Skip to content

Patching

This section provides an overview of the patching capabilities in the software. Patching information is available for the following item types: Deployments, Resource Groups, and Virtual Machines. Each item type has a dedicated Patching widget that displays relevant patching details. You can locate these widgets by looking for the "Patching" label or by using the section manager to navigate directly to them.

Patching Widgets

Deployment Patching Widget

The Deployment Patching Widget displays a table where each row represents a patch schedule. Key features include:

  1. Patch Schedule Name: Displayed at the top-left of each row.
  2. Next Patch Date: Shown at the top-right of each row.
  3. Resource Groups: Listed beneath the row header. Click the "Show More" button next to a resource group name to view all pending updates for that group and its resources.

Deployment Patching Widget

In the expanded view:

  1. Total Pending Updates: Displayed in the top-right corner.
  2. Severity Scale: Located below the total count, this scale summarizes the severity of all updates across all resources in the group.
  3. Resource-Specific Details: A list below the severity scale shows each resource's name on the left, followed by a resource-specific severity scale. Click any severity box to see a detailed list of updates, including additional information about each update.

Expanded View

The widget includes a search function allowing you to filter by:

  • Resource Groups (default setting)
  • Patch Schedules

Search Filters

Resource Group Patching Widget

The Resource Group Patching Widget is similar to the Deployment widget but focuses on resources within a patch schedule instead of resource groups. Each row represents a patch schedule, with resources listed beneath. It also supports searching by:

  • Resources
  • Patch Schedules

RG Patching Widget

Virtual Machine Patching Widget

The Virtual Machine Patching Widget differs in structure. It presents a table of updates for the currently selected resource, with two modes:

  • Pending Updates: Displays updates scheduled for the next patch cycle, as determined by the patch schedule.
  • Installed Updates: Shows updates installed during the previous patch cycles.

You can toggle between these modes using the button below the search input. The widget title indicates the current mode.

VM Patching Widget

Patch Schedules

Patch schedules control when and how patching occurs. With the Dune, you can create customized schedules specifying the week, day, and time for patching your resources.

Azure Specific

A patch schedule represents a maintenance config in Azure. Dune coordinates the assignments of resources to maintenance configurations. The patching is then executed by Azure.

Creating Patch Schedules

Required Permission

You must have the TenantAdmin role to perform this action.

To create or manage patch schedules:

  1. Navigate to Settings > Patch Schedules.
  2. A table displays all existing patch schedules.

Manage Patch Schedule

Deleting Patch Schedules

  • Select one or more patch schedules by clicking their rows.
  • Click the Bin icon to delete them.
  • Confirm the deletion in the prompted dialog.

Note

You can only delete schedules not currently in use.

Delete Patch Schedule

Adding Patch Schedules

  • Click the + button to open the creation dialog.
  • Make the following selections:
  • Week of the Month: Choose which week the patching should occur.
  • Day: Select the day of the week.
  • Time: Specify the exact time for updates.
  • The dialog header displays the generated patch schedule name based on your selections.
  • Click Add to create the schedule. It will appear in the Manage Patch Schedules table and become available for assignment.

Add Patch Schedule

Assigning Patch Schedules

Required Permission

To assign a patch schedule you'll need at least Owner role on deployment or resource group level.

Assigning patch schedules is straightforward. Use the Manage Patch Schedule button, found either in the action bar or within the Patching widget of a Deployment or Resource Group item view. The patch schedules are generally assigned to the resource group and the resources below will be patched according to the selected schedule.

Assign Patch Schedule btn

Azure Specific

After successfully assigning a patch schedule, it will start a workflow in the background that sets everthing up. This will create or upate an azure maintenance configuration for the affected resource. To track this process you can check the corresponding jobs inside the job widget of the resource group.

Assigning Patch Schedules to Deployments

In the Manage Patch Schedule dialog for Deployments:

  • Next Patch Date: Displayed at the top, showing the earliest upcoming patch date across all resource groups in the deployment.
  • Patch Schedule Selection: Use the input field to choose from available patch schedules (listed from Settings > Patch Schedules).
  • Resource Group List: Below the input, see all resource groups in the deployment, along with their current patch schedules.

After selecting a new patch schedule:

  • Resource groups already assigned to the selected schedule remain unchanged.
  • For groups with a different schedule, a toggle button appears to enable or disable applying the new schedule.
  • Visual feedback (e.g., outlines) highlights selected resource groups.
  • Use the Assign to All checkbox to apply the schedule to all eligible resource groups.

Click Assign to apply the changes. You’ll receive:

  • A notification for each successful assignment start.
  • A separate notification when the assignment completes.

View the updated schedules in the Patching widget.

Assign Patch Schedule

Assigning Patch Schedules to Resource Groups

The Manage Patch Schedule dialog for Resource Groups is similar:

  • Next Patch Date: Shown at the top.
  • Patch Schedule Card: Displays the current schedule name and an input field to select a new one.
  • Upon selection, the card updates to show:
  • The previous schedule (marked as "Old").
  • The newly selected schedule.

Click Assign to apply the change. Notifications confirm the start and completion of the assignment process.

Assign Resource Group Patch Schedule

When are my resources getting patched?

You can see the next patch date in the deployments and resource groups patching widget. In the info widget of the resources you can also view the last patchdate. If you are in the Virtual Machine detail view, use the breadcrumbs to navigate to the parent Resource Group to see the next patch date.