching barriers. That distinction is easy to state and hard to enforce.
A managed database that performs better because a provider invested heavily in engineering is not the same as a contract term that penalizes customers for moving. A proprietary AI service that customers willingly choose is not the same as a licensing rule that makes rival clouds uneconomical. A deeply integrated security suite can be a customer benefit and a competitive moat at the same time.
The Commission’s challenge will be to avoid flattening those differences. If it treats every integration as suspicious, it risks discouraging useful engineering. If it treats every switching cost as natural, the gatekeeper label becomes decorative. The hard work lies between those extremes.
Europe Wants Competition Without Giving Up Hyperscale
There is an unresolved tension at the heart of Europe’s cloud policy. The EU wants fairer competition, more sovereign capacity, stronger local providers, and less dependency on foreign hyperscalers. At the same time, European businesses and governments rely on AWS and Azure because those platforms offer scale, resilience, services, security certifications, and global reach that are difficult to replicate.This is not hypocrisy. It is the modern cloud dilemma. Hyperscalers are both indispensable infrastructure and competitive bottlenecks. They lower barriers for companies that need world-class infrastructure quickly, while raising barriers for competitors that cannot match their capital intensity and ecosystem depth.
European cloud providers have long argued that the market is tilted against them by egress fees, software licensing rules, bundled services, marketplace dynamics, and procurement habits that favor the largest platforms. AWS and Microsoft counter that customers choose them because they offer better capabilities, broader service portfolios, and stronger investment. Both arguments contain truth.
The Commission is trying to create room for competition without detonating the infrastructure that European customers already use. That is a delicate task. Too soft an approach will leave the market structure unchanged. Too aggressive an approach could create uncertainty for customers and slow investments that Europe also needs.
This is why the preliminary nature of the designation matters. Amazon and Microsoft will now make their case, and they will likely frame the issue around investment, innovation, security, and customer choice. The Commission will frame it around fairness, openness, and the risk that cloud control becomes a private chokepoint in Europe’s digital economy.
Neither side is arguing about a marginal market. They are arguing about the substrate on which everything else is being built.
The Real Fight Is Over Who Defines Openness
The word “open” will do a lot of work in the coming months. The Commission will use it to describe fair access, portability, interoperability, and competitive markets. Amazon and Microsoft will use it to describe customer choice, service breadth, partner ecosystems, and the freedom to build integrated products. The conflict is not about whether openness is good; it is about who gets to define it.In cloud, openness is slippery. A workload can run on Linux, use Kubernetes, authenticate through standards-based protocols, and still be deeply dependent on proprietary services. A customer can export data, but still face prohibitive costs and engineering risk in moving it. A marketplace can include rival software, while the platform owner’s own services enjoy structural advantages in billing, integration, defaults, or procurement.
The DMA pushes regulators toward a more behavioral definition of openness. It asks whether business users can realistically reach customers without being trapped by a gatekeeper’s rules. Applied to cloud, that means the Commission will likely care less about abstract compatibility claims and more about practical exit rights, fair terms, and whether rivals can interoperate on commercially viable terms.
For Microsoft, this could become especially uncomfortable where Azure is adjacent to Microsoft’s own applications and services. The company can say customers are free to choose alternatives. Regulators may ask whether those alternatives face subtle disadvantages when competing against a platform owner with control over identity, licensing, administration, security integrations, and procurement channels.
For AWS, the issue may be less about adjacent productivity software and more about the sheer depth of the platform’s native service catalog. AWS can say customers are free to use open-source tools, third-party partners, and hybrid architectures. Regulators may ask whether the economics of moving data, rebuilding architectures, or matching managed-service functionality make that freedom theoretical for many customers.
The gatekeeper label is therefore not just a badge. It is a claim that the platform owner’s definition of openness can no longer be the only one that counts.
Admins Should Read This as a Procurement Warning
The practical lesson for IT departments is not to abandon Azure or AWS. That would be absurd. These platforms remain central to modern infrastructure, and for many organizations they are the best available choice. The lesson is to treat cloud dependency as a governance issue, not merely an engineering outcome.Too many organizations discover lock-in after the architecture is already built. They learn that backups, logs, identity flows, data gravity, proprietary APIs, committed spend agreements, and staff skills all point in one direction. By then, “cloud choice” is a phrase in a procurement policy rather than an operational fact.
The Commission’s move should encourage customers to ask harder questions before the next renewal, migration, or AI rollout. What services are genuinely portable? Which workloads depend on provider-specific APIs? What would it cost to move data out? Are licensing terms different across clouds? Does the organization have a tested exit plan, or just a theoretical one?
For Windows-heavy environments, the questions should be even more specific. How tightly are Azure, Entra ID, Intune, Defender, Microsoft 365, Windows 365, and server licensing bound together in the organization’s operating model? Which integrations are delivering real administrative value, and which are narrowing future options? Where does Microsoft convenience become Microsoft dependency?
Regulation may eventually improve the market, but it will not replace internal discipline. The smartest customers will use the DMA process as leverage for better terms and clearer architecture, not as an excuse to postpone hard cloud governance decisions.
Brussels Has Put a Clock on Cloud Power
The Commission’s preliminary designation does three concrete things. It raises the likelihood that AWS and Azure will face DMA obligations in Europe. It expands the political meaning of gatekeeping from consumer platforms to infrastructure platforms. And it tells the market that cloud dominance will be judged by practical dependency, not only by statutory thresholds.That last point is the most important. The Commission is not waiting for cloud to become a perfect fit for yesterday’s platform categories. It is adapting its theory of gatekeeping to the market as it now exists. Whether courts, companies, and customers accept that theory will shape how aggressively Europe can regulate the next generation of digital infrastructure.
