From 787e268870c6a64af0b7ab937a59692d46595a73 Mon Sep 17 00:00:00 2001
From: John Marcovecchio <39525506+johnmarco@users.noreply.github.com>
Date: Thu, 23 Jan 2025 11:13:53 -0500
Subject: [PATCH 1/2] Updated overview for CSS fixes

---
 articles/azure-arc/servers/overview.md | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/articles/azure-arc/servers/overview.md b/articles/azure-arc/servers/overview.md
index e65518db8..28eca1fed 100644
--- a/articles/azure-arc/servers/overview.md
+++ b/articles/azure-arc/servers/overview.md
@@ -1,7 +1,7 @@
 ---
 title: Azure Arc-enabled servers Overview
 description: Learn how to use Azure Arc-enabled servers to manage servers hosted outside of Azure like an Azure resource.
-ms.date: 06/03/2024
+ms.date: 01/23/2025
 ms.topic: overview
 ---
 
@@ -35,16 +35,13 @@ When you connect your machine to Azure Arc-enabled servers, you can perform many
   * Protect non-Azure servers with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint), included through [Microsoft Defender for Cloud](/azure/security-center/defender-for-servers-introduction), for threat detection, for vulnerability management, and to proactively monitor for potential security threats. Microsoft Defender for Cloud presents the alerts and remediation suggestions from the threats detected.
   * Use [Microsoft Sentinel](scenario-onboard-azure-sentinel.md) to collect security-related events and correlate them with other data sources.
 * **Configure**:
-  * Use [Azure Automation](/azure/automation/extension-based-hybrid-runbook-worker-install?tabs=windows) for frequent and time-consuming management tasks using PowerShell and Python [runbooks](/azure/automation/automation-runbook-execution). Assess configuration changes for installed software, Microsoft services, Windows registry and files, and Linux daemons using [Change Tracking and Inventory](/azure/automation/change-tracking/overview)
-  * Use [Update Management](/azure/automation/update-management/overview) to manage operating system updates for your Windows and Linux servers. Automate onboarding and configuration of a set of Azure services when you use [Azure Automanage (preview)](/azure/automanage/automanage-arc).
+  * Use [Azure Automation](/azure/automation/extension-based-hybrid-runbook-worker-install?tabs=windows) for frequent and time-consuming management tasks using PowerShell and Python [runbooks](/azure/automation/automation-runbook-execution). Assess configuration changes for installed software, Microsoft services, Windows registry and files, and Linux daemons using the Azure Monitor agent for [change tracking and inventory](/azure/automation/change-tracking/overview-monitoring-agent?tabs=win-az-vm).
+  * Use [Azure Update Manager](/azure/update-manager/overview) to manage operating system updates for your Windows and Linux servers. Automate onboarding and configuration of a set of Azure services when you use [Azure Automanage](/azure/automanage/automanage-arc).
   * Perform post-deployment configuration and automation tasks using supported [Arc-enabled servers VM extensions](manage-vm-extensions.md) for your non-Azure Windows or Linux machine.
 * **Monitor**:
   * Monitor operating system performance and discover application components to monitor processes and dependencies with other resources using [VM insights](/azure/azure-monitor/vm/vminsights-overview).
   * Collect other log data, such as performance data and events, from the operating system or workloads running on the machine with the [Azure Monitor Agent](/azure/azure-monitor/agents/azure-monitor-agent-overview). This data is stored in a [Log Analytics workspace](/azure/azure-monitor/logs/log-analytics-workspace-overview).
 
-> [!NOTE]
-> At this time, enabling Azure Automation Update Management directly from an Azure Arc-enabled server is not supported. See [Enable Update Management from your Automation account](/azure/automation/update-management/enable-from-automation-account) to understand requirements and [how to enable Update Management for non-Azure VMs](/azure/automation/update-management/enable-from-automation-account#enable-non-azure-vms).
-
 Log data collected and stored in a Log Analytics workspace from the hybrid machine contains properties specific to the machine, such as a Resource ID, to support [resource-context](/azure/azure-monitor/logs/manage-access#access-mode) log access.
 
