Terraform-provider-azurerm: New resource: azurerm_automation update management configuration
Community Note
- Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
We want to be able to deploy software update schedules via terraform.
We have configure a few standarized schedules that we will deploy to most of our customers, due to the amount of clicking in portal and lack of PS support for this resource, we would be very happy if this could be done from a terraform resource.
New or Affected Resource(s)
NEW RESOURCE
azurerm_automation_softwareUpdateConfigurations
Potential Terraform Configuration
Please refer to the following ARM template code for reference of configurable settings.
https://docs.microsoft.com/en-us/azure/templates/microsoft.automation/2017-05-15-preview/automationaccounts/softwareupdateconfigurations
resource "azurerm_automation_softwareUpdateConfigurations" "automation_sch1" {
location = "${var.location}"
name = "${local.aa_sch1}"
resource_group_name = "${local.aa_rg}"
update_configuration = {
operating_system = "Windows"
windows = {
included_update_classifications = ""
excludedKbNumbers = ""
reboot_setting = "IfRequired"
}
duration = "120"
azure_virtual_machines = ["VM01","VM02"]
targets = {
scope = []
locations = []
tagSettings = {
tags = "UpdateGroup"
filterOperator = "UpdateGroup01"
}
}
scheduleInfo = {
startTime = "07:00"
expiryTime = ""
expiryTimeOffsetMinutes ="",
isEnabled = true,
nextRun = "string"
nextRunOffsetMinutes= "number",
interval= "integer",
frequency= "string",
timeZone= "string",
advancedSchedule= {
monthlyOccurrences= [
{
occurrence = "1"
day = "tuesday"
}
]
}
}
tasks= {
preTask = {
parameters = "optional runbook parameters"
source = "runbookname"
}
postTask = {
parameters = "optional runbook parameters"
source = "runbookname"
}
}
}
}
References
0000
franzoir
All 14 comments
@franzoir Have you found a good way of automating the onboarding of the VMs to the automation account so the configuration can be applied? Everything I've seen says at least one VM needs to be onboarded manually first and then use a runbook to onboard the rest which is pretty horrible. Would love to automate this with Terraform!
OffColour
on 7 Feb 2019
@OffColour I almost have a way that i'm happy with. Some tweaks still remain but I use Azure Policy to automatically onboard the VM to the correct Log Analytics workspace using tags to filter OS and WorkspaceName. Update management is then configured to automatically onboard VM linked to that workspace.
Later on I'll also use tags to dynamically target VM update schedules. Last time i tested it didn't work well with pre/post scripts.
franzoir
on 12 Feb 2019
@franzoir Just tested this out and worked perfectly with the automatic onboarding enabled.
Thanks!
OffColour
on 19 Mar 2019
@franzoir @OffColour when using terraform 0.12 I get following error:
Error: Invalid resource type
on ModulesUpdateScheduleUpdate_Schedule_module.tf line 2, in resource "azurerm_automation_softwareUpdateConfigurations" "schedule":
2: resource "azurerm_automation_softwareUpdateConfigurations" "schedule" {
The provider provider.azurerm does not support resource type
"azurerm_automation_softwareUpdateConfigurations".
Isn't it supported yet in 0.12?
boutmbr
on 11 Jun 2019
@boutmbr This is a request for a new resource. It doesn't exist.
OffColour
on 11 Jun 2019
@OffColour Thought so already :)
I was confused by your last comment.
Is there any progress on this feature since March?
boutmbr
on 11 Jun 2019
@OffColour I almost have a way that i'm happy with. Some tweaks still remain but I use Azure Policy to automatically onboard the VM to the correct Log Analytics workspace using tags to filter OS and WorkspaceName. Update management is then configured to automatically onboard VM linked to that workspace.
Later on I'll also use tags to dynamically target VM update schedules. Last time i tested it didn't work well with pre/post scripts.
You said you are willing to share, can you paste your code somewhere? I hadn't considered using Policy. That seems like a great idea.
pearcec
on 19 Mar 2020
HI There!
Was this intended to be brought into azurerm 2.0?
This would be a really nice feature to bring on :).
elongstreet88
on 12 May 2020
Agreed, this missing feature would be really useful. In the meantime, are there any workarounds to automate update management schedules?
adamrushuk
on 13 May 2020
I just worked it out via [azurerm_template_deployment] after figuring out how to deal with the time offset.
Example is here:
https://stackoverflow.com/questions/61762648/terraform-azurerm-schedule-start-time-always-resets-on-new-deploys/61766515#61766515
elongstreet88
on 13 May 2020
Any update on when this can be added?
rohrerb
on 10 Jun 2020
I'm very interested in this resource or in any other way to configure VM update schedules via Terraform/azurerm.
juanjojulian
on 7 Jul 2020
can anyone please specify the version of azurerm provider as this is not working for 2.20.0
TIA
iShubhamTiwari
on 11 Aug 2020
can anyone please specify the version of azurerm provider as this is not working for 2.20.0
TIA
Since this is still a feature request and not an actually implemented thing.... This needs to be implemented first....
Dilergore
on 27 Oct 2020
Related issues
sam-cogan
路
3Comments
tomasaschan
路
3Comments
Lachlan-White
路
3Comments
rudolphjacksonm
路
3Comments
alant94
路
3Comments
Most helpful comment
You said you are willing to share, can you paste your code somewhere? I hadn't considered using Policy. That seems like a great idea.