Enable Update Management from the Azure portal

Important

Automation Update Management has retired on 31 August 2024 and we recommend that you use Azure Update Manager. Follow the guidelines for migration from Automation Update Management to Azure Update Manager.

Note

Azure Update Management onboarding via the portal is no longer available, as the service was retired on August 31, 2024. Existing VMs using Azure Update Management with the legacy agent will remain operational until February 1, 2025. We recommend that you configure periodic assessments or patch schedules for patch deployment via Azure Update Manager.

This article describes how you can enable the Update Management feature for VMs by browsing the Azure portal. To enable Azure VMs at scale, you must enable an existing Azure VM using Update Management.

The number of resource groups that you can use for managing your VMs is limited by the Resource Manager deployment limits. Resource Manager deployments, not to be confused with Update deployments, are limited to five resource groups per deployment. Two of these resource groups are reserved to configure the Log Analytics workspace, Automation account, and related resources. This leaves you with three resource groups to select for management by Update Management. This limit only applies to simultaneous setup, not the number of resource groups that can be managed by an Automation feature.

Note

When enabling Update Management, only certain regions are supported for linking a Log Analytics workspace and an Automation Account. For a list of the supported mapping pairs, see Region mapping for Automation Account and Log Analytics workspace.

Prerequisites

Sign in to Azure

Sign in to the Azure portal.

Enable Update Management

  1. In the Azure portal, navigate to Virtual machines.

  2. On the Virtual machines page, use the checkboxes to choose the VMs to add to Update Management. You can add machines for up to three different resource groups at a time. Azure VMs can exist in any region, no matter the location of your Automation account.

    List of VMs

    Tip

    Use the filter controls to select VMs from different subscriptions, locations, and resource groups. You can click the top checkbox to select all virtual machines in a list.

    Enable Update Management

  3. Select Services and select Update Management for the Update Management feature.

  4. The list of virtual machines is filtered to show only the virtual machines that are in the same subscription and location. If your virtual machines are in more than three resource groups, the first three resource groups are selected.

  5. An existing Log Analytics workspace and Automation account are selected by default. If you want to use a different Log Analytics workspace and Automation account, select CUSTOM to select them from the Custom Configuration page. When you choose a Log Analytics workspace, a check is made to determine if it is linked with an Automation account. If a linked Automation account is found, you see the following screen. When done, select OK.

    Select workspace and account

  6. If the workspace selected is not linked to an Automation account, you see the following screen. Select an Automation account and select OK when finished.

    No workspace

  7. Deselect any virtual machine that you don't want to enable. VMs that can't be enabled are already deselected.

  8. Select Enable to enable the feature. After you've enabled Update Management, it might take about 15 minutes before you can view the update assessment from them.

Next steps