Ansible 7 Porting Guide

Ansible 7 is based on Ansible-core 2.14.

We suggest you read this page along with the Ansible 7 Changelog to understand what updates you may need to make.

Playbook

  • Variables are now evaluated lazily; only when they are actually used. For example, in ansible-core 2.14 an expression {{ defined_variable or undefined_variable }} does not fail on undefined_variable if the first part of or is evaluated to True as it is not needed to evaluate the second part. One particular case of a change in behavior to note is the task below which uses the undefined test. Prior to version 2.14 this would result in a fatal error trying to access the undefined value in the dictionary. In 2.14 the assertion passes as the dictionary is evaluated as undefined through one of its undefined values:

- assert:
    that:
      - some_defined_dict_with_undefined_values is undefined
  vars:
    dict_value: 1
    some_defined_dict_with_undefined_values:
      key1: value1
      key2: '{{ dict_value }}'
      key3: '{{ undefined_dict_value }}'

Command Line

  • Python 3.9 on the controller node is a hard requirement for this release.

  • At startup the filesystem encoding and locale are checked to verify they are UTF-8. If not, the process exits with an error reporting the errant encoding. If you were previously using the C or POSIX locale, you may be able to use C.UTF-8. If you were previously using a locale such as en_US.ISO-8859-1, you may be able to use en_US.UTF-8. For simplicity it may be easiest to export the appropriate locale using the LC_ALL environment variable. An alternative to modifying your system locale is to run Python in UTF-8 mode; See the Python documentation for more information.

Deprecated

No notable changes

Modules

No notable changes

Modules removed

The following modules no longer exist:

  • No notable changes

Deprecation notices

No notable changes

Noteworthy module changes

No notable changes

Plugins

No notable changes

Porting custom scripts

No notable changes

Networking

No notable changes

Porting Guide for v7.0.0

Added Collections

  • ibm.spectrum_virtualize (version 1.10.0)

  • inspur.ispim (version 1.2.0)

  • lowlydba.sqlserver (version 1.0.4)

  • purestorage.fusion (version 1.1.1)

  • vultr.cloud (version 1.3.1)

Known Issues

community.routeros

  • The community.routeros.command module claims to support check mode. Since it cannot judge whether the commands executed modify state or not, this behavior is incorrect. Since this potentially breaks existing playbooks, we will not change this behavior until community.routeros 3.0.0.

dellemc.openmanage

  • idrac_user - Issue(192043) The module may error out with the message unable to perform the import or export operation because there are pending attribute changes or a configuration job is in progress. Wait for the job to complete and run the task again.

  • ome_application_alerts_smtp - Issue(212310) - The module does not provide a proper error message if the destination_address is more than 255 characters.

  • ome_application_alerts_syslog - Issue(215374) - The module does not provide a proper error message if the destination_address is more than 255 characters.

  • ome_device_local_access_configuration - Issue(215035) - The module reports Successfully updated the local access setting if an unsupported value is provided for the parameter timeout_limit. However, this value is not actually applied on OpenManage Enterprise Modular.

  • ome_device_local_access_configuration - Issue(217865) - The module does not display a proper error message if an unsupported value is provided for the user_defined and lcd_language parameters.

  • ome_device_network_services - Issue(212681) - The module does not provide a proper error message if unsupported values are provided for the parameters- port_number, community_name, max_sessions, max_auth_retries, and idle_timeout.

  • ome_device_power_settings - Issue(212679) - The module displays the following message if the value provided for the parameter power_cap is not within the supported range of 0 to 32767, Unable to complete the request because PowerCap does not exist or is not applicable for the resource URI.

  • ome_device_quick_deploy - Issue(216352) - The module does not display a proper error message if an unsupported value is provided for the ipv6_prefix_length and vlan_id parameters.

