The world is changing every day. From geopolitical shifts to legislation like GDPR which requires localized processing – these all create a complex and uncertain landscape where data storage, processing, and cloud services could potentially come to a sudden halt or suffer heavy disruption overnight. As a result, organizations are increasingly interested in potential routes for shifting cloud services to safer alternatives closer to their country of operation.
Recently, a term has appeared in the cloud services and cloud repatriation circles: geopatriation. But what is geopatriation, and how does it fit into adjusting your cloud services and infrastructure to meet new legal and compliance requirements?
In this article, we’ll define geopatriation, learn how it fits into cloud repatriation and recovery, and explore the best approaches for geopatriation. But first, let’s consider a vital related concept: cloud repatriation.
Before we begin, we’ll quickly define an associated term that is easily confused with geopatriation: cloud repatriation.
Cloud repatriation is the process of migrating applications from public clouds back to your own infrastructure. Such infrastructure can either be located on-premises or hosted by a data centre provider. It can be a private cloud, a simple virtualisation environment or even legacy IT infrastructure. The main purpose and marker of cloud repatriation is breaking the dependence on the public cloud provider.
There are many reasons to repatriate your cloud services. One of the most common is that public cloud infrastructure usage can be very expensive, and its cost is only increasing. Another reason is the sensitive or highly regulated nature of certain kinds of data – especially where mounting regulatory compliance restricts how and where that data can be gathered, stored, or processed. After all, not all confidential data should be stored in public clouds. And finally, migrating applications to public clouds might lead to performance degradation in some parts of the world, due to low bandwidth and high latency. In such regions, local cloud infrastructure (either public or private) just performs better. In some cases, private cloud infrastructure is also more resilient than public cloud services, as outages still occur in these services, and you have no direct control over their resolution.
If you want to read more about cloud repatriation, why organizations do it, and what options are available, you can read more in our detailed article on our blog.
Cloud repatriation can be a tricky term to pin down, as its meaning shifts depending on the context of its use. For example, in infrastructure as a service (IaaS) and platform as a service (PaaS), cloud repatriation refers to different processes. For this reason, many people presume that “cloud repatriation” means “cloud migration reversal”, meaning the reversal of a migration of workloads from data centres to cloud IaaS.
There are three general situations where you would perform cloud repatriation.
- Undoing a full-scale cloud migration
- Replacing existing cloud solutions with an in-house IT solution
- Recovering from errors or other minor issues in your databases, personnel, or hosting
Geopatriation is a related concept, but a little different to cloud repatriation. Geopatriation was first coined by Gartner® earlier this year, in their 2025 How to Protect Geopolitically Risky Cloud Workloads research, in which “Gartner defines geopatriation as the relocation of workloads and applications from global cloud hyperscalers to regional or national alternatives due to geopolitical uncertainty.”1 Geopatriation refers broadly to the repatriation efforts that result from specific geographic or territorial requirements, limitations, or risks for cloud infrastructure and data storage, processing, or other services. Similarly to sovereign clouds, geopatriation seeks to control and own cloud infrastructure that is located in a specific territory under clear legal jurisdiction.
Learn more about sovereign cloud infrastructure
Geopatriation is one of the many strategies that organizations can pursue to protect their cloud workloads, and is a form of cloud repatriation.
Generally speaking, there are five options for protecting cloud workloads that face geopolitical risks or related disruption:
- Reinforcement: you continue services with the hyperscaler but reinforce your cloud environment with further failsafes (for example, localized storage and processing, or additional security features like firewalls).
- Redeployment: you continue services with the hyperscaler but redeploy your most at-risk workloads to a different cloud setup (i.e. one that falls within new. requirements due to regulation or sanctions).
- Removal: you remove your at-risk workloads from the hyperscaler and redeploy everything to a different cloud setup to a local cloud provider.
- Repatriation: you move all of your workloads to an on-premises solution
- Accept the risks of disruption and make no changes.
The “removal” and “repatriation” options are both forms of geopatriation – moving your cloud workloads to your local vicinity or country.
It’s important to note that geopatriation is related to cloud repatriation, but they have different meanings. Cloud repatriation refers more broadly to the removal or movement of cloud services in general from public to private, while geopatriation is a distinct form of cloud patriation.
Whether because of conflict, changes in international trade rules, or increasing political tensions, the world is becoming more uncertain. This geopolitical uncertainty raises a critical question for organizations delivering – or using – cloud services: how do you guarantee services will remain uninterrupted, when they depend on infrastructure or companies that are spread across the geopolitical landscape?
Here are a few example cases of why geopatriation is a topic of growing interest:
- New legislation (such as data localization laws) that require storage or processing within geographic boundaries (for example, EU GDPR or UK GDPR)
- New laws or agreements (such as Data Processing Agreements) that introduce limitations or difficulties in using international service providers
- New cybersecurity standards that make it burdensome to pass assessment in using international providers, or which mandate that private or sensitive data be stored and processed locally
- Conflicts and trade disputes that prevent the use of particular cloud service providers or infrastructure in specific geographies
In short, geopatriation is a topic of growing interest because providers and users of cloud services are concerned that geopolitical events put their hyperscale public-cloud-integrated IaaS and PaaS services at risk.
As mentioned above, geopatriation can be performed by removing or repatriating cloud resources.
In both cases, you would require private cloud, on-premise cloud, or bare-metal infrastructure to take over your cloud workloads. Generally speaking, you would need to explore various bare metal infrastructure options, compare the costs of private cloud setups against localized cloud hosting services, and assess the functionality and scalability of your options.
If you’re exploring your options, we recommend you visit our dedicated cloud infrastructure webpage, which demonstrates how our wide range of open source infrastructure solutions and enterprise services can be used to build powerful, reliable, and entirely independent cloud services.
Learn more about Canonical’s Infrastructure solutions.
Works cited
- Gartner, Quick Answer: Protecting Geopolitically Risky Cloud Workloads, Lydia Leong, Alessandro Galimberti, 21 March 2025
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.