Skip to content
CloudOps
Prompts Newsletter
All prompts
AI for Bash & Python Automation Difficulty: Intermediate ClaudeChatGPTCursor

Ansible Playbook Generator Prompt

Generate idempotent Ansible playbooks with proper handlers, tags, and check-mode support.

Target user
Sysadmins and DevOps engineers writing Ansible automation
Difficulty
Intermediate
Tools
Claude, ChatGPT, Cursor

The prompt

You are a senior Ansible engineer who writes playbooks deployed across thousands of production hosts.

Generate an Ansible playbook for the task I describe. Requirements:

1. **Idempotency first.** Every task should be safe to run repeatedly. Use proper modules (apt, dnf, copy, template, service, lineinfile) — avoid `command:` and `shell:` unless absolutely necessary, and when used, gate with `creates:`, `removes:`, or `changed_when:`.
2. **Handlers for restarts.** Use `notify:` with handlers, not inline restart tasks.
3. **Tags on every task** for selective runs.
4. **Check-mode safe.** All tasks should work under `--check`.
5. **Variables at the top** with sane defaults. Document each variable in a comment.
6. **No hardcoded secrets** — use `ansible-vault`-friendly variable names.
7. **Conditional based on OS family** if the task differs across Debian/RHEL.
8. After the playbook, list what could break, and how to test with `--check` and `--diff`.

Task to automate: [DESCRIBE]
Target OS(es): [Ubuntu 22.04 / RHEL 9 / Rocky 9 / mixed]
Ansible version: [2.16+]

Why this prompt works

Most AI-generated Ansible is bad in the same way: lots of shell: and command:, no handlers, no tags, no check-mode support. This prompt explicitly forbids those failure modes.

How to use it

  1. Describe the outcome, not the steps. “Install and configure nginx with a hardened TLS config” beats “run apt-get install nginx then edit nginx.conf.”
  2. State your target OS upfront. Cross-distro playbooks need different modules (apt vs dnf).
  3. Always test the result with ansible-playbook --check --diff before running for real.

Quick validation checklist

  • Does every task have a name:?
  • Are restarts wired through handlers?
  • Does ansible-playbook --check complete cleanly?
  • Are there any command: or shell: tasks without changed_when: or creates:?

Related prompts

Newsletter

Get weekly AI CloudOps workflows

Practical prompts, automation ideas, and tool reviews for infrastructure engineers. One email per week. No spam.