WikiLeaks has published a document it says lists all Amazon Web Services (AWS) data centers and their addresses.
It’s unclear how accurate the information in the document is. It lists data centers by code name, addresses, and in many cases names of the colocation providers operating the facilities. According to the document, the data is recent as of October 2015. Amazon has launched more data centers since then.
It lists 38 buildings in Northern Virginia; eight in Seattle; eight in the San Francisco Bay Area; seven in northeastern Oregon; seven in Dublin, Ireland; three in Luxembourg; four in Germany; nine in China; 12 in Japan; six in Singapore; eight in Australia; and six in Brazil.
An AWS spokesperson did not respond to a request for comment in time for publication.
If the information in the document is real, it would be the most detail about AWS data centers ever released to the public. Unless they’re data center providers, companies are usually extremely secretive about their data center locations, and AWS is more secretive than most others.
The world’s biggest cloud provider only makes public geographic regions where its server farms are located, but never the specific cities, let alone street addresses. Its biggest competitors, the likes of Microsoft Azure, IBM, and Google Cloud, practice the same.
It’s unclear what WikiLeaks is trying to accomplish by making the information public. Its press release announcing the leak mentions AWS’s work for US intelligence agencies and its leading position in the race to secure a $10 billion cloud services contract the Department of Defense is currently shopping around.
In 2010, AWS pulled the plug on hosting services it had been providing to WikiLeaks, causing the organization to switch providers. The move was viewed as a reaction to US government pressure on Amazon to stop providing services to WikiLeaks because it published classified documents, which the company denied.
AWS said it had closed the account because WikiLeaks had violated its terms of service, which prohibit customers from hosting content they don’t own or otherwise control the rights to. Amazon also argued that the hundreds of thousands of classified documents WikiLeaks had published could not have been redacted in a way that guaranteed the information wouldn’t “put innocent people in jeopardy.”
From the AWS statement at the time:
We’ve been running AWS for over four years and have hundreds of thousands of customers storing all kinds of data on AWS. Some of this data is controversial, and that’s perfectly fine. But, when companies or people go about securing and storing large quantities of data that isn’t rightfully theirs, and publishing this data without ensuring it won’t injure others, it’s a violation of our terms of service, and folks need to go operate elsewhere.
WikiLeaks fired back on Twitter, saying if Amazon was “so uncomfortable with the first amendment, they should get out of the business of selling books.”
It’s possible that with its data center leak WikiLeaks is trying to influence the DoD’s decision about which vendor to hand the big cloud contract to. It published the document one day before the current October 12 deadline for vendors to submit formal proposals for the contract and pointed out the date in its announcement.
It also pointed out that other cloud providers, namely IBM and Oracle, have complained about the proposal requirements allegedly favoring Amazon.