Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies to: ✔️ Windows VMs ✔️ Linux VMs ✔️ On-premises environment ✔️ Azure VMs ✔️ Azure Arc-enabled servers.
Dynamic scoping is a capability of scheduled patching in Azure Update Manager. You can use it to:
- Group machines based on criteria such as subscription, resource group, location, resource type, OS type, and tags. This grouping becomes the definition of the scope.
- Associate the scope to a maintenance configuration to apply updates at scale.
The criteria are evaluated at the scheduled run time to produce a final list of machines for scheduled patching. The machines evaluated during the create or edit phase might differ from the group at the scheduled run time.
Key benefits
At scale and simplified patching. You don't have to manually change associations between machines and schedules. For example, if you want to remove a machine from a schedule and your scope was defined based on tag criteria, removing the tag on the machine automatically drops the association. You can drop and add these associations for multiple machines at scale.
Reusability of the same schedule. You can associate a schedule with multiple machines dynamically, statically, or both.
Prerequisites
Patch Orchestration must be set to Customer Managed Schedules.
Permissions
For dynamic scoping and configuration assignment, ensure that you have:
- Write permissions at the subscription level to create or modify a schedule.
- Read permissions at the subscription level to assign or read a schedule.
Service limits
The following recommended limits are for each dynamic scope in the guest scope only.
| Resource | Limit |
|---|---|
| Resource associations | 1,000 |
| Number of tag filters | 50 |
| Number of resource group filters | 50 |
For more information, see Service limits for scheduled patching.
Related content
- Follow the instructions on how to manage various operations of dynamic scope.
- Learn how to automatically install updates according to the created schedule for a single VM and at scale.
- Learn about pre-maintenance and post-maintenance events to automatically perform tasks before and after a scheduled maintenance configuration.