Microsoft released a completely new designed Update solution for Azure which supports VMs running in Hybrid- and Cloud-only environments with the name Azure Update Manager (formerly known as Update Management Center). This new solution is completely new and not based on the Azure Automation solution. The Azure Automation solution is based on the Microsoft Monitoring Agent (MMA – Log Analytics Agent) which will be retired on 31 august 2024.
The new solution cut off a lot of dependencies and fully compatible with Azure Arc. The reason that the solution, which has been in preview for a long time, is now announced as GA is that this solution supports the extended security updates for Windows Server 2012, which recently went out of extended support.
Please note: Azure Update Center is based on Azure Automation and needs the Microsoft Monitoring Agent. The MMA has been discontinued and will no longer be supported after August 2024. Support for Update Center has therefore also been discontinued.
The new Azure Update Manager in preview named as Update Management Center, was needed, because of an consistent Update Management over all VMs including VMs, that are integrated via Azure Arc.
The new solution offers significante improvements:
- Zero on-boarding with Azure Policy support
- No dependencies on Log Analytics or Azure Automation
- Built as native functionallity on Azure Compute and Azure Arc for Servers
- Support Azure RBAC and roles based of ARM in Azure
- No manual intervention is needed as long as Azure-VM- or Arc-agent is running
- Gathered information available for analysis via Azure Resource Graph
- Support for automatic VM guest patching and hotpatching
- Manage Extended Security Updates (ESU) for out of supoort WS2012
In this article I will give you a overview about the solution and how you can configure this solution for your VMs. Since I’ve been using it in a large Azure environment since the Public Preview release, I’ll point out some recommendations and pitfalls.