Hello @Azuretech
Thanks for reaching out in the Microsoft Q&A!
To enable schedule patching on Azure VMs using PowerShell without providing a username and password, you can utilize Managed Identity authentication. To achieve this:
Define Managed Identity for the Script:
- Ensure that the Azure VM has been assigned a Managed Identity. This identity will be used for authentication without requiring username and password inputs.
- Use the Managed Identity of the Azure VM to authenticate PowerShell to Azure. This way, you won't need to provide a username and password interactively.
# Define your Azure VM resource group and name
$ResourceGroupName = "<resourceGroup>"
$VMName = "<vmName>"
# Get the VM
$VirtualMachine = Get-AzVM -ResourceGroupName $ResourceGroupName -Name $VMName
# Set the patch mode to "AutomaticByPlatform"
Set-AzVMOperatingSystem -VM $VirtualMachine -Windows -PatchMode "AutomaticByPlatform"
# Get the current AutomaticByPlatformSettings
$AutomaticByPlatformSettings = $VirtualMachine.OSProfile.WindowsConfiguration.PatchSettings.AutomaticByPlatformSettings
# Check if AutomaticByPlatformSettings is null
if ($null -eq $AutomaticByPlatformSettings) {
# If null, create new settings
$AutomaticByPlatformSettings = New-Object -TypeName Microsoft.Azure.Management.Compute.Models.WindowsVMGuestPatchAutomaticByPlatformSettings
}
# Enable bypassing platform safety checks on user schedule
$AutomaticByPlatformSettings.BypassPlatformSafetyChecksOnUserSchedule = $true
# Set the updated AutomaticByPlatformSettings
$VirtualMachine.OSProfile.WindowsConfiguration.PatchSettings.AutomaticByPlatformSettings = $AutomaticByPlatformSettings
# Update the VM
Update-AzVM -VM $VirtualMachine -ResourceGroupName $ResourceGroupName
This approach allows you to enable schedule patching on multiple VMs remotely without the need for username and password inputs.
If you found this solution helpful, consider accepting it.