I assume this is the genesis of a Five Eyes cloud platform.
Questions for me are which commercial partners are in the mix, and how will they ensure TS-level security?
I guess we’ll never truly know, but it’s hard not to worry about the implications of this.
Although I might be telling you something you already know (and at risk of sounding really boring); it sounds like what they’re really doing here is standing up a system that is certified to handle data up to “top secret” classification. The fact that such a system exists, in and of itself, is clearly not a secret.
There are a huge number of requirements for systems handling data like that, everything from specific requirements for how physical cables are labelled, to which cryptographic algorithms are used for encryption, all the way through to corporate governance and management plans within the organisations that are involved. It is essentially a giant exercise in bureaucratic box ticking (although I can understand why governments want to be thorough about this stuff).
After completing that entire process, what you’re left with is usually a fairly standard computer system, plus a whole bunch of assurances that this specific system is okay to use for “top secret” information. The actual capabilities of the system (and certainly the data within it) may well be top secret, but the existence of the system isn’t.
It’s broadly similar to the GovTeams PROTECTED system. The existence of the system itself is public information, complete with a relatively slick website, but the actual access to the system is controlled. A quick glance at that website makes it clear that GovTeams is essentially just MS Teams / MS365 but certified for “PROTECTED” information. In the same way, I would bet money on it that this "top secret " cloud system ends up just being a fairly standard commercial offering from a major cloud provider (Azure, AWS, etc.) which is approved for storing top secret information after the parties involved complete the required box ticking.