ansible-config list

From wikieduonline
Jump to navigation Jump to search

ansible-config list
ACTION_WARNINGS:
  default: true
  description:
  - By default Ansible will issue a warning when received from a task action (module
    or action plugin)
  - These warnings can be silenced by adjusting this setting to False.
  env:
  - name: ANSIBLE_ACTION_WARNINGS
  ini:
  - key: action_warnings
    section: defaults
  name: Toggle action warnings
  type: boolean
  version_added: '2.5'
AGNOSTIC_BECOME_PROMPT:
  default: true
  description: Display an agnostic become prompt instead of displaying a prompt containing
    the command line supplied become method
  env:
  - name: ANSIBLE_AGNOSTIC_BECOME_PROMPT
  ini:
  - key: agnostic_become_prompt
    section: privilege_escalation
  name: Display an agnostic become prompt
  type: boolean
  version_added: '2.5'
  yaml:
    key: privilege_escalation.agnostic_become_prompt
ALLOW_WORLD_READABLE_TMPFILES:
  default: false
  deprecated:
    alternatives: world_readable_tmp
    collection_name: ansible.builtin
    version: '2.14'
    why: moved to shell plugins
  description:
  - This setting has been moved to the individual shell plugins as a plugin option
    :ref:`shell_plugins`.
  - The existing configuration settings are still accepted with the shell plugin adding
    additional options, like variables.
  - This message will be removed in 2.14.
  name: Allow world-readable temporary files
  type: boolean
ANSIBLE_CONNECTION_PATH:
  default: null
  description:
  - Specify where to look for the ansible-connection script. This location will be
    checked before searching $PATH.
  - If null, ansible will start with the same directory as the ansible script.
  env:
  - name: ANSIBLE_CONNECTION_PATH
  ini:
  - key: ansible_connection_path
    section: persistent_connection
  name: Path of ansible-connection script
  type: path
  version_added: '2.8'
  yaml:
    key: persistent_connection.ansible_connection_path
ANSIBLE_COW_ACCEPTLIST:
  default:
  - bud-frogs
  - bunny
  - cheese
  - daemon
  - default
  - dragon
  - elephant-in-snake
  - elephant
  - eyes
  - hellokitty
  - kitty
  - luke-koala
  - meow
  - milk
  - moofasa
  - moose
  - ren
  - sheep
  - small
  - stegosaurus
  - stimpy
  - supermilker
  - three-eyes
  - turkey
  - turtle
  - tux
  - udder
  - vader-koala
  - vader
  - www
  description: White list of cowsay templates that are 'safe' to use, set to empty
    list if you want to enable all installed templates.
  env:
  - deprecated:
      alternatives: ANSIBLE_COW_ACCEPTLIST
      collection_name: ansible.builtin
      version: '2.15'
      why: normalizing names to new standard
    name: ANSIBLE_COW_WHITELIST
  - name: ANSIBLE_COW_ACCEPTLIST
    version_added: '2.11'
  ini:
  - deprecated:
      alternatives: cowsay_enabled_stencils
      collection_name: ansible.builtin
      version: '2.15'
      why: normalizing names to new standard
    key: cow_whitelist
    section: defaults
  - key: cowsay_enabled_stencils
    section: defaults
    version_added: '2.11'
  name: Cowsay filter acceptance list
  type: list
ANSIBLE_COW_PATH:
  default: null
  description: Specify a custom cowsay path or swap in your cowsay implementation
    of choice
  env:
  - name: ANSIBLE_COW_PATH
  ini:
  - key: cowpath
    section: defaults
  name: Set path to cowsay command
  type: string
  yaml:
    key: display.cowpath
ANSIBLE_COW_SELECTION:
  default: default
  description: This allows you to chose a specific cowsay stencil for the banners
    or use 'random' to cycle through them.
