- The Cloud Cover
- Posts
- Is Microsoft Building an Unbeatable Cloud Monopoly?
Is Microsoft Building an Unbeatable Cloud Monopoly?
This Week in Cloud — September 4, 2025
Welcome back to The Cloud Cover, your essential guide to navigating the fast-shifting cloud landscape. This week, Microsoft shakes up the federal market with a $6B Copilot-driven deal, Google pushes AI deeper into finance and retail, Oracle bets big on multi-cloud AI, and AWS faces tough scrutiny over its global promises. The cloud wars are no longer just about infrastructure — they’re about ecosystems, economics, and trust. Let’s dive in.
📚 Microsoft's New Federal Deal Redefines the Cloud Playbook
This week, Microsoft and the U.S. General Services Administration (GSA) announced a landmark agreement designed to accelerate AI and cloud adoption across the federal government. The deal, which the GSA projects could be worth over $6 billion across three years, is noteworthy not just for its size, but for the competitive strategy it reveals.
The most interesting component of the deal is its structure. Microsoft is offering a no-cost, 12-month license for Microsoft 365 Copilot to millions of existing government users, bundled with waived data egress fees and significant discounts on core Azure services. This isn't a straightforward cloud infrastructure sale; it's a calculated strategy that leverages Microsoft's deeply entrenched position in enterprise productivity software to drive adoption of its cloud platform. The highly sought-after Copilot AI assistant serves as a powerful incentive that its cloud competitors cannot easily match, as they lack a comparable productivity software footprint within the government.
The industry impact of this approach is significant. It signals a shift in the public sector battleground, moving the competition beyond infrastructure features and pricing. The price of entry for large-scale government contracts now appears to include a comprehensive, integrated suite of AI-powered productivity tools. By selling a holistic ecosystem rather than a collection of services, Microsoft is creating a powerful gravitational pull that brings the entire government apparatus into its cloud. This makes it exceedingly difficult for competitors to compete on a feature-by-feature basis and could lock in market share in a critical sector for a decade or more.
🔍 The Rundown
New Compute Instances Launch: AWS announced general availability for new instance families. The Intel-powered M8i and M8i-Flex instances deliver up to 15% better price-performance than the prior generation, while the new Graviton4-powered C8gn instances offer up to 30% higher compute performance and up to 600 Gbps networking for network-intensive workloads.
Azure DevOps Integration: AWS updated its .NET migration tooling, allowing AWS Transform for .NET to integrate directly with Azure DevOps. This lets developers connect to Azure Repos to assess and transform .NET applications using their existing CI/CD workflows.
New Zealand Region Controversy: While AWS officially opened its new Asia Pacific (New Zealand) region, the launch was met with sharp criticism from local media and industry experts. Critics argued the $7.5 billion investment claim was a repackaged 2021 announcement and questioned the job creation and GDP contribution figures, suggesting a new level of market skepticism toward hyperscaler economic promises.
US-EAST-1 Network Outage: A Cloudflare post-mortem confirmed that on August 21, a network congestion event caused high latency and packet loss for traffic routed through Cloudflare to AWS's us-east-1 region. Engineers from both companies collaborated to resolve the issue the same day.
Enhanced AI Fine-Tuning: Microsoft rolled out new capabilities for its Azure AI Foundry fine-tuning service. The updates give developers more granular control, including the ability to pause and resume training jobs and copy model checkpoints between regions.
Credential Leak Warning: Security researchers reported a widespread vulnerability pattern where sensitive credentials, including Entra ID Client secrets, were being exposed in publicly accessible appsettings.json configuration files in ASP.NET Core applications.
Gemini On-Premises Availability: Google's flagship Gemini 2.5 foundation models are now generally available for on-premises, air-gapped deployments via Google Distributed Cloud. This allows enterprises in regulated environments to run Google's most advanced models inside their own data centers.
Singapore Retail Partnership: GCP and Singapore's largest retailer, FairPrice Group, announced a partnership to create a "Store of Tomorrow". The project will use Google's Gemini and Vertex AI to power smart shopping carts, back-office automation, and other agentic AI use cases in a "living laboratory" for retail AI.
Phishing Campaign Exposed: A new report revealed a massive phishing-as-a-service campaign that operated for over three years by exploiting Google Cloud and Cloudflare infrastructure. The report was critical of Google for its perceived failure to act on numerous public detections of the abuse over the years, representing a significant reputational blow.
Google AI Integration: In a major multi-cloud move, Oracle announced that the Google Vertex AI Platform for OCI is now in beta. The integration gives OCI customers direct access to Google's Gemini 2.5 models from within the Oracle Cloud, positioning OCI as a neutral platform for multi-cloud AI workloads.
NYC Healthcare Win: Oracle announced that NYC Health + Hospitals, the largest municipal healthcare system in the U.S., will move its core finance, supply chain, and HR operations to Oracle Fusion Cloud Applications. As Fusion apps run exclusively on OCI, this represents a significant infrastructure win in the healthcare vertical.
Workforce Reductions Continue:Reports emerged this week that Oracle is conducting a second round of layoffs, affecting staff in its OCI and Oracle Health divisions across the U.S., India, and the Philippines.
📈 Trending Now: The Evolving Shared Responsibility Model
This week's most critical security stories weren't about provider infrastructure being breached; they were about customer-side misconfigurations being exploited. From widespread credential leaks in Azure application configuration files to the continuous addition of high-risk IAM permissions in AWS, the front line of cloud security is clearly centered on identity, access, and configuration. The primary threat vector isn't a brute-force attack on a data center, but a misconfigured S3 bucket or a leaked developer secret.
In response, we're seeing the beginning of a fundamental shift in the shared responsibility model. For years, providers have secured "the cloud" while customers were responsible for security "in the cloud". That line is blurring. Microsoft's decision to mandate MFA for all Azure resource management is a pivotal move from recommendation to enforcement.
This signals a future where providers will enforce baseline security hygiene through policy, not just best-practice documents. For architects and engineers, this means shifting focus from hardening virtual firewalls to mastering IAM governance, Cloud Security Posture Management (CSPM), and secure-by-default development. The providers are raising the security floor for everyone, and it will force us all to level up our skills in response
📅 Event Radar
15-18
Tickets are going fast!
17
Registration still open
8-10
Speakers list now available
28-29
Register today!
👋 Until Next Week
While generative AI continues to grab headlines, this week was a good reminder that the real strategic battles in the cloud are being fought over fundamentals: vertical integration, security posture, and now, economic accountability.
Have a great week, and we'll be back in your inbox next Thursday!
Do you enjoy these emails? Your friends and colleagues might, too! Help us grow the cloud community by sharing the newsletter with others.