At Red Hat Tech Day Netherlands 2026, the Ansible team unveiled a massive wave of new content collections and platform enhancements. Here is everything announced β from new event buses to gateway-only architecture enforcement.
Whatβs New in Event-Driven Ansible
EDA received significant updates for flexibility and control:
Event Bus Support
- New Azure event bus β just released
- New AWS event bus β now available
- In-flight rulebook event persistence β increased resiliency during restarts
Secrets Management
Full integration with enterprise secrets providers:
- HashiCorp Vault
- CyberArk
- AWS Secrets Manager
- Azure Key Vault
EDA Automation Creation
- Project synchronization with resync option on restarts
- Rulebook enhancements: additional Jinja filters to replace regular expressions
- Kafka: multiple topics, extended regular expressions, and wildcards
- New event-splitter for nested events
- Rulebook concurrency key to group events by resource
- mTLS support β mutual TLS for secure communication
- Pull policy parity for decision environments
Operational Updates
- Streamlined
ansible.edacontent collection - Updated decision environments
12 New Ansible Content Collections
Available today β delivering Efficiency, Resilience, Governance, and Scale:
Cloud Infrastructure
| Collection | Capabilities |
|---|---|
google.cloud | Cloud Build 2nd gen, Parameter Manager, Compute, Secret Manager, Storage |
azure.azcollection | Azure services: ML, App Configuration, Front Door, Storage, Arc/HCI |
Security + Compliance
| Collection | Capabilities |
|---|---|
hashicorp.vault | Secrets management, OIDC, PKI, dynamic credentials, EDA integration |
Networking
| Collection | Capabilities |
|---|---|
cisco.intersight | 100+ modules for Day-2 ops, firmware, and port configuration |
Ansible Automation Platform
| Collection | Capabilities |
|---|---|
ansible.platform | AAP configuration-as-code, RBAC/settings refactoring, performance improvements |
Observability + Incident Response
| Collection | Capabilities |
|---|---|
splunk.enterprise | Universal Forwarder lifecycle automation |
splunk.es | Enterprise Security incident workflows, response plan automation |
splunk.itsi | IT Service Intelligence with EDA integration for closed-loop remediation |
Windows Patching + Management
| Collection | Capabilities |
|---|---|
microsoft.mecm | Endpoint Configuration Manager: patch orchestration, client actions, health checks |
microsoft.scom | System Center Operations Manager infrastructure + EDA alert routing |
infra.mecm_ops | Higher-level validated roles: emergency patching, health reports |
infra.windows_ops | Windows security baseline enforcement: DISA STIG, CIS benchmarks, drift remediation |
Platform Enhancements: Gateway-Only Architecture
The most significant architectural change in AAP 2.7: all inter-component communication now goes exclusively through the gateway. No direct service-to-service calls are permitted. This is enforced and regression-tested.
Platform Foundation
- All API traffic through gateway β single ingress, simplified architecture
- Common tasking system β Dispatcherd unifies platform services
- PostgreSQL 16 and 17 support β database modernization
- Django 5.2 LTS β framework upgrade for long-term support
- Centralized OpenAPI spec β enforced API consistency across services
ansible.platformPhase 1 β CaC foundations for unified collection
Why Gateway-Only Matters
Single ingress means:
- One place to audit all API calls
- One place for RBAC enforcement
- One place to rate-limit and throttle
- Simplified security posture β no lateral movement between components
- Regression-tested β integration tests verify no inter-component bypass
UX and Customer RFEs
- Bulk host delete β long-requested operational efficiency
- Auth mapping label clarity β reduced confusion in authentication setup
- Repository sync date in UI β visibility into last sync status
- Feature flags runtime UI β platform operator control
- Workflow convergence improvements β better multi-path workflow handling
- Automation Dashboard in main UI β ships as part of the installer
Solution Guides: Whatβs Coming
Six new Solution Guides are in progress on the red.ht/ansible-aiops portal:
- AIOps with AWS SQS and Event-Driven Ansible β Connect Amazon SQS to EDA via CloudWatch/EventBridge for automated remediation without Lambda glue code
- Event-Driven Remediation with Azure Service Bus β Real-time event consumption + AI-driven diagnosis across hybrid Azure infrastructure
- RHEL Patching with Red Hat Lightspeed and Ansible MCP Server β Collapse CVE patching from days to minutes using AI-powered identification and governed execution
- Consistent Automation Developer Experience with ADT
- Event-Driven Network Configuration with NetBox and AAP
- Automated WAN Circuit Failover with NetBox and AAP
The AIOps Scaling Story
The Solution Guide demonstrates why AI + EDA breaks the linear scaling problem:
| Approach | Events | Rules Required | Actions |
|---|---|---|---|
| Traditional EDA | 10 | 10 | 10 |
| Traditional EDA | 100 | 100 | 100 |
| Traditional EDA | 1,000 | 1,000 | 1,000 |
| AIOps with EDA | 1,000 | 1 (AI inference) | Dynamic |
One intelligent workflow diagnoses the root cause and generates remediation dynamically β no hand-coding a rule per failure mode.
Key Takeaway
AAP 2.7 is not just a feature release β it is an architectural pivot. Gateway-only enforcement, AI-powered orchestration, and 12 new collections for enterprise integrations (Splunk, ServiceNow, Microsoft, HashiCorp, Cisco) position Ansible as the governed execution layer for AI-driven operations.
