Amazon waives entire month's AWS charges after Iranian drone attack

In a highly unusual move, Amazon has confirmed that it is waiving an entire month’s usage charges for customers using two Middle Eastern datacenters disrupted by Iranian drone attacks earlier this month.

The attacks on March 1 damaged two Amazon datacenters in the region, ME-CENTRAL-1 (United Arab Emirates) and ME-SOUTH-1 (Bahrain), something the company acknowledged the following day.

“These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage,” Amazon advised on its service health page.

The disruption affected multiple Amazon services at these locations, including EC2, S3, DynamoDB, AWS Lambda, Kinesis, CloudWatch, and RDS, as well as the AWS Management Console and command line interface (CLI).

Last week, AWS expert and blogger Cory Quinn reported in an article on The Register that the company had emailed customers using these facilities with the news that March charges would be waived.

“AWS is waiving all usage-related charges in the ME-CENTRAL-1 Region for March 2026. This waiver applies automatically to your account(s), and no action is required from you,” Amazon wrote in the email quoted by Quinn.

“You will not see any March 2026 usage for the ME-CENTRAL-1 Region in your Cost and Usage Report or Cost Explorer once processing is complete,” the email reportedly continued.

Not just an invoice

While credits are sometimes applied to accounts related to service level agreements (SLAs) issues, waiving charges for an entire month appears to be unprecedented.

More contentiously, according to Quinn, the move would also have the effect of wiping essential Cost and Usage Report (CUR) data used in compliance and security forensics.

Quinn pointed out that the AWS CUR is not only a general billing facility; it gives customers a precise record of which services were consumed, essential for cost allocation. This also helps track wasted or under-used resources.

“For most organizations, the AWS bill isn’t just an invoice. It’s the canonical record of what infrastructure exists, where it’s running, and how long it’s been there,” Quinn wrote. Moreover, “compliance teams rely on it. Auditors request it. FinOps teams build their entire practice on it.”

In response to questions from CSO about this issue, Amazon clarified its statement, saying that usage data was filtered from billing reports so that customers would not see charges for the March period.

However, it said, customers would still be able to access billing data. “We notified customers that AWS is waiving all usage-related charges in the ME-CENTRAL-1 Region for March 2026. AWS did not delete customer billing data and usage data is available to customers upon request,” an AWS spokesperson said in an email.

The attacks, reportedly by Shahed 136drones, are believed to be the first time war has disrupted a major US hyperscaler, underlining the vulnerability of datacenters and the digital economy to this type of attack.

According to Amazon’s status page, the company’s Middle East datacenters are still suffering disruption as of late March, indicating that the impact of the drone attacks continues to be felt.

All datacenters targeted

AWS isn’t alone. Both sides in the conflict are attacking datacenters that they believe support their opposition. On March 5, Iran’s FARS News Agency, which has close ties to the Islamic Revolutionary Guard Corps (IRGC), issued a statement claiming the attacks on Amazon’s datacenters was the direct result of the facilities “supporting the enemy’s military and intelligence activities.”

And on March 11, Israel reportedly attacked a datacenter in Iranian capital Tehran in an attempt to disrupt bank services used to pay members of the IRGC.