What Is MCP in Red Hat Ansible Automation Platform? Model Context Protocol Explained

By Luca Berton · Published 2024-01-01 · Category: windows-automation

Understand MCP (Model Context Protocol) in Red Hat Ansible Automation Platform. Learn how MCP enables AI agents to discover and execute Ansible automation.

In February 2026, Red Hat announced Model Context Protocol (MCP) support for Ansible Automation Platform (AAP). MCP is an open standard that lets AI agents discover and execute automation through a structured API — turning Ansible into a tool that AI systems can use directly.

What Is MCP?

Model Context Protocol is an open specification (originally developed by Anthropic) that standardizes how AI models interact with external tools and data sources. Think of it as a universal adapter between AI agents and automation platforms.

┌─────────────────────┐
│   AI Agent / LLM    │
│  (ChatGPT, Claude,  │
│   internal copilot) │
└────────┬────────────┘
         │ MCP Protocol
         ▼
┌─────────────────────┐
│   MCP Server        │
│  (AAP Integration)  │
└────────┬────────────┘
         │ AAP API
         ▼
┌─────────────────────┐
│   Ansible Automation│
│   Platform          │
│  (Job Templates,    │
│   Workflows, RBAC)  │
└─────────────────────┘

How MCP Works with AAP

Without MCP (Traditional)

Human logs into AAP web UI Human selects a job template Human fills in parameters Human clicks "Launch" AAP runs the playbook

With MCP (AI-Assisted)

AI agent receives a request: "Deploy the new app version to staging" AI queries MCP server: "What automation is available?" MCP server returns available job templates from AAP AI selects the right template and parameters AI triggers the job through MCP → AAP API AAP runs the playbook with full RBAC enforcement AI reports results back to the user

What MCP Exposes

The AAP MCP server makes these resources discoverable:

| MCP Resource | AAP Object | What AI Can Do | |-------------|-----------|---------------| | Tools | Job Templates | List, describe, launch jobs | | Tools | Workflow Templates | Trigger multi-step workflows | | Resources | Inventories | Query available hosts | | Resources | Credentials | See credential types (not secrets) | | Prompts | Survey Specs | Understand required parameters |

Example: AI Discovers Available Automation

// AI asks MCP: "What tools are available?"
// MCP server responds:
{
  "tools": [
    {
      "name": "deploy_application",
      "description": "Deploy application to specified environment",
      "inputSchema": {
        "type": "object",
        "properties": {
          "environment": {
            "type": "string",
            "enum": ["staging", "production"],
            "description": "Target deployment environment"
          },
          "version": {
            "type": "string",
            "description": "Application version to deploy"
          }
        },
        "required": ["environment", "version"]
      }
    },
    {
      "name": "patch_servers",
      "description": "Apply security patches to server group",
      "inputSchema": {
        "type": "object",
        "properties": {
          "server_group": {
            "type": "string",
            "description": "Target server group"
          },
          "reboot": {
            "type": "boolean",
            "default": false
          }
        }
      }
    }
  ]
}

Example: AI Executes Automation

// AI decides to deploy version 2.5.0 to staging // Sends MCP tool call: { "tool": "deploy_application", "arguments": { "environment": "staging", "version": "2.5.0" } }

// MCP server translates to AAP API call: // POST /api/v2/job_templates/42/launch/ // { "extra_vars": { "environment": "staging", "version": "2.5.0" } }

Security Model

MCP with AAP preserves all existing security controls:

RBAC Enforcement

AI Agent authenticates with MCP Server
    → MCP Server authenticates with AAP using service account
        → AAP enforces RBAC on the service account
            → Only permitted job templates are visible
            → Only authorized inventories are accessible
            → Credential secrets NEVER exposed to AI

Key Security Properties

• AI never sees credentials — AAP handles credential injection at runtime • RBAC limits what AI can discover — the MCP service account's permissions control visibility • Audit trail preserved — every AI-triggered job is logged in AAP with the MCP service account • Approval workflows still apply — if a job template requires approval, the AI must wait for human approval • No direct host access — AI triggers jobs through AAP, never SSH/WinRM directly

Practical Architecture

Setting Up MCP for AAP

# Example MCP server configuration
mcp_server:
  name: "ansible-automation-platform"
  version: "1.0.0"
  
  aap_connection:
    url: "https://aap.example.com"
    auth:
      type: "token"
      token_env: "AAP_SERVICE_TOKEN"
  
  tool_discovery:
    # Only expose specific job templates
    allowed_templates:
      - "deploy_application"
      - "patch_servers"
      - "backup_databases"
      - "scale_infrastructure"
    
