Azure Update Management is an Azure Automation Account feature that enables you to orchestrate Windows Server and Linux updates. From Azure Update Management you can schedule update deployment and you can target machines or groups. However, without any configuration, you have to add manually machines to jobs or computer groups.

Computer groups can be populated automatically from a KQL request. Azure Update Management comes from an inventory engine that can get information from a registry (Windows Server) or from a file system. In this topic, I’ll show you how to get information from the registry and then populate computer groups.

From my Windows Server, I created a registry key that contains the day and the time of the update.

Created a registry key

Configure inventory to get registry key

Open your Azure Automation Account and navigate to Inventory. Click on Edit Settings.

Azure Automation Account and navigate to Inventory

Select Windows Registry and click on Add.

 Windows Registry

Specify an item name, a group, and copy past the Windows Registry key which contains the values containing the day and the time of update.

Specify an item name, a group

After 5 minutes, the registry keys are visible in the inventory. Now we can create a KQL request to make a computer group. To do that, click on Log Analytics.

Log Analytics

Create a computer group from KQL request

I have written a request to get computers where registry values are set to:

  • Day: Saturday
  • Time: 05:00

Run this request and look at the result. Be sure computers are shown. Now click on Save and select Save as function.

Save as function

Specify a group name (function name) and a legacy category. Don’t forget to enable Save as computer group.

Save as computer group

VSAN from StarWind is software-defined storage (SDS) solution created with restricted budgets and maximum output in mind. It pulls close to 100% of IOPS from existing hardware, ensures high uptime and fault tolerance starting with just two nodes. StarWind VSAN is hypervisor and hardware agnostic, allowing you to forget about hardware restrictions and crazy expensive physical shared storage.

Build your infrastructure with off-the-shelf hardware, scale however you like, increase return on investment (ROI) and enjoy Enterprise-grade virtualization features and benefits at SMB price today!

Create a schedule update deployment from group

Open your Azure Automation Account and navigate to Update management. Click on Schedule update deployment.

Schedule update deployment

Specify a name and click on Groups to update.

 Groups to update

Select Non-Azure VM and add the group you have previously created.

Select Non-Azure VM

You can click on Preview to check computers that are in the group.


Now, in Schedule, configure settings related to the registry values you set previously.

Schedule, configure settings

You can create several update deployment jobs to orchestrate the updates of your datacenter. But be sure that you don’t have more than 1,000 machines in a group because it is not supported. For a Linux server, instead of using a registry key, you can use a file inventory.

Views All Time
Views Today
Back to blog
The following two tabs change content below.
Romain Serre
Romain Serre
Senior consultant at Exakis
Romain Serre works in Lyon as a Senior Consultant. He is focused on Microsoft Technology, especially on Hyper-V, System Center, Storage, networking and Cloud OS technology as Microsoft Azure or Azure Stack. He is a MVP and he is certified Microsoft Certified Solution Expert (MCSE Server Infrastructure & Private Cloud), on Hyper-V and on Microsoft Azure (Implementing a Microsoft Azure Solution).