Thank you for posting your query on Microsoft Q&A, from above description I could understand that you have been deploying rapid7 agent via Microsoft defender for cloud (BYOL) solution but can't have the auto updates enabled for the same.
Please do correct me if this is not the case by responding in the comments section:
As per Supported extensions automatic Extension Upgrade supports the following extensions (and more are added periodically):
Azure Automation Hybrid Worker extension - Linux and Windows
- Dependency Agent – Linux and Windows
- Application Health Extension – Linux and Windows
- Guest Attestation Extension - Linux and Windows
- Guest Configuration Extension – Linux and Windows
- Key Vault – Linux and Windows
- Azure Monitor Agent
- Log Analytics Agent for Linux
- Azure Diagnostics extension for Linux
Considering the documentation, it seems like a limitation with Azure VM which is beyond support for Microsoft Defender for cloud. For automatic upgrades of Insight agent extension , I would recommend to post the feedback on AzureVM feedback portal which is monitored by the service engineering team for AzureVM.
Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.