Red Hat Ansible Automation Platform 2.7: What's New — Features, AI, and Security Enhancements

Red Hat has released Ansible Automation Platform 2.7, bringing significant improvements to service delivery, security, and AI-driven automation. This release focuses on helping IT teams adopt enterprise-wide automation with the governance needed for resilient operations.

Key Highlights

| Feature | Category | Status | |---|---|---| | Self-service automation portal (RHEL 9 & 10) | Service Delivery | GA | | Visual execution environment builder | Service Delivery | GA | | Centralized content catalog | Service Delivery | GA | | OIDC provider for HashiCorp Vault | Security | Technology Preview | | MCP server for AAP | AI Automation | Technology Preview | | Bring-your-own-knowledge for Lightspeed | AI Automation | GA | | Automation dashboard in platform UI | Observability | GA | | Ansible-ready dev workspaces | Developer Experience | GA | | MCP server-enabled VS Code extension | Developer Experience | GA |

See also: What Is MCP in Red Hat Ansible Automation Platform? Model Context Protocol Explained

Optimize Service Delivery

Self-Service Automation Portal

The self-service automation portal — now available for RHEL 9 and RHEL 10 deployments — empowers platform engineers to provide automation as a service. Key improvements include: • Visual execution environment builder: Eliminates manual Containerfile/Dockerfile configuration. Build execution environments through a graphical interface with dependency resolution. • Centralized content catalog: Administrators can aggregate trusted Ansible content (collections, roles, playbooks) into a single searchable catalog, reducing time developers spend finding reliable content.

# Example: Using a custom execution environment built via the portal
- name: Deploy application with custom EE
  hosts: all
  tasks:
    - name: Use collection from content catalog
      ansible.builtin.include_role:
        name: company.internal.deploy_app
      vars:
        app_version: "{{ vault_app_version }}"
        environment: production

What This Means for Teams

Platform engineers can now: • Standardize execution environments across the organization • Control which collections and Python packages are available • Reduce "works on my machine" issues with consistent EE builds

Drive Automation Adoption at Scale

OIDC Provider for HashiCorp Vault (Technology Preview)

AAP 2.7 introduces native OpenID Connect (OIDC) provider integration with HashiCorp Vault, enabling zero-trust credential management: • Short-lived, job-specific tokens replace static service accounts • No credential sprawl — each automation job authenticates with a unique, time-limited token • Minimized attack surface — compromised tokens are useless after job completion

# Example: Vault integration with OIDC tokens
- name: Retrieve secrets from HashiCorp Vault
  hosts: localhost
  connection: local
  tasks:
    - name: Read database credentials
      community.hashi_vault.vault_read:
        url: https://vault.example.com
        path: secret/data/database
        auth_method: jwt
        jwt: "{{ ansible_oidc_token }}"
        role: ansible-automation
      register: db_creds
      no_log: true
- name: Use credentials
      ansible.builtin.debug:
        msg: "Connected to {{ db_creds.data.data.hostname }}"

Why This Matters

In zero-trust environments, static credentials are a liability. OIDC integration means: • Automation jobs get temporary, scoped credentials • Vault policies control exactly what each job can access • Audit trails show which job accessed which secrets

See also: Red Hat Summit 2026: Ansible Automation Platform Highlights and Key Announcements

Unlock AI-Driven Automation

MCP Server for AAP (Technology Preview)

The Model Context Protocol (MCP) server brings agentic AI capabilities to Ansible Automation Platform: • Natural language operations: Manage jobs, troubleshoot issues, and launch workflows using prompts • Agentic approach: AI agents can chain actions — diagnose a problem, create a playbook, and execute it • VS Code integration: MCP server-enabled VS Code extension for development workflows

Example natural language interactions:
> "Show me all failed jobs in the last 24 hours"
> "Launch the patching workflow for production web servers"
> "What collections are available for network automation?"
> "Troubleshoot why the database backup job failed"

Bring Your Own Knowledge

The Ansible Lightspeed intelligent assistant now supports custom knowledge bases: • Upload your organization's playbooks, documentation, and best practices • Lightspeed generates suggestions based on YOUR patterns, not just public examples • Improves recommendation accuracy for internal modules and roles

MCP Framework for Cloud Providers

Developers can integrate MCP servers from: • AWS — Manage cloud resources via natural language • Azure — Automate Azure services with AI assistance • GitHub — Integrate repository workflows into automation

Other Enhancements

Automation Dashboard

The automation dashboard is now embedded directly in the platform UI, providing: • Real-time job execution metrics • Host and inventory utilization • Automation coverage across the organization

Ansible-Ready Development Workspaces

Pre-configured development environments that include: • ansible-core and common collections • ansible-lint and molecule for testing • VS Code extensions for Ansible development • Consistent tooling across teams

See also: Ansible Visual Execution Environment Builder: Build EEs Without Writing Dockerfiles (AAP 2.7 Guide)

Upgrade Path

# Check current version
automation-controller-service version
# Follow Red Hat's upgrade documentation
# AAP 2.7 supports RHEL 9 and RHEL 10

AAP Version Timeline

| Version | Release | Key Feature | |---|---|---| | AAP 2.4 | 2023 | Event-Driven Ansible GA | | AAP 2.5 | 2024 | Ansible Lightspeed | | AAP 2.6 | Q3 2025 | Automation dashboard, policy enforcement | | AAP 2.7 | June 3, 2026 | MCP server, OIDC Vault, self-service portal |

FAQ

Is AAP 2.7 compatible with RHEL 10?

Yes. AAP 2.7 fully supports both RHEL 9 and RHEL 10 deployments, including the self-service automation portal.

What is MCP (Model Context Protocol)?

MCP is an open protocol that enables AI models to interact with external tools and data sources. In AAP 2.7, the MCP server allows AI agents to manage automation platform operations through natural language.

Do I need Ansible Lightspeed to use MCP?

No. The MCP server is a separate Technology Preview feature. Lightspeed's bring-your-own-knowledge is an independent enhancement. Both can be used together or separately.

Is the OIDC Vault integration production-ready?

It is currently in Technology Preview. Red Hat recommends testing in non-production environments before GA. Check the AAP 2.7 release notes for the latest status.

How do I migrate from AAP 2.5/2.6 to 2.7?

Follow the official upgrade guide. AAP supports in-place upgrades from 2.5+ to 2.7. Back up your database and test the upgrade in a staging environment first.

Resources

• What's New in Ansible Automation Platform • AAP Documentation • Self-Service Automation Portal

Related Articles

• Install Ansible Automation Controller on a Single Host • What is Ansible AWX • Ansible Galaxy Complete Guide