What happens at VM level when automatic VM guest patching for Azure VMs is enabled?

Akash Gupta 0 Reputation points

Need to understand if the VM local group policy will be overridden when when the Patch orchestration modes is set to AutomaticByPlatform (Azure-orchestrated patching).

Also, what is the ideally Patch orchestration mode that should be selected if we are using Azure Update Management or third party tools for patching purpose.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
5,970 questions
Update management center
{count} votes

1 answer

Sort by: Most helpful
  1. vipullag-MSFT 21,466 Reputation points Microsoft Employee

    Hello Akash Gupta

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.

    Just checking in to see if you got a chance to see previous response from Salah. Adding more details to what Salah has already shared.

    When the Patch orchestration mode is set to AutomaticByPlatform (Azure-orchestrated patching), the VM local group policy will be overridden. This is because the Azure platform takes over the responsibility of patching the VM and orchestrates the patch installation process.

    Regarding the ideal Patch orchestration mode, it depends on your patching requirements. If you are using Azure Update Management or third-party tools for patching purposes, you can use the AutomaticByPlatform mode. This mode enables automatic VM guest patching for the virtual machine and subsequent patch installation is orchestrated by Azure. This mode is required for availability-first patching.

    However, if you prefer to manage patching manually, you can use the Manual mode. In this mode, you control the application of patches to a machine by applying patches manually inside the machine.

    Hope this helps.

    0 comments No comments