Modules Are the Vocabulary of Ansible
Every task you write is a single module call. Modules are organised into collections
that are namespaced as namespace.collection.module. The most common are
ansible.builtin.* (ships with the engine) and the community collections like
community.mysql.* and ansible.posix.*.
System & Identity Modules
| Module | What it does | Key args |
|---|---|---|
ansible.builtin.user | Manage Linux users | name, state, shell, groups, append |
ansible.builtin.group | Manage Linux groups | name, state, gid |
ansible.builtin.systemd | Start / stop / enable services | name, state, enabled |
ansible.builtin.cron | Manage crontab entries | name, minute, hour, job |
ansible.builtin.hostname | Set the hostname | name |
ansible.builtin.mount | Mount filesystems and update fstab | path, src, fstype, state |
ansible.posix.sysctl | Set kernel runtime parameters | name, value, sysctl_set |
ansible.posix.firewalld | Manage firewalld rules | service, port, state, permanent |
ansible.builtin.selinux | Manage SELinux mode | policy, state |
ansible.builtin.timezone | Set system timezone | name |
Files & Templates Modules
| Module | What it does | Key args |
|---|---|---|
ansible.builtin.copy | Push a file to the remote host | src, dest, owner, group, mode, backup |
ansible.builtin.template | Render a Jinja2 template, then push | src, dest, owner, group, mode |
ansible.builtin.fetch | Pull a file from the remote host | src, dest, flat |
ansible.builtin.file | Set permissions, create dirs, symlinks | path, state, mode, owner |
ansible.builtin.lineinfile | Ensure a single line exists in a file | path, regexp, line, state |
ansible.builtin.blockinfile | Manage a block of text in a file | path, marker, block |
ansible.builtin.replace | Replace text matching a regex | path, regexp, replace |
community.general.ini_file | Manage settings in INI files | path, section, option, value |
ansible.builtin.unarchive | Extract zip / tar / tgz archives | src, dest, remote_src |
ansible.builtin.stat | Inspect a file (exists, size, mtime…) | path |
Packages, Network & Database Modules
| Module | What it does | Key args |
|---|---|---|
ansible.builtin.dnf | Install / remove RPMs (OEL, RHEL 8+) | name, state |
ansible.builtin.yum | Same for older RHEL/CentOS | name, state |
ansible.builtin.apt | Debian / Ubuntu package manager | name, state, update_cache |
ansible.builtin.pip | Install Python packages | name, virtualenv |
ansible.builtin.get_url | Download a URL | url, dest, mode, checksum |
ansible.builtin.uri | HTTP request from the remote host | url, method, body, status_code |
ansible.builtin.git | Clone / pull a git repo | repo, dest, version |
community.mysql.mysql_db | Create / drop / dump MySQL DBs | name, state, target |
community.mysql.mysql_user | Manage MySQL users + grants | name, password, priv, state |
community.postgresql.postgresql_db | Create / drop PostgreSQL DBs | name, state, owner |
Discovering New Modules
BASH — exploring modules from the CLI
# show docs for a single module (interactive less view)
ansible-doc ansible.builtin.user
# list every module ansible knows about (3000+ lines)
ansible-doc -l
# search by keyword
ansible-doc -l | grep -i firewall
# show what arguments a module accepts (fast)
ansible-doc -s ansible.builtin.systemd
# ↑ prints a YAML snippet you can paste into a playbook
💡 Tip: Bookmark
ansible-doc -s <module>. It dumps a YAML skeleton with every argument commented — copy it into your playbook and fill in the values you need. Fully-Qualified Names — Why You Should Use Them
Older playbooks used short names like user: or copy:. New code should
use the fully-qualified collection name (FQCN): ansible.builtin.user:,
ansible.builtin.copy:. This is unambiguous, explicit, and avoids name collisions
when two collections happen to ship a module of the same name.
⚠ Warning: Ansible 2.10+ deprecated short names for modules outside
ansible.builtin.*. Always FQCN community modules: community.mysql.mysql_db rather than just mysql_db. The short form may keep working, but the linter will warn.