What if the software is developed and potentially backdoored in the US and deployed by the EU team in the sovereign region? Or did they rewrite the entire AWS stack?
If the EU employees can look around the code, it would then get quite interesting if they were to point out a backdoor. which they would of course raise with an EU based CERT.
In a way that protects US customers as well having a set that can't be stopped from doing that.
I don't think there are any protections against that. On the other hand, you'd have to ask yourself how realistic it is that the US is forcing Amazon to secretly backdoor its own software for US spying abroad? I can't give an answer on that one, you'll have to form your own opinion.
I imagine that if a back door were ever discovered, AWS's reputation would tank so hard that a lot of companies would probably never do business with it again.
Over 100%, in that I'm sure multiple independent groups are working on it all the time. The spooks regularly place actual agents in foreign governments (the Germans found a big nest of them and nothing much happened in the end). There's no way it would be challenging for them to find an employee willing to cash a giant cheque in exchange for quietly granting their own government access.