Open Telekom Cloud

What Is Open Telekom Cloud?

Europe's cloud market presents a structural tension: organisations that need the feature depth of AWS or Azure frequently encounter a compliance ceiling when those providers operate under US CLOUD Act jurisdiction. American cloud providers have made significant promises about EU data sovereignty — separate subsidiaries, contractual protections, technical isolation — but each arrangement requires careful legal scrutiny and carries residual risk. For German public sector bodies, healthcare providers, financial institutions, and other organisations operating under strict regulatory mandates, that residual risk is often unacceptable.

Open Telekom Cloud emerged in 2016 as Deutsche Telekom's answer to this problem. Built on OpenStack and operated by T-Systems — Telekom's IT services subsidiary with over 28,000 employees — it provides IaaS and PaaS services exclusively from data centres in Germany (Frankfurt area) and the Netherlands. The platform has since accumulated the certification stack that regulated industries require: BSI C5 Type 2, ISO 27001 and 27018, ISO 27701, TISAX, SOC 1/2/3, and alignment with DORA and NIS2.

In 2025, Deutsche Telekom announced a rebranding from Open Telekom Cloud to T Cloud Public, accompanied by a significant commitment to reach hyperscaler feature parity by end of 2026 — including expanded AI capabilities through a partnership with NVIDIA for an Industrial AI Cloud. The underlying platform, certifications, and data residency guarantees remain unchanged. Existing customers see no migration requirement; the name change is a strategic repositioning rather than a platform shift.

For organisations that have accepted the sovereignty compromise implicit in using US hyperscalers, Open Telekom Cloud may not be compelling. For those that cannot or will not make that compromise, it is one of Europe's most credible sovereign cloud options.

Key Features

Compute and Infrastructure

The core compute offering is the Elastic Cloud Server (ECS), providing virtual machine instances with a range of configurations across shared and dedicated vCPU tiers. For workloads requiring physical isolation — common in financial services and government sectors — Dedicated Host (DeH) places instances on single-tenant hardware, eliminating any shared infrastructure at the physical layer.

Auto Scaling groups adjust instance count based on demand, while the Elastic Load Balance service distributes traffic across instances with support for Layer 4 (TCP/UDP) and Layer 7 (HTTP/HTTPS) load balancing. This covers the standard cloud compute patterns that production workloads depend on.

The Image Management Service (IMS) allows organisations to create and manage custom machine images, enabling consistent deployment across environments and rapid provisioning from pre-configured baselines.

Cloud Container Engine

The Cloud Container Engine (CCE) provides managed Kubernetes with the control plane managed by T-Systems. CCE integrates with the platform's private networking, persistent block storage (EVS), and load balancers, providing a complete container orchestration environment without infrastructure management overhead. For organisations adopting Kubernetes-native architectures, CCE removes the complexity of managing the control plane while keeping compute costs under direct control.

Reserved instance pricing for CCE worker nodes delivers meaningful savings over pay-as-you-go for stable cluster sizes — up to 60% for 3-year commitments.

Storage Services

Object Storage Service (OBS) offers S3-compatible storage accessible over HTTPS, suitable for data lakes, backup targets, static asset serving, and application data. Elastic Volume Service (EVS) provides persistent block storage that attaches to ECS instances, with SSD-backed options for latency-sensitive workloads. Scalable File Service (SFS) adds NAS-style shared filesystem access for workloads that require file-level storage across multiple instances.

The S3 API compatibility with OBS means that tools and applications written for AWS S3 (including the AWS SDK and CLI) require only endpoint configuration changes to work with Open Telekom Cloud storage.

Managed Databases and AI

The Relational Database Service (RDS) provides managed PostgreSQL, MySQL, and Microsoft SQL Server instances with automated backups, failover, and patch management. This removes the operational burden of database administration for common workloads.

ModelArts is the platform's AI/ML service — a managed environment for building, training, and deploying machine learning models. It supports popular frameworks including TensorFlow and PyTorch. For organisations that need to train on sensitive data that cannot leave EU jurisdiction, ModelArts combined with the platform's EU-only data residency provides a viable alternative to AWS SageMaker or Azure ML.

Monitoring, Security, and Networking

Cloud Eye provides metrics, dashboards, and alerting across compute, storage, and network resources. Log Tank Service (LTS) handles centralised log collection and retention. These are functional rather than exceptional — the observability stack covers the basics but lacks the depth of Datadog or the integrations of AWS CloudWatch.

Network infrastructure includes Virtual Private Cloud (VPC) with private subnets, security groups, and Direct Connect for dedicated private connectivity from corporate networks.

Pricing

Open Telekom Cloud pricing follows two models: pay-per-use (hourly billing) and reserved instances (1-year or 3-year commitments). For most enterprise production workloads, the reserved model provides the economics that make the platform commercially viable.

Pay-as-you-go compute is broadly comparable to AWS on-demand pricing — sometimes marginally higher for equivalent specifications. The substantial savings come from reserved instances (up to 60% discount), the absence of the aggressive data egress fees that inflate AWS and Azure bills at scale, and bundled pricing for organisations already within Deutsche Telekom's managed services ecosystem.

