Windows Patch Management Using Ansible Tower (Part 1) - Generate Audit Report

This video shows how a Windows engineer can make use of Ansible Tower to check on the list of updates that is available for each of the Windows VMs in their environment. The output will be a HTML report that shows a table with the list of VMs and the corresponding list of required updates/packages (Note that the list will differ based on the selected update categories)

All the relevant playbooks can be found at the following link,

The actual flow of the video is as follows:

1) We have 2 different Windows Server 2016 VMs in the environment, each on different IP Subnets (this is to meant to simulate an actual environment with different subnets and multiple Windows servers)
2) The Windows engineer will log into Ansible Tower and will see that there are 3 different groups, i.e. Windows AD, Windows Server 2012R2 and Windows Server 2016.
3) The checks will be performed on the Windows Server 2016 VMs and Ansible Tower will make use of WinRM as a means to communicate with the VMs.
4) We will look for updates in the following categories, i,e,
i) Critical Updates
ii) Definition Updates
iii) Security Updates
iv) Update Rollups

5) A HTML report is generated. It will state the list of required updates/packages for each of the Windows VMs in the above selected categories
6) We will check to confirm that this is the same result as what we would get if we were to check the list of updates from the Windows Server 2016 VM


Avatar of eanylin

By eanylin

One thought on “Windows Patch Management Using Ansible Tower (Part 1) – Generate Audit Report”

Leave a Reply

Your email address will not be published.

Captcha loading...