Hello Akash Gupta
Welcome to Microsoft Q&A Platform, thanks for posting your query here.
Just checking in to see if you got a chance to see previous response from Salah. Adding more details to what Salah has already shared.
When the Patch orchestration mode is set to AutomaticByPlatform (Azure-orchestrated patching), the VM local group policy will be overridden. This is because the Azure platform takes over the responsibility of patching the VM and orchestrates the patch installation process.
Regarding the ideal Patch orchestration mode, it depends on your patching requirements. If you are using Azure Update Management or third-party tools for patching purposes, you can use the AutomaticByPlatform mode. This mode enables automatic VM guest patching for the virtual machine and subsequent patch installation is orchestrated by Azure. This mode is required for availability-first patching.
However, if you prefer to manage patching manually, you can use the Manual mode. In this mode, you control the application of patches to a machine by applying patches manually inside the machine.
Hope this helps.