Dear Alibaba Cloud users,
To provide higher service quality, the shared KMS is planned to enter the End of Full Support (EOFS) phase on March 30, 2025, 00:00:00 (GMT+8), transitioning to the End of Service (EOS) phase on September 30, 2025 (GMT+8). To ensure no impact on your business, migrate your shared KMS resources to a KMS instance as soon as possible.
Select a quick migration guide based on your scenario:
Cloud product encryption with service keys:
Continue using it in KMS 3.0 without migration.
Cloud product and custom application encryption with customer management keys (CMKs):
Migrate to KMS 3.0 as soon as possible to ensure business continuity.
EOFS impact
From March 30, 2025 to September 30, 2025, you can still use the shared KMS, but the following supports will be discontinued:
New resource purchases, renewals, upgrade or downgrade.
Feature updates, bug fixes.
After-sales support.
EOS impact
From September 30, 2025, the shared KMS resources will be released. The console will be closed and its features will become unavailable.
The shared KMS resources including keys, secrets, and certificates. Keys and secrets can be migrated to a KMS instance, while certificates cannot be migrated because KMS instances don’t support certificate management. That means, after EOS for the shared KMS, KMS will cease to manage certificates.
Required actions
Migrate the keys and secrets from the shared KMS to your dedicated KMS instance. For more information, see Migrate resources from KMS 1.0 to a KMS 3.0 instance. Since the billing logic of the KMS instance differs from the shared KMS, check the pricing details before migration. For more information, see Billing.
If you have any questions or need assistance, contact Alibaba Cloud technical support. Thank you for your understanding and support!