 Watch this video to learn more about Azure monitoring, security, and update services across hybrid and multicloud environments.

From 1b97af956af1337bd249ab373526f4e0dae440fe Mon Sep 17 00:00:00 2001
From: John Marcovecchio <39525506+johnmarco@users.noreply.github.com>
Date: Thu, 23 Jan 2025 12:04:26 -0500
Subject: [PATCH 2/2] Removed refs to update management

---
 articles/azure-arc/servers/plan-at-scale-deployment.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/articles/azure-arc/servers/plan-at-scale-deployment.md b/articles/azure-arc/servers/plan-at-scale-deployment.md
index d41e5bcc8..01987b840 100644
--- a/articles/azure-arc/servers/plan-at-scale-deployment.md
+++ b/articles/azure-arc/servers/plan-at-scale-deployment.md
@@ -1,7 +1,7 @@
 ---
 title: Plan and deploy Azure Arc-enabled servers
 description: Learn how to enable a large number of machines to Azure Arc-enabled servers to simplify configuration of essential security, management, and monitoring capabilities in Azure.
-ms.date: 02/26/2024
+ms.date: 01/23/2025
 ms.topic: how-to
 ---
 
@@ -61,12 +61,11 @@ In this phase, system engineers or administrators enable the core features in th
 |-----|-------|---------|
 | [Create a resource group](/azure/azure-resource-manager/management/manage-resource-groups-portal#create-resource-groups) | A dedicated resource group to include only Azure Arc-enabled servers and centralize management and monitoring of these resources. | One hour |
 | Apply [Tags](/azure/azure-resource-manager/management/tag-resources) to help organize machines. | Evaluate and develop an IT-aligned [tagging strategy](/azure/cloud-adoption-framework/decision-guides/resource-tagging/) that can help reduce the complexity of managing your Azure Arc-enabled servers and simplify making management decisions. | One day |
-| Design and deploy [Azure Monitor Logs](/azure/azure-monitor/logs/data-platform-logs) | Evaluate [design and deployment considerations](/azure/azure-monitor/logs/workspace-design) to determine if your organization should use an existing or implement another Log Analytics workspace to store collected log data from hybrid servers and machines.<sup>1</sup> | One day |
+| Design and deploy [Azure Monitor Logs](/azure/azure-monitor/logs/data-platform-logs) | Evaluate [design and deployment considerations](/azure/azure-monitor/logs/workspace-design) to determine if your organization should use an existing or implement another Log Analytics workspace to store collected log data from hybrid servers and machines. | One day |
 | [Develop an Azure Policy](/azure/governance/policy/overview) governance plan | Determine how you will implement governance of hybrid servers and machines at the subscription or resource group scope with Azure Policy. | One day |
 | Configure [Role based access control (RBAC)](/azure/role-based-access-control/overview) | Develop an access plan to control who has access to manage Azure Arc-enabled servers and ability to view their data from other Azure services and solutions. | One day |
 | Identify machines with Log Analytics agent already installed | Run the following log query in [Log Analytics](/azure/azure-monitor/logs/log-analytics-overview) to support conversion of existing Log Analytics agent deployments to extension-managed agent:<br> Heartbeat <br> &#124; summarize arg_max(TimeGenerated, OSType, ResourceId, ComputerEnvironment) by Computer <br> &#124; where ComputerEnvironment == "Non-Azure" and isempty(ResourceId) <br> &#124; project Computer, OSType | One hour |
 
-<sup>1</sup> When evaluating your Log Analytics workspace design, consider integration with Azure Automation in support of its Update Management and Change Tracking and Inventory feature, as well as Microsoft Defender for Cloud and Microsoft Sentinel. If your organization already has an Automation account and enabled its management features linked with a Log Analytics workspace, evaluate whether you can centralize and streamline management operations, as well as minimize cost, by using those existing resources versus creating a duplicate account, workspace, etc.
 
 ## Phase 2: Deploy Azure Arc-enabled servers