Thalassa Cloud Public Cloud
Thalassa Cloud is an independent, sovereign Dutch public cloud provider. We own and operate the full stack — data centers in the Netherlands, the control plane, and the services you deploy on top — giving organisations a genuinely Dutch alternative to foreign hyperscaler clouds. The platform is built on cloud-native technologies and offers compute, networking, storage, Kubernetes, and a growing catalogue of managed services, all accessible through modern APIs, the console, and standard tooling.
We are rapidly expanding that catalogue with new services and capabilities. Your data stays under Dutch and EU jurisdiction throughout, with infrastructure certified to ISO/IEC 27001 (datacenters, Thalassa Cloud Platform is approaching final stages of certification, expected Q3 2026) and NEN 7510.
Regions and availability zones
Public Cloud infrastructure is deployed across physically separated availability zones within a region. Each zone is an independent data center location with its own power, cooling, and network paths. Zones in the same region are connected by low-latency networking so workloads can be distributed for fault tolerance.
Region nl-1
| Zone | Location | Certifications |
|---|---|---|
nl-1a | Netherlands | ISO/IEC 27001, NEN 7510 |
nl-1b | Netherlands | ISO/IEC 27001, NEN 7510 |
nl-1c | Netherlands | ISO/IEC 27001, NEN 7510 |
Every region has at least three availability zones. The loss of a single zone does not cause a platform-wide outage — redundant control plane, storage, and networking components continue to operate from the remaining zones.
For how regions, zones, and networking fit together, see Regions.
What you can deploy
| Capability | Description |
|---|---|
| Compute | Virtual machines with configurable machine types and images |
| Networking | VPCs, subnets, load balancers, NAT gateways, and security groups |
| Storage | Replicated block storage, S3-compatible object storage, and TFS |
| Kubernetes | Managed clusters with multi-zone scheduling and persistent storage |
| Managed services | Databases, DNS, KMS, Secrets Manager, Prometheus, and more |
All services are provisioned per region. Choose the availability zones where your workloads run when you create resources such as subnets, clusters, or storage volumes.
Architecture
Thalassa Cloud Public Cloud is built for resilience at every layer of the stack.
┌─────────────────────────────────────┐
│ Region nl-1 │
│ │
┌───────────────┼───────────────┬───────────────────┤
│ Zone nl-1a │ Zone nl-1b │ Zone nl-1c │
│ │ │ │
│ Compute │ Compute │ Compute │
│ Storage │ Storage │ Storage │
│ Networking │ Networking │ Networking │
└───────────────┴───────────────┴───────────────────┘
│ │ │
└───────────────┴───────────────┘
Replicated storage &
redundant control planeRedundancy and fault tolerance
- Storage — Block storage is replicated synchronously across availability zones within a region. Data written in one zone is durable even if that zone becomes unavailable.
- Control plane — Platform services run in an active-active configuration across zones. Maintenance on one zone does not require a full platform outage.
- Workloads — Resources deployed in high-availability mode — such as load balancers, Kubernetes clusters, and replicated storage — continue operating when a zone fails. Kubernetes workloads can be rescheduled to healthy zones; stateful services with HA configuration fail over automatically.
Open standards
The platform is built on open standards and cloud-native technologies: Kubernetes for orchestration, software-defined networking for isolation, and standard APIs for automation. Infrastructure as Code is supported through Terraform and Pulumi, and all resources are manageable via the REST API and tcloud CLI.
Security and compliance
Public Cloud data centers are Tier-3 facilities operated to enterprise security standards.
| Area | Details |
|---|---|
| Certifications | ISO/IEC 27001 (information security management), NEN 7510 (healthcare information security) |
| Data residency | All infrastructure hosted in the Netherlands, within the European Union |
| Encryption | Data encrypted at rest and in transit |
| Access control | Organisation-scoped IAM with RBAC, service accounts, and project-level policies |
| Audit logging | Platform operations recorded for compliance and investigation — see Audit logs |
Security follows a shared responsibility model — we secure the platform, you secure your workloads. For how we secure the platform itself — supply chain signing, threat modeling, and operational controls — see Platform security. Planning a pentest or DR exercise? See Security assessments. To report abusive activity originating from the platform, see Abuse reporting. For access control concepts you configure on your workloads, see IAM.
Platform incidents and maintenance are communicated via status.thalassa.cloud and, for services like Kubernetes and DBaaS, through email within your maintenance window. See Incident communication for details.
Public Cloud vs Private Cloud
Thalassa Cloud offers both Public Cloud and Private Cloud on the same platform stack. The difference is tenancy and deployment model:
| Public Cloud | Private Cloud | |
|---|---|---|
| Tenancy | Multi-tenant, shared infrastructure | Dedicated infrastructure for your organisation |
| Operations | Fully managed by Thalassa Cloud | Managed by Thalassa Cloud on your dedicated environment |
| APIs and tooling | Same console, CLI, Terraform provider, and APIs | Same console, CLI, Terraform provider, and APIs |
| Use case | Standard cloud workloads with EU data sovereignty | Regulatory, isolation, or capacity requirements beyond shared tenancy |
Both models provide the same service catalogue and developer experience.