Your submission was sent successfully! Close

Jump to main content
  1. Blog
  2. Article

on 1 August 2023

Enhancing the Ubuntu Experience on Azure: Introducing Ubuntu Pro Updates Awareness

Canonical works closely with Microsoft to ensure that running Ubuntu on Azure is a great experience. One of the key aspects of this collaboration is ensuring the longevity and security of Ubuntu releases, such as Ubuntu 18.04 LTS, even beyond their Standard Security Maintenance period. We are excited to announce the integration of Ubuntu Pro update awareness into Azure through the Azure Guest Patching Service (AzGPS) and Update Management Center (UMC). This feature highlights the additional updates available through Ubuntu Pro, including those for Ubuntu 18.04 LTS, now under Extended Security Maintenance. This increased visibility of updates is a significant benefit for users of Azure native VMs and VM Scale Sets, as well as those connected via Azure Arc.

Ubuntu Pro on Azure

Ubuntu Pro, a subscription by Canonical, provides enhanced security, compliance, and system management tools for organisations using Ubuntu in the Azure cloud.

Expanded Security Maintenance (ESM) is one of the key features of Ubuntu Pro. ESM extends the security maintenance period for Ubuntu LTS releases from five to ten years, allowing Ubuntu 18.04 LTS users to continue using their deployments in production until 2028. ESM also expands the security coverage to a much greater range of packages.

Ubuntu Pro Awareness in Azure

The newly integrated Ubuntu Pro feature in Azure helps users identify Ubuntu instances that aren’t receiving all available security updates. For instance, examining an Ubuntu Server 18.04 LTS instance on Azure today could display something like this:

Take note of the message, “Security-ESM update(s) are available for this machine. An Ubuntu Pro subscription is required to remain secure. Learn more.

This message indicates that 46 security updates are available for this Ubuntu 18.04 LTS instance, of which 42 can only be accessed through ESM. To receive these, you must attach Ubuntu Pro subscription to the instance. If your instance is in this state, it’s crucial to take action, as it has known unpatched security vulnerabilities. The process of obtaining Ubuntu Pro and how to attach it to your instance is explained in the subsequent section.

Looking at the detailed view of packages, we can see that these have Classifications of “Security-ESM”:

Once you have activated Ubuntu Pro on these instances, as explained in the following section, these updates appear as available and can be applied in the usual way, yielding the expected result:

How to Obtain Ubuntu Pro

Selecting the best method to obtain Ubuntu Pro on Azure depends on your needs and workload flexibility. Here are your main options:

  • In-Place Upgrade: Directly transition from Ubuntu Server to Ubuntu Pro within Azure without any downtime. This process requires just a few commands, and Azure takes care of the billing. For an in-depth guide, refer to our recent announcement.
  • Redeployment with Azure Marketplace: For workloads that support regular redeployment, like in CI/CD setups, use the Ubuntu Pro images from the Azure Marketplace. These images come preloaded with the latest security updates, ensuring a secure start. Plus, they seamlessly replace Ubuntu Server images in most deployment tools, such as Azure Image Builder, Terraform, and Packer.

Ubuntu Pro is accessible for free on up to 5 machines, or 50 if you are an official Ubuntu Community member. To get started, register here.

Azure Guest Patching Service

The Azure Guest Patching Service allows customers to simplify their Guest OS management on their VMs and VM Scale Sets. This service deploys the latest security and critical updates using Safe Deployment Principles, ensuring the customer’s operations remain uninterrupted and secure.

Azure Update Management Center

The Azure Update Management Center is designed to manage and govern updates across all your machines. Powered by Azure Guest Patching Service, it provides a unified service for monitoring Windows and Linux update compliance across your Azure, on-premises, and other cloud platform deployments, all from a single dashboard. Canonical collaborates with the Azure Update Management Center team to ensure that it can manage Ubuntu instances effectively at scale.


The introduction of enhanced Ubuntu update awareness into the Azure Update Management Center offers tailored security guidance to our Azure users. This guidance takes into account the actual Ubuntu releases and packages installed. Our ultimate goal is to empower our joint users with timely and relevant information, enabling them to make informed security decisions and thereby enhancing the security of their Ubuntu instances on Azure.

Related posts

8 August 2023

Announcing In-Place Upgrade from Ubuntu Server to Ubuntu Pro on Azure

Cloud and server Article

Seamlessly upgrade from Ubuntu Server to Ubuntu Pro on Azure without downtime. Explore advanced security, compliance, and long-term support features. Enhance your enterprise functionality and optimize your cloud journey with Ubuntu Pro. ...

9 November 2022

Azure pricing explained

Cloud and server Article

Have you ever wondered how Azure pricing actually works? So, you’ve decided to use Azure as your primary cloud platform and want to calculate your infrastructure costs. You estimate them based on listed prices, and rest assured that your startup/project will meet its budget. And then, suddenly, at the end of the month, you receive ...

21 September 2023

Open source tooling at GITEX Global

AI Article

Innovate at speed with AI. Stay secure and compliant with Ubuntu Pro Date: 16-20 October 2023 Location: Dubai, UAE Booth: Booth B31, Hall 26, DevSlam Canonical is excited to attend GITEX Global 2023, the largest event in the Middle East. Generative AI, predictive analytics and multi-cloud environments are at the heart of a technological r ...