Group targeting for Azure Update management is now in general availability.
This feature allows you to define how updates are being deployed on your virtual machine based on dynamic settings. This will simplify the patch management process by automatically deploying update when the criteria is meet.
To start using this capability, you first need to define a dynamic group of computer (to automatically add as member any VM matching your criteria) for the update management.
First, you first need to ensure you have enable the Update management for the virtual machine(s). If not, the recommendation will be to enable it for all virtual machine in the subscription
Then you can define your dynamic group(s) for the update management by accessing the Azure Log Analytics workspace used by the update management solution and access the Automation Account\Update management blade
Then create (or update) a new Schedule update deployment
Configure the scheduled deployment as per your need but use the Group to update configuration blade to define your grouping
You can define update group membership using subscription (mandatory), resource groups, location and/or tags
Once you have defined your grouping criteria you can use the Preview button to validate the virtual machine list and once happy with the result just click the Add button