Enable Update Management from an Automation account

This article describes how you can use your Automation account to enable the Update Management feature for VMs in your environment. To enable Azure VMs at scale, you must enable an existing VM using Update Management.

Note

When enabling Update Management, only certain regions are supported for linking a Log Analytics workspace and an Automation account. For a list of the supported mapping pairs, see Region mapping for Automation account and Log Analytics workspace.

Prerequisites

Sign in to Azure

Sign in to the Azure portal.

Enable Update Management

  1. In your Automation account, select Update management under Update management.

  2. Choose the Log Analytics workspace and Automation account and select Enable to enable Update Management. The setup takes up to 15 minutes to complete.

    Enable Update Management

Enable Azure VMs

  1. From your Automation account select Update management under Update management.

  2. Select + Add Azure VMs and select one or more VMs from the list. Virtual machines that can't be enabled are grayed out and unable to be selected. Azure VMs can exist in any region no matter the location of your Automation account.

  3. Select Enable to add the selected VMs to the computer group saved search for the feature.

    Enable Azure VMs

Enable non-Azure VMs

Machines not in Azure need to be added manually.

  1. From your Automation account, select Update management under Update management.

  2. Select Add non-Azure machine. This action opens a new browser window with instructions to install and configure the Log Analytics agent for Windows so that the machine can begin reporting to Update Management. If you're enabling a machine that's currently managed by Operations Manager, a new agent isn't required. The workspace information is added to the agents configuration.

Enable machines in the workspace

Manually installed machines or machines already reporting to your workspace must to be added to Azure Automation for Update Management to be enabled.

  1. From your Automation account, select Update management under Update management.

  2. Select Manage machines. The Manage machines button might be grayed out if you previously chose the option Enable on all available and future machines

    Saved searches

  3. To enable Update Management for all available machines, select Enable on all available machines on the Manage Machines page. This action disables the control to add machines individually. This task adds all the names of the machines reporting to the workspace to the computer group saved search query. When selected, this action disables the Manage Machines button.

  4. To enable the feature for all available machines and future machines, select Enable on all available and future machines. This option deletes the saved searches and scope configurations from the workspace and opens the feature for all Azure and non-Azure machines that are reporting to the workspace. When selected, this action disables the Manage Machines button permanently, as there's no scope configuration left.

  5. If necessary, you can add the scope configurations back by re-adding the initial saved searches. For more information, see Limit Update Management deployment scope.

  6. To enable the feature for one or more machines, select Enable on selected machines and select Add next to each machine. This task adds the selected machine names to the computer group saved search query for the feature.

Next steps