microsoftdocs/azure-update-manager
skills/azure-update-manager/SKILL.md
Expert knowledge for Azure Update Manager development including troubleshooting, best practices, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when onboarding VMs/Arc servers, configuring schedules/ESU/hotpatch, using SDK/REST APIs, or planning cross-subscription patching, and other Azure Update Manager related development tasks. Not for Azure Automation (use azure-automation), Azure Policy (use azure-policy), Azure Monitor (use azure-monitor), Azure Resource Manager (use azure-resource-manager).
$ install --global
skillsauthnpx skillsauth add microsoftdocs/agent-skills azure-update-managerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 26, 2026, 7:08 AM44.2s1 file scanned
SKILL.md
- name:
- azure-update-manager
- description:
- Expert knowledge for Azure Update Manager development including troubleshooting, best practices, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when onboarding VMs/Arc servers, configuring schedules/ESU/hotpatch, using SDK/REST APIs, or planning cross-subscription patching, and other Azure Update Manager related development tasks. Not for Azure Automation (use azure-automation), Azure Policy (use azure-policy), Azure Monitor (use azure-monitor), Azure Resource Manager (use azure-resource-manager).
- compatibility:
- Requires network access. Uses mcp_microsoftdocs:microsoft_docs_fetch or fetch_webpage to retrieve documentation.
- generated_at:
- 2026-05-24
- generator:
- docs2skills/1.0.0
Azure Update Manager Skill
This skill provides expert guidance for Azure Update Manager. Covers troubleshooting, best practices, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.
How to Use This Skill
IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g.,
L35-L120), useread_filewith the specified lines. For categories with file links (e.g.,[security.md](security.md)), useread_fileon the linked reference file
IMPORTANT for Agent: If
metadata.generated_atis more than 3 months old, suggest the user pull the latest version from the repository. Ifmcp_microsoftdocstools are not available, suggest the user install it: Installation Guide
This skill requires network access to fetch documentation content:
- Preferred: Use
mcp_microsoftdocs:microsoft_docs_fetchwith query stringfrom=learn-agent-skill. Returns Markdown. - Fallback: Use
fetch_webpagewith query stringfrom=learn-agent-skill&accept=text/markdown. Returns Markdown.
Category Index
| Category | Lines | Description | |----------|-------|-------------| | Troubleshooting | L36-L41 | Diagnosing and fixing Azure Update Manager and Automanage onboarding issues, including common error codes, connectivity problems, and remediation steps for failed update operations. | | Best Practices | L42-L52 | Best practices for configuring Automanage and guest patching on Windows/Linux/Arc VMs, handling SQL Server and Ubuntu/Ubuntu Pro updates, and managing SMB over QUIC in Update Manager. | | Decision Making | L53-L58 | Planning patch strategies across subscriptions and guidance for migrating patch management from Configuration Manager to Azure Update Manager | | Limits & Quotas | L59-L67 | OS, region, image, and workload support limits for Update Manager, including supported update sources/types, change tracking matrix, and unsupported scenarios. | | Security | L68-L73 | Configuring disk encryption for Automanaged VMs and setting up RBAC roles/permissions to securely manage and control access to Azure Update Manager. | | Configuration | L74-L93 | Configuring Update Manager: update schedules, scopes, alerts, policies, ESU, hotpatching, change tracking, workspaces/DCRs, reports, Resource Graph, and cross-subscription patching. | | Integrations & Coding Patterns | L94-L106 | Using SDKs (Go/Java/JS/Python) and REST APIs to assign Automanage profiles, manage VM/Arc server updates, and implement pre/post maintenance with Functions, webhooks, and runbooks | | Deployment | L107-L120 | Deploying and managing Automanage/Update Manager at scale: onboarding VMs and Arc servers, moving/repairing configs across regions/tenants, policies, extension versions, and supported OS/features. |
Troubleshooting
| Topic | URL | |-------|-----| | Troubleshoot Azure Automanage onboarding failures and errors | https://learn.microsoft.com/en-us/azure/automanage/common-errors | | Troubleshoot errors and issues in Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/troubleshoot |
Best Practices