  env:
  - name: ANSIBLE_COW_SELECTION
  ini:
  - key: cow_selection
    section: defaults
  name: Cowsay filter selection
ANSIBLE_FORCE_COLOR:
  default: false
  description: This option forces color mode even when running without a TTY or the
    "nocolor" setting is True.
  env:
  - name: ANSIBLE_FORCE_COLOR
  ini:
  - key: force_color
    section: defaults
  name: Force color output
  type: boolean
  yaml:
    key: display.force_color
ANSIBLE_NOCOLOR:
  default: false
  description: This setting allows suppressing colorizing output, which is used to
    give a better indication of failure and status information.
  env:
  - name: ANSIBLE_NOCOLOR
  - name: NO_COLOR
    version_added: '2.11'
  ini:
  - key: nocolor
    section: defaults
  name: Suppress color output
  type: boolean
  yaml:
    key: display.nocolor
ANSIBLE_NOCOWS:
  default: false
  description: If you have cowsay installed but want to avoid the 'cows' (why????),
    use this.
  env:
  - name: ANSIBLE_NOCOWS
  ini:
  - key: nocows
    section: defaults
  name: Suppress cowsay output
  type: boolean
  yaml:
    key: display.i_am_no_fun
ANSIBLE_PIPELINING:
  default: false
  description:
  - Pipelining, if supported by the connection plugin, reduces the number of network
    operations required to execute a module on the remote server, by executing many
    Ansible modules without actual file transfer.
  - This can result in a very significant performance improvement when enabled.
  - However this conflicts with privilege escalation (become). For example, when using
    'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all
    managed hosts, which is why it is disabled by default.
  - This option is disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled.
  - This is a global option, each connection plugin can override either by having
    more specific options or not supporting pipelining at all.
  env:
  - name: ANSIBLE_PIPELINING
  ini:
  - key: pipelining
    section: defaults
  - key: pipelining
    section: connection
  name: Connection pipelining
  type: boolean
ANY_ERRORS_FATAL:
  default: false
  description: Sets the default value for the any_errors_fatal keyword, if True, Task
    failures will be considered fatal errors.
  env:
  - name: ANSIBLE_ANY_ERRORS_FATAL
  ini:
  - key: any_errors_fatal
    section: defaults
  name: Make Task failures fatal
  type: boolean
  version_added: '2.4'
  yaml:
    key: errors.any_task_errors_fatal
BECOME_ALLOW_SAME_USER:
  default: false
  description:
  - This setting controls if become is skipped when remote user and become user are
    the same. I.E root sudo to root.
  - If executable, it will be run and the resulting stdout will be used as the password.
  env:
  - name: ANSIBLE_BECOME_ALLOW_SAME_USER
  ini:
  - key: become_allow_same_user
    section: privilege_escalation
  name: Allow becoming the same user
  type: boolean
  yaml:
    key: privilege_escalation.become_allow_same_user
BECOME_PASSWORD_FILE:
  default: null
  description:
  - The password file to use for the become plugin. --become-password-file.
  - If executable, it will be run and the resulting stdout will be used as the password.
  env:
  - name: ANSIBLE_BECOME_PASSWORD_FILE
  ini:
  - key: become_password_file
    section: defaults
  name: Become password file
  type: path
  version_added: '2.12'
BECOME_PLUGIN_PATH:
  default: ~/.ansible/plugins/become:/usr/share/ansible/plugins/become
  description: Colon separated paths in which Ansible will search for Become Plugins.
  env:
  - name: ANSIBLE_BECOME_PLUGINS
  ini:
  - key: become_plugins
    section: defaults
  name: Become plugins path
  type: pathspec
  version_added: '2.8'
CACHE_PLUGIN:
  default: memory
  description: Chooses which cache plugin to use, the default 'memory' is ephemeral.
