Enable Automanage for virtual machines through Azure Policy
If you want to enable Automanage for lots of VMs, you can do that using a built-in Azure Policy. This article will walk you through finding the right policy and how to assign it in order to enable Automanage in the Azure portal.
If you don't have an Azure subscription, create an account before you begin.
Free trial accounts do not have access to the virtual machines used in this tutorial. Please upgrade to a Pay-As-You-Go subscription.
The following Azure RBAC permission is needed to enable Automanage: Owner role or Contributor along with User Access Administrator roles.
Direct link to Policy
There are two Automanage built-in policies:
- Built-in Automanage profiles (dev/test and production): The Automanage policy definition can be found in the Azure portal by the name of Configure virtual machines to be onboarded to Azure Automanage.
- Custom configuration profiles: The Automanage policy definition can be found in the Azure portal by the name of Configure virtual machines to be onboarded to Azure Automanage with Custom Configuration Profile.
If you click on this link, skip directly to step 8 in Locate and assign the policy below.
Sign in to Azure
Sign in to the Azure portal.
Locate and assign the policy
Navigate to Policy in the Azure portal
Go to the Definitions pane
Click the Categories dropdown to see the available options
Select the Automanage option
Now the list will update to show a built-in policy with a name that starts with Configure virtual machines to be onboarded to Azure Automanage
Click on the Configure virtual machines to be onboarded to Azure Automanage built-in policy name. Choose the Configure virtual machines to be onboarded to Azure Automanage with Custom Configuration Profile policy if you would like to use an Automanage custom profile.
After clicking on the policy, you can now see the Definition tab
The Azure Policy definition is used to set Automanage parameters like the configuration profile. It also sets filters that ensure the policy applies only to the correct VMs.
Click the Assign button to create an Assignment
Under the Basics tab, fill out Scope by setting the Subscription and Resource Group
The Scope lets you define which VMs this policy applies to. You can set application at the subscription level or resource group level. If you set a resource group, all VMs that are currently in that resource group or any future VMs we add to it will have Automanage automatically enabled.
Click on the Parameters tab and set the Configuration Profile and the desired Effect
If you would like the policy to only apply to resources with a certain tag (key/value pair) you can add this into the "Inclusion Tag Name" and "Inclusion Tag Values". You need to uncheck the "Only show parameters that need input or review" to see this option.
Under the Review + create tab, review the settings
Apply the Assignment by clicking Create
View your assignments in the Assignments tab next to Definition
It will take some time for that policy to begin taking effect on the VMs currently in the resource group or subscription.
Learn another way to enable Azure Automanage for virtual machines through the Azure portal.