To handle working system upgrades on your Home windows and Linux digital machines in Azure, make the most of Replace Administration in Azure Automation. Reporting to Replace Administration, you may quickly study the standing of obtainable updates and management the method of putting in important updates on your Digital machines.
Replace Administration works with Azure Monitor Logs to avoid wasting replace assessments and deployment outcomes from assigned Azure and non-Azure machines as log knowledge. The Automation Account and Log Analytics workspace should be linked with a view to collect this knowledge, and the Log Analytics agent for Home windows and Linux should be put in and configured to report back to this workspace.
In my Azure tenant, I’ve already created a Digital Machine with Home windows Server 2019 Datacenter as its working system.
Now I’ll create an Azure Automation Account for Replace Administration in Automation Accounts.
Within the Azure portal’s search subject, sort Automation Accounts after which decide Automation Accounts.
Create an Automation Account by clicking Create on the Automation Accounts web page.
Choose the Subscription
Choose the Useful resource Group
Give the Automation Account a reputation; I’ve known as mine AAWindowsUpdates.
Choose the Area
Click on Subsequent
Choose the Managed Identities
System-assigned Managed Identification
This managed identification can be utilized in Hybrid duties on Azure and non-Azure VMs with the Hybrid Runbook Employee, and it really works with any Azure service that accepts AD authentication. It eliminates the requirement to resume certificates and eliminates the need for the Run As connection object to be laid out in your runbook code.
You possibly can connect with your automation account both publicly, through public IP addresses, or privately, utilizing a personal endpoint.
Overview & Create.
It is going to take 2 to 5min to create the account.
We have to full some stipulations within the Azure VM until we will create the account.
Let’s navigate to the Azure VM and log in.
Server Console Settings
Verify all servers with the SConfig utility to verify that the Home windows Replace possibility is ready to “obtain solely” (Server 2019/2016) or “guide” (older Home windows Variations.) The “obtain solely” possibility saves time throughout deployment by detecting and downloading required fixes effectively forward of time.
Open Powershell Run AS Admin and Kind SConfig and Set Home windows Replace Settings to Obtain Solely.
Azure Replace Administration
Navigate to Automation Accounts- Replace Administration and Add the Azure VMS.
Word – After you added the Azure VM it can take as much as 12 hours for evaluation.
In my state of affairs, I’ve already added the VM and you may see the Inexperienced Indicator and its compliance.
Create a Deployment Schedule
Click on Schedule Replace Deployment
This opens the Replace Deployment window. The next “Objects to replace,”
Teams to Replace
Machines to Replace – Lists the digital machines included within the present deployment.
Replace classifications – Choose the Replace Classifications as your requirement
Embrace/exclude updates – You possibly can Embrace or Exclude an Replace from the KBIds.
Schedule settings – particulars of the following run of the deployment.
Pre-scripts + Publish-scripts – not at present used
Upkeep window (minutes) – customary worth used is 120 (minutes).
Reboot choices – At all times reboot
Click on Save
Now you may see the created schedule within the Deployment Schedule Tab.
After the Deployment Schedule runs Efficiently you may see it from the Historical past Tab.
Once you click on it, you may be despatched to a dashboard with detailed details about the Home windows Replace deployment.
We lined the way to Automate Home windows Replace utilizing Azure Automation Accounts on this demo; if in case you have any queries, please depart a remark within the field under.