Note
This module is part of ansible-core and included in all Ansible installations. In most cases, you can use the short module name script even without specifying the collections keyword. However, we recommend you use the Fully Qualified Collection Name (FQCN) ansible.builtin.script for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.
cmd parameter is required, see the examples.Note
This module has a corresponding action plugin.
Parameter | Comments |
|---|---|
chdir string | Change into this directory on the remote node before running the script. |
cmd string | Path to the local script to run followed by optional arguments. |
creates string | A filename on the remote node, when it already exists, this step will not be run. |
decrypt boolean | This option controls the auto-decryption of source files using vault. Choices:
|
executable string | Name or path of an executable to invoke the script with. |
free_form string | Path to the local script file followed by optional arguments. |
removes string | A filename on the remote node, when it does not exist, this step will not be run. |
Attribute | Support | Description |
|---|---|---|
check_mode | Can run in check_mode and return changed status prediction without modifying target, if not supported the action will be skipped. | |
diff_mode | Support: none | Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode |
platform | Platforms: all This action is one of the few that requires no Python on the remote as it passes the command directly into the connection string | Target OS/families that can be operated against |
raw | Support: full | Indicates if an action takes a ‘raw’ or ‘free form’ string as an option and has it’s own special parsing of it |
safe_file_operations | Support: none | Uses Ansible’s strict file operation functions to ensure proper permissions and avoid data corruption |
vault | Support: full | Can automatically decrypt Ansible vaulted files |
Note
-tt when scripts are executed. Pseudo-ttys do not have a stderr channel and all stderr is sent to stdout. If you depend on separated stdout and stderr result keys, please switch to a set of tasks that comprises ansible.builtin.copy with ansible.builtin.command instead of using ansible.builtin.script.base64.See also
Execute shell commands on targets.
Execute shell commands on target hosts.
- name: Run a script with arguments (free form)
ansible.builtin.script: /some/local/script.sh --some-argument 1234
- name: Run a script with arguments (using 'cmd' parameter)
ansible.builtin.script:
cmd: /some/local/script.sh --some-argument 1234
- name: Run a script only if file.txt does not exist on the remote node
ansible.builtin.script: /some/local/create_file.sh --some-argument 1234
args:
creates: /the/created/file.txt
- name: Run a script only if file.txt exists on the remote node
ansible.builtin.script: /some/local/remove_file.sh --some-argument 1234
args:
removes: /the/removed/file.txt
- name: Run a script using an executable in a non-system path
ansible.builtin.script: /some/local/script
args:
executable: /some/remote/executable
- name: Run a script using an executable in a system path
ansible.builtin.script: /some/local/script.py
args:
executable: python3
- name: Run a Powershell script on a Windows host
script: subdirectories/under/path/with/your/playbook/script.ps1
© 2012–2018 Michael DeHaan
© 2018–2025 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/script_module.html