Update Management

Please take a few minutes to submit your idea or vote up an existing idea. All of the feedback you share in these forums will be monitored and reviewed by the Update Management engineering team.

Tell us your idea, suggestion, or issue with Update Management!

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Update Management: enable creating schedules for offline VMs

    We have machines that are periodically offline, but still should be patched. Currently, Update Management does not allow us to target VMs that have been offline for more than 12h. This blocks at least 10% of our population from being scheduled.

    From an operations perspective, this does not make a lot of sense. Why not enable targeting all VMs that are registered as a HWG? You could do the 12h check with an optional override like "yes I know it has not reported for 12h or more, but I want to schedule it anyway". Of course, we would need this…

    14 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →

    We’re currently re-evaluating a number of our timeouts. We’ll likely bump this up to 96 hours; this is enough time to account for long weekends while at the same time not keeping old potentially de-allocated machines visible in the experience.

  2. Support boolean parameters in pre/post scripts

    A runbook with boolean parameters cannot be set as a pre or post script in a scheduled update deployment. The UI when configuring the script has a dropdown to specify the value, but it is passed as a string ("True", "False", or ""). Ideally, it should be possible to pass these values, but failing that the UI should not present a dropdown that implies it should work.

    2 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Automatically start and stop virtual machines in conjunction with the Update Deployment Maintenance Window

    Many of our customers use automation to stop VM's overnight and start them again the following morning. Obviously, Update Management cannot work against VM's which are stopped meaning we must manually suspend the start/stop automation when an Update Management deployment is scheduled.

    Having the ability for Update Management to automatically start VM's at the beginning of the maintenance window and stop them again at the end would be brilliant.

    7 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Update Management Solution: Installation of updates without providing time zones

    It seems to me that it will be very helpful to add the possibility to configure the installation of updates by local time on the client. ie: We have servers (on premise) that are in many time zones and I want them to be in one group and that all installs updates at the same time. This requires creating multiple groups and setting different time zones. It would be ideal to set the time, eg 3.00 am - without time zone configuration - the zone would be read from the client.

    19 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add a Set-AzAutomationSoftwareUpdateConfiguration cmdlet to modify an existing Update Management configuration

    'New-' and 'Remove-' cmdlets already exist, however, currently there isn't a cmdlet to 'Set-' to modify existing configurations.

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  6. Add Set-AzSubscription cmdlet to Azure PowerShell AZ Module

    New Azure PowerShell module (AZ) has a cmdlet (Get-AzSubscription) to get list of all the Azure subscriptions. I did not find similar (Set-AzSubscription) cmdlet which I could have then used / piped along with Get-AzSubscription cmdlet to change active subscription. I have to rather use Set-AzContext cmdlet to do the same. Set-AzContext though does have its counterpart Get-AzContext to get current subscription information.

    Point is every 'get' cmdlet should be paired with a 'set' cmdlet to make it easy for user to understand its purpose.

    9 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  7. Create service tag for update mangement

    Seemingly the AzureMonitor service tag contains everything needed to be able to run update management without needing to enable outbound access to the entire Internet, with the exception of eus2-jobruntimedata-prod-su1.azure-automation.net. Our security team doesn't like outbound any rules - a service tag to cover updating would be nice

    5 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. View suppressed updates in portal log

    As an engineer
    I want to see which updates were not installed because they were ignored by an exclusion rule in the portal output
    So that I know why an update has not been applied

    When a list of exclusions is in place and an update has been released that will be excluded, the yum update process output does not display the updates that will not be installed. Instead it displays output like the following:

    Getting available updates...

    Discovering 'security' packages...
    Discovered 5 'security' package entries.

    List of packages to be updated:
    []

    I would expect that it would list…

    15 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  9. retry option for failed server

    when a deployment fails because of one or few servers failed,, please provide an option to retry them later again. We can fix the underlying issue with the servers (like connectivity, server hang, access etc) first and then patch those individual servers to make the report success.

    4 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  10. servers with pending reboot should not show as compliant

    Don't turn a recently patched server to compliant before the server has been rebooted (after patching). the existing implementation turns a recently patched server to compliant before it's restarted and can lead a person to forget to restart the server and leaving the patches not yet applied.

    9 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Update Deployment is never ending

    Hello

    My update deployment is never ending.
    I setup an update deployment for non-Azure machines with kusto queries.
    Currently i just would like to stop the current update deployment. It is at the minute 1900 of 240 max. runtime.

    Thank you very much

    2 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Show number/details of Successful updates deployed

    The current update management screen for the summary of a previous update deployment only shows Failed/Not Attempted/Not Selected against the list of updates that were installed during the window.

    For reporting purposes it would be useful to have another column 'Successful' which would show the amount of times the update was installed.

    3 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  13. Patch order with dependencies

    Create patch groups that can run either parallel or dependent on other patch groups. Ensuring certain servers do no patch at the same time or are being patched in a specified order rather than parallel.

    7 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  14. Compliant/non-compliant servers tile on Dashboard

    We can pin a tile that links directly to an Automation Account's Update Management pane but it provides no useful data. It would be nice to have a server compliance dashboard tile much in the same fashion as the Intune one.

    2 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  15. Dynamic Update Deployments on premises

    The Dynamic Update Deployments feature which is in preview is only able to respect Azure systems. As hybrid is the new normal, this needs to be extended to a hybrid approach. It makes no sense to offer saved searches and dynamic groups which are not respecting changes in those groups. Today deployments will fail if any changes occours in the groups with the focus on on premises machines.

    2 votes
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Deployments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  16. Email compliance reports

    Have the option to automatically schedule compliance reports to be sent via email from Update Management. This would be good to be able to do on both a generic high-level account view, encompassing all VM's, as well as on completion of a Deployment Schedule. This would be similar to how you can schedule email compliance reports with both ConfigMgr and WSUS. Our customers love using Azure Update Management, however, the lack of email reporting is an issue for many of them.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  17. Options to "Pause/Hold" Update Management Schedules.

    We need an option to temporarily Hold\Pause the update management schedules.

    This will help us during promotional events or any emergency times to stop installing the updates.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →
  18. Optimizer to automatically generate deployments

    Provide a simple means to provide:
    1. Maintenance Window
    2. Dependency rules / chains (i.e. 48 hours after system in dynamic group named test, then perform deploy to group named production)
    3. Rolling updates for clustered applications
    4. Validation post-patching (could be as simple as the update agent has reported post-reboot initially) and then halt deployment of related-nodes (if it is defined as part of a cluster)

    Then allow for update manager to create deployments automatically by feeding this information into an optimizer.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  19. deployment schedules

    Please provide the start time in the deployment schedules view. I am seeing my old deployments. My requirement is just to restart some of them. When I am editing them I do not see the new start times and it is really confusing.

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Scheduling  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  20. Azure Update Management - ability to filter machines based on machine status/health eg disk space available

    This functionality is in SCCM to allow you to ignore machines that have less than 2GB free on the C: drive for a particular deployment and throw a warning.

    Current behaviour in Azure Update Management will attempt and blow out the disk space

    1 vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

← Previous 1 3 4 5 6
  • Don't see your idea?

Update Management

Feedback and Knowledge Base