    # Or filter by organization/label
    template_filter:
      organization: "Platform Engineering"
      labels: ["ai-enabled", "self-service"]
  
  security:
    require_approval: true
    max_concurrent_jobs: 5
    rate_limit_per_minute: 10

Integration with AI Platforms

# Example: Connecting an internal AI assistant to AAP via MCP
- name: Configure AI assistant MCP connection
  hosts: ai_platform
  tasks:
    - name: Deploy MCP server for AAP
      community.docker.docker_container:
        name: aap-mcp-server
        image: "registry.redhat.io/aap/mcp-server:latest"
        state: started
        ports:
          - "3000:3000"
        env:
          AAP_URL: "https://aap.example.com"
          AAP_TOKEN: "{{ vault_aap_service_token }}"
          MCP_AUTH_TOKEN: "{{ vault_mcp_auth_token }}"
          ALLOWED_TEMPLATES: "deploy_*,patch_*,backup_*"
          LOG_LEVEL: "info"
      no_log: true

Use Cases

1. ChatOps / IT Helpdesk

> User: "The staging database is running low on disk space" > AI: Checking... staging-db-01 is at 92% disk usage. I can run the "expand_database_storage" job template to add 50GB. Should I proceed? > User: "Yes" > AI: Job #4521 launched. Storage expanded to 150GB. Current usage: 61%.

2. Incident Response

> Alert: CPU spike on production web servers > AI: Detected high CPU on web-prod-01 through web-prod-04. Available actions: scale_infrastructure (add 2 more servers), restart_services, or investigate_performance. Recommend scaling. Approve?

3. Developer Self-Service

> Developer: "I need a new dev environment for Project Atlas" > AI: I'll provision a dev environment using the "create_dev_environment" template. This includes: 2 VMs, PostgreSQL, Redis, and nginx. Takes about 8 minutes. Launching now.

Community vs AAP with MCP

| Feature | Community Ansible + Custom MCP | AAP with MCP | |---------|-------------------------------|-------------| | MCP server | Build your own | Red Hat provided | | RBAC | Manual implementation | Built-in, enterprise-grade | | Audit logging | DIY | Integrated | | Approval workflows | Not available | Native support | | Credential management | Ansible Vault | Centralized credential store | | Support | Community | Red Hat subscription | | Scalability | Single controller | Clustered, auto-scaling |

FAQ

What is MCP in Ansible Automation Platform?

MCP (Model Context Protocol) is an open standard that enables AI agents to discover and execute Ansible automation through AAP. It provides a structured API that AI systems use to list available job templates, understand their parameters, and trigger automation — all within AAP's existing security and RBAC framework.

Can AI run any playbook through MCP?

No. The MCP server only exposes job templates that the service account has permission to access. AAP's RBAC controls exactly what the AI can see and execute. Approval workflows still apply — if a template requires human approval, the AI must wait.

Does MCP replace the AAP API?

No. MCP is a layer on top of the AAP API that makes automation discoverable by AI agents. The AAP REST API remains available for traditional integrations. MCP adds AI-friendly metadata (tool descriptions, input schemas) that help AI agents understand what automation is available.

Is MCP only for Red Hat AAP?

The MCP protocol itself is open and vendor-neutral. Red Hat's implementation connects it specifically to AAP. You could build a custom MCP server for community AWX or ansible-runner, but you'd need to implement the discovery and security layers yourself.

How is this different from Ansible Lightspeed?

Ansible Lightspeed is an AI coding assistant that helps write playbooks. MCP is an AI execution interface that helps run automation. Lightspeed creates playbooks; MCP triggers them. They're complementary — Lightspeed for development, MCP for operations.

Conclusion

MCP in Ansible Automation Platform bridges the gap between AI agents and enterprise automation. It lets AI systems discover, understand, and trigger Ansible automation while preserving all security controls. For enterprises in 2026, MCP is how you make your existing Ansible investment accessible to the growing ecosystem of AI agents and copilots.

• Ansible for Agentic AI: Multi-Agent Systems • AWX vs Ansible Tower vs AAP • Ansible AI-Native Software Development • What's New in AAP 2.6

Category: windows-automation

Browse all Ansible tutorials · AnsiblePilot Home

AnsiblePilot — Master Ansible Automation

Popular Topics

About Luca Berton