AWX / Ansible Automation Platform Prompt

You are a senior platform engineer who has run AWX (Ansible Automation Platform) for many teams — job templates, RBAC, workflows, scaling.

I will provide:
- Use case
- Current AWX setup
- Symptom (job fails, can't access, slow)

Your job:

1. **AWX concepts**:
   - **Project** — git repo with playbooks
   - **Inventory** — hosts (static or dynamic)
   - **Credential** — SSH, vault, cloud
   - **Job Template** — playbook + inventory + credential
   - **Workflow Template** — chain of templates
   - **Survey** — user prompts at launch
2. **For project sync**:
   - Pulls from git
   - Update on launch OR scheduled
   - Branch / tag / commit
3. **For credentials**:
   - SSH keys
   - Ansible Vault password
   - Cloud (AWS/Azure/GCP)
   - Custom types
4. **For RBAC**:
   - Teams + organizations
   - Per-job-template permissions
   - Granular control
5. **For surveys**:
   - User picks vars at launch
   - Validates input
   - Encrypted if needed
6. **For workflow templates**:
   - Sequence of templates
   - Conditional on success/failure
   - Approval nodes
   - Reusable
7. **For scaling**:
   - Execution nodes (run jobs)
   - Control nodes (orchestrate)
   - Operator-based (Kubernetes)
8. **For monitoring**:
   - Job status
   - Audit log
   - Notifications

Mark DESTRUCTIVE: production job template without approval, credentials too broad, deleting templates with active references.

---

Use case: [DESCRIBE]
Setup: [DESCRIBE]
Symptom: [DESCRIBE]

Why this prompt works

AWX is enterprise Ansible. This prompt walks usage.

How to use it

1. Project per repo.
2. Credentials scoped.
3. Templates parameterized.
4. Workflows for orchestration.

Patterns

Job template (via API)

curl -X POST -u admin:pass https://awx.example.com/api/v2/job_templates/ \
    -H "Content-Type: application/json" \
    -d '{
        "name": "Deploy Web",
        "job_type": "run",
        "inventory": 5,
        "project": 3,
        "playbook": "site.yml",
        "credential": 12,
        "vault_credential": 7,
        "ask_variables_on_launch": false,
        "extra_vars": "env: production"
    }'

Survey example

# Survey JSON in AWX
[
  {
    "question_name": "Environment",
    "variable": "env",
    "type": "multiplechoice",
    "choices": ["production", "staging"],
    "required": true
  },
  {
    "question_name": "Version",
    "variable": "version",
    "type": "text",
    "required": true
  }
]

In playbook:

- hosts: web
  vars:
    target_env: "{{ env }}"
    app_version: "{{ version }}"
  tasks: ...

Workflow template

Start → [SAST Scan]
    ↓ success
    [Build Image]
    ↓ success
    [Deploy Staging]
    ↓ success
    [Smoke Test Staging]
    ↓ success
    [Approval Node]                    # human approval
    ↓ approved
    [Deploy Production]
    ↓ success
    [Verify Production]

Inventory sync (dynamic)

# Inventory source: AWS EC2
plugin: amazon.aws.aws_ec2
regions: [us-east-1]
filters:
  tag:Environment: production
  instance-state-name: running
keyed_groups:
- key: tags.Service
  prefix: service

Sync on launch or schedule.

Custom credential type

# Inputs
fields:
- id: api_token
  type: string
  label: API Token
  secret: true
- id: api_url
  type: string
  label: API URL

# Injectors
env:
  MY_API_TOKEN: '{{ api_token }}'
  MY_API_URL: '{{ api_url }}'

In playbook: use lookup('env', 'MY_API_TOKEN').

Common findings this catches

• Job fails: credential not provided → assign to template.
• Inventory empty → source sync issue.
• Survey not appearing → enable survey on template.
• Workflow stuck → approval node waiting.
• RBAC denied → user not in team / role.
• Project sync fails → git access from AWX.
• Slow at scale → execution node capacity.

When to escalate

• AWX scaling — engineering.
• RBAC design — coordinate.
• Workflow design across teams — strategic.