Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,977 questions
Hello Joao
Step 1: Create an Automation Account
- Log in to Azure Portal.
- Search for "Automation Accounts" and click on it.
- Create a new Automation Account by clicking on the "Create" button.
- Fill out the required information, select the resource group, and then click "Create".
Step 2: Enable the Update Management Feature
- After your Automation Account is created, go to the account's page.
- In the left-hand menu, look for “Updates management” and click on it.
- Click “Enable” to activate this feature, which allows you to manage updates for your VMs.
Step 3: Configure the Update Deployment
- Go to the "Update Management" section of your Automation Account.
- Click "Add update deployment".
- Choose the "Schedule" for when you want to install the updates (you can run it immediately for urgent updates).
- Specify the target VMs: Choose the VMs you want to target for the update.
- In the "Update classification" section, ensure that you select Security Updates.
- Specify the Windows update (e.g., KB5040434) in the "Include" section where you can specify individual updates.
- Optionally check the "Automatically reboot after this deployment" to ensure VMs are restarted post-update.
- Click "Create" to save your update deployment.
Step 4: Monitoring the Update Deployment
- After the deployment runs, you can monitor the status in the Update Management section to ensure updates were successfully applied, and you can check to see the results and any failures.
- Using PowerShell Script (Optional)
If you prefer using Azure Cloud Shell or a script to automate this process, you can leverage PowerShell. Here’s how:
Build a PowerShell Script
Create a PowerShell script that does the following:
- Connects to your Azure VMs.
- Runs the command to install the KB update.
- Restarts the VMs as needed.
Copy# Define the list of VM names$vmNames = @("VM1", "VM2", "VM3") # Replace with your VM namesforeach ($vmName in $vmNames) {
# Get the VM $vm = Get-AzVM -Name $vmName -ResourceGroupName "YourResourceGroupName"# Install the update using Invoke-Command Invoke-AzVMRunCommand -ResourceGroupName $vm.ResourceGroupName -VMName $vm.Name `
-CommandId 'RunPowerShellScript' ` -ScriptPath 'C:\Path\To\Your\Script.ps1' # Specify the path of your PowerShell script that installs the update
}
Script to Install the Update
In your script (Script.ps1), use something like this:
Copy# Install the specific update$updateName = "KB5040434"# Search for the update$updateSession = New-Object -ComObject Microsoft.Update.Session
$updateSearcher = $updateSession.CreateUpdateSearcher()
$searchResult = $updateSearcher.Search("IsInstalled=0 AND UpdateID='{0}'" -f $updateName)
if ($searchResult.Updates.Count -gt 0) {
$updatesToInstall = New-Object -ComObject Microsoft.Update.UpdateColl foreach ($update in $searchResult.Updates) {
$updatesToInstall.Add($update) }
# Install the updates
$installer = $updateSession.CreateUpdateInstaller()
$installationResult = $installer.Install($updatesToInstall)
# Restart the machine if neededif ($installationResult.ResultCode -eq 2) { # 2 indicates a reboot is required
Restart-Computer -Force
}
}
Step 3: Execute the PowerShell Script
You can run this script in Azure Cloud Shell or in your local PowerShell environment that has the necessary Azure modules installed.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 79%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3END%3C/text%3E%3C/svg%3E)