Anything that wants to adhere to GDPR should still be very careful, if not outright avoid, AWS and Azure. At most one could use an EU-isolated offspring of them, otherwise one runs into the insanity of US laws. The fact that many businesses don't care doesn't make it right.