In this final post of the Azure Update Management Series, we will take a look at how to check Update Compliance. In the last three posts, we looked at Introduction and overview of the Azure Update Management solution, how to add Azure VMs and how to schedule Update Deployments.
Well, Azure Update Management solution takes care of update compliance for you by providing the information about your VMs that are compliant or not.
As discussed in the first post, scans are performed every 12 hours by default for Windows VMs and every 3 hours for Linux machines and also within 15 minutes after the Microsoft Monitoring Agent service is restarted. Additionally, it also performs a scan 15 minutes before and after update installation.
To view compliance for a single VM:
- In the Azure Portal, click Virtual machines.
- Select a virtual machine from the list for which you would like to check update compliance.
- In the list of options for the VM, scroll down to Operations and click Update management.
- On the Update management pane, click Missing updates if it’s not already selected. Here you’ll see a list of missing updates.
- On the Update management pane, you can also see any update deployments that are currently in progress or those that are scheduled to run in the future.
To view compliance for all VMs enrolled with an automation account:
- In the Azure Portal, select Automation Accounts.
- In the list of automation accounts, click the account you chose to use when configuring Update Management.
- On the automation account pane, click Update Management.
- Now you can see a list of all the VMs enabled for Update Management and an overview of machines that need attention and of missing updates.
I hope this has been informative and thank you for reading!