[Action Required] AWS SDK for Java 1.x end of support [AWS Account: 996810415034]
View details in service console
Hello,
[AWS Health may periodically trigger reminder notifications about this communication if usage remains detected.]
Our records indicate that one or more applications in this account made AWS API calls using the AWS SDK for Java 1.x within the last 16 days.
The AWS SDK for Java 1.x reached end of support on December 31, 2025 [1]. Your existing applications will continue to function, but the SDK will no longer receive security patches, bug fixes, or new feature support. Previously published releases remain available through Maven. We recommend migrating to AWS SDK for Java 2.x for continued security updates and improved capabilities.
How can you identify SDK 1.x usage in your account?
The following methods will help you identify which applications or dependencies in your account are making SDK 1.x calls:
- Using CloudTrail logs to trace SDK 1.x API calls back to a specific principal, service, or application.
- Searching your application logs for deprecation warnings that indicate use of AWS SDK for Java 1.x. SDK versions 1.12.767 and higher emit this warning on startup.
- Searching your source code for references to the AWS SDK for Java 1.x.
- Checking your dependencies and third-party tools, since SDK 1.x can be included as a transitive dependency by libraries such as the Amazon Kinesis Client Library [2], Hadoop-AWS [3], Spring Cloud AWS [4], or by monitoring, security scanning, and observability tools that operate across your AWS Regions.
- Inspecting your deployable Java artifacts (JARs, WARs, or EARs) to confirm whether AWS SDK for Java 1.x is packaged with your application.
A list of the AWS Regions which we have identified usage in, is available in the "Affected resources" tab of your AWS Health Dashboard.
For detailed instructions, sample queries, and additional identification methods, refer to our guide 'Finding applications that use the AWS SDK for Java 1.x' [5]. If you are unable to identify the source using the methods above, contact AWS Support [6] for further assistance.
How can you migrate?
We recommend migrating to the AWS SDK for Java 2.x, which brings continued security updates, access to new service features, and improvements in performance and developer experience. To make the transition easier, we provide a Migration Tool [7] that can help automate much of the code refactoring, along with a comprehensive Migration Guide [8] that walks through the process in detail. If you have any questions, please contact AWS Support [6].
Frequently Asked Questions:
Why is region name shown as the Resource ID? Why are there no links or ARNs like Health notifications usually have?
The AWS SDK is a client-side library that runs within your applications, not as an AWS-managed resource. AWS can detect that SDK 1.x calls originated from your account but cannot determine which specific resource or application is making them. The methods described previously will help you identify the source.
Why do resources still appear after I stopped using SDK 1.x?
Resources in the "Affected resources" tab may continue to appear for up to 16 days after you stop using SDK 1.x. This is expected and does not indicate ongoing usage.
I have SDK 1.x usage across multiple accounts and regions. Why did I not receive this notification for all of them?
Notifications are being sent gradually to affected accounts and regions. If you have other accounts or regions using SDK 1.x that have not yet received this notification, they will be notified over time. The identification methods and migration guidance in this notification apply to all your accounts and regions using SDK 1.x. We recommend taking action across all your accounts and regions as soon as possible.
Why are opt-in regions or regions I do not actively use listed as affected resources?
If a region is listed as an affected resource but is not actively used by your application, it is likely due to third-party tools such as security scanners or observability tools configured in your account that make AWS API calls on your behalf across multiple regions. We recommend starting your investigation with regions you actively use. The methods described previously will help you identify the source.
If you have any questions or concerns, please contact us through AWS Support [6].
[1] https://aws.amazon.com/blogs/developer/announcing-end-of-support-for-aws-sdk-for-java-v1-x-on-december-31-2025/
[2] https://docs.aws.amazon.com/streams/latest/dev/kcl.html
[3] https://hadoop.apache.org/docs/stable/hadoop-aws/tools/hadoop-aws/index.html
[4] https://docs.awspring.io/spring-cloud-aws/docs/3.4.0/reference/html/index.html
[5] https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/migration-find-apps-using-v1.html
[6] https://aws.amazon.com/support
[7] https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/migration-tool.html
[8] https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/migration.html
[Action Required] AWS SDK for Java 1.x end of support [AWS Account: 996810415034]
View details in service console
Hello,
[AWS Health may periodically trigger reminder notifications about this communication if usage remains detected.]
Our records indicate that one or more applications in this account made AWS API calls using the AWS SDK for Java 1.x within the last 16 days.
The AWS SDK for Java 1.x reached end of support on December 31, 2025 [1]. Your existing applications will continue to function, but the SDK will no longer receive security patches, bug fixes, or new feature support. Previously published releases remain available through Maven. We recommend migrating to AWS SDK for Java 2.x for continued security updates and improved capabilities.
How can you identify SDK 1.x usage in your account?
The following methods will help you identify which applications or dependencies in your account are making SDK 1.x calls:
A list of the AWS Regions which we have identified usage in, is available in the "Affected resources" tab of your AWS Health Dashboard.
For detailed instructions, sample queries, and additional identification methods, refer to our guide 'Finding applications that use the AWS SDK for Java 1.x' [5]. If you are unable to identify the source using the methods above, contact AWS Support [6] for further assistance.
How can you migrate?
We recommend migrating to the AWS SDK for Java 2.x, which brings continued security updates, access to new service features, and improvements in performance and developer experience. To make the transition easier, we provide a Migration Tool [7] that can help automate much of the code refactoring, along with a comprehensive Migration Guide [8] that walks through the process in detail. If you have any questions, please contact AWS Support [6].
Frequently Asked Questions:
Why is region name shown as the Resource ID? Why are there no links or ARNs like Health notifications usually have?
The AWS SDK is a client-side library that runs within your applications, not as an AWS-managed resource. AWS can detect that SDK 1.x calls originated from your account but cannot determine which specific resource or application is making them. The methods described previously will help you identify the source.
Why do resources still appear after I stopped using SDK 1.x?
Resources in the "Affected resources" tab may continue to appear for up to 16 days after you stop using SDK 1.x. This is expected and does not indicate ongoing usage.
I have SDK 1.x usage across multiple accounts and regions. Why did I not receive this notification for all of them?
Notifications are being sent gradually to affected accounts and regions. If you have other accounts or regions using SDK 1.x that have not yet received this notification, they will be notified over time. The identification methods and migration guidance in this notification apply to all your accounts and regions using SDK 1.x. We recommend taking action across all your accounts and regions as soon as possible.
Why are opt-in regions or regions I do not actively use listed as affected resources?
If a region is listed as an affected resource but is not actively used by your application, it is likely due to third-party tools such as security scanners or observability tools configured in your account that make AWS API calls on your behalf across multiple regions. We recommend starting your investigation with regions you actively use. The methods described previously will help you identify the source.
If you have any questions or concerns, please contact us through AWS Support [6].
[1] https://aws.amazon.com/blogs/developer/announcing-end-of-support-for-aws-sdk-for-java-v1-x-on-december-31-2025/
[2] https://docs.aws.amazon.com/streams/latest/dev/kcl.html
[3] https://hadoop.apache.org/docs/stable/hadoop-aws/tools/hadoop-aws/index.html
[4] https://docs.awspring.io/spring-cloud-aws/docs/3.4.0/reference/html/index.html
[5] https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/migration-find-apps-using-v1.html
[6] https://aws.amazon.com/support
[7] https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/migration-tool.html
[8] https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/migration.html