  • ome_smart_fabric_uplink - Issue(186024) - The module does not allow the creation of multiple uplinks of the same name even though it is supported by OpenManage Enterprise Modular. If an uplink is created using the same name as an existing uplink, the existing uplink is modified.

netapp.ontap

  • na_ontap_snapshot - added documentation to use UTC format for expiry_time.

Breaking Changes

  • Ansible 7 requires Python 3.9 on the controller, same as ansible-core 2.14.

Ansible-core

  • Allow for lazy evaluation of Jinja2 expressions (https://github.com/ansible/ansible/issues/56017)

  • The default ansible-galaxy role skeletons no longer contain .travis.yml files. You can configure ansible-galaxy to use a custom role skeleton that contains a .travis.yml file to continue using Galaxy’s integration with Travis CI.

  • ansible - At startup the filesystem encoding and locale are checked to verify they are UTF-8. If not, the process exits with an error reporting the errant encoding.

  • ansible - Increase minimum Python requirement to Python 3.9 for CLI utilities and controller code

  • ansible-test - At startup the filesystem encoding is checked to verify it is UTF-8. If not, the process exits with an error reporting the errant encoding.

  • ansible-test - At startup the locale is configured as en_US.UTF-8, with a fallback to C.UTF-8. If neither encoding is available the process exits with an error. If the fallback is used, a warning is displayed. In previous versions the en_US.UTF-8 locale was always requested. However, no startup checking was performed to verify the locale was successfully configured.

  • ansible-test validate-modules - Removed the missing-python-doc error code in validate modules, missing-documentation is used instead for missing PowerShell module documentation.

  • strategy plugins - Make ignore_unreachable to increase ignored and ok and counter, not skipped and unreachable. (https://github.com/ansible/ansible/issues/77690)

amazon.aws

check_point.mgmt

  • cp_mgmt_access_role - the ‘machines’ parameter now accepts a single str and a new parameter ‘machines_list’ of type dict has been added. the ‘users’ parameter now accepts a single str and a new parameter ‘users_list’ of type dict has been added.

  • cp_mgmt_access_rule - the ‘vpn’ parameter now accepts a single str and a new parameter ‘vpn_list’ of type dict has been added. the ‘position_by_rule’ parameter has been changed to ‘relative_position’ with support of positioning above/below a section (and not just a rule). the ‘relative_position’ parameter has also ‘top’ and ‘bottom’ suboptions which allows positioning a rule at the top and bottom of a section respectively. a new parameter ‘search_entire_rulebase’ has been added to allow the relative positioning to be unlimited (was previously limited to 50 rules)

  • cp_mgmt_administrator - the ‘permissions_profile’ parameter now accepts a single str and a new parameter ‘permissions_profile_list’ of type dict has been added.

  • cp_mgmt_publish - the ‘uid’ parameter has been removed.

community.aws

  • Tags beginning with aws: will not be removed when purging tags, these tags are reserved by Amazon and may not be updated or deleted (https://github.com/ansible-collections/amazon.aws/issues/817).

  • acm_certificate - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

  • autoscaling_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_group.

  • autoscaling_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_group_info.

  • aws_secret - tags are no longer removed when the tags parameter is not set. To remove all tags set tags={} (https://github.com/ansible-collections/community.aws/issues/1146).

  • cloudfront_distribution - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

  • cloudtrail - The module has been migrated to the amazon.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudtrail.

  • cloudwatch_metric_alarm - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatch_metric_alarm.

  • cloudwatchevent_rule - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchevent_rule.

  • cloudwatchlogs_log_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group.

  • cloudwatchlogs_log_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group_info.

  • cloudwatchlogs_log_group_metric_filter - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group_metric_filter.

  • community.aws collection - Support for ansible-core < 2.11 has been dropped (https://github.com/ansible-collections/community.aws/pull/1541).

  • community.aws collection - The community.aws collection has now dropped support for and any requirements upon the original boto AWS SDK, and now uses the boto3/botocore AWS SDK (https://github.com/ansible-collections/community.aws/pull/898).

