Azure Automanage machine configuration agent release notes

Note

Azure Policy Guest Configuration is now called Azure Automanage Machine Configuration. Learn more about the recent renaming of Microsoft configuration management services.

About the guest configuration agent

The guest configuration agent receives improvements on an ongoing basis. To stay up to date with the most recent developments, this article provides you with information about:

• The latest releases
• Known issues
• Bug fixes

For information on release notes for the connected machine agent, please see What's new with the connected machine agent.

Release notes

Version 1.29.48 - January 2023

New Features

• In this release we have added support for Linux distributions such as Red Hat Enterprise Linux (RHEL) 9, Mariner 1&2, Alma 9, and Rocky 9.

Fixed

• Reliability improvements were made to the guest configuration policy engine

Guest Configuration Linux Extension version 1.26.38

In this release, various improvements were made.

• You can now restrict which URLs can be used to download machine configuration packages by setting the allowedGuestConfigPkgUrls tag on the server resource and providing a comma-separated list of URL patterns to allow. If the tag exists, the agent will only allow custom packages to be downloaded from the specified URLs. Built-in packages are unaffected by this feature.

Fixed

• Resolves local elevation of privilege vulnerability CVE-2022-38007.
• If you're currently running an older version of the AzurePolicyforLinux extension, use the PowerShell or Azure CLI commands below to update your extension to the latest version.

Set-AzVMExtension -Publisher 'Microsoft.GuestConfiguration' -Type 'ConfigurationforLinux' -Name 'AzurePolicyforLinux' -TypeHandlerVersion 1.26.38 -ResourceGroupName 'myResourceGroup' -Location 'myLocation' -VMName 'myVM' -EnableAutomaticUpgrade $true

az vm extension set  --publisher Microsoft.GuestConfiguration --name ConfigurationforLinux --extension-instance-name AzurePolicyforLinux --resource-group myResourceGroup --vm-name myVM --version 1.26.38 --enable-auto-upgrade true

Next steps

• Set up a custom machine configuration package development environment.
• Create a package artifact for machine configuration.
• Test the package artifact from your development environment.
• Use the GuestConfiguration module to create an Azure Policy definition for at-scale management of your environment.
• Assign your custom policy definition using Azure portal.
• Learn how to view compliance details for machine configuration policy assignments.