MrZer0
propapanda 
It's important to understand the design choices: Federation provides meta data on masse and the IaaS provider choice is not that important, when it comes to protecting user data.
Signal uses E2EE for message and TLS for transport. AWS only sees the encrypted traffic.
Signal has a history of solid engineering. A selfhosted, federated server will not make it more secure, but more "ownable".
You can already run a Signal server, but you will have to dig the code on Github.