You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/key-vault/general/whats-new.md
+40-1Lines changed: 40 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ author: msmbaldwin
6
6
ms.service: azure-key-vault
7
7
ms.subservice: general
8
8
ms.topic: reference
9
-
ms.date: 01/30/2026
9
+
ms.date: 03/20/2026
10
10
ms.author: mbaldwin
11
11
12
12
#Customer intent: As an Azure Key Vault administrator, I want to react to soft-delete being turned on for all key vaults.
@@ -17,6 +17,45 @@ ms.author: mbaldwin
17
17
18
18
Here's what's new with Azure Key Vault. New features and improvements are also announced on the [Azure updates Key Vault channel](https://azure.microsoft.com/updates/?category=security&query=Key%20vault).
19
19
20
+
## March 2026
21
+
22
+
### New control plane API versions
23
+
24
+
New Azure Key Vault control plane API versions (2026-02-01 and 2026-03-01-preview) are now available across public Azure regions, with availability extended to Mooncake and Fairfax clouds.
25
+
26
+
### Azure RBAC is the default access control model for new vaults
27
+
28
+
Azure Key Vault API version 2026-02-01 introduces Azure RBAC as the default access control model for newly created key vaults when using this API version. Existing vaults continue using their current access model unless explicitly updated. Both Azure RBAC and access policies remain fully supported.
29
+
30
+
For more information, see [Prepare for Key Vault API version 2026-02-01 and later](access-control-default.md).
31
+
32
+
### Private endpoint limit enforcement
33
+
34
+
Azure Key Vault is enforcing limits on the number of private endpoints per vault. Customers exceeding these limits may need to reduce usage or request an exception through Azure support.
35
+
36
+
For more information on private endpoint limits, see [Azure Key Vault service limits](service-limits.md).
37
+
38
+
### SDK generation and ownership changes
39
+
40
+
Azure Key Vault now manages SDK generation and release for supported languages. Availability of SDK updates may trail REST API availability.
41
+
42
+
## November 2025
43
+
44
+
### Security best practices articles
45
+
46
+
New security best practices documentation is available for Azure Key Vault workloads:
47
+
48
+
-[Secure your Azure Key Vault](secure-key-vault.md): Comprehensive security guidance for vault architecture, network security, identity and access management, and monitoring.
49
+
-[Secure your Azure Key Vault keys](../keys/secure-keys.md): Key-specific security recommendations for key types, protection levels, rotation, and operations.
50
+
-[Secure your Azure Key Vault secrets](../secrets/secure-secrets.md): Secrets-specific best practices for storage, rotation, and access patterns.
51
+
-[Secure your Azure Key Vault certificates](../certificates/secure-certificates.md): Certificate-specific guidance for lifecycle management, CA integration, and renewal.
52
+
53
+
### Apps, API keys, and Key Vault secrets guidance
54
+
55
+
New guidance is available for configuring applications to securely interact with API keys stored in Azure Key Vault, including best practices for access control, monitoring, and network restrictions.
56
+
57
+
For more information, see [Apps, API keys, and Azure Key Vault secrets](apps-api-keys-secrets.md).
58
+
20
59
## July 2023
21
60
22
61
Built-in policy to govern the key rotation configuration in Azure Key Vault. With this policy, you can audit existing keys in key vaults to ensure that all keys are configured for rotation and comply with your organization's standards.
0 commit comments