Hi, Automation Update Management (https://learn.microsoft.com/en-us/azure/automation/update-management/overview) only uses LA Agent and not AMA Agent. Alternatively you can use VM native update solution Azure Update Manager. https://learn.microsoft.com/en-us/azure/update-center/overview?tabs=azure-vms
Automating the installation of Azure Monitoring Agent on newly created Virtual Machines
My previous setup was using a Azure Policy, added the Log Analytics Agent to the newly Created Virtual Machine in the eastus region and attached it to the Log Analytics Workspace which will be reporting to the Update Management in the Automation Account, in the Update Management I have enable on all available and future machines which will be reporting to the attached workspace.
So when a VM was been created the policy was adding the agent and it was enabled with the update management.
Now as the Log Analytics Agent is about to retire, we would like to transition to the Azure Monitoring Agent, I have deployed the Policy Configure Windows virtual machines to run Azure Monitor Agent with user-assigned managed identity-based authentication.
The Policy is adding the AMA Agent but its not reporting it to the Log Analytics Workspace to enable the update Management,
We want an automation of adding the AMA Agent to the virtual machine and to be enabled with update management.
2 answers
Sort by: Most helpful
-
Nikhil Mengaram 25 Reputation points Microsoft Employee
2023-09-27T08:32:09.8733333+00:00 -
AnuragSingh-MSFT 21,381 Reputation points
2023-09-28T10:07:25.7333333+00:00 Abrar Adil S, thank you for posting this question.
In addition to the answer provided by Nikhil, please note that if you are using Azure Policy to deploy agent/extension to existing VMs, Azure Policy Remediation Task will need to be created after the policy assignment. This deploys the required resource (extension or agent) to respective VMs in Azure Policy Assignment scope if they already existed when the Policy was assigned.
For any new VM getting created in Policy assignment scope, the policy takes care of deployment on its own. However, policy remediation tasks will be required for existing VMs.
Hope this helps.
If the answer did not help, please add more context/follow-up question for it, and we will help you out. Else, if the answer helped, please click Accept answer so that it can help others in the community looking for help on similar topics.