For a mid-size deployment of 20 ECS instances, a managed Kubernetes cluster, and RDS PostgreSQL, the annual reserved pricing typically comes in at 30-50% below equivalent AWS pricing in eu-central-1 once egress and support costs are factored in. For smaller workloads on pay-per-use, Open Telekom Cloud is not the cheapest European option — Hetzner or Netcup offer better raw compute value for price-sensitive projects that don't require the enterprise certification stack.

Custom enterprise pricing is available through T-Systems direct or reseller channels and typically includes volume discounts, dedicated account management, SLA customisation, and integration with Deutsche Telekom's wider managed services portfolio.

EU Compliance & Privacy

The compliance posture is Open Telekom Cloud's strongest argument and the primary reason regulated organisations evaluate it seriously. The certification stack is extensive: BSI C5 Type 2 (Germany's de facto cloud security standard for regulated sectors), ISO 27001, ISO 27018, ISO 27701, SOC 1/2/3, and TISAX for the automotive sector. As of Q2 2026, the platform is expected to complete IT-Grundschutz certification, opening access to additional German public sector procurement frameworks.

The platform explicitly supports compliance with DORA (financial sector resilience), NIS2 (network and information security), and Section 203 StGB — the German criminal law provision on professional confidentiality obligations that affects lawyers, doctors, and other regulated professions. These are compliance requirements that cloud platforms typically ignore entirely; their explicit support here reflects the enterprise and public sector focus.

Data residency is strict and non-negotiable: both German and Dutch regions keep all data within EU jurisdiction. There are no North American or Asian regions, which eliminates the accidental data-location issues that can occur with multi-region deployments on hyperscalers.

T-Systems is a German company fully owned by Deutsche Telekom AG, a company subject exclusively to German and EU law. There is no US parent entity, no CLOUD Act jurisdiction exposure, and no ownership structure that creates ambiguity about data access.

Who It's Best For

German public sector and government-adjacent organisations that must meet BSI C5 or IT-Grundschutz requirements. No other EU-based cloud platform currently holds this specific certification combination.

Healthcare and life sciences organisations handling patient data under strict confidentiality obligations. The Section 203 StGB compliance support and ISO 27018 certification address specific German healthcare requirements.

Financial services firms subject to DORA and German BaFin oversight. The audit trail, certification stack, and EU-only data residency provide the evidence base that compliance teams and external auditors require.

Large enterprises already in the Deutsche Telekom ecosystem — customers with existing T-Systems managed services, T-Systems networking, or Telekom business contracts who want a cloud provider integrated with that relationship.

Innovation-focused teams should think carefully. If your workloads don't require sovereign German infrastructure, the developer experience, service catalogue breadth, and cost-efficiency of Hetzner, Scaleway, or OVHcloud may serve better.

The Verdict

Open Telekom Cloud (T Cloud Public) is a specialist tool for a specific market. It does not compete with AWS on breadth, or with Hetzner on price, or with Scaleway on developer experience. What it does — with considerable credibility — is provide a sovereign European cloud environment with the certification stack, EU-only data residency, and enterprise support that German regulated industries require. The 2026 roadmap commits to closing the feature gap with hyperscalers, and the NVIDIA AI partnership adds a genuinely interesting angle for sovereign AI workloads. For organisations where the compliance ceiling is a hard constraint, Open Telekom Cloud is not just an option — it is frequently the only viable one.

Frequently Asked Questions

What is the difference between Open Telekom Cloud and T Cloud Public?

Open Telekom Cloud is rebranding to T Cloud Public. The platform, services, and infrastructure remain identical — only the name is changing. All APIs, tooling, and certifications carry over. The rebrand was announced in late 2025 with a migration communication sent to existing customers. Documentation and URLs are being updated in phases through 2026.

Is Open Telekom Cloud suitable for German public sector workloads?

Yes. Open Telekom Cloud holds BSI C5 Type 2 attestation and was actively pursuing IT-Grundschutz certification as of early 2026, with completion expected in Q2 2026. It meets the compliance requirements for German federal and state government workloads, as well as regulated industries including healthcare, finance, legal, and defence contracting.

How does Open Telekom Cloud pricing compare to AWS?

Pay-as-you-go compute is broadly comparable to AWS on-demand pricing. The significant savings come from reserved instance discounts (up to 60% for 3-year commitments) and from the absence of the aggressive egress fees that inflate AWS bills at scale. For enterprises already within Deutsche Telekom's ecosystem, bundled pricing through T-Systems may deliver additional savings.

What regions does Open Telekom Cloud operate in?

Open Telekom Cloud operates two availability regions: Germany (Frankfurt area) and the Netherlands (Amsterdam area). Both regions keep data exclusively within EU jurisdiction. There are no North American or Asian regions — a deliberate sovereignty posture rather than a roadmap gap.

Can Open Telekom Cloud handle GDPR-sensitive healthcare or financial data?

Yes. The platform holds ISO 27018, TISAX, and BSI C5 Type 2 certifications, and explicitly supports DORA, NIS2, and Section 203 StGB compliance. Deutsche Telekom also provides compliance consulting through T-Systems for highly sensitive or complex regulated workloads that need custom assessment documentation.