  • community.aws collection - The community.aws collection has dropped support for botocore<1.21.0 and boto3<1.18.0. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/community.aws/pull/1362).

  • community.aws collection - the profile parameter is now mutually exclusive with the aws_access_key, aws_secret_key and security_token parameters (https://github.com/ansible-collections/amazon.aws/pull/834).

  • ec2_eip - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_eip.

  • ec2_eip_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_eip_info.

  • ec2_vpc_route_table - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_route_table.

  • ec2_vpc_route_table_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_route_table_info.

  • ec2_vpc_vpn - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

  • elb_application_lb - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.elb_application_lb.

  • elb_application_lb_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.elb_application_lb_info.

  • elb_instance - the ec2_elbs fact has been removed, updated_elbs has been added the return values and includes the same information (https://github.com/ansible-collections/community.aws/pull/1173).

  • elb_network_lb - the default value of state has changed from absent to present (https://github.com/ansible-collections/community.aws/pull/1167).

  • execute_lambda - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.execute_lambda.

  • iam_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_policy.

  • iam_policy_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_policy_info.

  • iam_server_certificate - Passing file names to the cert, chain_cert and key parameters has been removed. We recommend using a lookup plugin to read the files instead, see the documentation for an example (https://github.com/ansible-collections/community.aws/pull/1265).

  • iam_server_certificate - the default value for the dup_ok parameter has been changed to true. To preserve the original behaviour explicitly set the dup_ok parameter to false (https://github.com/ansible-collections/community.aws/pull/1265).

  • iam_user - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_user.

  • iam_user_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_user_info.

  • kms_key - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.kms_key.

  • kms_key - managing the KMS IAM Policy via policy_mode and policy_grant_types was previously deprecated and has been removed in favor of the policy option (https://github.com/ansible-collections/community.aws/pull/1344).

  • kms_key - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

  • kms_key_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.kms_key_info.

  • lambda - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda.

  • lambda_alias - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_alias.

  • lambda_event - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_event.

  • lambda_execute - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_execute.

  • lambda_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_info.

  • lambda_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_policy.

  • rds_cluster - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster.

  • rds_cluster_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster_info.

  • rds_cluster_snapshot - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster_snapshot.

  • rds_instance - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance.

  • rds_instance_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance_info.

  • rds_instance_snapshot - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance_snapshot.

  • rds_option_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_option_group.

  • rds_option_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_option_group_info.

  • rds_param_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_param_group.

  • rds_param_group - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

  • rds_snapshot_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_snapshot_info.

  • rds_subnet_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_subnet_group.

  • route53 - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53.

  • route53_health_check - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_health_check.

  • route53_health_check - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

  • route53_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_info.

  • route53_zone - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_zone.

  • route53_zone - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

  • script_inventory_ec2 - The ec2.py inventory script has been moved to a new repository. The script can now be downloaded from https://github.com/ansible-community/contrib-scripts/blob/main/inventory/ec2.py and has been removed from this collection. We recommend migrating from the script to the amazon.aws.ec2 inventory plugin. (https://github.com/ansible-collections/community.aws/pull/898)

  • sqs_queue - the previously deprecated default value of purge_tags=False has been updated to purge_tags=True (https://github.com/ansible-collections/community.aws/pull/1343).

community.docker

community.general

community.hashi_vault

community.vmware

  • Removed support for ansible-core version < 2.13.0.

  • vmware_dvs_portgroup - Add a new sub-option inherited to the in_traffic_shaping parameter. This means you can keep the setting as-is by not defining the parameter, but also that you have to define the setting as not inherited if you want to override it at the PG level (https://github.com/ansible-collections/community.vmware/pull/1483).

  • vmware_dvs_portgroup - Add a new sub-option inherited to the out_traffic_shaping parameter. This means you can keep the setting as-is by not defining the parameter, but also that you have to define the setting as not inherited if you want to override it at the PG level (https://github.com/ansible-collections/community.vmware/pull/1483).

