MicrosoftDocs
diff --git a/‎articles/app-service/environment/networking.md‎
Lines changed: 42 additions & 1 deletion b/‎articles/app-service/environment/networking.md‎
Lines changed: 42 additions & 1 deletion
diff --git a/‎articles/azure-app-configuration/configuration-provider-overview.md‎
Lines changed: 11 additions & 11 deletions b/‎articles/azure-app-configuration/configuration-provider-overview.md‎
Lines changed: 11 additions & 11 deletions
diff --git a/‎articles/azure-app-configuration/feature-management-overview.md‎
Lines changed: 2 additions & 2 deletions b/‎articles/azure-app-configuration/feature-management-overview.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/backup/security-controls-policy.md‎
Lines changed: 2 additions & 2 deletions b/‎articles/backup/security-controls-policy.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/healthcare-apis/release-notes-2026.md‎
Lines changed: 9 additions & 1 deletion b/‎articles/healthcare-apis/release-notes-2026.md‎
Lines changed: 9 additions & 1 deletion
diff --git a/‎articles/iot-hub/iot-hub-tls-support.md‎
Lines changed: 1 addition & 1 deletion b/‎articles/iot-hub/iot-hub-tls-support.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/sentinel/data-connectors-reference.md‎
Lines changed: 9 additions & 3 deletions b/‎articles/sentinel/data-connectors-reference.md‎
Lines changed: 9 additions & 3 deletions
@@ -3,7 +3,7 @@ title: App Service Environment networking
 description: App Service Environment networking details
 author: seligj95
 ms.topic: overview
-ms.date: 10/15/2025
+ms.date: 02/03/2026
 ms.author: jordanselig
 ms.service: azure-app-service
 ---
@@ -132,6 +132,47 @@ Your application uses one of the default outbound addresses for egress traffic t
 > [!NOTE]
 > Outbound SMTP connectivity (port 25) is supported for App Service Environment v3. The supportability is determined by a setting on the subscription where the virtual network is deployed. For virtual networks/subnets created before 1. August 2022 you need to initiate a temporary configuration change to the virtual network/subnet for the setting to be synchronized from the subscription. An example could be to add a temporary subnet, associate/dissociate an NSG temporarily, or configure a service endpoint temporarily. For more information and troubleshooting, see [Troubleshoot outbound SMTP connectivity problems in Azure](../../virtual-network/troubleshoot-outbound-smtp-connectivity.md).
 
+## Outbound network segmentation
+
+Outbound network segmentation allows you to join apps to alternate subnets to control how outbound traffic is routed. By default, all outbound traffic from an App Service Environment originates from the subnet hosting the App Service Environment.
+
+### Enable outbound network segmentation
+
+You must enable outbound network segmentation when you create your App Service Environment. You can't enable this feature on existing App Service Environments. Portal support for enabling this cluster setting or joining alternate subnets isn't available.
+
+To enable the feature, configure the `MultipleSubnetJoinEnabled` cluster setting when you create the App Service Environment using an Azure Resource Manager or Bicep template:
+
+```json
+"clusterSettings": [
+    {
+        "name": "MultipleSubnetJoinEnabled",
+        "value": "true"
+    }
+]
+```
+
+For guidance on configuring cluster settings, see [Custom configuration settings for App Service Environments](app-service-app-service-environment-custom-settings.md).
+
+### Join an app to an alternate subnet
+
+The alternate subnet must be empty and delegated to `Microsoft.Web/serverFarms`. Ensure that [application traffic routing is enabled for your app](../configure-vnet-integration-routing.md#configure-application-routing) to route all traffic through the alternate subnet.
+
+To join an app to an alternate subnet, use the following Azure CLI command:
+
+```azurecli-interactive
+az webapp vnet-integration add --resource-group <APP-RESOURCE-GROUP> --name <APP-NAME> --vnet <VNET-NAME> --subnet <ALTERNATE-SUBNET-NAME>
+```
+
+If your alternate subnet is in a different resource group than your app, run `az webapp vnet-integration add -h` to learn how to specify the resource ID.
+
+To change the alternate subnet for an app, first remove the existing integration and then add a new one.
+
+### Limitations
+
+- Each app from a given plan can only integrate with one alternate subnet.
+- A plan can have up to four different subnet connections, and apps in the same plan can use any of the connections.
+- This feature isn't compatible with the [multi-plan subnet join](../overview-vnet-integration.md#subnet-requirements) feature available in the multitenant App Service offering.
+
 ## Private endpoint
 
 In order to enable Private Endpoints for apps hosted in your App Service Environment, you must first enable this feature at the App Service Environment level.
 