| Topic | URL | |-------|-----| | Apply Automanage best practices to Azure Arc-enabled servers | https://learn.microsoft.com/en-us/azure/automanage/automanage-arc | | Apply Automanage best practices to Linux VMs | https://learn.microsoft.com/en-us/azure/automanage/automanage-linux | | Manage SMB over QUIC using Automanage best practices | https://learn.microsoft.com/en-us/azure/automanage/automanage-smb-over-quic | | Apply Automanage best practices to Windows Server VMs | https://learn.microsoft.com/en-us/azure/automanage/automanage-windows-server | | Apply patching best practices for SQL Server on Azure VMs | https://learn.microsoft.com/en-us/azure/update-manager/guidance-patching-sql-server-azure-vm | | Handle Ubuntu security and Ubuntu Pro in Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/security-awareness-ubuntu-support | | Configure automatic guest patching for Azure VMs | https://learn.microsoft.com/en-us/azure/update-manager/support-matrix-automatic-guest-patching |
Decision Making
| Topic | URL | |-------|-----| | Plan cross-subscription patching with Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/cross-subscription-patching | | Plan migration from Configuration Manager to Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/guidance-migration-azure |
Limits & Quotas
| Topic | URL | |-------|-----| | Understand Change Tracking support matrix and limitations | https://learn.microsoft.com/en-us/azure/azure-change-tracking-inventory/change-tracking-inventory-support-matrix | | Manage customized images in Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/manage-updates-customized-images | | Understand supported update sources and types | https://learn.microsoft.com/en-us/azure/update-manager/support-matrix | | Check supported Azure regions for Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/supported-regions | | Identify unsupported workloads in Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/unsupported-workloads |
Security
| Topic | URL | |-------|-----| | Configure Azure disk encryption for Automanaged VMs | https://learn.microsoft.com/en-us/azure/automanage/overview-azure-disk-encryption | | Assign RBAC roles for Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/roles-permissions |
Configuration
| Topic | URL | |-------|-----| | Create and configure custom Automanage profiles for VMs | https://learn.microsoft.com/en-us/azure/automanage/virtual-machines-custom-profile | | Create data collection rules for Azure Change Tracking | https://learn.microsoft.com/en-us/azure/azure-change-tracking-inventory/create-data-collection-rule | | Configure workspaces and data collection rules for Change Tracking | https://learn.microsoft.com/en-us/azure/azure-change-tracking-inventory/tutorial-change-workspace-configure-data-collection-rule | | Configure Windows Update client for Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/configure-wu-agent | | Set up cross-subscription patching in Azure | https://learn.microsoft.com/en-us/azure/update-manager/enable-cross-subscription-patching | | Enroll Windows Server ESU with Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/extended-security-updates | | Enable and configure alerts in Azure Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/manage-alerts | | Configure and manage dynamic scopes for patching | https://learn.microsoft.com/en-us/azure/update-manager/manage-dynamic-scoping | | Manage existing pre and post maintenance events | https://learn.microsoft.com/en-us/azure/update-manager/manage-pre-post-events | | Manage update configuration settings in Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/manage-update-settings | | Create custom Update Manager reports with workbooks | https://learn.microsoft.com/en-us/azure/update-manager/manage-workbooks | | Enable periodic assessment via Azure Policy | https://learn.microsoft.com/en-us/azure/update-manager/periodic-assessment-at-scale | | Create pre and post maintenance events in Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/pre-post-events-schedule-maintenance-configuration | | Access Update Manager data via Azure Resource Graph | https://learn.microsoft.com/en-us/azure/update-manager/query-logs | | Use sample Resource Graph queries for Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/sample-query-logs | | Configure recurring update schedules in Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/scheduled-patching |
Integrations & Coding Patterns
