Ansible AWX — Web-Based Ansible Automation Platform

Introduction

AWX is the open-source upstream project for Red Hat Ansible Automation Platform. It wraps Ansible's command-line power in a web-based UI and REST API so teams can manage playbooks, inventories, credentials, and scheduled jobs from a single dashboard.

What AWX Does

• Provides a web UI for launching and monitoring Ansible playbook runs across inventories
• Manages credentials for SSH, cloud providers, and vault secrets in an encrypted store
• Schedules recurring automation jobs with cron-like syntax
• Exposes a full REST API for integrating Ansible runs into CI/CD pipelines
• Tracks job history with real-time stdout streaming and audit logs

Architecture Overview

AWX runs as a set of containers: a Django-based web server, a task dispatcher backed by Redis, and execution environments built on Podman or Docker. PostgreSQL stores inventory, job templates, and credential data. The dispatcher farms out playbook runs to isolated execution environments, keeping the control plane separate from the automation workload. A WebSocket layer pushes live job output to the browser.

Self-Hosting & Configuration

• Deploy via the AWX Operator on Kubernetes or use the Docker Compose development setup for smaller installations
• Configure external authentication through LDAP, SAML, or OAuth2 providers in the Settings UI
• Point AWX at SCM repositories (Git, Subversion) to pull playbooks automatically before each job
• Store secrets in HashiCorp Vault, CyberArk, or the built-in credential store
• Scale by adding execution nodes that register with the control plane for distributed job runs

Key Features

• Role-based access control lets admins scope teams to specific inventories and job templates
• Workflow templates chain multiple playbooks with conditional branching and approval gates
• Survey forms prompt operators for runtime variables without editing playbook code
• Notification integrations send job results to Slack, email, PagerDuty, or webhooks
• Execution environments are container images that bundle specific Ansible collections and Python dependencies

Comparison with Similar Tools

• Ansible CLI — the foundation AWX builds on; AWX adds scheduling, RBAC, and a web UI on top
• Rundeck — general-purpose runbook automation; AWX is purpose-built for Ansible with tighter playbook integration
• Semaphore — lighter Ansible UI with fewer enterprise features; AWX offers workflow chaining and execution environments
• Terraform Cloud — infrastructure-as-code focused; AWX covers both provisioning and configuration management via Ansible
• Jenkins — general CI/CD server; AWX provides a more opinionated, Ansible-native automation experience

FAQ

Q: What is the difference between AWX and Ansible Automation Platform? A: AWX is the free upstream project. Ansible Automation Platform is Red Hat's supported, enterprise product built from AWX with additional features, certification, and support.

Q: Can AWX run on Kubernetes? A: Yes. The AWX Operator is the recommended production deployment method and manages the full lifecycle on any Kubernetes cluster.

Q: How does AWX handle secrets? A: Credentials are stored AES-256 encrypted in PostgreSQL. AWX can also integrate with external vaults so secrets are never stored locally.

Q: Does AWX support event-driven automation? A: AWX pairs with Event-Driven Ansible (EDA) for reactive automation, but EDA runs as a separate controller that can trigger AWX job templates.

Sources

• https://github.com/ansible/awx
• https://docs.ansible.com/automation-controller/