@@ -48,27 +48,27 @@ This is an overview of each feature and its current status for different framewo
 
 Feature | .NET | Spring | Kubernetes | Python | JavaScript | Go |
 ------- | ---- | ------ | ---------- | ------ | ---------- | -- |
-Connection String Authentication | [GA](./reference-dotnet-provider.md#load-configuration) | GA | GA | GA | [GA](./reference-javascript-provider.md#load-configuration) | [GA](./reference-go-provider.md#load-configuration)
-Entra ID Authentication | [GA](./reference-dotnet-provider.md#load-configuration) | GA | GA | GA | [GA](./reference-javascript-provider.md#load-configuration) | [GA](./reference-go-provider.md#load-configuration)
-Dynamic Refresh (Poll Mode) | [GA](./reference-dotnet-provider.md#refresh-on-sentinel-key) | GA | GA | GA | [GA](./reference-javascript-provider.md#refresh-on-sentinel-key) | [GA](./reference-go-provider.md#refresh-on-sentinel-key)
+Connection String Authentication | [GA](./reference-dotnet-provider.md#load-configuration) | GA | GA | [GA](./reference-python-provider.md?tabs=connection-string#load-configuration) | [GA](./reference-javascript-provider.md#load-configuration) | [GA](./reference-go-provider.md#load-configuration)
+Entra ID Authentication | [GA](./reference-dotnet-provider.md#load-configuration) | GA | GA | [GA](./reference-python-provider.md?tabs=entra-id#load-configuration) | [GA](./reference-javascript-provider.md#load-configuration) | [GA](./reference-go-provider.md#load-configuration)
+Dynamic Refresh (Poll Mode) | [GA](./reference-dotnet-provider.md#refresh-on-sentinel-key) | GA | GA | [GA](./reference-python-provider.md#configuration-refresh) | [GA](./reference-javascript-provider.md#refresh-on-sentinel-key) | [GA](./reference-go-provider.md#refresh-on-sentinel-key)
 Dynamic Refresh (Push Mode) | GA | GA | N/A | N/A | N/A | N/A
 Dynamic Refresh (Collection Monitoring) | [GA](./reference-dotnet-provider.md#configuration-refresh) | WIP | GA | WIP | [GA](./reference-javascript-provider.md#configuration-refresh) | [GA](./reference-go-provider.md#configuration-refresh)
-JSON Content Type Handling | [GA](./reference-dotnet-provider.md#json-content-type-handling) | GA | GA | GA | [GA](./reference-javascript-provider.md#json-content-type-handling) | [GA](./reference-go-provider.md#json-content-type-handling)
+JSON Content Type Handling | [GA](./reference-dotnet-provider.md#json-content-type-handling) | GA | GA | [GA](./reference-python-provider.md#json-content-type-handling) | [GA](./reference-javascript-provider.md#json-content-type-handling) | [GA](./reference-go-provider.md#json-content-type-handling)
 JSON with Comments | [GA](./reference-dotnet-provider.md#json-content-type-handling) | GA | GA | GA | [GA](./reference-javascript-provider.md#json-content-type-handling) | [GA](./reference-go-provider.md#json-content-type-handling)
 Configuration Setting Mapping | [GA](./reference-dotnet-provider.md#configuration-setting-mapping) | N/A | N/A | GA | N/A | N/A
-Key Vault References | [GA](./reference-dotnet-provider.md#key-vault-reference) | GA | GA | GA | [GA](./reference-javascript-provider.md#key-vault-reference) | [GA](./reference-go-provider.md#key-vault-reference)
+Key Vault References | [GA](./reference-dotnet-provider.md#key-vault-reference) | GA | GA | [GA](./reference-python-provider.md#key-vault-reference) | [GA](./reference-javascript-provider.md#key-vault-reference) | [GA](./reference-go-provider.md#key-vault-reference)
 Key Vault Secret Refresh | [GA](./reference-dotnet-provider.md#key-vault-secret-refresh) | WIP | GA | GA | [GA](./reference-javascript-provider.md#key-vault-secret-refresh) | [GA](./reference-go-provider.md#key-vault-secret-refresh)
-Custom Key Vault Secret Resolution | [GA](./reference-dotnet-provider.md#key-vault-reference) | GA | GA | GA | [GA](./reference-javascript-provider.md#key-vault-reference) | [GA](./reference-go-provider.md#custom-secret-resolver)
