Add cross-references to RBAC and private endpoint articles

- rbac-access-policy.md: Note that API 2026-02-01 makes RBAC default, link to access-control-default.md
- rbac-migration.md: Clarify RBAC default starting with API 2026-02-01, link to access-control-default.md
- rbac-guide.md: Important callout for API 2026-02-01 default behavior
- private-link-service.md: Note about private endpoint limit enforcement

Author: msmbaldwin

articles/key-vault/general/private-link-service.md

@@ -3,7 +3,7 @@ title: Integrate Key Vault with Azure Private Link
 description: Learn how to integrate Azure Key Vault with Azure Private Link Service
 author: msmbaldwin
 ms.author: mbaldwin
-ms.date: 01/30/2026
+ms.date: 03/24/2026
 ms.service: azure-key-vault
 ms.subservice: general
 ms.topic: how-to
@@ -18,6 +18,9 @@ An Azure Private Endpoint is a network interface that connects you privately and
 
 For more information, see [What is Azure Private Link?](/azure/private-link/private-link-overview)
 
+> [!IMPORTANT]
+> Azure Key Vault enforces limits on the number of private endpoints per vault. For information on these limits, see [Azure Key Vault service limits](service-limits.md).
+
 ## Prerequisites
 
 To integrate a key vault with Azure Private Link, you'll need:

articles/key-vault/general/rbac-access-policy.md

@@ -6,7 +6,7 @@ author: msmbaldwin
 ms.service: azure-key-vault
 ms.subservice: general
 ms.topic: how-to
-ms.date: 01/30/2026
+ms.date: 03/24/2026
 ms.author: mbaldwin
 
 ---
@@ -22,7 +22,9 @@ The access policy model is a legacy authorization system, native to Key Vault, w
 
 ## Data plane access control recommendation
 
-Azure RBAC is the recommended authorization system for the Azure Key Vault data plane. It offers several advantages over Key Vault access policies:
+Azure RBAC is the recommended authorization system for the Azure Key Vault data plane. Starting with API version 2026-02-01, Azure RBAC is also the **default access control model for new key vaults**, consistent with the Azure portal experience. For details on this change and guidance for preparing your deployments, see [Prepare for Key Vault API version 2026-02-01 and later](access-control-default.md).
+
+Azure RBAC offers several advantages over Key Vault access policies:
 - Azure RBAC provides a unified access control model for Azure resources — the same APIs are used across all Azure services.
 - Access management is centralized, providing administrators with a consistent view of access granted to Azure resources.
 - The right to grant access to keys, secrets, and certificates is better controlled, requiring Owner or User Access Administrator role membership.

articles/key-vault/general/rbac-guide.md

@@ -7,7 +7,7 @@ ms.service: azure-key-vault
 ms.subservice: general
 ms.custom: devx-track-azurecli, devx-track-azurepowershell, sfi-image-nochange, copilot-scenario-highlight
 ms.topic: how-to
-ms.date: 01/30/2026
+ms.date: 03/24/2026
 ms.author: mbaldwin
 ---
 
@@ -16,6 +16,9 @@ ms.author: mbaldwin
 > [!NOTE]
 > Key Vault resource provider supports two resource types: **vaults** and **managed HSMs**. Access control described in this article only applies to **vaults**. To learn more about access control for managed HSM, see [Managed HSM access control](../managed-hsm/access-control.md).
 
+> [!IMPORTANT]
+> Starting with API version 2026-02-01, Azure RBAC is the default access control model for newly created key vaults. For details on this change and how to prepare, see [Prepare for Key Vault API version 2026-02-01 and later](access-control-default.md).
+
 Azure role-based access control (Azure RBAC) is an authorization system built on [Azure Resource Manager](/azure/azure-resource-manager/management/overview) that provides centralized access management of Azure resources.
 
 Azure RBAC allows users to manage keys, secrets, and certificates permissions, and provides one place to manage all permissions across all key vaults.

articles/key-vault/general/rbac-migration.md

@@ -6,13 +6,15 @@ author: msmbaldwin
 ms.service: azure-key-vault
 ms.subservice: general
 ms.topic: how-to
-ms.date: 01/30/2026
+ms.date: 03/24/2026
 ms.author: mbaldwin
 ms.custom: sfi-image-nochange
 ---
 # Migrate to Azure RBAC from access policies
 
-Azure Key Vault offers two access control models: Azure role-based access control (Azure RBAC), and an access policy model. Azure RBAC is the default and recommended access control model for Azure Key Vault. For a comparison of the two methods of authorization, see [Azure role-based access control (Azure RBAC) vs. access policies](rbac-access-policy.md).
+Azure Key Vault offers two access control models: Azure role-based access control (Azure RBAC), and an access policy model. Azure RBAC is the default and recommended access control model for Azure Key Vault. Starting with API version 2026-02-01, Azure RBAC is the default access control model for new vaults. For a comparison of the two methods of authorization, see [Azure role-based access control (Azure RBAC) vs. access policies](rbac-access-policy.md).
+
+For information on preparing your existing deployments for this change, see [Prepare for Key Vault API version 2026-02-01 and later](access-control-default.md).
 
 This article provides the information necessary to migrate a key vault from an access policy model to an Azure RBAC model.