Most sovereign AI compute strategies share a common architecture: one foundation model provider, one cloud vendor, one geographic concentration of physical infrastructure. In the first two weeks of March 2026, that architecture was tested under wartime conditions across all three layers simultaneously, and the pattern that emerged applies well beyond the Gulf.

The data points are specific.

On March 1, Iranian drones struck three AWS data centers in the UAE and Bahrain — the first physical military attack on commercial cloud infrastructure. Two of three Availability Zones in AWS’s UAE region (me-central-1) went offline simultaneously, bypassing the multi-AZ redundancy that enterprises like Emirates NBD and Careem relied on for failover.

On March 3, the Pentagon issued a FASCSA (Federal Acquisition Supply Chain Security Act) designation against Anthropic — the first time this legal mechanism, historically reserved for foreign adversaries, was applied to an American company. Claude, the only AI model cleared for classified military networks, was ordered removed within 180 days.

As of mid-March, Claude is still running the Iran targeting cycle — processing roughly 1,000 potential targets per day, per CBS News — because there is no replacement ready.

Meanwhile, SpaceX handles over 90% of U.S. military satellite launches and its Starlink supports nearly 50 military commands. During the Trump-Musk dispute last summer, Musk floated decommissioning the Dragon capsule — America’s only crewed access to the ISS.

Three different infrastructure layers.

Three different vendors.

The same structural condition: single-provider concentration where the architecture assumed redundancy.

I’ve been developing an analytical framework I call the Trust–Intelligence–Power triangle, which scores sovereign compute strategies across three dimensions: Trust (political stability and alignment with technology partners), Intelligence (access to models, data, and talent), and Power (energy, capital, and physical security). The March events tested all three legs at once. The AWS strikes hit Power. The Anthropic phaseout hit Intelligence. And the dual-use problem — military AI running on commercial cloud, which gave Iran its stated targeting rationale — hit Trust. In each case, the vulnerability was concentration.

The Trust dimension deserves particular attention.

The IRGC said it struck AWS facilities because of their role in supporting military operations. Under the Geneva Conventions, civilian infrastructure that contributes to military action can become a lawful target. When the same cloud region hosts both consumer banking and classified targeting workflows, commercial SLAs effectively become military liabilities — a risk that neither the operator nor the customer originally priced.

Iran’s state media subsequently published a target list naming Amazon, Microsoft, Palantir, and Oracle.

Lloyd’s Joint War Committee has widened the Gulf high-risk zone, maritime war risk premiums have risen fivefold, and analysts project a 15–20% security premium on new Gulf data center capital expenditure for physical hardening alone. Reinsurers are debating whether cloud-based conflict falls under standard war exclusions or requires a new category entirely.

India is the near-term beneficiary.

Submarine cable infrastructure already connects Mumbai to the Gulf. IT load capacity stood at 1.4 GW as of mid-2025, and absorption rates in Mumbai and Chennai are pushing the 2026 forecast closer to 3.2 GW by year-end — ahead of schedule. AWS advised Gulf customers to migrate workloads to alternate regions, and the network path to India’s data center hubs already exists. But the architectural question goes further than geographic diversification. Every sovereign compute strategy built on a single foundation model, a single cloud region, and a single energy supply chain now faces a concrete version of a question that was previously theoretical: how does this architecture perform under pressure? If the world’s most capable military cannot swap AI vendors during an active conflict, the answer matters for Riyadh, New Delhi, and Brussels alike.

The sovereign compute strategies being funded today will operate for a decade or more. For infrastructure investors and policymakers, the question is practical: are the architectures being built today designed for the conditions that March 2026 is making visible?

A note on independence: All opinions shared in this newsletter are my own and do not reflect the views of dmg events, ADIPEC, or any affiliated organizations. This is personal analysis, not institutional positioning.

Sources

CBS News: Internal Pentagon memo orders military commanders to remove Anthropic AI technology from key systems

Mayer Brown: Anthropic Supply Chain Risk Designation Takes Effect

Euronews: Data centres are the new target in modern warfare during Iran war

Fortune: Iranian drone attacks on Amazon data centers signal a new kind of war

Just Security: Iranian Attacks on the Amazon Data Centers: A Legal Analysis

CNBC: Anthropic’s Claude would ‘pollute’ defense supply chain: Pentagon CTO

Lloyd’s List: Gulf war risk premiums topping double-digit millions of dollars per trip

The National Interest: US Space Strategy Can’t Rely on SpaceX Alone

CSIS: If Compute is the New Oil, War in the Gulf Significantly Raises the Stakes

Capacity: The Gulf gamble: Could the war in the Middle East drive a data centre exodus to India?