  • vmware_dvs_portgroup - Change the type of net_flow to string to allow setting it implicitly to inherited or to keep the value as-is. This means you can keep the setting as-is by not defining the parameter, but also that while true or no still work, True or Off (uppercase) won’t (https://github.com/ansible-collections/community.vmware/pull/1483).

  • vmware_dvs_portgroup - Remove support for vSphere API less than 6.7.

  • vmware_dvs_portgroup - Remove the default for network_policy and add a new sub-option inherited. This means you can keep the setting as-is by not defining the parameter, but also that you have to define the setting as not inherited if you want to override it at the PG level (https://github.com/ansible-collections/community.vmware/pull/1483).

  • vmware_dvs_portgroup_info - Remove support for vSphere API less than 6.7.

  • vmware_dvswitch - Remove support for vSphere API less than 6.7.

  • vmware_dvswitch_uplink_pg - Remove support for vSphere API less than 6.7.

  • vmware_guest_boot_manager - Remove default for secure_boot_enabled parameter (https://github.com/ansible-collections/community.vmware/issues/1461).

  • vmware_vm_config_option - Dict item names in result are changed from strings joined with spaces to strings joined with underlines, e.g. Guest fullname is changed to guest_fullname (https://github.com/ansible-collections/community.vmware/issues/1268).

  • vmware_vspan_session - Remove support for vSphere API less than 6.7.

dellemc.enterprise_sonic

  • bgp_af - Add the route_advertise_list dictionary to the argspec to replace the deleted, obsolete advertise_prefix attribute used for SONiC 3.x images on the 1.x branch of this collection. This change corresponds to a SONiC 4.0 OC YANG REST compliance change for the BGP AF REST API. It enables specification of a route map in conjunction with each route advertisement prefix (https://github.com/ansible-collections/dellemc.enterprise_sonic/pull/63).

  • bgp_af - remove the obsolete ‘advertise_prefix’ attribute from argspec and config code. This and subsequent co-req replacement with the new route advertise list argument structure require corresponding changes in playbooks previoulsly used for configuring route advertise prefixes for SONiC 3.x images. (https://github.com/ansible-collections/dellemc.enterprise_sonic/pull/60)

  • bgp_neighbors - Replace the previously defined standalone “bfd” attribute with a bfd dictionary containing multiple attributes. This change corresponds to the revised SONiC 4.x implementation of OC YANG compatible REST APIs. Playbooks previously using the bfd attributes for SONiC 3.x images must be modified for useon SONiC 4.0 images to use the new definition for the bfd attribute argspec structure (https://github.com/ansible-collections/dellemc.enterprise_sonic/pull/72).

  • bgp_neighbors - Replace, for BGP peer groups, the previously defined standalone “bfd” attribute with a bfd dictionary containing multiple attributes. This change corresponds to the revised SONiC 4.x implementation of OC YANG compatible REST APIs. Playbooks previously using the bfd attributes for SONiC 3.x images must be modified for useon SONiC 4.0 images to use the new definition for the bfd attribute argspec structure (https://github.com/ansible-collections/dellemc.enterprise_sonic/pull/81).

Major Changes

Ansible-core

  • Move handler processing into new PlayIterator phase to use the configured strategy (https://github.com/ansible/ansible/issues/65067)

  • ansible - At startup the filesystem encoding and locale are checked to verify they are UTF-8. If not, the process exits with an error reporting the errant encoding.

  • ansible - Increase minimum Python requirement to Python 3.9 for CLI utilities and controller code

  • ansible-test - At startup the filesystem encoding is checked to verify it is UTF-8. If not, the process exits with an error reporting the errant encoding.

