PowerSHell command to place set of machines in the periodic assesment

Question

Is there any PowerSHell command to enable periodic assessment for the set of machines at a time? if yes please share

Answer 1

Hi ,

You can enable periodic assessment either via Azure Policy or Portal as of now. When enabled, the periodic assessment is done every 24hours.

Enable periodic assessment using Azure Policy: Go to Policy from the Azure portal and under Authoring, go to Definitions.

1. From the Category dropdown, select Azure Update Manager. Select Configure periodic checking for missing system updates on Azure virtual machines for Azure machines.
2. When the Policy Definition opens, select Assign.
3. In Basics, select your subscription as your scope. You can also specify a resource group within subscription as the scope and select Next.
4. In Parameters, uncheck Only show parameters that need input or review so that you can see the values of parameters.
5. In Assessment: select AutomaticByPlatform and select Operating system and then select Next. You need to create separate policies for Windows and Linux.
6. In Remediation, check Create a remediation task, so that periodic assessment is enabled on your machines and click Next.
7. In Non-compliance, provide the message that you would like to see in case of non-compliance. For example: Your machine doesn't have periodic assessment enabled. and then select Review+Create.
8. In Review+Create, select Create. This action triggers Assignment and Remediation Task creation, which can take a minute or so.

You can monitor the compliance of resources under Compliance and remediation status under Remediation from the Policy home page. Reference document for enabling periodic assessment from Azure Portal: https://learn.microsoft.com/en-us/azure/update-manager/manage-update-settings?tabs=manage-single-overview%2Cmanage-scale-overview#configure-settings-on-a-single-vm