Iranian Drone Strikes Take Down AWS Zones in Bahrain and UAE, No Recovery Timeline

Data center in Middle East with smoke from drone strike at night

Amazon Web Services has two availability zones in the Middle East that it cannot tell customers when — or if — they will come back online. Internal AWS communications obtained by Big Technology this week stated that zones in both Bahrain and Dubai are "hard down" with "no timeline for when DXB and BAH will return to normal operations." The cause: Iranian drone strikes that have been hitting US tech infrastructure across the Gulf region since March 1st.

What Happened

On March 1, 2026, Iranian Shahed drones struck three Amazon data center facilities — two in the UAE and one in Bahrain — in what is believed to be the first deliberate military strike on a US hyperscaler's commercial infrastructure. Iran's Islamic Revolutionary Guard Corps claimed responsibility, explicitly citing the facilities' role in supporting US military and intelligence operations.

The strikes have continued. On April 1, a second drone hit the AWS facility in Bahrain, where Batelco — the country's largest telecom — hosts Amazon's infrastructure. Bahrain's Ministry of Interior confirmed the strike caused a fire at the facility. On April 2, Iran claimed an additional strike on an Oracle data center in Dubai, though UAE officials have not confirmed a successful hit there.

The Scale of the Damage

The AWS ME-CENTRAL-1 (UAE/Dubai) region has lost two of its three availability zones. Only mec1-az1 continues operating normally; mec1-az2 and mec1-az3 remain significantly impaired. In Bahrain's ME-SOUTH-1 region, one AZ is knocked out entirely.

AWS has been working to recover since the March strikes, but out of 73 services impacted, only 34 had resolved as of April 2. The company has urged customers to migrate workloads to alternate AWS regions and has waived all usage charges for ME-CENTRAL-1 for the entire month of March.

Major services hit include Careem (the region's dominant ride-hailing and delivery platform), multiple UAE banks including Abu Dhabi Commercial Bank and Emirates NBD, and cloud data services like Snowflake.

Why Iran Targeted AWS

The IRGC has been explicit: it targeted data centers for supporting US military and intelligence functions. AWS runs workloads for the US Department of Defense and intelligence agencies, including hosting Anthropic's Claude AI model for intelligence applications. Iran published a list of 29 "tech targets" across Bahrain, Israel, Qatar, and the UAE — naming 5 AWS facilities, plus sites operated by Microsoft, Google, Palantir, Nvidia, Oracle, and IBM.

The targeting reflects a broader strategic logic: as AI becomes central to military planning, the physical infrastructure running that AI becomes a legitimate military target in the adversary's calculus.

The Cloud Resilience Problem Nobody Wanted to Talk About

The strikes exposed a critical weakness in the multi-availability-zone model that underpins cloud disaster recovery. The entire premise of multi-AZ redundancy — that customers survive any single zone failure — collapsed when Iran knocked out two of three AZs simultaneously. As InfoQ noted, this "challenges multi-AZ assumptions" that cloud architects have built business continuity plans around for over a decade.

"Physical attacks are only going to become more common as AI becomes more significant," warned Sam Winter-Levy of the Carnegie Endowment for International Peace. "If data centers become critical hubs for military information, we can expect them to be increasingly targeted."

A Line Has Been Crossed

What makes this moment significant is not just the outage — it is the precedent. Before March 1, attacking a US tech company's commercial infrastructure in a third country was a red line that no nation-state had explicitly crossed. Now it has been crossed, multiple times, with Iran publicly claiming credit.

The debate now is not whether this will happen again, but how cloud providers and governments respond. Should data centers receive military protection? Should companies operating in conflict-adjacent regions be required to disclose the risks to customers? AWS has been largely silent publicly — leaving customers, analysts, and governments to figure out the new rules of cloud infrastructure in a world where AI is increasingly intertwined with national security.

The Bottom Line

Two AWS availability zones in the Middle East are down with no recovery timeline. Iranian drones caused it. Cloud customers in the region are scrambling to migrate. And the industry is confronting an uncomfortable truth: the assumption that commercial cloud infrastructure exists outside military conflict was always a polite fiction. Iran just made it official.