Red Hat Ansible Tower - Launch Job Template

Red Hat Ansible Tower - Launch Job Template launches an existing Job Template, Workflow Job Template, or System Job Template in Ansible Tower, for:

• Assets returned by the selected query or assets selected on the relevant asset page.

This enforcement action launches the specified Ansible Tower template and passes per-device Axonius field values as extra_vars in the launch payload, allowing the playbook to access asset-specific data.

Required Fields

These fields must be configured to run the Enforcement Action.

• Use stored credentials from the Red Hat Ansible Tower adapter - Select this option to use credentials from the adapter connection. By default, the first connection is selected.

  • When you select this option, the Select Adapter Connection drop-down becomes available. Select the adapter connection to use for this Enforcement Action.

  • Note: The Red Hat Ansible Tower adapter must be configured with a successful connection before using this enforcement action.

• Template Type - Select the type of template to launch: Job Template, Workflow Job Template, or System Job Template. This determines which endpoint is used when launching the template.

• Template ID - The numeric ID of the existing template in Ansible Tower. This is the unique identifier for the template you want to launch.

• Extra Variables Field Mapping (Optional) - Map Axonius device fields to extra_vars keys. Each mapped field value is included in the launch payload, allowing the playbook to access device-specific information. For example, map ansible_tower_adapter:hostname to target_host to pass the device hostname to the playbook.

• Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Working with Axonius Compute Nodes.

Additional Fields

These fields are optional.

• Domain - Ansible Tower domain URL.
• User Name - Ansible Tower username.
• Password - Ansible Tower password.
• API Token - API token for authentication.

Connection Settings

To successfully execute this enforcement action, the following connection parameters are required:

• Host Name or IP Address - The Ansible Tower domain or IP address (e.g., https://ansible.example.com).
• Authentication credentials - Either username/password combination or API Token.

• Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

• HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

• HTTPS Proxy User Name (optional) - The user name to use when connecting to the server using the HTTPS Proxy.

• HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

• Gateway Name - Select the Gateway through which to connect to perform the action.

APIs

Axonius uses the Red Hat Ansible Automation Platform API - POST /api/v2/job_templates/{id}/launch/ or POST /api/controller/v2/job_templates/{id}/launch/

The endpoint varies based on your Ansible Tower version (legacy vs. 2.5+).

Required Ports

Axonius must be able to communicate via the following ports:

• TCP port 80 (HTTP)
• TCP port 443 (HTTPS)

Required Permissions

• Ansible Tower user must have permission to launch templates.
• Organization access: User must have access to the organization containing the template.