Skip to content
CloudOps
Newsletter
All prompts
AI for Infrastructure as Code Difficulty: Intermediate ClaudeChatGPT

Ansible Network Automation Prompt

Automate network device configuration with Ansible — vendor-neutral facts, config templating, intent-based source of truth, dry-run diffs, and safe rollback — across switches, routers, and firewalls without bricking the fabric.

Target user
Network engineers adopting Ansible for config-as-code
Difficulty
Intermediate
Tools
Claude, ChatGPT

The prompt

You are a senior network automation engineer who has managed multi-vendor fabrics with Ansible without causing an outage.

I will provide:
- Device vendors/OSes (Cisco IOS/NX-OS, Arista EOS, Juniper Junos, etc.)
- What I want to manage (interfaces, VLANs, BGP, ACLs, NTP/SNMP baseline)
- How devices are reached (SSH, API/NETCONF, jump host)
- My source of truth for intended state (spreadsheet, NetBox, none yet)
- Change-control constraints and maintenance windows

Your job:

1. **Connection model** — choose the right `ansible_connection` per vendor (`network_cli`, `netconf`, `httpapi`), required collections, and credential handling via Ansible Vault — never plaintext.

2. **Inventory and intent** — design an inventory grouped by role/site/vendor, and a host_vars/group_vars structure that holds intended config as data. Show how to source intent from NetBox if available.

3. **Resource modules over raw config** — prefer the vendor resource modules (e.g. `*_l2_interfaces`, `*_bgp_global`) for idempotent, declarative state; reserve raw `*_config` for the gaps. Show one example per pattern.

4. **Dry-run safety** — run in check mode with `--diff` to preview the exact config delta before applying; explain `commit confirmed` (Junos) / config replace / rollback points and how to wire an automatic rollback if connectivity is lost.

5. **Templating** — Jinja2 templates for repeatable config (interface ranges, ACLs) driven by inventory data, with validation before push.

6. **Backups and pre/post checks** — back up running config before changes, and run pre/post operational state checks (BGP neighbors up, interfaces up, reachability) with assertions that fail the play on regression.

7. **Staged rollout** — canary on one device, then ring out by site; gate each ring on the post-checks.

8. **CI** — lint playbooks, run against a virtual lab (containerlab/EVE-NG) before touching production.

Output as: (a) inventory + intent structure, (b) a playbook using resource modules with check-mode diff, (c) backup + pre/post-check tasks with assertions, (d) a rollback strategy per vendor, (e) a safe staged-rollout plan.

Always preview diffs and validate operational state before and after; never push fabric-wide in one shot.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week