Update Management

Please take a few minutes to submit your idea or vote up an existing idea. All of the feedback you share in these forums will be monitored and reviewed by the Update Management engineering team.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Update Management: enable creating schedules for offline VMs

    We have machines that are periodically offline, but still should be patched. Currently, Update Management does not allow us to target VMs that have been offline for more than 12h. This blocks at least 10% of our population from being scheduled.

    From an operations perspective, this does not make a lot of sense. Why not enable targeting all VMs that are registered as a HWG? You could do the 12h check with an optional override like "yes I know it has not reported for 12h or more, but I want to schedule it anyway". Of course, we would need this…

    16 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently re-evaluating a number of our timeouts. We’ll likely bump this up to 96 hours; this is enough time to account for long weekends while at the same time not keeping old potentially de-allocated machines visible in the experience.

  2. Ability to run scripts throughout patching

    We can run pre/post scripts, but that is not useful when patching a web farm, cluster, or complex application that needs careful handling. It would be great to have the ability to run scripts throughout patching; pre patching a node, pre/post reboot, post patching a node... this way I can start/restart services, validate functionality after patching a node, or even manage cluster nodes myself throughout a patch cycle.

    With pre/post scripts I cannot suspend/resume cluster nodes as I patch through them in a group, nor can I ensure my services are stopped/started as required by my app owners. There is…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  3. Update Pipeline

    It would be really helpful if you could describe a pipleine in Update Management, and get the updates to flow through that pipeline.

    e.g. You have a Dev, Test and Production Environment.
    You want to keep machines up to date, but do not want to affect Production users with faulty pathes.

    If you could describe an update pipleine, saying, deploy any updates to Dev, then to test then to prod, this would ensure updates can be developed and tested against before they reach production.

    When patch tuesday arrives, these patches would be available for your 1st environment in the pipleine,…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  4. Remove Non-Azure Machine

    How do I delete Non-Azure machines from UI?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    triaged  ·  1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  5. Automatically start and stop virtual machines in conjunction with the Update Deployment Maintenance Window

    Many of our customers use automation to stop VM's overnight and start them again the following morning. Obviously, Update Management cannot work against VM's which are stopped meaning we must manually suspend the start/stop automation when an Update Management deployment is scheduled.

    Having the ability for Update Management to automatically start VM's at the beginning of the maintenance window and stop them again at the end would be brilliant.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Remove restrictions of maintenance window for update deployment job

    Currently, the maintenace window can't be less than 30 minutes and no more that 6 hours. Some customers would like to set the window more longer since they wonder that some update programs coundn't be deployed during the windw. It would be nice if you could remove this restriction.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  7. Add a Set-AzAutomationSoftwareUpdateConfiguration cmdlet to modify an existing Update Management configuration

    'New-' and 'Remove-' cmdlets already exist, however, currently there isn't a cmdlet to 'Set-' to modify existing configurations.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. Update Management Solution: Installation of updates without providing time zones

    It seems to me that it will be very helpful to add the possibility to configure the installation of updates by local time on the client. ie: We have servers (on premise) that are in many time zones and I want them to be in one group and that all installs updates at the same time. This requires creating multiple groups and setting different time zones. It would be ideal to set the time, eg 3.00 am - without time zone configuration - the zone would be read from the client.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  9. servers with pending reboot should not show as compliant

    Don't turn a recently patched server to compliant before the server has been rebooted (after patching). the existing implementation turns a recently patched server to compliant before it's restarted and can lead a person to forget to restart the server and leaving the patches not yet applied.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support boolean parameters in pre/post scripts

    A runbook with boolean parameters cannot be set as a pre or post script in a scheduled update deployment. The UI when configuring the script has a dropdown to specify the value, but it is passed as a string ("True", "False", or ""). Ideally, it should be possible to pass these values, but failing that the UI should not present a dropdown that implies it should work.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  11. Patch order with dependencies

    Create patch groups that can run either parallel or dependent on other patch groups. Ensuring certain servers do no patch at the same time or are being patched in a specified order rather than parallel.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  12. Patching Report issue.

    Ability to get patching reports. Filter servers by TAG and export patching report to csv, pdf, etc.. In other word, fast way to get patching report for Organization management.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  13. Create service tag for update mangement

    Seemingly the AzureMonitor service tag contains everything needed to be able to run update management without needing to enable outbound access to the entire Internet, with the exception of eus2-jobruntimedata-prod-su1.azure-automation.net. Our security team doesn't like outbound any rules - a service tag to cover updating would be nice

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. View suppressed updates in portal log

    As an engineer
    I want to see which updates were not installed because they were ignored by an exclusion rule in the portal output
    So that I know why an update has not been applied

    When a list of exclusions is in place and an update has been released that will be excluded, the yum update process output does not display the updates that will not be installed. Instead it displays output like the following:

    Getting available updates...

    Discovering 'security' packages...
    Discovered 5 'security' package entries.

    List of packages to be updated:
    []

    I would expect that it would list…

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  15. Menu/Option to offboard VM's

    Removing a VM from Update Mgmt requires going to the attached Log Analytics workspace and manually removing the VMUUID from the "MicrosoftDefaultComputerGroup" saved search.
    A cleaner way to achieve this would be ideal for customers with large IaaS environments.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  16. Use Availability Set Update Domain for auto grouping

    If deploying updates to VMs that are part of an Availability Set, it would be great to be able to create one schedule for all VMs in the set, then have Update Management use the AV set Update Domain to apply updates to VMs in groups based on the Update Domain.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  17. Update Management - Inject Patch Inclusions or Exclusions automatically during pre-script

    In Azure Update Management, we are able to cancel a scheduled Update Deployment with a pre-script (in our case, I'd like to do that if the patches have not yet been verified to impact the software prodcut running on the machine). I would also love to be able to 'inject', in the pre-script, one or more KB ID's that must be in- or excluded from the Update Deployment.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  18. How do I stop "in progress" Update Deployment?

    It's in progress for about 4 days now. The maintenance window was 30 minutes. Can see this is an ongoing issue too. Will it ever be fixed?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    triaged  ·  0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  19. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    thanks for bringing this to our attention. Checking internally to see if this is currently on the roadmap. In the meantime, your feedback is now open to the community to upvote which helps us prioritize this request against our existing feature backlog.

    Cheers.

  20. Why can I not run Feature Updates on Windows 10 VMs?

    The deployment schedules do not install the Feature Updates to W10, The update gets skipped, why is this? Do I have to install it manually on each and every VM?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    triaged  ·  0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base