The company proceeded despite warnings of human rights risks
In the early days of March 2026, the infrastructure of American technological power in the Middle East became a declared theater of war, as Iran's Revolutionary Guard-linked media published a targeting list of roughly thirty facilities belonging to Amazon, Google, Microsoft, and others across the region. The strikes that followed — hitting data centers in the UAE and Bahrain — were not improvised acts of aggression but the opening of a deliberate campaign, rooted in Iran's claim that these installations serve Israeli and American military ends. At the center of the controversy sits Project Nimbus, a $1.2 billion cloud contract binding American tech giants to Israeli government and military infrastructure, a deal that internal documents suggest the companies themselves understood carried profound human rights risks. The episode forces a reckoning that commerce has long deferred: when corporate infrastructure becomes an instrument of war, the distinction between a data center and a military asset begins to dissolve.
- Iran's IRGC-linked Tasnim agency published a list of ~30 U.S. tech facilities across the Middle East, labeling them 'enemy technology infrastructure' — transforming corporate campuses into declared military targets.
- Two Amazon data centers in the UAE were struck directly on March 1st, with a third in Bahrain damaged by debris, confirming the list was operational, not rhetorical.
- The targeting logic traces back to Project Nimbus, a $1.2 billion Israeli government cloud contract with Amazon and Google that a UN rapporteur described as reshaping Israel's core governmental and military capabilities.
- Internal Google documents, reported by The Intercept, show the company was warned before signing that it would have limited visibility into how its AI and cloud tools would be used — and that advanced machine learning should be withheld from the Israeli military due to human rights risks.
- Companies named on the list — including Microsoft, Oracle, NVIDIA, IBM, and Palantir — have not signaled any intention to withdraw from the region, leaving the tension between contractual obligation and physical vulnerability unresolved.
- The broader trajectory points toward escalating cyber or physical attacks on U.S. corporate assets across the Middle East, with cloud service continuity and civilian infrastructure now caught in the crossfire.
On March 1st, two Amazon data centers in the United Arab Emirates were struck directly. A third facility in Bahrain was damaged by nearby debris. These were not random targets — they had appeared days earlier on a list published by Tasnim, a news agency with direct ties to Iran's Islamic Revolutionary Guard Corps, naming roughly thirty locations across the Middle East belonging to some of the world's largest American technology companies.
The list encompassed Amazon, Microsoft, Google, Oracle, NVIDIA, IBM, and Palantir — each facility designated 'enemy technology infrastructure.' Iran's military framed the strikes as a response to what it called the role these installations play in supporting enemy military and intelligence activities, citing their involvement in AI development and regional cloud computing services. The targeted sites were not remote outposts but major business hubs: Dubai, Abu Dhabi, Tel Aviv, Jerusalem — cities where American corporations have embedded themselves deeply into the regional economy.
The thread connecting these facilities in Iran's strategic calculus was Project Nimbus. Awarded in 2021, the $1.2 billion contract between the Israeli government and Amazon and Google was designed to give Israeli agencies — including military and intelligence bodies — broad access to cloud infrastructure and AI tools. A 2025 UN report described it as providing Israel with core technological infrastructure. For Iran, this made the companies complicit in the conflict.
The companies' own internal record complicated their public posture. Confidential consultant assessments obtained by The Intercept showed that before Google signed the Nimbus contract, it was warned it would have limited visibility into how its tools might be used — and that advanced machine learning capabilities should be withheld from the Israeli military due to human rights risks. Google proceeded anyway, later asserting the contract was not intended for sensitive military workloads, a claim that sat uneasily against both the contract's scope and the warnings the company had already received.
What the targeting list made visible was the collision of three forces: American corporate expansion into the Middle East, Israeli military modernization through cloud technology, and Iran's determination to strike at infrastructure it views as enabling occupation and conflict. The list was published not through covert channels but broadcast openly — a declaration of intent directed at the companies, the governments they serve, and the world watching. Whether the logic of profit and contract will hold against the reality of physical risk remains the question the companies have not yet answered.
On March 1st, two Amazon data centers in the United Arab Emirates took direct hits. A third facility in Bahrain was damaged by debris from a separate strike. These were not random targets. They appeared on a list that Iran's Tasnim news agency—an outlet with direct ties to the Islamic Revolutionary Guard Corps—had just published, naming roughly thirty locations across the Middle East belonging to some of the world's largest technology companies.
