SecNumCloud 3.2 Compliance for AI Sovereign Clouds: How vCluster Accelerates Readiness

AI Clouds operating in Europe face increasing pressure to meet strict regulatory frameworks like SecNumCloud 3.2. These requirements go beyond basic security. They enforce strong Tenant Isolation, clear operational boundaries, strict control over infrastructure, and legal sovereignty to protect data from extraterritorial laws.

For teams building AI Clouds, the challenge is not just understanding these requirements. It is implementing them without slowing down innovation or creating massive infrastructure overhead. The gap between knowing what SecNumCloud demands and actually building a compliant architecture is where most teams lose months of engineering time.

This is where vCluster plays a critical role. Not as a compliance solution itself, but as a proven way to accelerate how teams meet key technical requirements, particularly around Tenant Isolation, separation of duties, and auditability. By removing the need to provision and manage dozens of physical clusters, vCluster lets platform teams focus on the compliance controls that matter instead of wrestling with infrastructure sprawl.

Why SecNumCloud 3.2 Is Challenging for AI Sovereign Clouds

AI Clouds are fundamentally built on shared infrastructure. SecNumCloud pushes in the opposite direction, requiring strong isolation, control, and legal independence from non-European jurisdictions.

In practice, teams struggle with:

• Running multiple Tenant Clusters securely on shared infrastructure
• Ensuring strong Tenant Isolation between workloads without duplicating entire clusters
• Separating responsibilities across teams and environments
• Maintaining auditability across dynamic AI workloads
• Avoiding infrastructure sprawl while meeting isolation requirements
• Meeting legal sovereignty and data localization mandates

Traditional approaches force a painful tradeoff: either run separate physical clusters for every tenant (expensive, slow to provision, operationally heavy) or rely on namespace-level separation (insufficient for SecNumCloud's isolation requirements). vCluster eliminates this tradeoff by providing strong, auditable Tenant Isolation on shared infrastructure.

Breaking Down SecNumCloud into Platform Challenges

Instead of treating SecNumCloud as a long list of controls, it is more useful to map it to platform-level challenges for AI Clouds. Several of these map directly to capabilities that vCluster provides out of the box.

1. Tenant Isolation

Each tenant environment must be isolated in a way that prevents interference, data leakage, or privilege escalation. SecNumCloud requires logical isolation of customer data at all layers of the stack. This is one of the areas where vCluster delivers the most immediate value, providing dedicated Kubernetes control planes per tenant without requiring separate physical clusters.

2. Access Control and Separation of Duties

Teams must operate within clearly defined boundaries with minimal overlap in permissions. SecNumCloud mandates nominative accounts, mandatory multi-factor authentication, and partitioned administration interfaces. vCluster supports this by giving each Tenant Cluster its own independent RBAC policies, cleanly separating platform team responsibilities from tenant team operations.

3. Legal Sovereignty and Control Boundaries

This is the defining requirement of SecNumCloud 3.2. Workloads and data must be processed and stored within the European Union. The cloud provider must be established in Europe, must not be subject to extraterritorial laws, and individual non-EU ownership must not exceed 24% (with collective non-EU ownership capped at 39%). All primary administration and maintenance activities must be carried out from within the EU.

These are organizational and legal requirements that must be addressed at the entity and infrastructure level. vCluster operates within whatever sovereign infrastructure you deploy it on, making it a natural fit for EU-hosted Control Plane Clusters, but it does not itself enforce jurisdictional boundaries.

4. Auditability and Traceability

All actions and system changes must be observable and reproducible. SecNumCloud requires systematic collection of events, secure log storage, regular PASSI audits, and full traceability of actions. Logs must be retained for a minimum of six months.

vCluster contributes here by providing full API audit logs and RBAC history scoped to each Tenant Cluster. Because each tenant has its own control plane, audit trails are naturally separated, making it significantly easier to demonstrate compliant behavior during assessments.

5. Encryption and Data Protection

SecNumCloud requires encryption of data at rest and in transit using ANSSI-approved algorithms. Encryption key management must prevent unauthorized access by the provider itself or any entity operating under foreign law. These requirements are addressed at the infrastructure and application layer, independent of vCluster.

6. Environment Consistency

Systems must behave consistently across environments to support validation and certification. vCluster makes this straightforward: Tenant Clusters can be templated and replicated identically across dev, staging, and production, ensuring that what gets audited in one environment matches what runs in another.

Where vCluster Helps

vCluster introduces Tenant Clusters on top of a shared Control Plane Cluster. Each Tenant Cluster includes its own Virtual Control Plane, allowing teams to achieve strong Tenant Isolation while still sharing underlying infrastructure efficiently.

For AI Clouds pursuing SecNumCloud, this architecture directly addresses the most operationally complex requirements: Tenant Isolation, separation of duties, and audit readiness.

Tenant Isolation with Dedicated Tenant Clusters

Instead of running everything in a shared cluster or spinning up costly physical clusters per tenant, each tenant or workload runs inside its own Tenant Cluster. This provides:

• Isolated Kubernetes control planes per tenant, each with its own API server, controller manager, and data store
• Stronger Tenant Isolation compared to namespace-based approaches, with no lateral path between tenant environments
• Reduced blast radius across environments
• Multiple tenancy models to match the required isolation level: shared nodes for cost efficiency, dedicated nodes for compute isolation, or private nodes for the strongest isolation with physically separate infrastructure

For AI Clouds, this is critical when:

• Running workloads for multiple customers on the same GPU infrastructure
• Separating training and inference environments with different security profiles
• Handling regulated and non-regulated workloads side by side

Clear Separation of Responsibilities

Tenant Clusters create a natural and auditable separation between teams:

• Platform teams manage the Control Plane Cluster and set policies
• Application or customer teams operate inside their Tenant Clusters with full admin access
• Each Tenant Cluster has its own RBAC policies, completely independent from other tenants

This maps directly to SecNumCloud's separation of duties requirements, and it does so without the operational burden of managing many physical clusters. Auditors can clearly see the boundary between platform and tenant responsibilities.