+Custom Key Vault Secret Resolution | [GA](./reference-dotnet-provider.md#key-vault-reference) | GA | GA | [GA](./reference-python-provider.md#secret-resolver) | [GA](./reference-javascript-provider.md#key-vault-reference) | [GA](./reference-go-provider.md#custom-secret-resolver)
 Parallel Secret Resolution | WIP | N/A | WIP | N/A | [GA](./reference-javascript-provider.md#parallel-secret-resolution) | GA
-Feature Flags | [GA](./reference-dotnet-provider.md#feature-flag) | GA | GA | GA | [GA](./reference-javascript-provider.md#feature-flag) | [GA](./reference-go-provider.md#feature-flags)
+Feature Flags | [GA](./reference-dotnet-provider.md#feature-flag) | GA | GA | [GA](./reference-python-provider.md#feature-flag-refresh) | [GA](./reference-javascript-provider.md#feature-flag) | [GA](./reference-go-provider.md#feature-flags)
 Variant Feature Flags | [GA](./reference-dotnet-provider.md#feature-flag) | GA | GA | GA | [GA](./reference-javascript-provider.md#feature-flag) | [GA](./reference-go-provider.md#feature-flags)
 Feature Flag Telemetry | [GA](./reference-dotnet-provider.md#feature-flag-telemetry) | GA | GA | GA | GA | WIP
-Key Prefix Trim | [GA](./reference-dotnet-provider.md#trim-prefix-from-keys) | GA | GA | GA | [GA](./reference-javascript-provider.md#trim-prefix-from-keys) | [GA](./reference-go-provider.md#trim-prefix-from-keys)
+Key Prefix Trim | [GA](./reference-dotnet-provider.md#trim-prefix-from-keys) | GA | GA | [GA](./reference-python-provider.md#trimming-keys) | [GA](./reference-javascript-provider.md#trim-prefix-from-keys) | [GA](./reference-go-provider.md#trim-prefix-from-keys)
 Configurable Startup Time-out | [GA](./reference-dotnet-provider.md#startup-retry) | WIP | N/A | WIP | [GA](./reference-javascript-provider.md#startup-retry) | [GA](./reference-go-provider.md#startup-retry)
-Replica Auto Discovery | [GA](./reference-dotnet-provider.md#geo-replication) | GA | GA | GA | [GA](./reference-javascript-provider.md#geo-replication) | [GA](./reference-go-provider.md#geo-replication)
-Replica Failover | [GA](./reference-dotnet-provider.md#geo-replication) | GA | GA | GA | [GA](./reference-javascript-provider.md#geo-replication) | [GA](./reference-go-provider.md#geo-replication)
+Replica Auto Discovery | [GA](./reference-dotnet-provider.md#geo-replication) | GA | GA | [GA](./reference-python-provider.md#geo-replication) | [GA](./reference-javascript-provider.md#geo-replication) | [GA](./reference-go-provider.md#geo-replication)
+Replica Failover | [GA](./reference-dotnet-provider.md#geo-replication) | GA | GA | [GA](./reference-python-provider.md#geo-replication) | [GA](./reference-javascript-provider.md#geo-replication) | [GA](./reference-go-provider.md#geo-replication)
 Replica Load Balancing | [GA](./reference-dotnet-provider.md#geo-replication) | GA | GA | GA | [GA](./reference-javascript-provider.md#geo-replication) | [GA](./reference-go-provider.md#geo-replication)
-Snapshots | [GA](./reference-dotnet-provider.md#snapshot) | GA | GA | GA | [GA](./reference-javascript-provider.md#snapshot) | [GA](./reference-go-provider.md#snapshot)
+Snapshots | [GA](./reference-dotnet-provider.md#snapshot) | GA | GA | [GA](./reference-python-provider.md#load-configuration-from-snapshots) | [GA](./reference-javascript-provider.md#snapshot) | [GA](./reference-go-provider.md#snapshot)
 Distributed Tracing | [GA](./reference-dotnet-provider.md#distributed-tracing) | WIP | WIP | WIP | WIP | N/A
 Health Check | [GA](./reference-dotnet-provider.md#health-check) | GA | WIP | WIP | WIP | N/A 
 Select by Tag Filters | [GA](./reference-dotnet-provider.md#load-specific-key-values-using-selectors) | WIP | GA | GA | [GA](./reference-javascript-provider.md#tag-filters) | [GA](./reference-go-provider.md#tag-filters)
 
