Tag: Azure Automation

Building an Azure “Super-Assistant” with Azure MCP (Preview)

Introduction

AI assistants for Azure are everywhere right now. Most of them fall into one of two categories:

  • Chatbots with documentation knowledge, but no access to your environment
  • ChatGPT + Azure CLI wrappers, which still require credentials, tokens, and a lot of trust

I wanted to explore something different:

Can we build a genuinely useful Azure assistant that can see my environment, query real data, and still be safe by design?

Continue reading “Building an Azure “Super-Assistant” with Azure MCP (Preview)”

Azure Health Check – A Free Script to Audit and Visualise Cloud Hygiene

Are you running Azure subscriptions and want a quick, human-friendly overview of your governance, compute, storage, network and Key Vault hygiene?
The Azure Health Check PowerShell script gives you exactly that — scanning multiple subscriptions, flagging weak spots, and producing a clean interactive HTML report (with charts!).

Why this matters

Large and growing Azure estates can easily drift into insecure or unsupported configurations: unprotected VMs, public storage blobs, missing resource locks, orphaned disks, exposed network ports — all of which can lead to security, availability or compliance issues.

Yet manually auditing each subscription is time-consuming. That’s where automation helps. With this script, you get a multi-subscription health summary, scored, visualised and exportable — ideal for periodic reviews, customer readiness checks, or even compliance audits.

Continue reading “Azure Health Check – A Free Script to Audit and Visualise Cloud Hygiene”

Automating a Monthly Azure Update Compliance Report with Logic Apps + Azure Resource Graph

Most patching dashboards are great for interactive views—but what if your stakeholders want a scheduled email that shows the current patch compliance for only a scoped set of servers (for example, those tagged for patch governance)? That’s where a small, reliable custom report shines.

In this post I’ll walk through the exact solution I built: a Logic App that queries Azure Update Manager data via Azure Resource Graph (ARG), filters to VMs tagged Monthly_Patch : yes, formats the results into a clean HTML email, and sends it on a monthly cadence.

Why a custom report?

  • No native email report: Azure Update Manager provides blades and workbooks, but not a ready-to-send, nicely formatted email.
  • Audience-specific scoping: We only want to report on VMs with a specific business tag (Monthly_Patch : yes).
  • Consistent sorting & formatting: Stakeholders wanted alphabetical order, readable timestamps, color-coded rows, and centered table content.
  • Lightweight & fast: With ARG we can query Update Manager resources directly—no Log Analytics workspace required for this report.

Continue reading “Automating a Monthly Azure Update Compliance Report with Logic Apps + Azure Resource Graph”

How to Use Azure Policy for Better Cloud Management

When you work in the cloud, keeping things organised is very important. Azure Policy is a simple tool that helps enforce rules on your resources. In this post, I’ll explain what Azure Policy is and show you a basic example of using it to require a tag on all your resources.

What is Azure Policy?

Azure Policy lets you set rules for your cloud resources. For example, you might want every resource to have a tag called Cost Centre so you know which department it belongs to. If someone tries to create a resource without that tag, the policy can stop it from being created.

This tool is very useful because it helps everyone on your team follow the same guidelines and keeps your cloud resources well organised.

A Simple Example: Requiring a "Cost Centre" Tag

In this example, we’ll create a custom policy that requires every resource to have a Cost Centre tag. If the tag is missing, the resource won’t be allowed.

Overview of the Steps

  1. Create the policy rule file.

  2. Create the policy parameters file.

  3. Create the policy definition in Azure using the Azure CLI.

  4. Assign the policy to a scope.

  5. Check if your policy is working.

Continue reading “How to Use Azure Policy for Better Cloud Management”

Navigating the Transition from Azure Automation Update Management to Azure Update Manager: A Comprehensive Guide

update-manager-get-patches

As cloud technologies evolve, so too must the tools we rely on to maintain and secure our environments. Microsoft’s recent announcement regarding the retirement of Azure Automation Update Management is a prime example of this continuous evolution. By 31 August 2024, this service, along with the Log Analytics agent it uses, will be officially retired. Users will need to transition to the more advanced Azure Update Manager to ensure their virtual machines remain up-to-date and secure.

This blog post will explore the implications of this transition, the benefits of migrating to Azure Update Manager, and provide a detailed step-by-step guide for the most complex migration scenario—manual migration. This approach is ideal for those with intricate environments that require a high degree of customization and control.

The Shift to Azure Update Manager: What It Means for You

Azure Automation Update Management has been a reliable tool for managing the updates of virtual machines (VMs). However, with its retirement on the horizon, Microsoft is pushing for a transition to Azure Update Manager, a more integrated and feature-rich platform designed to offer greater flexibility, control, and scalability.

Why Migrate to Azure Update Manager?

Azure Update Manager is not just a replacement; it’s a significant upgrade. Here are some of the key improvements:

– Seamless Integration: Azure Update Manager is built natively into Azure’s infrastructure, providing zero-step onboarding for Azure VMs and Azure Stack HCI VMs, and easy integration with Azure Arc for managing non-Azure servers.

– Enhanced Control: With granular access control and role-based access control (RBAC), you can finely tune who has access to specific update management tasks, reducing the risk of unauthorized changes.

– Flexible Patching Options: Azure Update Manager offers advanced features such as customer-defined maintenance schedules, Azure-orchestrated automated patching, and hotpatching, which minimizes downtime by applying updates without requiring a reboot.

– Cost Efficiency: For managing Azure VMs and Azure Stack HCI VMs, Azure Update Manager is available at no extra charge. For Azure Arc-enabled servers, there’s a nominal fee of $5 per server per month.

Continue reading “Navigating the Transition from Azure Automation Update Management to Azure Update Manager: A Comprehensive Guide”