| Topic | URL | |-------|-----| | Use Go SDK to assign Automanage configuration profiles | https://learn.microsoft.com/en-us/azure/automanage/quick-go-sdk | | Use Java SDK to assign Automanage configuration profiles | https://learn.microsoft.com/en-us/azure/automanage/quick-java-sdk | | Use JavaScript SDK to assign Automanage configuration profiles | https://learn.microsoft.com/en-us/azure/automanage/quick-javascript-sdk | | Use Python SDK to assign Automanage configuration profiles | https://learn.microsoft.com/en-us/azure/automanage/quick-python-sdk | | Choose and use Automanage SDKs across languages | https://learn.microsoft.com/en-us/azure/automanage/reference-sdk | | Use REST API for Arc-enabled server updates | https://learn.microsoft.com/en-us/azure/update-manager/manage-arc-enabled-servers-programmatically | | Use Azure REST API to manage VM updates | https://learn.microsoft.com/en-us/azure/update-manager/manage-vms-programmatically | | Implement pre/post maintenance using Azure Functions | https://learn.microsoft.com/en-us/azure/update-manager/tutorial-using-functions | | Trigger pre/post maintenance via webhooks and runbooks | https://learn.microsoft.com/en-us/azure/update-manager/tutorial-webhooks-using-runbooks |
Deployment
| Topic | URL | |-------|-----| | Onboard VMs to Automanage with ARM templates | https://learn.microsoft.com/en-us/azure/automanage/arm-deploy | | Onboard Arc-enabled servers to Automanage with ARM templates | https://learn.microsoft.com/en-us/azure/automanage/arm-deploy-arc | | Upgrade existing Automanage machines to the latest version | https://learn.microsoft.com/en-us/azure/automanage/automanage-upgrade | | Move Automanage configuration profiles between Azure regions | https://learn.microsoft.com/en-us/azure/automanage/move-automanaged-configuration-profile | | Move Automanaged virtual machines across Azure regions | https://learn.microsoft.com/en-us/azure/automanage/move-automanaged-vms | | Repair Automanage accounts after subscription tenant moves | https://learn.microsoft.com/en-us/azure/automanage/repair-automanage-account | | Enable Automanage for VMs using Azure Policy | https://learn.microsoft.com/en-us/azure/automanage/virtual-machines-policy-enable | | Deploy Change Tracking at scale using Azure Policy | https://learn.microsoft.com/en-us/azure/azure-change-tracking-inventory/enable-change-tracking-at-scale-policy | | Review Change Tracking extension versions and known issues | https://learn.microsoft.com/en-us/azure/azure-change-tracking-inventory/extension-version-details | | Track Arc-enabled VM extension releases and issues for Update Manager | https://learn.microsoft.com/en-us/azure/update-manager/overview-arc-enabled-vm-extensions | | Azure Update Manager OS and feature support matrix | https://learn.microsoft.com/en-us/azure/update-manager/support-matrix-updates |
Related Skills
microsoftdocs/microsoft-foundry
tools
VerifiedTrustedCommunity
Expert knowledge for Microsoft Foundry (aka Azure AI Foundry) development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building Foundry agents with Azure OpenAI, model router patterns, MCP tools, private networking, or eval workflows, and other Microsoft Foundry related development tasks. Not for Microsoft Foundry Classic (use microsoft-foundry-classic), Microsoft Foundry Local (use microsoft-foundry-local), Microsoft Foundry Tools (use microsoft-foundry-tools).
568SKILL.mdUpdated Apr 17, 2026
microsoftdocs/microsoft-foundry-local
tools
VerifiedTrustedCommunity
Expert knowledge for Microsoft Foundry Local (aka Azure AI Foundry Local) development including troubleshooting, decision making, configuration, and integrations & coding patterns. Use when calling Foundry Local REST/chat APIs, tools, transcription, LangChain apps, Olive HF compilation, or CLI, and other Microsoft Foundry Local related development tasks. Not for Microsoft Foundry (use microsoft-foundry), Microsoft Foundry Classic (use microsoft-foundry-classic), Microsoft Foundry Tools (use microsoft-foundry-tools), Azure Local (use azure-local).
568SKILL.mdUpdated Apr 17, 2026
microsoftdocs/microsoft-foundry-classic
tools
VerifiedTrustedCommunity
Expert knowledge for Microsoft Foundry Classic (aka Azure AI Foundry classic) development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building Foundry agents, configuring model routing, securing VNets/Private Link, integrating tools/SDKs, or deploying hubs, and other Microsoft Foundry Classic related development tasks. Not for Microsoft Foundry (use microsoft-foundry), Microsoft Foundry Local (use microsoft-foundry-local), Microsoft Foundry Tools (use microsoft-foundry-tools).
568SKILL.mdUpdated Apr 17, 2026
microsoftdocs/azure-well-architected
development
VerifiedTrustedCommunity
Expert guidance for designing, assessing, and optimizing Azure workloads using Azure Well Architected. Covers design review checklists, recommendations, design principles, tradeoffs, service guides, workload patterns, and assessment questions. Use when designing AI, HPC, SaaS, AVD, or mission-critical workloads with WAF-aligned Azure patterns and guidance, and other Azure Well Architected related development tasks.
568SKILL.mdUpdated Apr 17, 2026