Automatic image upgrade is an automation that keeps your HM-managed cluster up to date by automatically applying the latest available minor Postgres image version whenever one becomes available. This automation ensures your clusters stay current without requiring manual intervention, helping you maintain security patches and bug fixes consistently across your estate.
The automation detects new minor version upgrades only (for example, 18.1 → 18.2). Newer image builds or patches of the same minor version aren't detected automatically.
Note
We recommend configuring a maintenance window to control when upgrades run. Depending on your cluster type and configuration, an image upgrade may involve a rolling restart of cluster nodes.
You configure automations per replica or data group using the dropdown in the Automations section. Automations aren't coordinated across replicas or data groups — configure each one separately if you need the same behavior elsewhere.
Automatic image upgrade parameters
When you configure an automated operation, there are specific parameters for the automatic image upgrade automation in addition to the general automation fields:
| Field | Description |
|---|---|
| Maintenance Window | Schedule the upgrade during this maintenance window. Leave empty for immediate execution when a new image version becomes available. See Maintenance windows. |
| Approval | Select Approval Required to create a pending task in Task Manager that a user must approve before the upgrade runs, or Approval Not Required to run tasks automatically without manual review. |
Once active, HM checks for a new minor image version at each interval. When a newer version is available, it creates a task in Task Manager and executes it according to your configuration — either immediately or within the next open maintenance window, with or without approval.
You can monitor task status — pending, completed, or rejected — from either the cluster-level Task Manager tab or the project-level Task Manager in the left navigation. All upgrade events are logged in the Activity Log for full auditability.
For information on what happens if an upgrade fails, including rollback behavior, see Rollback considerations.