Iranian Drone Strikes Damage AWS Data Centers in UAE and Bahrain, Disrupting Cloud Services

Drone strikes damaged three Amazon Web Services data centers in the UAE and Bahrain on Sunday, March 1, knocking two of the ME-CENTRAL-1 region's three availability zones offline and triggering outages across EC2, S3, DynamoDB, Lambda, RDS, and other core services, thereby marking the first confirmed military attack on a hyperscale cloud provider, according to Uptime Institute.

AWS confirmed on its health dashboard that two facilities in the UAE were "directly struck" and that a third site in Bahrain sustained damage from a nearby explosion. The strikes caused structural damage, disrupted power delivery, and, in some cases, triggered fire suppression systems that produced additional water damage, according to the AWS Health Dashboard. Amazon told customers it expects recovery to be prolonged "given the nature of the physical damage involved."

Each AWS region is built around multiple availability zones, which are physically separated data centers, each with independent power, cooling, and networking, designed so that the loss of one zone does not take a region offline. ME-CENTRAL-1 has three availability zones; the strikes took out two of them (mec1-az2 and mec1-az3), leaving the region significantly impaired. The Bahrain region (ME-SOUTH-1) lost one zone (mes1-az2) to a localized power issue. AWS's redundancy model is designed to survive the failure of a single zone, but not a coordinated attack across multiple sites within the same region.

These outages then cascaded into consumer-facing services across the Gulf. Ride-sharing and delivery platform Careem, payments firms Hubpay and Alaan, data management company Snowflake, and several major UAE banks — including Emirates NBD, First Abu Dhabi Bank, and Abu Dhabi Commercial Bank — all reported disruptions. AWS advised customers to activate disaster recovery plans and migrate workloads away from the affected Middle East regions.

Iran's Islamic Revolutionary Guard Corps stated it targeted the Bahrain facility specifically because AWS hosts U.S. military workloads there; AWS declined to comment on that claim. Sean Gorman, Air Force contractor and CEO of Zephr.xyz, told DefenseScoop on Tuesday that classified government workloads at Impact Level 4 and 5 are held in U.S.-only facilities, but acknowledged that "contractor and non-operational data… may have been impacted," at the struck sites.

The attacks followed joint U.S.-Israeli strikes on Iran over the last week. AWS urged customers with workloads in the region to migrate to unaffected regions while repairs continue.

This incident represents a significant escalation in cyber-physical warfare, demonstrating how critical cloud infrastructure has become a target in geopolitical conflicts. The ME-CENTRAL-1 region, launched in 2022, serves as a strategic hub for Middle Eastern businesses and government agencies, making it an attractive target for adversaries seeking to disrupt regional operations.

For AWS customers, this event highlights the importance of multi-region architecture and robust disaster recovery planning. While AWS's redundancy model typically provides high availability, this coordinated attack exposed vulnerabilities when multiple availability zones within a region are compromised simultaneously. Organizations operating in geopolitically sensitive regions may need to reassess their cloud architecture to ensure business continuity in the face of physical threats to infrastructure.

The incident also raises questions about the security of cloud providers' physical infrastructure and the potential for future attacks on data centers. As cloud computing becomes increasingly central to global commerce and government operations, the physical security of these facilities may need to be reevaluated to protect against both cyber and kinetic threats.

For the broader cloud computing industry, this attack could accelerate trends toward distributed infrastructure and increased emphasis on physical security measures. It may also prompt customers to demand greater transparency about the physical security measures in place at data centers, particularly those located in regions with heightened geopolitical tensions.

As repairs continue and services are gradually restored, the full impact of these strikes on AWS's Middle East operations and the broader cloud computing landscape remains to be seen. However, this event has undoubtedly changed the conversation around the security and resilience of cloud infrastructure in an increasingly volatile geopolitical environment.