Blog Post

Azure Governance and Management Blog
3 MIN READ

Announcing Public Preview of Update management center

Bhavya_Tadikonda's avatar
Jul 19, 2022

We are excited to announce the Public Preview of the Update management center (UMC), the next iteration of the Azure Automation Update Management solution. Along with zero onboarding steps, UMC offers new capabilities such as flexible scheduling options and on-demand assessments that help you manage a patch workflow that is best suited for your needs. 

 

Ongoing management of operating system and application patches is critical in order to ensure your machines remain secure and meet compliance policies. With the increasing size and diversity in IT estates, this could be a complex process. UMC eases this process of managing and automating patching of Windows and Linux Operating systems, and central management of patching on Azure virtual machines and devices in on-premises or other public clouds (via Azure Arc). It facilitates you to assess and install patches on a single VM or at scale. 

 

What’s new in the UMC? 

  • The “overview” tab offers a wide range of filters, charts and categories and provides a unified view of patching status of all Windows and Linux machines on Azure and Azure Arc-enabled servers. 
  • UMC leverages native functionality on Azure Compute and Azure Arc for Servers platform to provide a zero-step onboarding and a simplified user experience.  
  • UMC offers granular access control at individual VM instead of that at an account or workspace level. RBAC and roles based off ARM enable fine grained control on who can manage, assess and update a machine in Azure. 
  • The enhanced flexibility in UMC allows deployment of patches on a flexible schedule. UMC provides on-demand assessment and installation of patches, customizable scheduled patching, periodic assessment, and offers patching methods such as automatic VM guest patching in Azure, hotpatch or custom maintenance schedules and more. 

Getting Started 

You can find the Update management solution in the “updates” option on your Azure VMs or Azure Arc-enabled servers. 

 

 

You can also navigate to the Update management center using the search bar on the Azure portal. The overview tab for UMC enables you to view the patching compliance and status for all your Azure and Non-Azure machines. You can use the filters on top to drill down to a specific set of machines, view a breakdown of machines and their statuses based on multiple categories, and identify the machines that are non-compliant to quickly take corrective action. The “No updates data” status tells you the count of machines that have not been assessed in the past 7 days or do not have Periodic assessment setup. 

 

The machines tab shows the list of all VMs under a given subscription. You can access the features of UMC from the menu on the top. Broadly, “Check for updates” allows you to assess updates on-demand while “One-time update” allows to install patches on-demand. The Scheduled updates and Updates Settings options allow you to enable customised patching schedules. 

 

Overall, Update management center offers an easy to use one-stop location for all operating system and application patching scenarios for a single VM or VMs at scale. 

 

Overall, Update management center offers an easy to use one-stop location for all operating system and application patching scenarios for a single VM or VMs at scale. 

 

What’s next in UMC? 

  • Extend patch management to all Azure supported distros & OSes, and all Arc workloads such as Azure Arc-enabled private clouds. 
  • Provide additional controls for configuration of patching workflows and orchestration of patch schedules.  

Stay tuned for more announcements! 

 

Additional Resources 

Updated Aug 23, 2022
Version 6.0
  • bdoknack's avatar
    bdoknack
    Brass Contributor

    Anyone else have issues with Arc servers disappearing from their Maintenance Configuration? I believe this is a bug, but have been unable to get any traction with Microsoft support.

  • Lars86's avatar
    Lars86
    Brass Contributor

    Looks perfect and would be very nice to have all your machines in one update center!

    Testing this now and have some problems with vm's that are migrated from hyper v on prem to azure vm.

    Migration is done with azure migrate and the vm's should be supported Windows Server 2019 Datacenter.

    If i try to check for updates on a migrated vm in update management it gives me the error:

    The selected VM image is not supported for VM Guest patch operations. Learn more at: https://aka.ms/VMGuestPatchingCompatibility

     

    anybody with the same problems or even better is there a fix for this 😉

  • Where's best to leave feedback for further feature requests?

  • Dear Microsoft Team, 

    I have implemented this solution for a customer. The have about 80 Arc Enabled Servers which will patch in different waves with or without restart. We also tried the manual update.

     

    I have to conclude, and that's also the feedback from the customer, that this is an awesome and reliable solution. Goodbye WSUS.

     

  • sof_brad's avatar
    sof_brad
    Copper Contributor

    Bhavya_Tadikonda Do you have an idea when this revision to Update Management will be on the roadmap for a GA release? Or is there a stub page one can follow for future updates as things progress?