@@ -42,9 +42,9 @@ Feature | .NET | Spring | Python | JavaScript | Go |
 ------- | ---- | ------ | ------ | ---------- | -- |
 Targeting Filter | [GA](./feature-management-dotnet-reference.md#targeting) | GA | [GA](./feature-management-python-reference.md#targeting) | [GA](./feature-management-javascript-reference.md#targeting) | [GA](./feature-management-go-reference.md#targeting)
 Targeting Exclusion | [GA](./feature-management-dotnet-reference.md#targeting-exclusion) | GA | [GA](./feature-management-python-reference.md#targeting-exclusion) | [GA](./feature-management-javascript-reference.md#targeting-exclusion) | [GA](./feature-management-go-reference.md#targeting-exclusion)
-Ambient Targeting | [GA](./feature-management-dotnet-reference.md#targeting-in-a-web-application) | WIP | GA | [GA](./feature-management-javascript-reference.md#targeting-in-a-web-application) | WIP
+Ambient Targeting | [GA](./feature-management-dotnet-reference.md#targeting-in-a-web-application) | WIP | [GA](./feature-management-python-reference.md#targeting-context-accessor) | [GA](./feature-management-javascript-reference.md#targeting-in-a-web-application) | WIP
 Time Window Filter | [GA](./feature-management-dotnet-reference.md#microsofttimewindow) | GA | [GA](./feature-management-python-reference.md#microsofttimewindow) | [GA](./feature-management-javascript-reference.md#microsofttimewindow) | [GA](./feature-management-go-reference.md#microsofttimewindow)
-Recurring Time Window | [GA](./feature-management-dotnet-reference.md#microsofttimewindow) | GA | GA | [GA](./feature-management-javascript-reference.md#microsofttimewindow) | WIP
+Recurring Time Window | [GA](./feature-management-dotnet-reference.md#microsofttimewindow) | GA | [GA](./feature-management-python-reference.md#microsofttimewindow) | [GA](./feature-management-javascript-reference.md#microsofttimewindow) | WIP
 Custom Feature Filter | [GA](./feature-management-dotnet-reference.md#implement-a-feature-filter) | GA | [GA](./feature-management-python-reference.md#implementing-a-feature-filter) | [GA](./feature-management-javascript-reference.md#implementing-a-feature-filter) | [GA](./feature-management-go-reference.md#implementing-a-feature-filter)
 Feature Filter Requirement Type (AND/OR) | [GA](./feature-management-dotnet-reference.md#requirement-type) | GA | [GA](./feature-management-python-reference.md#requirement-type) | [GA](./feature-management-javascript-reference.md#requirement-type) | [GA](./feature-management-go-reference.md#requirement-type)
 Variant Feature Flag | [GA](./feature-management-dotnet-reference.md#variants) | GA | [GA](./feature-management-python-reference.md#variants) | [GA](./feature-management-javascript-reference.md#variants) | [GA](./feature-management-go-reference.md#variants)
 
@@ -1,7 +1,7 @@
 ---
 title: Azure Policy Regulatory Compliance controls for Azure Backup
 description: Lists Azure Policy Regulatory Compliance controls available for Azure Backup. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
-ms.date: 02/24/2025
+ms.date: 07/04/2025
 ms.topic: sample
 ms.service: azure-backup
 ms.custom: subject-policy-compliancecontrols
@@ -28,4 +28,4 @@ the specific standard.
 - [Azure Policy Regulatory Compliance](../governance/policy/concepts/regulatory-compliance.md).
 - [Built-ins on the Azure Policy GitHub repo](https://github.com/Azure/azure-policy).
 - [Encryption using Transport Layer Security](transport-layer-security.md).
-- [Encryption using Azure security baseline for Backup](/security/benchmark/azure/baselines/backup-security-baseline).
+- [Encryption using Azure security baseline for Backup](/security/benchmark/azure/baselines/backup-security-baseline).
@@ -17,6 +17,14 @@ ms.custom:
 
 Release notes describe features, enhancements, and bug fixes released in 2026 for the FHIR&reg; service and DICOM&reg; service in Azure Health Data Services.
 
