What happens at VM level when automatic VM guest patching for Azure VMs is enabled?

Akash Gupta 0 Reputation points
2023-09-04T15:30:37.4333333+00:00

Need to understand if the VM local group policy will be overridden when when the Patch orchestration modes is set to AutomaticByPlatform (Azure-orchestrated patching).

Also, what is the ideally Patch orchestration mode that should be selected if we are using Azure Update Management or third party tools for patching purpose.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,812 questions
Azure Update Manager
Azure Update Manager
An Azure service to centrally manages updates and compliance at scale.
298 questions
{count} votes

1 answer

Sort by: Most helpful
  1. vipullag-MSFT 26,301 Reputation points
    2023-09-13T06:20:20.4466667+00:00

    Hello Akash Gupta

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.

    Just checking in to see if you got a chance to see previous response from Salah. Adding more details to what Salah has already shared.

    When the Patch orchestration mode is set to AutomaticByPlatform (Azure-orchestrated patching), the VM local group policy will be overridden. This is because the Azure platform takes over the responsibility of patching the VM and orchestrates the patch installation process.

    Regarding the ideal Patch orchestration mode, it depends on your patching requirements. If you are using Azure Update Management or third-party tools for patching purposes, you can use the AutomaticByPlatform mode. This mode enables automatic VM guest patching for the virtual machine and subsequent patch installation is orchestrated by Azure. This mode is required for availability-first patching.

    However, if you prefer to manage patching manually, you can use the Manual mode. In this mode, you control the application of patches to a machine by applying patches manually inside the machine.

    Hope this helps.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.