[LINUX] What is Azure Automation Update Management?

I would like to organize Azure Automation Update Management, one of Microsoft's cloud services Azure services.

What is Azure Automation Update Management?

Azure Automation Update Management seems to be a service that combines Azure Log Analytics and Azure Automation

  1. Monitor the status of the target server with Azure Log Analytics
  2. Manage update timing with Azure Automation I want to feel like

The point of interest here is

--Because it uses cloud services, communication outside the organizational network is required. --The update itself is with the help of WSUS and Windows Update --The Linux server is also within range


Things that could be a bottleneck

Of course, it can work with VMs on Azure, so if you focus on the on-premises story, Most of the servers themselves are supposed to not communicate outside the organization, but Azure Automation Update Management may be a bottleneck to have to do that. However, there are countermeasures available, so if it can be solved, it will be a convenient service.

Countermeasure ① Proxy server

In the first place, it's a common practice used by servers to communicate outside the organization, and if it can be used as is, it's better than this. On the other hand, for servers that do not normally communicate with the outside, such as internal file servers, by preparing a Log Analytics gateway, it is possible to communicate with Azure once via that.

Countermeasure (2) Closed network

As a means to improve the security of communication with Azure, there is a closed network connection method using Express Route. You can use it to communicate securely with Azure Automation Update Management. Communication methods using Express Route include Private Peering and Microsoft Peering, which can be used to prevent communication from going out to the Internet. These two functions will be summarized in a separate article. However, since Azure Automation Update Management is a service with a public IP address, Private Peering cannot be used unless it is combined with a service such as Private Link, and Azure Automation Private Link is a preview, so it is not in the practical stage. On the other hand, Microfoft Peering can be used as it is with public IP, so if you want to use it now, you will probably choose this one.


The above is Azure Automation Update Management from the perspective of a fledgling infrastructure engineer. I've written a lot of negative aspects, but being able to target on-premises and Linux servers is a considerable strength.

Recommended Posts

What is Azure Automation Update Management?
What is namespace
What is copy.copy ()
What is Django? .. ..
What is dotenv?
What is POSIX?
What is Linux
What is klass?
What is SALOME?
What is Linux?
What is python
What is hyperopt?
What is Linux
What is pyvenv
What is __call__
What is Linux
What is Python
What is a distribution?
What is Piotroski's F-Score?
What is Raspberry Pi?
[Python] What is Pipeline ...
What is Calmar Ratio?
What is a terminal?
[PyTorch Tutorial ①] What is PyTorch?
What is hyperparameter tuning?
What is a hacker?
What is JSON? .. [Note]
What is Linux for?
What is a pointer?
What is ensemble learning?
What is TCP / IP?
What is Python's __init__.py?
What is an iterator?
What is UNIT-V Linux?
[Python] What is virtualenv
What is machine learning?
What is Minisum or Minimax?
What is Linux? [Command list]
What is Logistic Regression Analysis?
What is the activation function?
What is the Linux kernel?
What is an instance variable?
What is a decision tree?
What is a Context Switch?
What is Google Cloud Dataflow?
[DL] What is weight decay?
[Python] Python and security-① What is Python?
What is a super user?
Competitive programming is what (bonus)
[Python] * args ** What is kwrgs?
What is a system call
[Definition] What is a framework?
What is the interface for ...
What is Project Euler 3 Acceleration?
What is a callback function?
What is the Callback function?
What is a python map?
What is your "Tanimoto coefficient"?
Python Basic Course (1 What is Python)