There is a risk of overreach. Cloud platforms are complex, capital-intensive, and deeply technical. Badly designed obligations could create compliance theater, slow product improvements, or give customers more paperwork without more freedom. Europe’s regulators will need to prove they can distinguish between harmful gatekeeping and useful integration.
But there is also a risk of underreach. If regulators treat hyperscale cloud as too technical to govern, then the most important control points in the digital economy may drift outside meaningful competition oversight. The result would be a market where businesses can choose between a few giants, but cannot easily discipline any of them.
The Commission has chosen to test that boundary now, before AI makes the dependency even harder to unwind.
The Cloud Gatekeeper Era Arrives Before Anyone Is Ready
The immediate lesson is not that AWS and Azure are suddenly illegal, broken, or unsafe. It is that Europe now sees them as infrastructure platforms with the power to shape markets around them, and that judgment will affect vendors, customers, and administrators long before any final enforcement drama plays out.- Amazon and Microsoft have received a preliminary EU finding that AWS and Azure should be designated as DMA gatekeepers for cloud computing services.
- The Commission is pursuing the designation even though AWS and Azure reportedly do not meet the DMA’s standard quantitative thresholds.
- A final designation would give both companies six months to comply with relevant DMA obligations for their cloud services.
- The case matters to Windows environments because Azure is tied closely to Microsoft identity, licensing, endpoint management, virtual desktop, security, and Microsoft 365 administration.
- The AI boom makes cloud gatekeeping more consequential because model access, data pipelines, developer tooling, and compute capacity increasingly sit inside hyperscaler ecosystems.
- IT departments should treat the case as a prompt to review portability, licensing exposure, exit planning, and the real cost of moving workloads.
References
- Primary source: European Interest
Published: Sun, 28 Jun 2026 20:47:27 GMT
Loading…
www.europeaninterest.eu - Related coverage: itpro.com
AWS says cloud market gatekeeper designation risks ‘deterring European investment and innovation’ as EU regulators plot competition crackdown | IT Pro
Gatekeeper designation under the legislation would force AWS and Microsoft to make concessionswww.itpro.com - Related coverage: digital-strategy.ec.europa.eu
Commission reaches preliminary position that Amazon's and Microsoft's market leading cloud services should be designated under the DMA
The Commission has informed Amazon and Microsoft of its preliminary view that they should be designated as gatekeepers under the Digital Markets Act (DMA), for their cloud computing services, Amazon Web Services (AWS) and Microsoft Azure (Azure) respectively.digital-strategy.ec.europa.eu
- Related coverage: agenceurope.eu
European Commission designates Amazon and Microsoft as gatekeepers under DMA for their dominant cloud computing services | AGENCE EUROPE
The European Commission designates Amazon and Microsoft as gatekeepers under the Digital Markets Act.agenceurope.eu
- Related coverage: techspot.com
European Commission moves to designate Amazon and Microsoft as cloud gatekeepers | TechSpot
Amazon Web Services and Microsoft Azure are now so important to Europe's digital economy that they may be required to comply with additional rules when doing business...www.techspot.com - Related coverage: digital-markets-act.ec.europa.eu
Loading…
digital-markets-act.ec.europa.eu
- Related coverage: competition-policy.ec.europa.eu
Commission reaches preliminary position that Amazon's and Microsoft's market leading cloud services should be designated under the DMA
Commission reaches preliminary position that Amazon's and Microsoft's market leading cloud services should be designated under the DMAcompetition-policy.ec.europa.eu - Related coverage: datacenterdynamics.com
AWS and Microsoft designated 'gatekeepers' under Europe's Digital Markets Act - DCD
European Commission's preliminary decision comes despite duo "not meeting the DMA's quantitative thresholds"www.datacenterdynamics.com - Related coverage: eunews.it
Loading…
www.eunews.it - Related coverage: ceotodaymagazine.com
European Commission Targets AWS and Azure Under DMA
European Commission findings say AWS and Azure should face DMA gatekeeper rules because of their scale, user bases and cloud market power.www.ceotodaymagazine.com - Related coverage: germany.representation.ec.europa.eu
DMA: Cloud-Dienste von Amazon und Microsoft könnten als „Gatekeeper“ eingestuft werden
Die EU-Kommission hat Amazon und Microsoft ihre vorläufige Auffassung mitgeteilt, dass ihre Cloud-Computing-Dienste – Amazon Web Services (AWS) bzw. Microsoft Azure (Azure) – im Rahmen des Digital Markets Act (DMA) als „Gatekeeper“ eingestuft werden sollten.germany.representation.ec.europa.eu - Related coverage: ec.europa.eu
- Related coverage: elpais.com
Bruselas plantea que los servicios en la nube de Amazon y Microsoft se sometan a reglas comunitarias más estrictas
En una conclusión preliminar que se puede apelar, la Comisión considera que AmazonWeb Services y Microsoft Azure deben designarse como guardianes de acceso conforme a la Ley de Mercados Digitaleselpais.com
- Related coverage: cincodias.elpais.com
Bruselas investiga el control de acceso de Amazon y Microsoft a sus servicios en la nube | Empresas | Cinco Días
La Comisión Europa estudia si las dos tecnológicas deben someterse a las reglas más estrictas de la ley europea de mercados digitalescincodias.elpais.com - Related coverage: windowscentral.com
UK CMA questions cloud market as Azure revenue grows | Windows Central
This fiscal year, Azure and other Microsoft cloud services earned $75 billion in revenue.www.windowscentral.com