> azure-update-manager
Expert knowledge for Azure Update Manager development including troubleshooting, best practices, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building, debugging, or optimizing Azure Update Manager applications. Not for Azure Automation (use azure-automation), Azure Monitor (use azure-monitor), Azure Policy (use azure-policy), Azure Resource Manager (use azure-resource-manager).
curl "https://skillshub.wtf/MicrosoftDocs/Agent-Skills/azure-update-manager?format=md"Azure Update Manager Skill
This skill provides expert guidance for Azure Update Manager. Covers troubleshooting, best practices, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.
How to Use This Skill
IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g.,
L35-L120), useread_filewith the specified lines. For categories with file links (e.g.,[security.md](security.md)), useread_fileon the linked reference file
IMPORTANT for Agent: If
metadata.generated_atis more than 3 months old, suggest the user pull the latest version from the repository. Ifmcp_microsoftdocstools are not available, suggest the user install it: Installation Guide
This skill requires network access to fetch documentation content:
- Preferred: Use
mcp_microsoftdocs:microsoft_docs_fetchwith query stringfrom=learn-agent-skill. Returns Markdown. - Fallback: Use
fetch_webpagewith query stringfrom=learn-agent-skill&accept=text/markdown. Returns Markdown.
Category Index
| Category | Lines | Description |
|---|---|---|
| Troubleshooting | L36-L41 | Diagnosing and fixing Azure Update Manager and Automanage onboarding issues, including common error codes, connectivity problems, and remediation steps for failed update operations. |
| Best Practices | L42-L52 | Best practices for configuring Automanage and guest patching on Windows/Linux/Arc VMs, handling SQL Server and Ubuntu/Ubuntu Pro updates, and managing SMB over QUIC in Update Manager. |
| Decision Making | L53-L58 | Planning patch strategies across subscriptions and guidance for migrating patch management from Configuration Manager to Azure Update Manager |
| Limits & Quotas | L59-L68 | OS, region, image, and workload support limits for Update Manager, including supported update sources/types, change tracking matrix, and unsupported scenarios. |
| Security | L69-L74 | Configuring disk encryption for Automanaged VMs and setting up RBAC roles/permissions to securely manage and control access to Azure Update Manager. |
| Configuration | L75-L95 | Configuring Update Manager: update schedules, scopes, alerts, policies, ESU, hotpatching, change tracking, workspaces/DCRs, reports, Resource Graph, and cross-subscription patching. |
| Integrations & Coding Patterns | L96-L108 | Using SDKs (Go/Java/JS/Python) and REST APIs to assign Automanage profiles, manage VM/Arc server updates, and implement pre/post maintenance with Functions, webhooks, and runbooks |
| Deployment | L109-L121 | Deploying and managing Automanage/Update Manager at scale: onboarding VMs/Arc servers, upgrading/moving profiles and VMs across regions/tenants, and using Policy plus extension release/issue tracking. |
Troubleshooting
| Topic | URL |
|---|---|
| Troubleshoot Azure Automanage onboarding failures and errors | https://learn.microsoft.com/en-us/azure/automanage/common-errors |
| Troubleshoot errors and issues in Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/troubleshoot |
Best Practices
| Topic | URL |
|---|---|
| Apply Automanage best practices to Azure Arc-enabled servers | https://learn.microsoft.com/en-us/azure/automanage/automanage-arc |
| Apply Automanage best practices to Linux VMs | https://learn.microsoft.com/en-us/azure/automanage/automanage-linux |
| Manage SMB over QUIC using Automanage best practices | https://learn.microsoft.com/en-us/azure/automanage/automanage-smb-over-quic |
| Apply Automanage best practices to Windows Server VMs | https://learn.microsoft.com/en-us/azure/automanage/automanage-windows-server |
| Apply patching best practices for SQL Server on Azure VMs | https://learn.microsoft.com/en-us/azure/update-manager/guidance-patching-sql-server-azure-vm |
| Handle Ubuntu security and Ubuntu Pro in Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/security-awareness-ubuntu-support |
| Configure automatic guest patching for Azure VMs | https://learn.microsoft.com/en-us/azure/update-manager/support-matrix-automatic-guest-patching |
Decision Making
| Topic | URL |
|---|---|
| Plan cross-subscription patching with Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/cross-subscription-patching |
| Plan migration from Configuration Manager to Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/guidance-migration-azure |
Limits & Quotas
| Topic | URL |
|---|---|
| Understand Change Tracking support matrix and limitations | https://learn.microsoft.com/en-us/azure/azure-change-tracking-inventory/change-tracking-inventory-support-matrix |
| Manage customized images in Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/manage-updates-customized-images |
| Understand supported update sources and types | https://learn.microsoft.com/en-us/azure/update-manager/support-matrix |
| Review OS support matrix for Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/support-matrix-updates |
| Check supported Azure regions for Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/supported-regions |
| Identify unsupported workloads in Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/unsupported-workloads |
Security
| Topic | URL |
|---|---|
| Configure Azure disk encryption for Automanaged VMs | https://learn.microsoft.com/en-us/azure/automanage/overview-azure-disk-encryption |
| Assign RBAC roles for Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/roles-permissions |
Configuration
Integrations & Coding Patterns
Deployment
> related_skills --same-repo
> azure-well-architected
Expert guidance for designing, assessing, and optimizing Azure workloads using Azure Well Architected. Covers design review checklists, recommendations, design principles, tradeoffs, service guides, workload patterns, and assessment questions. Use when architecting new solutions, reviewing existing workloads, or applying Well-Architected principles.
> azure-web-pubsub
Expert knowledge for Azure Web PubSub development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building, debugging, or optimizing Azure Web PubSub applications. Not for Azure SignalR Service (use azure-signalr-service), Azure Event Hubs (use azure-event-hubs), Azure Service Bus (use azure-service-bus), Azure Relay (use azure-relay).
> azure-web-application-firewall
Expert knowledge for Azure Web Application Firewall development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building, debugging, or optimizing Azure Web Application Firewall applications. Not for Azure Application Gateway (use azure-application-gateway), Azure Front Door (use azure-front-door), Azure Firewall (use azure-firewall), Azure DDos Protectio
> azure-vpn-gateway
Expert knowledge for Azure VPN Gateway development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building, debugging, or optimizing Azure VPN Gateway applications. Not for Azure Virtual Network (use azure-virtual-network), Azure Virtual WAN (use azure-virtual-wan), Azure ExpressRoute (use azure-expressroute), Azure Application Gateway (use azure-applica