The list reads like a roster of American tech power: Amazon, Microsoft, Google, Oracle, NVIDIA, IBM, Palantir. Each facility was labeled "enemy technology infrastructure." The Iranian military said the attacks were meant to expose how these installations support what it called "enemy military and intelligence activities." The timing and specificity suggested this was not rhetorical posturing. The facilities had been selected, Tasnim explained, because of their involvement in artificial intelligence development or their role in managing cloud computing services across the region.
Many of the targeted locations sit in places already thick with geopolitical tension. Dubai and Abu Dhabi in the Emirates. Tel Aviv in Israel. Jerusalem. These are not remote outposts but major business hubs where American corporations have planted themselves deep into the regional economy. Amazon and Microsoft maintain offices in Dubai. NVIDIA operates an engineering and development center there. Google, Oracle, and IBM have presences in Tel Aviv, Jerusalem, and Abu Dhabi. On paper, they are ordinary corporate installations. In the context of Iran's targeting list, they became something else entirely.
The connection that gave these facilities their apparent strategic weight was a single contract: Project Nimbus. In 2021, the Israeli government awarded Amazon and Google a $1.2 billion cloud computing deal. The project was designed to give Israeli government agencies—including military and intelligence bodies—broad access to cloud infrastructure and artificial intelligence tools. A 2025 report by United Nations rapporteur Francesca Albanese described it as providing Israel with "core tech infrastructure" that would reshape how the government operated. For Iran, this made the companies complicit. For the companies themselves, the arrangement had always been more complicated.
Internal documents that emerged in 2025 told a different story than the one Google presented publicly. The Intercept reported on confidential consultant assessments prepared before Google signed the Nimbus contract. These warnings were stark: the company would have limited visibility into how its cloud and machine learning tools might actually be used by Israeli agencies. The consultants went further, recommending that Google withhold advanced machine learning capabilities from the Israeli military specifically because of the risk of human rights violations. Yet the company proceeded. Google later stated that Project Nimbus was not intended for "highly sensitive, classified or military workloads relevant to weapons or intelligence services"—a claim that sat uneasily against both the contract's actual scope and the internal warnings the company had received.
What Iran's targeting list represented was the collision of three forces: American corporate expansion into the Middle East, Israeli military modernization through cloud technology, and Iranian determination to strike at infrastructure it viewed as enabling occupation and conflict. The attacks on the data centers in March were not isolated incidents but the opening moves of a campaign. The list itself was a declaration of intent, published not in secret channels but through a news agency, broadcast to the world. It signaled that the companies on it—and the governments they served—should expect more. The question now was whether the companies would reconsider their role in the region, or whether the logic of profit and contract would hold.
Citas Notables
The facilities were selected because of their role in artificial intelligence development or because they coordinate cloud computing services across the region— Iranian news agency Tasnim
Project Nimbus is not intended for highly sensitive, classified or military workloads relevant to weapons or intelligence services— Google's public statement
La Conversación del Hearth Otra perspectiva de la historia
Why did Iran publish this list publicly instead of keeping it secret?
Publishing it serves multiple purposes at once. It's a warning, a justification for attacks already underway, and a way to make the companies and their governments understand that this infrastructure is no longer off-limits. Secrecy wouldn't accomplish any of that.
Do you think the companies knew this was coming?
They knew the risks existed. Google's own consultants told them so. But knowing something is risky and believing it will actually be attacked are different calculations. The companies made a choice about which risk mattered more.
What changes now that the data centers have actually been hit?
That's the real question. Do the companies pull back from the region? Do they harden their infrastructure? Do they reconsider contracts like Nimbus? Or do they absorb the damage and continue? Each choice has consequences.
For whom?
For the companies, obviously. But also for the people whose data lives in those centers, for the governments relying on those services, and for the civilians in the region caught between these competing claims on technology.
Is this about the technology itself, or about what the technology enables?
It's both. Iran is targeting the infrastructure because of what it does—it powers military operations, intelligence gathering, occupation. But the companies see themselves as neutral providers of tools. That gap between those two views is where the real conflict lives.