Enforcing Logical Control Boundaries

vCluster helps define strong logical boundaries that support compliance zoning:

• Workloads are grouped into dedicated Tenant Clusters per compliance zone
• Easier mapping between infrastructure and regulatory requirements
• Reduced risk of cross-environment access
• Configurable network policies to control communication between Tenant Clusters

For AI Clouds operating across different regulatory scopes, this makes it straightforward to demonstrate which workloads fall under which compliance regime. The logical boundaries that vCluster enforces complement the physical and legal boundaries that must be established at the infrastructure level.

Improved Auditability Through Standardized Tenant Clusters

Audit readiness is one of the most time-consuming aspects of SecNumCloud certification. vCluster reduces this burden:

• Tenant Clusters can be templated, ensuring identical environments across dev, staging, and production
• Cleaner separation simplifies logging and monitoring, with each tenant's activity scoped to its own control plane
• Full API audit logs and RBAC history per tenant, ready for auditor review
• Consistent system behavior is easier to demonstrate when environments are standardized

This reduces friction during certification and validation processes significantly.

Isolation Without Infrastructure Sprawl

One of the biggest challenges in compliance is balancing isolation with cost and operational efficiency.

Without vCluster, teams typically create many physical clusters to achieve the isolation SecNumCloud requires. This leads to infrastructure sprawl, higher costs, slower provisioning, and a larger operational surface to secure and audit.

With vCluster, you run multiple Tenant Clusters on a shared Control Plane Cluster. You achieve Tenant Isolation at the control plane level without duplicating infrastructure. For workloads requiring the strongest guarantees, the Private Nodes tenancy model provides physically separate nodes, a separate control plane, and separate infrastructure components like CNI and CSI drivers, all while remaining manageable from a single platform.

How vCluster Accelerates SecNumCloud Compliance

vCluster does not replace compliance processes. It accelerates how quickly teams can implement the required technical architecture, which is often the biggest bottleneck on the path to certification.

Key acceleration points:

• Faster provisioning of Tenant Clusters: New isolated environments can be created in seconds, not hours. This means teams can iterate on their compliance architecture rapidly instead of waiting on infrastructure tickets.
• Standardized Tenant Cluster architecture: Consistent, repeatable patterns across all tenants and workloads. What you certify in staging is what you run in production.
• Simplified Tenant Isolation model: The isolation model is clean and well-defined, making it significantly easier to explain and validate during PASSI audits.
• Reduced infrastructure duplication: Fewer physical clusters to provision, secure, patch, and audit. Every cluster you eliminate is one less cluster an auditor needs to assess.
• Lower operational overhead: Platform teams focus on compliance controls and policy enforcement instead of infrastructure management.

The result is a faster, more predictable path to audit readiness.

Reference Architecture for a SecNumCloud-Aligned AI Cloud

A typical architecture for an AI Cloud pursuing SecNumCloud compliance with vCluster includes:

• A Control Plane Cluster deployed in a sovereign environment within the EU, on infrastructure owned and operated by an EU entity
• Multiple Tenant Clusters organized by customer, workload type (training, fine-tuning, inference), or compliance zone
• Centralized services for logging and monitoring, identity and access management, and policy enforcement
• Controlled communication between Tenant Clusters where required, with network policies enforced at the platform level
• Encryption of data at rest and in transit using ANSSI-approved algorithms
• Administration and maintenance carried out exclusively by EU-based personnel

‍

This approach balances Tenant Isolation, scalability, and operational efficiency. vCluster provides the Tenant Isolation and environment management layer, while the surrounding infrastructure and organizational controls address sovereignty, encryption, and legal requirements.

What vCluster Does Not Solve

vCluster is not a compliance solution on its own. It addresses the technical Tenant Isolation layer, which is a critical and operationally complex part of SecNumCloud, but the framework also includes requirements that must be addressed through other means:

• SecNumCloud qualification itself (granted by ANSSI after independent PASSI audit)
• Legal sovereignty requirements, including immunity from extraterritorial laws
• Ownership structure requirements (non-EU ownership caps)
• Data localization mandates (EU-only processing and storage)
• Organizational controls including personnel location requirements
• Encryption and key management to ANSSI-approved standards
• PASSI audit obligations and log retention requirements
• Physical infrastructure sovereignty

vCluster is the enabling layer for the technical isolation architecture. The items listed above require organizational, legal, and infrastructure-level measures that are complementary to what vCluster provides.

Getting to Compliance Faster

For AI Clouds working toward SecNumCloud 3.2, the main bottleneck is often implementation, not understanding. Teams know what they need to build. The challenge is building it quickly, correctly, and in a way that auditors can easily validate.

vCluster helps by:

• Enabling strong Tenant Isolation without infrastructure sprawl, the most operationally complex aspect of SecNumCloud for shared AI infrastructure
• Providing clean, auditable separation between teams and workloads
• Making environments easier to standardize, replicate, and audit
• Supporting multiple isolation levels (shared, dedicated, and private nodes) so teams can match the right isolation model to each workload's compliance needs

The key question is no longer how to meet the technical isolation requirements. With vCluster, that problem is solved. The question becomes how to layer the remaining legal, organizational, and sovereignty controls on top of a solid technical foundation.

‍

Want to see how this fits your AI Cloud architecture? Explore a reference architecture or talk to the vCluster team about accelerating your compliance timeline.

‍

‍