Everything New in Ansible Automation Platform 2.7: Portal, Orchestrator, MCP, and AI
By Luca Berton · Published 2024-01-01 · Category: installation
A complete roundup of Ansible Automation Platform 2.7: Automation Portal, MCP Server, Orchestrator preview, AI assistant, and 12 new collections.
Red Hat used Red Hat Tech Day Netherlands 2026, held in Bunnik on 3 June 2026, to formally introduce Ansible Automation Platform (AAP) 2.7 — and it's one of the busier releases in the platform's history. Between a new self-service portal, an AI assistant, a Tech Preview MCP server, and a first look at a Temporal-based orchestrator, there's a lot to unpack. This article rounds up every headline feature announced, plus the architecture and lifecycle changes admins need to plan around.
Automation Portal: self-service for the rest of the org
The biggest UX shift in 2.7 is the Automation Portal, a new self-service layer designed for users who aren't automation engineers but need to consume automation safely. Two capabilities stand out:
- Self-service templates — curated, parameterized job templates that non-admin users can launch through a simplified form, without needing controller-level access.
- Visual Execution Environment (EE) Builder — a graphical workflow for composing and building custom execution environments, replacing hand-written
execution-environment.ymlfiles with a point-and-click builder for base images, collections, and Python/system dependencies.
See also: AAP 2.7 EE Builder Step 1: Choosing a Base Image
Automation Intelligent Assistant with BYOK RAG
AAP 2.7 also ships the Automation Intelligent Assistant, an AI helper embedded in the platform experience. The standout architectural choice is BYOK (Bring Your Own Key) RAG — retrieval-augmented generation where organizations connect their own LLM provider credentials and their own knowledge sources, rather than being locked into a single hosted model. For regulated environments, this matters: content and prompts can stay inside an organization's chosen model boundary instead of flowing to a fixed third-party endpoint by default.
MCP Server (Tech Preview): 107 tools, six tool sets
Perhaps the most consequential change for anyone building agentic workflows is the new hosted MCP (Model Context Protocol) Server, shipping as a Tech Preview in 2.7. It exposes 107 tools grouped into 6 tool sets, letting AI agents and MCP-compatible clients query and act on AAP resources — job templates, inventories, execution status, and more — through a standard protocol instead of bespoke API integrations.
Because MCP is new territory for the platform, expect the tool surface to evolve before general availability. A representative (illustrative) way a controller job might expose MCP-relevant metadata today looks like this:
---
- name: Launch a job template surfaced via the AAP MCP Server tool set
hosts: localhost
gather_facts: false
vars:
aap_controller_host: "https://aap.example.com"
job_template_name: "Patch - Production Web Tier"
tasks:
- name: Launch job template through automation controller
ansible.controller.job_launch:
name: "{{ job_template_name }}"
controller_host: "{{ aap_controller_host }}"
controller_username: "{{ aap_username }}"
controller_password: "{{ aap_password }}"
extra_vars:
requested_by: "mcp-agent"
change_ticket: "CHG0012345"
register: job_launch_result
- name: Report launch result for MCP tool-set consumption
ansible.builtin.debug:
msg: "Job {{ job_launch_result.id }} launched via MCP-exposed tool set"Tech Preview status means it's supported for evaluation and feedback, not yet recommended for production-critical automation paths.
See also: AAP 2.7 EE Builder Step 2: Adding Collections from Private Automation Hub
Automation Orchestrator: a first preview, built on Temporal
Red Hat also previewed Automation Orchestrator, described as "Coming Q3 2026." It's built on Temporal, the durable-execution workflow engine, and is aimed at long-running, stateful orchestration scenarios that stretch beyond what a traditional job template or workflow template comfortably handles — think multi-day change windows, human-in-the-loop approval chains, or cross-system sagas that need to survive restarts. At Tech Day, this was shown as a preview only; there's no GA date beyond the Q3 2026 target.
12 new content collections
AAP 2.7 also broadens day-2 integration coverage with 12 new content collections, including:
- Splunk
- HashiCorp Vault
- Cisco Intersight
- Microsoft MECM (Configuration Manager) and SCOM
- Google Cloud
- Azure
See also: AAP 2.7 EE Builder Step 3: Destination, Build, and Publish to Git
Architecture and platform changes
Several changes underneath the UI are just as significant as the headline features:
| Change | What it means |
|---|---|
| Gateway-only architecture | All inter-component traffic now flows exclusively through the gateway — no direct service-to-service calls — and this is enforced and regression-tested |
| PostgreSQL 16 and 17 support | Broader database version compatibility for new and upgraded installs |
| Django 5.2 LTS | Underlying web framework moves to a long-term-support release |
| Centralized OpenAPI spec | A single, unified API specification across platform components |
ansible.platform collection, Phase 1 | Configuration-as-code for platform settings begins rolling out |
UX and customer-requested improvements
A batch of smaller, customer-driven fixes rounds out the release:
- Bulk host delete
- Clearer authentication mapping labels
- Repository sync date shown directly in the UI
- A feature-flags runtime UI
- Workflow convergence improvements
- An Automation Dashboard shipped as part of the main UI and installer (no longer a separate add-on)
Lifecycle and upgrade timeline
Alongside 2.7, Red Hat confirmed important lifecycle dates:
- AAP 2.4 reaches end of life in June 2026 — teams still on 2.4 should be actively planning migration now.
- Extended Update Support (EUS) costs 50% extra for a first 12-month term and 75% extra for a second, for organizations that need more runway on an otherwise-retiring version.
- The managed AAP 2.7 rollout follows a staged schedule:
- Communications begin March 23, 2026
- Segment 1 upgrades: June 2, 2026
- General Availability: June 3, 2026
- Segment 2 upgrades: June 16, 2026
Key Takeaways
- Automation Portal brings self-service templates and a visual Execution Environment Builder to non-admin users.
- Automation Intelligent Assistant uses BYOK RAG, so organizations control the LLM and knowledge sources behind AI assistance.
- The new MCP Server (Tech Preview) exposes 107 tools across 6 tool sets for agentic and AI-driven automation — evaluate it, but don't bet production workflows on it yet.
- Automation Orchestrator, built on Temporal, is previewed with a Q3 2026 target for long-running, stateful orchestration.
- 12 new certified collections (Splunk, HashiCorp Vault, Cisco Intersight, Microsoft MECM/SCOM, Google Cloud, Azure) expand day-2 coverage.
- The gateway-only architecture, PostgreSQL 16/17, Django 5.2 LTS, a centralized OpenAPI spec, and
ansible.platformPhase 1 are the structural changes underpinning the release. - Plan around lifecycle dates now: AAP 2.4 EOL in June 2026, EUS pricing premiums of 50%/75%, and the managed rollout running from Segment 1 (June 2) through GA (June 3) to Segment 2 (June 16).
Category: installation