  • ansible-test - At startup the locale is configured as en_US.UTF-8, with a fallback to C.UTF-8. If neither encoding is available the process exits with an error. If the fallback is used, a warning is displayed. In previous versions the en_US.UTF-8 locale was always requested. However, no startup checking was performed to verify the locale was successfully configured.

amazon.aws

  • amazon.aws collection - The amazon.aws collection has dropped support for botocore<1.20.0 and boto3<1.17.0. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/amazon.aws/pull/574).

  • autoscaling_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_group.

  • autoscaling_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.autoscaling_group_info.

  • cloudtrail - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudtrail.

  • cloudwatch_metric_alarm - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatch_metric_alarm.

  • cloudwatchevent_rule - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchevent_rule.

  • cloudwatchlogs_log_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group.

  • cloudwatchlogs_log_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group_info.

  • cloudwatchlogs_log_group_metric_filter - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.cloudwatchlogs_log_group_metric_filter.

  • ec2_eip - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_eip.

  • ec2_eip_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_eip_info.

  • elb_application_lb - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.elb_application_lb.

  • elb_application_lb_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.elb_application_lb_info.

  • execute_lambda - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.execute_lambda.

  • iam_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_policy.

  • iam_policy_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_policy_info.

  • iam_user - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_user.

  • iam_user_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.iam_user_info.

  • kms_key - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.kms_key.

  • kms_key_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.kms_key_info.

  • lambda - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda.

  • lambda_alias - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_alias.

  • lambda_event - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_event.

  • lambda_execute - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_execute.

  • lambda_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_info.

  • lambda_policy - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.lambda_policy.

  • rds_cluster - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster.

  • rds_cluster_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster_info.

  • rds_cluster_snapshot - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_cluster_snapshot.

  • rds_instance - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance.

  • rds_instance_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance_info.

  • rds_instance_snapshot - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_instance_snapshot.

  • rds_option_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_option_group.

  • rds_option_group_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_option_group_info.

  • rds_param_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_param_group.

  • rds_snapshot_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_snapshot_info.

  • rds_subnet_group - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.rds_subnet_group.

  • route53 - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53.

  • route53_health_check - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_health_check.

  • route53_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_info.

  • route53_zone - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.route53_zone.

arista.eos

  • Remove following EOS dprecated modules

  • Use of connection: local and the provider option are no longer valid on any modules in this collection.

  • eos_interface

  • eos_l2_interface

  • eos_l3_interface

  • eos_linkagg

  • eos_static_route

  • eos_vlan

check_point.mgmt

  • plugins/httpapi/checkpoint - Support for Smart-1 Cloud with new variable ‘ansible_cloud_mgmt_id’

chocolatey.chocolatey

  • win_chocolatey - Added bootstrap_script option to allow users to target a script URL for installing Chocolatey on clients.

  • win_chocolatey_facts - Added outdated packages list to data returned.

cisco.asa

  • Please use either of the following connection types - network_cli, httpapi or netconf.

  • This includes the following modules:

  • This release drops support for connection: local and provider dictionary.

  • This release removes all deprecated plugins that have reached their end-of-life.

  • Use of connection: local and the provider option are no longer valid on any modules in this collection.

  • asa_acl

  • asa_og

cisco.ios

  • Only valid connection types for this collection is network_cli.

  • This release drops support for connection: local and provider dictionary.

cisco.iosxr

  • Only valid connection types for this collection are network_cli and netconf.

  • This release drops support for connection: local and provider dictionary.

cisco.nxos

  • Please use either of the following connection types - network_cli, httpapi or netconf.

  • This release drops support for connection: local and provider dictionary.

community.aws

  • community.aws collection - The amazon.aws collection has dropped support for botocore<1.20.0 and boto3<1.17.0. Most modules will continue to work with older versions of the AWS SDK, however compatability with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/community.aws/pull/956).

community.docker

community.general

  • The internal structure of the collection was changed for modules and action plugins. These no longer live in a directory hierarchy ordered by topic, but instead are now all in a single (flat) directory. This has no impact on users assuming they did not use internal FQCNs. These will still work, but result in deprecation warnings. They were never officially supported and thus the redirects are kept as a courtsey, and this is not labelled as a breaking change. Note that for example the Ansible VScode plugin started recommending these internal names. If you followed its recommendation, you will now have to change back to the short names to avoid deprecation warnings, and potential errors in the future as these redirects will be removed in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/5461).

