AzPolicyAdvertizer

last sync: 2025-May-14 18:52:07 UTC

Enable automatic OS upgrade on Virtual Machine Scale Sets

Community Policy definition

Source

Repository Community-Policy GitHub
JSON Community-Policy GitHub

Deploy policy 8979aa44-e880-4b3f-b0f5-6f6ab4a8b93a (1.0.0) to Azure

Display name

Enable automatic OS upgrade on Virtual Machine Scale Sets

8979aa44-e880-4b3f-b0f5-6f6ab4a8b93a

Version

1.0.0
Details on versioning

Category

Compute
Microsoft Learn

Description

This policy enables automatic OS upgrade on Virtual Machine Scale Sets. New scale sets will have automatic OS upgrade enabled automatically. Existing scale sets that are not opted into automatic OS upgrade will be marked as non-compliant and can be enabled through policy remediation.

Mode

Indexed

Type

Custom Community

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Virtual Machine Contributor	9980e02c-c2be-4d73-94e8-173b1dc7cf3c

Rule aliases

IF (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Compute/imageVersion	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.version properties.virtualMachineProfile.storageProfile.imageReference.version properties.creationData.imageReference.id	True True True		False False False

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Compute/VirtualMachineScaleSets/upgradePolicy.automaticOSUpgrade	Microsoft.Compute Microsoft.Compute	virtualMachineScaleSets virtualMachineScaleSets	properties.upgradePolicy.automaticOSUpgradePolicy.enableAutomaticOSUpgrade properties.upgradePolicy.automaticOSUpgrade	True False	properties.upgradePolicy.automaticOSUpgradePolicy.enableAutomaticOSUpgrade	False False

Rule resource types

IF (1)
Microsoft.Compute/virtualMachineScaleSets
THEN-Deployment (1)
Microsoft.Compute/virtualMachineScaleSets

JSON

EPAC