Easy automation for Microsoft Windows Server and Azure with Ansible Automation Platform

The latest update of Ansible Automation Platform has enhanced its capabilities, with support for OpenSSH to efficiently manage Windows servers as an alternative to using WinRM for connections. Additionally, the new Microsoft.iis collection includes comprehensive support for configuring Internet Information Services (IIS), and the ansible.windows collection has been updated with additional modules to support Windows server management. Furthermore, Ansible Automation Platform extends its reach to cloud and hybrid environments with new support for managing Azure Arc resources, enabling consistent and unified management across on-premises, multi-cloud and edge environments.

OpenSSH support

When automating Windows, you may have used WinRM in the past. However, OpenSSH has long been a request from customers, and at the end of 2024 OpenSSH is supported in Windows Server 2022+ and Ansible core 2.18+.

Why automate Windows with Ansible Automation Platform?

Traditional Windows management often requires GUI-based configurations, manual patching and repetitive administrative tasks. With Ansible Automation Platform, you can:

• Save time and reduce costs: Automate routine tasks like software deployment, user management, and patching
• Improve consistency and security: Enforce standard configurations across all Windows servers, reducing configuration drift and compliance risks
• Enhance scalability: Manage thousands of Windows systems with a single automation framework, enabling rapid deployment and updates
• Integrate seamlessly: Connect Ansible Automation Platform with existing IT ecosystems like Active Directory and Azure for a unified automation experience

Expanding the ansible.windows collection

The certified ansible.windows collection has now been updated with additional modules. Our top 5 "honorable mention" modules:

1. win_firewall – Essential for managing security policies and restricting access to services by configuring the Windows firewall with Ansible Automation Platform
2. win_hotfix – Critical for checking and managing system updates and patches so you can have visibility into the patching status of your servers and know where action needs to be taken
3. win_initialize_disk – Important for provisioning new storage for your Windows servers by initializing and partitioning disks
4. win_certificate_info – Necessary for managing and verifying SSL/TLS certificates, crucial for securing web applications hosted on your Windows servers
5. win_acl_inheritance – Helps enforce permission policies, enabling security and compliance

These 5 modules greatly assist any administrator in the crucial task of securing and hardening of Windows servers. Those are our top 5 but, depending on your use case, you'll likely have some top picks of your own. It's by no means an exhaustive list. In our effort to expand support for Windows automation, a number of modules have been added to the collection. Read more about these additional modules in the documentation.

These modules provide Windows administrators and automation experts with a more comprehensive ability to automate Windows services, streamline common tasks, and fine-tune Windows systems and Active Directory installs.

The microsoft.iis collection

In addition to the ansible.windows collection update, we've also created a new collection specifically for IIS management. It enables comprehensive automation for managing Microsoft Internet Information Services (IIS). This collection allows you to:

• Streamline web server deployments: Automate IIS role installations, site configurations, and SSL management
• Ensure consistency across environments: Use Ansible Playbooks to standardize web server configurations and prevent drift
• Enhance security and compliance: Automate security settings, certificate management and application pool configurations
• Optimize performance: Implement load balancing, logging and fine-tuned IIS settings for high availability

This certified collection currently includes the following modules:

This collection focuses on management of IIS and allows you to create and manage virtual directories, web applications, web application pools and IIS websites. The collection also provides modules to gather information on each of these components.

Azure additions

Azure Arc allows Azure to monitor infrastructure in or outside of the cloud, and Ansible Automation Platform can automate deployment and configuration of that infrastructure. Azure Arc supports virtual machine (VM) management over SSH, and Ansible Automation Platform now enables connectivity and automation of connected VMs through Arc as if the nodes were directly routable. Read this article for information about deploying the Azure Arc monitoring agent using Ansible Automation Platform.

New additions to azure.azcollection support using Arc through the Azure_RM_arcssh module, which allows you to configure an SSH proxy for Arc hosts to connect to Azure.

The recent updates to the Azure and Microsoft Windows and IIS Certified Collections for Ansible Automation Platform represent a significant step forward in enhancing automation capabilities for enterprises. These updates not only streamline the integration of Azure services with Ansible Automation Platform, but also ensure that organizations can leverage the latest features and connection types. By continuously evolving and expanding the certified collections, Red Hat and Microsoft are empowering IT teams to automate complex workflows with greater efficiency and confidence.

Where to go next

• Attend Red Hat’s premier event Red Hat Summit 2025
• Volvo Cars reveal how they use Ansible Automation Platform on Microsoft Azure to accelerate time-to-automation
• Learn how to use Windows and Event-Drive Ansible with AI ticket enrichment
• Watch a video on Windows automation: Speed and scale to understand how you can scale your automation of Windows servers
• Want to learn Ansible? Check out our getting started guide on developers.redhat.com

About the authors