+## February 2026
+### FHIR service
+#### Bug fixes:
+
+**Bug fix for `$bulk-delete` queries with paged results exceeding 100 included items**: There was an issue where some `$bulk-delete` queries that return paged results exceeding 1,000 included items with related links could return an HTTP 500 Internal Server Error. The issue is fixed, and the results are returned correctly now.
+
+**Bug fix for queries combining `_include` and `_revinclude`**: There was an issue where queries combining `_include` and `_revinclude` (for example, `GET /Patient?_include=Patient:organization&_revinclude=Observation:patient`) could return an HTTP 500 Internal Server Error. This issue is fixed, and results are returned correctly now.
+
 ## January 2026
 ### FHIR service
 
@@ -26,7 +34,7 @@ Release notes describe features, enhancements, and bug fixes released in 2026 fo
 
 **Updates to responses for update and deletion of FHIR spec-defined search parameters**: There are a few updates to the behaviors and responses for update and deletion of FHIR spec-defined search parameters:
   - Deletion of out-of-box FHIR spec-defined search parameters previously returned a "204 No Content" and the parameter wasn't deleted. The response is updated to correctly return "405 Method Not Allowed."
-  - Update of out-of-box FHIR spec-defined search parameters previously returned "201 Created," which can cause unintended behavior. The response is updated to return "405 Method Not Allowed." If you wish to update an out-of-box FHIR spec-defined search parameter, please create a new custom search parameter with a different URL.
+  - Update of out-of-box FHIR spec-defined search parameters previously returned "201 Created," which can cause unintended behavior. The response is updated to return "405 Method Not Allowed." If you wish to update an out-of-box FHIR spec-defined search parameter, create a new custom search parameter with a different URL.
 
 **Enhanced response logging for deletion of non-existent search parameters**:  Deletion of nonexistent search parameters previously returned a "204 No Content." The response is improved to be more informative and now returns "404 Not Found."
 
 
@@ -40,7 +40,7 @@ After a successful TLS handshake, IoT Hub can authenticate a device using a symm
 
 During a TLS handshake, IoT Hub presents RSA-keyed server certificates to connecting clients. All IoT hubs in the global Azure cloud use the TLS certificate issued by the DigiCert Global Root G2. 
 
-We strongly recommend that all devices trust the following three root CAs: 
+We strongly recommend that all devices trust the following two root CAs: 
 
 * DigiCert Global G2 root CA
 * Microsoft RSA root CA 2017
 
@@ -56,15 +56,21 @@ Filter and ingest logs in text-file format from network or security applications
 - [Collect logs from text files with the Azure Monitor Agent and ingest to Microsoft Sentinel](/azure/sentinel/connect-custom-logs-ama?tabs=portal)
 - [Custom Logs via AMA data connector - Configure data ingestion to Microsoft Sentinel from specific applications](/azure/sentinel/unified-connector-custom-device)
 
-[comment]: <> (DataConnector includes end)
+
+##  Sentinel data connectors
+
+> [!NOTE]
+> The following table lists the data connectors that are available in the Microsoft Sentinel Content hub. The connectors are supported by the product vendor. For support, see the **Supported by** link.
+
+> [!TIP]
+> For a list of tables ingested into Microsoft Sentinel and the connectors that ingest them, see [Microsoft Sentinel tables and associated connectors](sentinel-tables-connectors-reference.md).
+
 
 [!INCLUDE [connector-details](includes/connector-details.md)]
 
 
 [!INCLUDE [deprecated-connectors](includes/deprecated-connectors.md)]
 
-For a list of tables ingested into Microsoft Sentinel and the connectors that ingest them, see [Microsoft Sentinel tables and associated connectors](sentinel-tables-connectors-reference.md).
-
 
 ## Next steps