  • newrelic_deployment - removed New Relic v1 API, added support for v2 API (https://github.com/ansible-collections/community.general/pull/5341).

community.mysql

  • mysql_db - the pipefail argument’s default value will be changed to true in community.mysql 4.0.0. If your target machines do not use bash as a default interpreter, set pipefail to false explicitly. However, we strongly recommend setting up bash as a default and pipefail=true as it will protect you from getting broken dumps you don’t know about (https://github.com/ansible-collections/community.mysql/issues/407).

community.network

  • The community.network collection no longer supports Ansible 2.9 and ansible-base 2.10. While we take no active measures to prevent usage, we will remove compatibility code and other compatility measures that will effectively prevent using most content from this collection with Ansible 2.9, and some content of this collection with ansible-base 2.10. Both Ansible 2.9 and ansible-base 2.10 will very soon be End of Life and if you are still using them, you should consider upgrading to ansible-core 2.11 or later as soon as possible (https://github.com/ansible-collections/community.network/pull/426).

  • The internal structure of the collection was changed for modules and action plugins. These no longer live in a directory hierarchy ordered by topic, but instead are now all in a single (flat) directory. This has no impact on users assuming they did not use internal FQCNs. These will still work, but result in deprecation warnings. They were never officially supported and thus the redirects are kept as a courtsey, and this is not labelled as a breaking change. Note that for example the Ansible VScode plugin started recommending these internal names. If you followed its recommendation, you will now have to change back to the short names to avoid deprecation warnings, and potential errors in the future as these redirects will be removed in community.network 8.0.0 (https://github.com/ansible-collections/community.network/pull/482).

community.postgresql

dellemc.enterprise_sonic

dellemc.openmanage

  • Added collection metadata for creating execution environments.

  • Refactored the Markdown (MD) files and content for better readability.

  • The share parameters are deprecated from the following modules - idrac_network, idrac_timezone_ntp, dellemc_configure_idrac_eventing, dellemc_configure_idrac_services, dellemc_idrac_lc_attributes, dellemc_system_lockdown_mode.

  • idrac_bios - The module is enhanced to support clear pending BIOS attributes, reset BIOS to default settings, and configure BIOS attribute using Redfish.

  • idrac_boot - Support for configuring the boot settings on iDRAC.

  • idrac_redfish_storage_controller - This module is enhanced to support LockVirtualDisk operation.

  • idrac_virtual_media - This module allows to configure Remote File Share settings.

  • ome_device_group - The module is enhanced to support the removal of devices from a static device group.

  • ome_devices - Support for performing device-specific operations on OpenManage Enterprise.

fortinet.fortimanager

  • Fix compatibility issue for ansible 2.9.x and ansible-base 2.10.x.

  • Many fixes for Ansible sanity test warnings & errors.

  • Support FortiManager Schema 7.2.0 , 98 new modules

  • support Ansible changelogs.

fortinet.fortios

  • Support Diff feature in check_mode.

  • Support Fortios 7.2.0.

infoblox.nios_modules

  • Feature for extra layer security , with cert and key parameters in playbooks for authenticating using certificate and key *.pem file absolute path #154

  • Fix to remove issue causing due to template attr in deleting network using Ansible module nios network #147

  • Update text field of TXT Record #128

  • Update operation using old_name and new_name for the object with dummy name in old_name (which does not exist in system) will not create a new object in the system. An error will be thrown stating the object does not exist in the system #129

junipernetworks.junos

  • Use of connection: local and the provider option are no longer valid on any modules in this collection.

vyos.vyos

  • Use of connection: local and the provider option are no longer valid on any modules in this collection.

