Subscribe to the feed

In the world of IT automation, Red Hat Ansible Automation Platform has emerged as a powerful tool for streamlining tasks and orchestrating complex systems. With the release of Ansible Automation Platform 2.X, managing automation workflows has become even more efficient. In this blog post, we'll explore how to configure a newly deployed Ansible Automation Platform 2.X instance using API calls directly from a playbook. By following these steps, you'll be able to set up your automation environment swiftly and seamlessly.

Of course, in most cases, you will use a Red Hat Ansible Certified Content Collection such as ansible.controller or Ansible validated content infra.controller_configuration as a more flexible option to configure the Ansible Automation Platform. In certain situations, you might find that regular collections aren't available. This could occur post-installation of the Ansible Automation Platform or in environments with strict security policies disallowing external collections. In these instances, your best course of action is to leverage API calls for initial configuration.


Before diving into the configuration process, ensure you meet the following prerequisites:

Ansible Automation Platform 2.X: Check that Ansible Automation Platform 2.X is installed without errors and is accessible along with a private automation hub.

Ansible package: The latest release of  Ansible Automation Platform (2.9 or later) must be installed on the host where the playbook will run. If you haven't already installed it, make sure to set it up on your system before proceeding further. If you are running the playbook on the same host that was used for the Ansible Automation Platform installation, the Ansible package will already be there.

Repo Credentials:

While we've tested this setup using GitHub, you can configure it to work with other repository sources as needed.

  • GitHub Credentials: You'll need your GitHub username and personal access token to authenticate with GitHub and access repositories. The examples below assume the repository with Ansible Automation Platform configuration is not public.

  • GitHub Repository: Prepare the GitHub repository URL where your Ansible Playbook and related files are stored. This repository will be used for version control and synchronization with your Ansible Automation Platform environment.

  • Collections Tarballs: If you are going to import any collections into a private automation hub, make sure collection tarball files are accessible by the playbook. Collections contain reusable automation content and modules necessary for various tasks within your automation workflows.

  • Ansible Installation Inventory File: Make sure you have an inventory file containing the necessary configuration details, such as host addresses and groupings, for your Ansible Automation Platform installation. This can be the same inventory file you used for Ansible Automation Platform installation and it is expected to be located in the same folder as the playbook containing the examples below.

Configuration Process

Before delving into the configuration of the Ansible Automation Platform 2.X, it's imperative to prepare all the necessary variables required for the setup using API calls. This initial step lays the foundation for a smooth and seamless configuration process, so that all essential components are in place before proceeding further.

1) Get and Prepare Variables for Ansible Automation Platform Configuration:

The first step involves retrieving and preparing all the variables essential for configuring Ansible Automation Platform. Through API calls, we gather pertinent information such as controller node addresses, authentication tokens and user credentials. These variables serve as the building blocks for our configuration process, providing the necessary parameters for interaction with the Ansible Automation Platform environment.


  - name: Generate Controller token
      url: "https://{{ controller_node }}/api/v2/tokens/"
      method: POST
      body_format: json
        Content-Type: "application/json"
        Authorization: "Basic {{ ('admin:' + admin_password) | b64encode }}"
        description: "Personal Controller token"
      validate_certs: false
    register: controller_token
    failed_when: "controller_token.status not in [200, 201]"

This example assumes that we are creating a personal token for an admin account since this account is created by default during the Ansible Automation Platform deployment and its credentials are what is available by default in the inventory file used for the deployment. If the requirement is to use another account, it has to be created first and can also be parameterized in the task above. Step 3 has an example of creating a user.

2) Create Namespaces for Private Automation Hub Collections:

As the private automation hub is newly installed and collections are not available, we next check that there’s organizational clarity within the Ansible Automation Platform environment by creating namespaces for collections. These namespaces serve as logical containers for organizing and managing automation assets effectively. In the absence of predefined namespaces, we create them to streamline access control and resource allocation within our automation ecosystem.


