Search code examples
azureazure-resource-managerazure-powershellterraform-provider-azure

How to enable Update Management for an Azure Automation Account programmatically?

I'm currently using Terraform and bits of Powershell to automate all of my infrastructure and I'm seeking a fully automated means to configure update management for all of my VMs. I'm able to deploy the Automation Account, Log Analytics Workspace, and a linked service resource to manage the connection between the two. However, I'm unable to enable the update management service on the Auto Account.

Is there any automatable means (ps, tf, api, etc.) by which I can simply enable update management for my automation account?

Solution

  • as far as I understand this is what you need:

    {
    "type": "Microsoft.OperationalInsights/workspaces",
    "name": "[variables('namespace')]",
    "apiVersion": "2017-03-15-preview",
    "location": "[resourceGroup().location]",
    "properties": {
        "sku": {
            "name": "Standalone"
        }
    },
    "resources": [
        {
            "name": "Automation", # this onboards automation to oms, which is what you need
            "type": "linkedServices",
            "apiVersion": "2015-11-01-preview",
            "dependsOn": [
                "[variables('automation')]",
                "[variables('namespace')]"
            ],
            "properties": {
                "resourceId": "[resourceId('Microsoft.Automation/automationAccounts/', variables('automation'))]"
            }
        }
    ]
},
{
    "type": "Microsoft.Automation/automationAccounts",
    "name": "[variables('automation')]",
    "apiVersion": "2015-10-31",
    "location": "[resourceGroup().location]",
    "properties": {
        "sku": {
            "name": "OMS"
        }
    }
},
{
    "type": "Microsoft.OperationsManagement/solutions", # this install update management solution, you probably need this for update management
    "name": "[concat(variables('solutions')[copyIndex()],'(', variables('namespace'), ')')]",
    "apiVersion": "2015-11-01-preview",
    "location": "[resourceGroup().location]",
    "copy": {
        "name": "solutions",
        "count": "[length(variables('solutions'))]"
    },
    "plan": {
        "name": "[concat(variables('solutions')[copyIndex()], '(', variables('namespace'), ')')]",
        "promotionCode": "",
        "product": "[concat('OMSGallery/', variables('solutions')[copyIndex()])]",
        "publisher": "Microsoft"
    },
    "properties": {
        "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces', variables('namespace'))]"
    },
    "dependsOn": [
        "[variables('namespace')]"
    ]
}

    here's the variable I'm using to define solutions to be installed:

    "solutions": [
    "AlertManagement",
    "Updates",
    "Security"
]

    Basically you can map this to api calls 1-to-1