Introduction to Azure Automanage

Azure Automanage machine best practices is a service that eliminates the need to discover, know how to onboard, and how to configure Azure best practices services in Azure that would benefit your virtual machine in enhancing reliability, security, and management for virtual machines.

Post onboarding  your machines to Azure Automanage, each best practice service is configured to its recommended settings.  If you want to customize the best practice services and settings, you can use the custom profile to customize the service configuration. Azure Automanage will keep monitoring the virtual machine to validate, if it complying the configuration profile across its entire lifecycle. If it notice any drift, it will automatically corrects the drift.


There are several prerequisites to consider before trying to enable Azure Automanage on your virtual machines.

  1. Supported Windows Server versions and Linux distros

Azure Automanage  Supported Windows Server versions

Azure Automanage Supported Linux distributions and versions

2. VMs must be in a supported region

Azure Automanage for virtual machines Supported Regions

3. User must have correct permissions

If you are enabling Automanage for the first time in a subscription:

    • Owner role on the subscription(s) containing your machines, or
    • Contributor and User Access Administrator roles on the subscription(s) containing your machines

If you are enabling Automanage on a machine in a subscription that already has Automanage machines:

    • Contributor role on the resource group containing your machines

Participating Services in Azure Automanage

Enabling Automanage for VMs in Azure portal

In the Azure portal, you can enable Automanage on an existing virtual machine.

Enable Automanage for virtual machines through Azure Policy

If you want to enable Automanage for lots of VMs, you can do that using a built-in Azure Policy.

Search for Policy in Azure Portal and select Policy

Search for Automanage under DEFINATIONS

Click on ASSIGN

Choose the scope to which you want to Assign the Policy

By default, policy will be applied to new Virtual Machines in that scope. If you want to configure AUTOMANAGE for existing virtual machines, select create a remediation task under REMEDIATION and click on review and create.

Azure Automanage for Machines Best Practices – Azure Arc-enabled servers

These Azure services are automatically onboarded for you when you use Automanage Machine Best Practices on an Azure Arc-enabled server VM.

Supported operating systems

Automanage supports the following operating systems for Azure Arc-enabled servers

  • Windows Server 2012 R2, 2016, 2019, 2022
  • CentOS 7.3+, 8
  • RHEL 7.4+, 8
  • Ubuntu 16.04, 18.04, 20.04
  • SLES 12 (SP3-SP5 only)

Participating services on Arc Enabled Servers

  1. Machines Insights Monitoring
  2. Update Management
  3. Microsoft Antimalware
  4. Change Tracking & Inventory
  5. Azure Guest Configuration
  6. Azure Automation Account
  7. Log Analytics Workspace

Hope this will be informative for you. Please do share if you find worth sharing it.

  • Disclaimer

    The views and opinions expressed on this blog are my own and does not reflect the views and opinions of my employer.