locked
Automatic updates on azure machines. RRS feed

  • Question

  • Hi All!

    I have a few questions regarding Automatic updates on azure virtual machines (Windows OS)

    The new portal doesn't allow to choose enable\disable Automatic updates. By default it's disabled.  I found how to set the value at the virtual machine creation, but what about already created machines. How can I disable Automatic updates for already existing machines? If it's not possible, what will happen if I disable it via group policies or by simple disabling the service? I'm not pretty sure how the azure extension works in conjunction with group policies.

    Could someone please share thoughts on this?

    Thank you!

    Wednesday, February 17, 2016 9:10 AM

All replies

  • Hi,

    You can use Network Security Group to "disable"automatic updates for all virtual machines.

    https://azure.microsoft.com/en-us/blog/network-security-groups/

    Rémi

    Tuesday, February 23, 2016 8:25 PM
  • are you serious?

    Edit: is that actually the recommended way?

    • Edited by AzDigital Thursday, June 23, 2016 2:38 AM
    Thursday, June 23, 2016 2:37 AM
  • I found a different approach to managing windows updates which you might find helpful.

    https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-ps-manage/

    if you are using an ARM template you can define the property:

    VirtualMachineProfile > OSProfile > WindowsConfiguration > Enableautomaticupdates: false

    I'm about to test this out myself I'll let you know how it goes.

    Thursday, June 23, 2016 2:46 AM