Removed Collections

  • servicenow.servicenow (previously included version: 1.0.6)

Removed Features

Ansible-core

amazon.aws

ansible.netcommon

  • napalm - Removed unused connection plugin.

  • net_banner - Use <network_os>_banner instead.

  • net_interface - Use <network_os>_interfaces instead.

  • net_l2_interface - Use <network_os>_l2_interfaces instead.

  • net_l3_interface - Use <network_os>_l3_interfaces instead.

  • net_linkagg - Use <network_os>_lag_interfaces instead.

  • net_lldp - Use <network_os>_lldp_global instead.

  • net_lldp_interface - Use <network_os>_lldp_interfaces instead.

  • net_logging - Use <network_os>_logging_global instead.

  • net_static_route - Use <network_os>_static_routes instead.

  • net_system - Use <network_os>_system instead.

  • net_user - Use <network_os>_user instead.

  • net_vlan - Use <network_os>_vlans instead.

  • net_vrf - Use <network_os>_vrf instead.

cisco.ios

  • ios_interface - use ios_interfaces instead.

  • ios_l2_interface - use ios_l2_interfaces instead.

  • ios_l3_interface - use ios_l3_interfaces instead.

  • ios_static_route - use ios_static_routes instead.

  • ios_vlan - use ios_vlans instead.

cisco.iosxr

  • iosxr_interface - use iosxr_interfaces instead.

cisco.nxos

  • This release removes the following deprecated plugins that have reached their end-of-life.

  • nxos_acl

  • nxos_acl_interface

  • nxos_interface

  • nxos_interface_ospf

  • nxos_l2_interface

  • nxos_l3_interface

  • nxos_linkagg

  • nxos_lldp

  • nxos_ospf

  • nxos_ospf_vrf

  • nxos_smu

  • nxos_static_route

  • nxos_vlan

community.aws

community.azure

community.docker

community.general

community.network

community.vmware

junipernetworks.junos

  • Remove following deprecated Junos Modules.

  • junos_interface

  • junos_l2_interface

  • junos_l3_interface

  • junos_linkagg

  • junos_lldp

  • junos_lldp_interface

  • junos_static_route

  • junos_vlan

vyos.vyos

  • vyos_interface - use vyos_interfaces instead.

  • vyos_l3_interface - use vyos_l3_interfaces instead.

  • vyos_linkagg - use vyos_lag_interfaces instead.

  • vyos_lldp - use vyos_lldp_global instead.

  • vyos_lldp_interface - use vyos_lldp_interfaces instead.

  • vyos_static_route - use vyos_static_routes instead.

Deprecated Features

Ansible-core

  • Deprecate ability of lookup plugins to return arbitrary data. Lookup plugins must return lists, failing to do so will be an error in 2.18. (https://github.com/ansible/ansible/issues/77788)

  • Encryption - Deprecate use of the Python crypt module due to it’s impending removal from Python 3.13

  • PlayContext.verbosity is deprecated and will be removed in 2.18. Use ansible.utils.display.Display().verbosity as the single source of truth.

  • DEFAULT_FACT_PATH, DEFAULT_GATHER_SUBSET and DEFAULT_GATHER_TIMEOUT are deprecated and will be removed in 2.18. Use module_defaults keyword instead.

  • PlayIterator - deprecate cache_block_tasks and get_original_task which are noop and unused.

  • Templar - deprecate shared_loader_obj option which is unused. ansible.plugins.loader is used directly instead.

  • listify_lookup_plugin_terms, deprecate ‘loader/dataloader’ parameter as it not used.

