Hello! In this post I’ll be covering an overview of the Azure Automanage Preview – and giving an overview of how it can be used to simplify management, achieve best practice, and provide automation of Virtual Machines in a few quick steps.
What is Azure Automanage?
Azure Automanage is a service that removes the need to “discover, know how to onboard, and how to configure certain services in Azure that would benefit your virtual machine.” (Microsoft Docs – https://docs.microsoft.com/en-gb/azure/automanage/automanage-virtual-machines)
Essentially – it allows you to automate the configuration of your Azure VM as per best practice within the Microsoft Cloud Adoption Framework. This includes monitoring, backup, and monitors the drift of your VM away from best practice – and can automatically bring it back into the required state.
The key here is simplicity – the experience is simple and easy to use.
Prerequisites
- Only Windows Server VMs are supported
- VMs must be running
- VMs must be in a Supported Region – currently (28/09/2020) this is West Europe, East US, West US 2, Canada Central, and West Central US.
- The User must have the correct permissions (to configure Automanage from scratch you will need Owner or Contributor, along with User Access Administrator)
- VMs must not link to a Log Analytics Workspace in a different Subscription
Note: this is a preview service - so these are likely to change!
Participating Services
At the current time, Automanage includes the following Services, which are automatically onboarded, configured, monitored for drift, and remediated as required when you use Automanage:
- VM Insights Monitoring – Monitors the health and performance of your Virtual Machine
- Backup – Provides backups of the Virtual Machine
- Azure Security Center – Automanaged configures the free tier of Azure Security Center within the subscription your VM is inside.
- Microsoft Antimalware – Real time protection for your VM against viruses, spyware, and malicious software.
- Update Management – Provides automated updates for your VM
- Change Tracking and Inventory – Combines change tracking and inventory to monitor and track VM changes.
- Azure Automation Account – supports Azure Automation
- Log Analytics Workspace – stores data in Log Analytics Workspace.
You can configure these services using one of the default configuration profiles with Automanage – or create your own.
Setting up Automanage
Setting up Automanage is really easy! For my test I have a single Azure VM running in the East US Region – and I am going to configure Automanage to look after this VM for me. From the Azure Portal – search for “Automanage”, and select Azure Automanage:
Then click on “Enable on existing VM”:
Note – you can also setup Automanage at the time of creation – see here. Next, we need to select the VMs to onboard into Automanage. To do this, click on “Select machines”:
Select the VM you want to enable and click Select:
We can then select the Profile that will be applied (which controls the configuration of Automanage):
By default there are two profiles – Dev/Test and Production. It is worth spending some time looking through these to make sure you are applying settings that are appropriate. You can also create custom profiles – by clicking on “Create new preferences”. See more about custom profiles here. For my test I will use the Production Profile – you can browse the settings and configuration that will be applied by this profile by exploring the highlighted section below:
Once we are ready to apply this – just click “Select”. The summary screen is then shown – and we are ready to enable. Note that the Automanage account is also created at this time. Click on Enable in the below screenshot – and the configuration will then be applied:
My test VM is now shown within Automanage – as you can see the deployment is still in progress:
The deployment takes some time – but as it progresses we can see the Automanage elements being created in a new Resource Group:
Once the deployment has completed – the status will change to “Configured”:
So we now have a Virtual Machine that is configured and managed by Automanage – let’s take a quick look at what this has configured for us:
In our Backup Vault (automatically created) we now have a protected VM that is backed up daily:
Our VM is being analysed for Updates:
We have an Automation Account that contains our VM:
Within Update Management we can also check on the Status of our Automanage enrolled VM:
We can also delve into this update data (and more!) via our (automatically created by Automanage) Log Analytics Workspace:
Obviously I’ve only scratched the surface of Automanage here – but hopefully this post helps to give an understanding and show some of the features of the Automanage preview. Until next time – thanks for reading!
A few links to useful documentation resources that may help: