{"id":27103084,"url":"https://github.com/stuartellis/ansible-azure","last_synced_at":"2026-04-24T21:31:36.674Z","repository":{"id":103209934,"uuid":"458872997","full_name":"stuartellis/ansible-azure","owner":"stuartellis","description":"Ansible roles and playbooks for Azure","archived":false,"fork":false,"pushed_at":"2022-03-09T06:53:41.000Z","size":212,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-12T20:35:23.889Z","etag":null,"topics":["ansible","azure"],"latest_commit_sha":null,"homepage":"","language":"Jinja","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stuartellis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-02-13T16:58:49.000Z","updated_at":"2024-12-26T11:06:51.000Z","dependencies_parsed_at":"2023-06-28T23:30:52.022Z","dependency_job_id":null,"html_url":"https://github.com/stuartellis/ansible-azure","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/stuartellis/ansible-azure","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stuartellis%2Fansible-azure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stuartellis%2Fansible-azure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stuartellis%2Fansible-azure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stuartellis%2Fansible-azure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stuartellis","download_url":"https://codeload.github.com/stuartellis/ansible-azure/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stuartellis%2Fansible-azure/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32241576,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-24T13:21:15.438Z","status":"ssl_error","status_checked_at":"2026-04-24T13:21:15.005Z","response_time":64,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","azure"],"created_at":"2025-04-06T16:38:59.777Z","updated_at":"2026-04-24T21:31:36.659Z","avatar_url":"https://github.com/stuartellis.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ansible for Azure\n\nThis project enables [Ansible](https://www.ansible.com/) on Azure.\n\nAnsible can run on any computer or group of computers that it finds, provided that WinRM or SSH are enabled on those computers. This project includes a dynamic inventory for Ansible, which automatically groups virtual machines on Azure by location and tags.\n\n## Setting Up\n\nYou may run Ansible on Linux or macOS, or in WSL. Ansible requires Python 3.\n\nTo set up Ansible, run these commands in a terminal window:\n\n    pip3 install --user -r requirements-ansible.txt\n    ansible-galaxy install -r requirements.yml\n    pip3 install --user -r $HOME/.ansible/collections/ansible_collections/azure/azcollection/requirements-azure.txt\n\n\u003e Ensure that the *bin* directory for Python is on your PATH. On macOS, this is *$HOME/Library/Python/3.9/bin*.\n\nSome Microsoft tasks for Ansible are currently not compatible with pipx and other Python environment isolation tools. For this reason, these commands install Ansible and the required Python modules to your home directory.\n\nTo set up code checks for development, run *npm install*:\n\n    npm install\n\n## Connecting to Azure\n\n### Service Principal\n\nTo run operations with Ansible, you need a Service Principal in Azure Active Directory. This Service Principal must be a member of the *Contributors* role on the subscriptions in Azure.\n\nSet the service principal details in either the configuration file *$HOME/.azure/credentials*, or as environment variables:\n\n- AZURE_CLIENT_ID\n- AZURE_SECRET\n- AZURE_SUBSCRIPTION_ID\n- AZURE_TENANT\n\n## Finding Virtual Machines\n\nTo list the available Virtual Machines:\n\n    ansible-inventory -i inventories/azure_rm.yml --graph\n\n## Running a Command on Remote Computers\n\nAnsible provides [specific modules for Windows](https://docs.ansible.com/ansible/latest/collections/ansible/windows/index.html#plugins-in-ansible-windows). For example, *win_command* runs a command on Windows computers, and *win_copy* copies files from your systems to Windows computers.\n\nTo run an Ansible task on one computer, use the name of the computer. This command specifies the computer *example-vm-0001*:\n\n    ansible example-vm-0001 --ask-pass --user vmadmin -i inventories/azure_rm.yml -m win_copy -a \"src=example.txt dest=C:\\Temp\"\n\nTo run an Ansible task on a group of computers, specify the group. This command specifies the group *tag_environment_dev*:\n\n    ansible tag_environment_dev --ask-pass --user vmadmin -i inventories/azure_rm.yml -m win_copy -a \"src=example.txt dest=C:\\Temp\"\n\nTo get information about computers, use *setup*:\n\n    ansible example-vm-0001 --ask-pass --user vmadmin -i inventories/azure_rm.yml -m setup\n\nTo check whether Ansible can access Windows computers without making any changes, use *win_ping*:\n\n    ansible example-vm-0001 --ask-pass --user vmadmin -i inventories/azure_rm.yml -m win_ping\n\n## Running Playbooks on Remote Computers\n\nUse playbooks to define a set of commands that execute on a group of computers. This project includes several playbooks.\n\n- *ping_azure_windows* checks that Ansible can connect to all available Windows computers on Azure\n- *apply_windows_devtools* installs and updates a collection of standard tools on Windows development machines\n- *apply_windows_updates.yml* runs Windows Update on all target computers\n\nTo carry out a dry-run of a playbook, use *--check* to enable *check mode*:\n\n    ansible-playbook --ask-pass --user vmadmin --check -i inventories/azure_rm.yml ./apply_windows_updates.yml\n\nTo run a playbook on the target computers, use *ansible-playbook* without *--check*:\n\n    ansible-playbook --ask-pass --user vmadmin -i inventories/azure_rm.yml ./ping_azure_windows.yml\n\nUse the [--limit option](https://docs.ansible.com/ansible/latest/user_guide/intro_patterns.html#patterns-and-ansible-playbook-flags) to change which computers a playbook runs on:\n\n    ansible-playbook --ask-pass --user vmadmin -i inventories/azure_rm.yml --limit tag_environment_dev ./ping_azure_windows.yml\n\nIf Ansible fails on some computers, it creates a list of these computers as a *.retry* file. You can use *--limit* to run a playbook on the computers where Ansible failed:\n\n    ansible-playbook --ask-pass --user vmadmin -i inventories/azure_rm.yml --limit @apply_windows_updates.retry ./apply_windows_updates.yml\n\n## Deploying New Virtual Machines on Azure\n\nTo deploy a new Windows VM:\n\n    ansible-playbook -i inventories/localhost ./deploy_disposable_public_win_vm.yml --extra-vars \"@examples/answers/disposable_public_win_vm.yml\"\n\nThis playbook creates copies of the WinRM server certificates for new virtual machines in the *tmp/* directory of this project.\n\nTo deploy a new Linux VM:\n\n    ansible-playbook -i inventories/localhost ./deploy_disposable_public_ubuntu_vm.yml --extra-vars \"@examples/answers/disposable_public_ubuntu_vm.yml\"\n\n## Working with Azure Resource Groups\n\n\u003e We use the *localhost* inventory to run commands on Azure itself.\n\nTo create an empty resource group:\n\n    ansible-playbook -i inventories/localhost ./create_resource_group.yml --extra-vars \"resource_group_name=example-hosts-0040-rg location=uksouth\"\n\nTo create a resource group with resources for testing and prototyping:\n\n    ansible-playbook -i inventories/localhost ./deploy_lab_resource_group.yml --extra-vars \"@examples/answers/lab_resource_group.yml\"\n\nTo delete a resource group and all of the resources in it:\n\n    ansible-playbook -i inventories/localhost ./delete_resource_group.yml --extra-vars \"resource_group_name=example-hosts-0040-rg location=uksouth\"\n\n## Deploying Other Azure Resources\n\nThis project also includes playbooks for deploying several types of resources on Azure. These playbooks are useful for setting up resources for testing.\n\nTo deploy a Virtual Network:\n\n    ansible-playbook -i inventories/localhost ./deploy_minimal_vnet.yml --extra-vars \"@examples/answers/minimal_vnet.yml\"\n\nTo deploy an Azure Key Vault:\n\n    ansible-playbook -i inventories/localhost ./deploy_minimal_key_vault.yml --extra-vars \"@examples/answers/minimal_key_vault.yml\"\n\nTo deploy a Storage Account for VM diagnostics:\n\n    ansible-playbook -i inventories/localhost ./deploy_vm_diag_storage.yml --extra-vars \"@examples/answers/vm_diag_storage.yml\"\n\n## Developing Ansible Code\n\n### Tools\n\nInstall [Ansible Lint](https://ansible-lint.readthedocs.io/en/latest/usage.html) and [the Visual Studio Code extension for Ansible](https://marketplace.visualstudio.com/items?itemName=redhat.ansible). The Visual Studio Code extension automatically checks roles and playbooks with Ansible Lint.\n\nTo install Ansible Lint, run these commands in a terminal window:\n\n    pipx install ansible-lint\n    pipx inject ansible-lint ansible-core yamllint\n\n### Examples\n\nThis project includes examples of using Ansible to deploy ARM templates and run the Azure CLI. The roles used by the *deploy_* playbooks provide examples of how to deploy ARM templates. The role *key_vault_secret* provides an example of running the Azure CLI in an Ansible task.\n\n### Running New ARM Templates\n\nUse the playbooks *create_resource_group.yml* and *delete_resource_group.yml* to create and delete resource groups for testing. You can then use the playbook *deploy_arm_template.yml* to deploy any ARM template into your resource groups.\n\n        ansible-playbook -i inventories/localhost ./deploy_arm_template.yml --extra-vars \"template_file_path=examples/arm/storage/store-deployment-template.json parameters_file_path=examples/arm/storage/store-deployment-parameters.json deployment_name=example-0010 resource_group_name=example-hosts-0040-rg location=uksouth\"\n\n## Documentation\n\n## Ansible with Windows\n\n- [Ansible Collection for Windows](https://docs.ansible.com/ansible/latest/collections/ansible/windows/index.html#plugins-in-ansible-windows)\n- [Using Ansible with Windows](https://docs.ansible.com/ansible/latest/user_guide/windows.html)\n\n### Ansible with Azure\n\n- [Azure Documentation for Ansible](https://docs.microsoft.com/en-us/azure/developer/ansible/)\n- [Ansible Collection for Azure](https://docs.ansible.com/ansible/latest/collections/azure/azcollection/)\n\n### Azure Resource Manager (ARM)\n\n- [Azure Resource Manager templates](https://docs.microsoft.com/en-gb/azure/azure-resource-manager/templates/)\n\n### Linux with Azure\n\n- [Access to Linux VMs with Key Vault](https://github.com/starkfell/100DaysOfIaC/blob/master/articles/day.68.manage.access.to.linux.vms.using.key.vault.part.1.md)\n\n### WinRM\n\n- [Set up WinRM access for an Azure VM](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/winrm)\n- [How to Set up PSRemoting with WinRM and SSL](https://adamtheautomator.com/winrm-ssl/)\n- [Configure Powershell WinRM to use OpenSSL generated self-signed certificate](http://vcloud-lab.com/entries/powershell/configure-powershell-winrm-to-use-openssl-generated-self-signed-certificate)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstuartellis%2Fansible-azure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstuartellis%2Fansible-azure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstuartellis%2Fansible-azure/lists"}