  • vars plugins - determining whether or not to run ansible.legacy vars plugins with the class attribute REQUIRES_WHITELIST is deprecated, set REQUIRES_ENABLED instead.

amazon.aws

cisco.ios

  • Deprecated ios_linkagg_module in favor of ios_lag_interfaces.

cisco.mso

  • The mso_schema_template_contract_filter contract_filter_type attribute is deprecated. The value is now deduced from filter_type.

community.aws

  • aws_acm - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

  • aws_codebuild - The tags parameter currently uses a non-standard format and has been deprecated. In release 6.0.0 this parameter will accept a simple key/value pair dictionary instead of the current list of dictionaries. It is recommended to migrate to using the resource_tags parameter which already accepts the simple dictionary format (https://github.com/ansible-collections/community.aws/pull/1221).

  • aws_glue_connection - the connection_parameters return key has been deprecated and will be removed in a release after 2024-06-01, it is being replaced by the raw_connection_parameters key (https://github.com/ansible-collections/community.aws/pull/518).

  • aws_kms - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

  • cloudfront_distribution - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

  • community.aws collection - due to the AWS SDKs announcing the end of support for Python less than 3.7 (https://aws.amazon.com/blogs/developer/python-support-policy-updates-for-aws-sdks-and-tools/) support for Python less than 3.7 by this collection has been deprecated and will be removed in a release after 2023-05-31 (https://github.com/ansible-collections/community.aws/pull/1361).

  • ec2_vpc_vpn - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

  • iam_policy - the policies return value has been renamed policy_names and will be removed in a release after 2024-08-01, both values are currently returned (https://github.com/ansible-collections/community.aws/pull/1375).

  • lambda_info - The function return key returns a dictionary of dictionaries and has been deprecated. In a release after 2025-01-01, this key will be removed in favor of functions, which returns a list of dictionaries (https://github.com/ansible-collections/community.aws/pull/1239).

  • rds_param_group - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

  • route53_health_check - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

  • route53_info - The CamelCase return values for DelegationSets, CheckerIpRanges, and HealthCheck have been deprecated, in the future release you must use snake_case return values delegation_sets, checker_ip_ranges, and health_check instead respectively” (https://github.com/ansible-collections/community.aws/pull/1322).

  • route53_info - The CamelCase return values for HostedZones, ResourceRecordSets, and HealthChecks have been deprecated, in the future release you must use snake_case return values hosted_zones, resource_record_sets, and health_checks instead respectively”.

  • route53_zone - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

  • sqs_queue - the current default value of False for purge_tags has been deprecated and will be updated in release 5.0.0 to True.

community.crypto

  • Support for Ansible 2.9 and ansible-base 2.10 is deprecated, and will be removed in the next major release (community.crypto 3.0.0). Some modules might still work with these versions afterwards, but we will no longer keep compatibility code that was needed to support them (https://github.com/ansible-collections/community.crypto/pull/460).

community.docker

  • Support for Docker API version 1.20 to 1.24 has been deprecated and will be removed in community.docker 3.0.0. The first Docker version supporting API version 1.25 was Docker 1.13, released in January 2017. This affects the modules docker_container, docker_container_exec, docker_container_info, docker_compose, docker_login, docker_image, docker_image_info, docker_image_load, docker_host_info, docker_network, docker_network_info, docker_node_info, docker_swarm_info, docker_swarm_service, docker_swarm_service_info, docker_volume_info, and docker_volume, whose minimally supported API version is between 1.20 and 1.24 (https://github.com/ansible-collections/community.docker/pull/396).

  • Support for Python 2.6 is deprecated and will be removed in the next major release (community.docker 3.0.0). Some modules might still work with Python 2.6, but we will no longer try to ensure compatibility (https://github.com/ansible-collections/community.docker/pull/388).

  • docker_container - the ignore_image option is deprecated and will be removed in community.docker 4.0.0. Use image: ignore in comparisons instead (https://github.com/ansible-collections/community.docker/pull/487).

  • docker_container - the purge_networks option is deprecated and will be removed in community.docker 4.0.0. Use networks: strict in comparisons instead, and make sure to provide networks, with value [] if all networks should be removed (https://github.com/ansible-collections/community.docker/pull/487).

community.general

community.hashi_vault