AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible on AIX 7.3 Automation Complete Guide

By Luca Berton · Published 2024-01-01 · Category: installation

Automate IBM AIX 7.3 with Ansible: ibm.power_aix collection, NIM, lpp_source, oslevel, filesets, LPARs, user management, security hardening.

IBM AIX 7.3 is the latest mainstream UNIX from IBM, running on Power9 / Power10 / Power11 LPARs. Ansible automates AIX through the official ibm.power_aix collection, covering filesets, LPP sources, NIM operations, oslevel, users, devices, and security hardening. This is the master Ansible guide for AIX 7.3.

AIX 7.3 release facts

| Item | Value | |---|---| | Major | 7.3 (TL3) | | Architecture | Power9 / Power10 / Power11 | | Service Pack support | TL3 SP2 + interim fixes | | End of Service | 2031-04-30 (planned) | | Default shell | ksh93 | | Package format | bff filesets, RPM (yum) for open-source |

See also: Red Hat Enterprise Linux 9 Repositories List

Ansible-core compatibility

Use ansible-core 2.18 LTS. AIX requires Python on managed nodes (typically /opt/freeware/bin/python3):

[aix:vars]
ansible_python_interpreter=/opt/freeware/bin/python3

Collection:

collections:
  - name: ibm.power_aix
    version: ">=2.0.0"

Inventory

[aix]
lpar01 ansible_host=10.0.5.11
lpar02 ansible_host=10.0.5.12

[aix:vars]
ansible_user=ansible
ansible_become=true
ansible_become_method=sudo

See also: Ansible AWS: Complete Guide to Cloud Automation (2026)

Patch via NIM lpp_source

- name: Update AIX with lpp_source via NIM
  hosts: aix
  gather_facts: true
  tasks:
    - name: Apply TL/SP from NIM master
      ibm.power_aix.nim_updateios:
        action: update
        targets: "{{ inventory_hostname }}"
        lpp_source: 7300-03-02-lpp_source
        accept_licenses: true

(Run the NIM-side commands from the NIM master itself.)

oslevel + fileset checks

- name: Check AIX level and key filesets
  hosts: aix
  gather_facts: false
  tasks:
    - name: oslevel
      ansible.builtin.command: oslevel -s
      register: osl
      changed_when: false

- name: Print
      ansible.builtin.debug:
        msg: "OS level is {{ osl.stdout }}"


- name: Ensure openssh fileset present
      ibm.power_aix.installp:
        action: list
        filesets: openssh.base.server
      register: fs

See also: Ansible Become: Privilege Escalation with sudo, su & runas (Complete Guide)

User management

- name: Manage AIX users
  hosts: aix
  tasks:
    - name: Create app user
      ibm.power_aix.user:
        state: present
        name: appuser
        attributes:
          home: /home/appuser
          shell: /usr/bin/ksh
          gecos: "Application user"
          pgrp: staff
        password: "{{ vault_appuser_hashed }}"

Filesystems (JFS2)

- name: Create JFS2 filesystem
  hosts: aix
  tasks:
    - name: /opt/app filesystem
      ibm.power_aix.filesystem:
        filesystem: /opt/app
        state: present
        attributes:
          size: 4G
          vg: rootvg
          mount_group: app
        auto_mount: true
        permissions: rw
        mount: true

Security hardening

- name: Baseline AIX security
  hosts: aix
  tasks:
    - name: Set AIX security policy via aixpert
      ansible.builtin.command: /usr/sbin/aixpert -l high
      register: pert
      changed_when: "'success' in pert.stdout | lower"

- name: Enforce password policy
      ibm.power_aix.user:
        state: present
        name: ALL
        attributes:
          maxage: 13
          minage: 1
          minlen: 12
          mindiff: 3
          loginretries: 5

Best practices

• Always patch via NIM lpp_source with consistent TL/SP across LPARs; avoid ad-hoc fileset installs. • Pin Python on AIX to /opt/freeware/bin/python3 explicitly in inventory. • Use AIX RBAC roles for the Ansible service account; avoid plain root. • Keep alt_disk_copy snapshots before TL upgrades; the ibm.power_aix.alt_disk module helps.

Conclusion

AIX 7.3 + ibm.power_aix is a fully Ansible-managed UNIX platform. Use NIM-driven patching, JFS2 filesystem modules, AIX RBAC, and alt_disk_copy snapshots to bring traditional AIX into the same automation pipelines as your Linux estate.

Category: installation

Browse all Ansible tutorials · AnsiblePilot Home