We have blocked outgoing traffic from our VMs using NSGs. This also prevents us from updating our VMs with cumulative updates and important patches. Is there any way I can allow windows updates still by whitelisting or adding a service tag to the NSG?
I've tried the list of IP address mentioned in Microsoft Azure Datacenter IP list (West Europe). That still blocks the updates. Any help would be really appreciated. I think this is a basic requirement for every datacenter to block outgoing traffic to internet from the VMs