It is impossible to achieve Level 1 PCI compliance using Amazon's EC2 (computing) or S3 (storage) cloud services. One can, however, build a PCI Level 2 compliant application atop Amazon's cloud. The e-commerce giant explained the situation on a Web services discussion board as follows:
As for PCI level 2 compliance, that requires external scanning via a third party, PCI-approved vendor. It is possible for you to build a PCI level 2 compliant app in our Amazon Web Services cloud using EC2 and S3, but you cannot achieve level 1 compliance... If you have a data breach, you automatically need to become level 1 compliant which requires on-site auditing; that is something we cannot extend to our customers.
Gemini reiterates that "cloud computing isn't for everything" and gives Amazon props for admitting it.