You can now automate update management for Azure Virtual Machine in an easier way.

Using Azure Automation, you can now better manage updates management for your virtual machine on Azure.

Prerequisites

  • An automation account (see https://docs.microsoft.com/en-us/azure/automation/automation-create-standalone-account for instruction if required)
  • Virtual machine running on Azure ARM – Classic virtual machine are not supported – within the same resource group than the automation account
  • A log analytics workplace – if no log analytics exist within the resource group/region you will be asked to create a new one; as this will be an ‘automatic’ creation you will not be able to define the name; you will need to deploy the Update Management solution after the creation
  • Your virtual machine must be running – stopped or deallocated virtual machine will not be able to be configure for Update Management 

 

Enable Updates Management on the VM

  • Access the automation account settings and open the Update Management section

image

  • To enable the update management process with the automation you need to create a log analytics workspace if this does not yet exist within the resource group/region

image

  • Then click on Add Azure VM and Enable Update Management

NOTE if you see no Azure VM available for onboarding, this means either your VM’s are not (yet) supported for the process or you are not using the Resource Group

image

  • Select the virtual machine to onboard to the update management process and click Enable 

image

    Update Assessment and Scheduling

    Once the update management has been enabled on the virtual machine, update assessment is performed and missing updates are then reported.

    You are then ready to schedule update deployment.

    • Click on Schedule update deployment

    image

    • Define the scheduled update deployment by naming it, targeting OS type (Windows or Linux), virtual machines to be updated, update classifications, updates to be excluded (by entering the corresponding KB) and schedule

    NOTE any update which requires a server restart will automatically fire a server restart

    image

    • You can finally review the result of the deployment

    image