Azure Weekly Insights

- [Instructor] Have you worked with WES or if you are a certain age SES to manage your operating system updates within your environment? Well if that's the case than you will love this weeks Azure insight we'll be exploring Azure update management that will manage and push updates to our Azure VMs just like our WES servers do. The first thing you'll need to do is create an automation account in Azure by simple selecting add, provide a name for the account, select your subscription, the resource group, the location, and leave create Azure run as account as yes and then create.

It will take a few minutes for the account to be created. I already have one prepared for us called Weekly Insights. And you will find update management under update management. And we can clearly see the list of our machines and more importantly the machines that are out of compliance. In our example here we see that VM2 is noncompliant. If I take a look at VM2 in a little bit more detail by selecting it we have a list of the updates that have not been applied to this machine including the classifications whether security, a feature update, update rollups et cetera.

When we select missing updates we'll have a list of all the updates that are missing but you'll notice it doesn't tell you which machine that they are missing from. In order to deploy updates what we will need to do is actually schedule a deployment and we will do that under schedule update deployment, provide a name, in my example I'm going to do it monthly. In my example I'm going to call it updates monthly. And you'll notice that we are not just referring to Windows operating systems here, this can also be applied to Linux virtual machines in Azure.

We are going to work with Windows. Next we need to go ahead and configure the groups to update. The first thing you'll need to do is select the subscription or subscriptions in my case I'm just going to select my pay as you go service and I'm only going to apply update to the virtual machines in the resource group Weekly Insights. I could further filter on the location and tags if I wanted to do so, I'm going to select add. And you'll notice at the bottom our subscription and resource group is itemized.

Select okay. Now we can go ahead and select the machines that we want to configure. I'm going to sort all machines and then I'm going to select the virtual machines that I want to apply the updates to. In my example I'm going to select VM1 and VM2. I'm going to leave VM4 as I don't want updates applied to it. Again select okay. We can also chose what type of updates are going to be applied.

I do not want feature packs or tools applied. If I wanted to exclude some updates I could do so. Now we can go ahead and actually schedule the update. I'm going to have the update begin on Friday the 14th I'll leave the time as is, select your time zone and then you have the choice of having the update be applied once or reoccurring. In my example I'm going to have it reoccur every month.

And I'm going to select the 14th. I could set an expiration date for it if I wanted to and then click okay. If I had any pre or post-scripts I could go ahead and configure those now and then you have to provide the time in minutes for the maintenance window. You'll want to make sure this maintenance window allows for the updates to be applied and it has to be a minimum of 30 minutes. I'm going to leave it as 120. And then finally select any reboot options that are required. Go ahead and click create.

Now VM1 and VM2 will be updated on the 14th of every month. And that's all you need to do to manage and push out updates to your Azure virtual machines using update management.