News Daily Nation Digital News & Media Platform

collapse
Close menu
×
Home / Daily News Analysis / Red Hat opens Ansible to AI agents, within limits

Red Hat opens Ansible to AI agents, within limits

May 17, 2026  Twila Rosenbaum  4 views
Red Hat opens Ansible to AI agents, within limits

Red Hat has taken a significant step in bridging IT automation with artificial intelligence, announcing on Tuesday the general availability of its Model Context Protocol server for the Ansible Automation Platform. This move allows AI agents from various vendors to connect directly to Ansible, but the company is deploying a suite of guardrails designed to keep those AI agents firmly within human control. Alongside the MCP server release, Red Hat previewed a new automation orchestrator that routes any AI-generated actions through pre-approved, deterministic playbooks, ensuring that unpredictable behavior does not lead to costly production outages.

"Customers have a lot of contextual knowledge," said Sathish Balakrishnan, vice president and general manager of the Ansible business unit at Red Hat. "These are our policies, this is when we update machines — they have rules they have written about IT infrastructure. We can now start reading all of those things." This contextual knowledge can be fed into the platform via RAG embeddings, allowing enterprises to incorporate their unique IT policies, maintenance windows, and operational procedures directly into the AI-driven automation workflows.

The MCP server, which is now generally available, is the key enabler for external AI agents. It allows any AI tool that supports the Model Context Protocol — a standard developed by Anthropic for connecting AI applications to external data sources and tools — to interact with Ansible Automation Platform. This means AI agents from Google, Anthropic, OpenAI, and any other model that is compatible with the OpenAI API can now request automation tasks. Previously, Ansible's AI integration was limited to IBM's WatsonX Code Assistant. The expansion opens the door to a wide ecosystem of AI models and tools.

However, Balakrishnan emphasized that the new AI capabilities operate within tight guardrails. "AI is unpredictable," he said. "When you suddenly put AI into your production environment and ask it to change it, you've seen the articles about how a company lost its database." To mitigate such risks, Red Hat's new automation orchestrator, currently in technology preview, requires that all AI-generated actions pass through human-approved, tested playbooks. If an AI agent proposes a novel action that does not match an existing playbook, the orchestrator will trigger a human-in-the-loop review.

This approach ensures that every automation task is repeatable, deterministic, and auditable. It also helps control costs, as businesses are not forced to call expensive large language models for routine operations. "Why would you use AI just to patch a machine?" Balakrishnan asked. "We all know tokens are expensive. We know the best way to patch a machine — why call an AI to do that when you already have a playbook that's been in use for ten years?" By leveraging existing, battle-tested automation scripts, enterprises can combine the flexibility of AI with the reliability of traditional automation.

Industry analysts have noted both the opportunities and the risks. Paul Nashawaty, an analyst at Efficiently Connected, described the MCP access as "new and risky." He warned that if external AI agents are connected to highly privileged automation systems, the potential blast radius could be enormous, leading to accidental production outages or destructive actions. "The security concerns are very real," he said. "If those agents are connected to highly privileged automation systems, the blast radius can become enormous, including accidental production outages or destructive actions."

Nashawaty recommended that enterprises focus on use cases such as AI-assisted troubleshooting, compliance remediation, developer self-service, and human-approved workflow execution. "Companies should avoid giving AI unrestricted production access, broad admin privileges, or autonomous control over critical systems," he added. These recommendations align with Red Hat's cautious approach, where the new AI features are tightly integrated with existing role-based access controls and approval workflows.

IDC analyst Jevin Jensen noted that he has been waiting for vendors to provide natural-language front ends for their platforms for the past 18 months. "This really broadens the use and value of the platform to new users and improves efficiency of existing users," he said. Jensen emphasized the importance of good governance, especially when using MCP. "It is important — with or without MCP — that enterprises properly utilize and leverage role-based access control," he told Network World. Starting with development environments or less impactful cloud areas is a prudent first step.

Beyond the AI enhancements, Red Hat also introduced new capabilities for administrators. They can now delegate the ability to trigger automations to end users, such as factory floor managers who can initiate updates at times that minimize disruption to manufacturing schedules. Additionally, the platform now allows multiple events to trigger the same automation playbook, reducing the need to maintain separate playbooks for each event type. This simplifies automation management and accelerates remediation times.

The move to open Ansible to AI agents represents a major shift in how IT automation platforms are used. For years, Ansible has been a staple for configuration management, application deployment, and orchestration across on-premises and cloud environments. Its simple YAML-based declarative language made it accessible to system administrators. With the addition of AI agent connections, Red Hat is betting that natural language interfaces will lower the barrier to entry even further, enabling more users within an enterprise — not just dedicated automation engineers — to request and execute automations.

However, the security implications cannot be overstated. The history of IT automation is filled with cautionary tales of runaway scripts causing widespread outages. AI agents, which can be unpredictable and may act on incomplete information, pose an even greater risk. Red Hat's deterministic playbook approach attempts to contain that risk by ensuring that every action an AI agent can take is pre-approved and tested. This hybrid model allows enterprises to experiment with AI-driven automation without exposing their production environments to unnecessary danger.

In addition to the playbook guardrails, Red Hat has integrated the new AI features with its existing authentication and authorization systems. Every call from an AI agent must pass through Ansible's role-based access controls. Administrators can define exactly which resources a particular AI agent can access, what playbooks it can invoke, and whether human approval is required for certain actions. This granular control is essential for meeting compliance requirements in regulated industries such as finance and healthcare.

Red Hat's announcement comes at a time when the industry is grappling with a series of high-profile incidents where AI agents performed unauthorized actions, ranging from accidental database deletions to unintended modifications of critical infrastructure. By providing a secure, controlled framework for AI automation, Red Hat is positioning Ansible as the responsible choice for enterprises that want to leverage AI without sacrificing reliability.

The technology preview of the automation orchestrator is available now, and Red Hat expects to gather feedback from early adopters before making it generally available later this year. The MCP server is available immediately, and enterprises can begin connecting AI agents to their Ansible environments, provided they have the appropriate licenses and security policies in place.

Overall, Red Hat's strategy reflects a broader industry trend: embracing AI's potential while implementing robust safeguards. As Balakrishnan said, the goal is not to replace human operators but to augment them, using AI to accelerate the creation of automations while keeping final decision-making in the hands of experienced IT professionals. This balanced approach is likely to appeal to enterprises that are tired of hearing about AI disasters and want a path forward that prioritizes safety and control.

Developers and operations teams are expected to benefit the most. Developers can now request environments in natural language, while operations teams can have AI automatically correlate alerts and suggest fixes. These use cases, combined with the new event-driven automation capabilities, promise to reduce incident response times and improve overall IT efficiency. The key is to start small, with low-risk environments, and gradually expand the scope of AI-based automation as confidence grows.

With these announcements, Red Hat has made it clear that it sees AI as the next frontier for IT automation, but it is determined to avoid the pitfalls that have plagued other AI deployments. By keeping the human firmly in the loop and relying on deterministic playbooks wherever possible, the company hopes to usher in a new era of intelligent, safe automation.


Source: Network World News


Share:

Related posts
Your experience on this site will be improved by allowing cookies Cookie Policy

These cookies are essential for the website to function properly.

These cookies help us understand how visitors interact with the website.

These cookies are used to deliver personalized advertisements.