  - name: Create namespaces for collections
      url: https://{{ automation_hub }}/api/galaxy/_ui/v1/namespaces/
      user: "{{ automationhub_admin_user }}"
      password: "{{ automationhub_admin_password }}"
      method: POST
      body: '{
               "name": "{{ item }}",
               "groups": []
      force_basic_auth: true
      status_code: 201
      body_format: json
      validate_certs: false
    loop: "{{ namespaces_to_match | difference(matched_namespaces) }}"

For private automation hub configuration, we'll use a username and password. At the same time, existing the hub-wide API token gets reset each time a new one is requested, and since the hub-wide API token is also used by the automation controller to get collections, it’s not something we want to be changing each time we run the playbook.

3) Create Necessary Users, Credentials, Inventory:

With the foundational elements in place, we proceed to create essential components such as users, credentials and inventories within Ansible Automation Platform. This step encompasses the creation of accounts for further automation or administrative tasks, inventory configurations and credential setups, enabling a robust authentication and authorization framework for our automation workflows.


  - name: Create an automation user with a random password
      url: "https://{{ controller_node }}/api/v2/users/"
      method: POST
      body_format: json
        Content-Type: "application/json"
        Authorization: "Bearer {{ controller_token.json.token }}"
        username: "aap-admin"
        password: "{{ automation_user_random_password.stdout }}"
        is_superuser: true

4) Create Private Automation Hub (PAH) Users and namespaces:

Simultaneously, we configure the private automation hub, a critical component for orchestrating automation workflows securely. This involves creating private automation hub users and namespaces, and establishing secure authentication mechanisms. By implementing stringent access controls and authentication protocols, we fortify the security posture of our automation infrastructure, safeguarding sensitive data and workflows.


  - name: Create Private Automation Hub credential
      url: "https://{{ controller_node }}/api/v2/credentials/"
      method: POST
      body_format: json
        Content-Type: "application/json"
        Authorization: "Bearer {{ controller_token.json.token }}"
      validate_certs: false

5) Create a Project, Add WebHook, Connect with GitHub, and Launch the Job:

To culminate our configuration process, we create a project within the Ansible Automation Platform environment, integrate it with external services such as GitHub and automate the deployment process using webhooks. This comprehensive approach offers seamless collaboration and versioning capabilities within our automation workflows. Finally, we add the project to a job template and launch the job, validating the functionality of our playbook and enabling the successful execution of our configuration tasks.


  - name: Create project
      url: "https://{{ controller_node }}/api/v2/projects/"
      method: POST
      body_format: json
        Content-Type: "application/json"
        Authorization: "Bearer {{ controller_token.json.token }}"
        name: aap-config
        scm_type: "git"
        scm_url: "{{ github_repo }}"
        organization: 1
        credential: "{{ github_credential_id }}"
        scm_update_on_launch: true
      validate_certs: false

By following these configuration steps, you can configure Ansible Automation Platform 2.X using API calls. Each step in the process contributes to the establishment of a robust automation environment, characterized by efficiency, security and agility. With proper execution, you'll have a fully functional Ansible Automation Platform instance ready to streamline your IT automation workflows and drive organizational success. You will find a complete example playbook here.


In this blog post, we've provided a detailed guide on setting up Ansible Automation Platform 2.X through API calls from a playbook, starting from a fresh installation with no existing configuration. By adhering to these steps, you'll establish the essential initial configurations for your day-to-day tasks with the Ansible Automation Platform.

Learn more

About the author

Sohidur Rahman is a dedicated Red Hat Container Infrastructure Consultant, driven by a passion for helping clients overcome their strategic technology and business challenges using open source methods and technologies.

Read full bio

Browse by channel

automation icon


The latest on IT automation for tech, teams, and environments

AI icon

Artificial intelligence

Updates on the platforms that free customers to run AI workloads anywhere

open hybrid cloud icon

Open hybrid cloud

Explore how we build a more flexible future with hybrid cloud

security icon


The latest on how we reduce risks across environments and technologies

edge icon

Edge computing

Updates on the platforms that simplify operations at the edge

Infrastructure icon


The latest on the world’s leading enterprise Linux platform

application development icon


Inside our solutions to the toughest application challenges

Original series icon

Original shows

Entertaining stories from the makers and leaders in enterprise tech