Automatic Windows VM Image update for Azure Local (HCI)

UpdatedOctober 27, 2025

•1 min read

Automatic Windows VM Image update for Azure Local (HCI)

If you are using Azure Local (HCI), you might find the following PowerShell script AzureLocalVMImageUpdater.ps 1 useful.

What is it good for?

The code replaces the Windows VM images in the specified Azure Local cluster(s) with the latest compatible version available in the Marketplace. So whenever you create a new VM, you will use the updated OS version.

Requirements

Image name

Image must have a suffix -<number> (i.e. Windows2025-01), so if the image gets replaced with the new one, the <number> can be increased to emphasize the change

Permissions

IAM (RBAC) assignments for the subscription where the HCI cluster is located
- Azure Stack HCI Administrator - to be able to manage Azure Local VM Images
- Reader - to be able to query cluster health, VM Images, and other required resources

PowerShell

Core (to be able to use parallel processing)

PowerShell modules

Az (Az.Accounts, Az.ResourceGraph)
Azure Cli
AzureLocalStuff

How to use it?

Create Azure Automation Runbook
Add required PowerShell modules
Grant required IAM role assignments to the Automation Account Managed Identity
Customize the $azureLocalClusterList variable to match your environment in the AzureLocalVMImageUpdater.ps 1 script
Use modified code in your Runbook
Set the Runbook schedule and watch the magic :)

#powershell #automation #hci #azure-local #update

Azure Local (HCI)

Part 1 of 1

More from this blog

Automating Azure PIM role activation secured with FIDO2/Passkey with PowerShell

Or any other Azure service requiring special authentication strength

Dec 11, 20256 min read

Automating Azure PIM role activation secured with FIDO2/Passkey with PowerShell

Fixing Autopilot devices' hash-mismatch issues using Intune on-demand remediations

Problem It happens that the hardware hash of your Autopilot device gets changed. Thanks to the replacement of the motherboard or some other issue. This can lead to future problems when your users need to reinstall the operating system, but the Autopi...

Oct 24, 20253 min read

Fixing Autopilot devices' hash-mismatch issues using Intune on-demand remediations

Supercharge Your Azure API Calls: Master Azure Resource Manager batching with PowerShell

Learn how to use undocumented Azure APIs for massive performance gains

Aug 1, 20259 min read

Supercharge Your Azure API Calls: Master Azure Resource Manager batching with PowerShell

Exporting BitLocker, LAPS, and FileVault Keys from Intune using Azure DevOps pipeline

Keeping a secure, version-controlled backup of your Intune-managed device data, including BitLocker, LAPS, and FileVault keys, is a best practice for any modern IT team. In this post, I’ll guide you through an Azure DevOps pipeline that automates the...

Jul 28, 20254 min read

Exporting BitLocker, LAPS, and FileVault Keys from Intune using Azure DevOps pipeline

Do it PowerShell way :)

78 posts

With over 15 years of experience as a system administrator, I have a passion for automating workflows using PowerShell. I believe in sharing my creations with the community. Why not, right? :)

Command Palette

Requirements

How to use it?

Azure Local (HCI)

More from this blog