  env:
  - name: ANSIBLE_CACHE_PLUGIN
  ini:
  - key: fact_caching
    section: defaults
  name: Persistent Cache plugin
  yaml:
    key: facts.cache.plugin
CACHE_PLUGIN_CONNECTION:
  default: null
  description: Defines connection or path information for the cache plugin
  env:
  - name: ANSIBLE_CACHE_PLUGIN_CONNECTION
  ini:
  - key: fact_caching_connection
    section: defaults
  name: Cache Plugin URI
  yaml:
    key: facts.cache.uri
CACHE_PLUGIN_PREFIX:
  default: ansible_facts
  description: Prefix to use for cache plugin files/tables
  env:
  - name: ANSIBLE_CACHE_PLUGIN_PREFIX
  ini:
  - key: fact_caching_prefix
    section: defaults
  name: Cache Plugin table prefix
  yaml:
    key: facts.cache.prefix
CACHE_PLUGIN_TIMEOUT:
  default: 86400
  description: Expiration timeout for the cache plugin data
  env:
  - name: ANSIBLE_CACHE_PLUGIN_TIMEOUT
  ini:
  - key: fact_caching_timeout
    section: defaults
  name: Cache Plugin expiration timeout
  type: integer
  yaml:
    key: facts.cache.timeout
CALLABLE_ACCEPT_LIST:
  default: []
  description: Whitelist of callable methods to be made available to template evaluation
  env:
  - deprecated:
      alternatives: ANSIBLE_CALLABLE_ENABLED
      collection_name: ansible.builtin
      version: '2.15'
      why: normalizing names to new standard
    name: ANSIBLE_CALLABLE_WHITELIST
  - name: ANSIBLE_CALLABLE_ENABLED
    version_added: '2.11'
  ini:
  - deprecated:
      alternatives: callable_enabled
      collection_name: ansible.builtin
      version: '2.15'
      why: normalizing names to new standard
    key: callable_whitelist
    section: defaults
  - key: callable_enabled
    section: defaults
    version_added: '2.11'
  name: Template 'callable' accept list
  type: list
CALLBACKS_ENABLED:
  default: []
  description:
  - List of enabled callbacks, not all callbacks need enabling, but many of those
    shipped with Ansible do as we don't want them activated by default.
  env:
  - deprecated:
      alternatives: ANSIBLE_CALLBACKS_ENABLED
      collection_name: ansible.builtin
      version: '2.15'
      why: normalizing names to new standard
    name: ANSIBLE_CALLBACK_WHITELIST
  - name: ANSIBLE_CALLBACKS_ENABLED
    version_added: '2.11'
  ini:
  - deprecated:
      alternatives: callbacks_enabled
      collection_name: ansible.builtin
      version: '2.15'
      why: normalizing names to new standard
    key: callback_whitelist
    section: defaults
  - key: callbacks_enabled
    section: defaults
    version_added: '2.11'
  name: Enable callback plugins that require it.
  type: list
COLLECTIONS_ON_ANSIBLE_VERSION_MISMATCH:
  choices:
  - error
  - warning
  - ignore
  default: warning
  description:
  - When a collection is loaded that does not support the running Ansible version
    (via the collection metadata key `requires_ansible`), the default behavior is
    to issue a warning and continue anyway. Setting this value to `ignore` skips the
    warning entirely, while setting it to `fatal` will immediately halt Ansible execution.
  env:
  - name: ANSIBLE_COLLECTIONS_ON_ANSIBLE_VERSION_MISMATCH
  ini:
  - key: collections_on_ansible_version_mismatch
    section: defaults
  name: Defines behavior when loading a collection that does not support the current
    Ansible version
COLLECTIONS_PATHS:
  default: ~/.ansible/collections:/usr/share/ansible/collections
  description: 'Colon separated paths in which Ansible will search for collections
    content. Collections must be in nested *subdirectories*, not directly in these
    directories. For example, if ``COLLECTIONS_PATHS`` includes ``~/.ansible/collections``,
    and you want to add ``my.collection`` to that directory, it must be saved as ``~/.ansible/collections/ansible_collections/my/collection``.

    '
  env:
  - name: ANSIBLE_COLLECTIONS_PATHS
  - name: ANSIBLE_COLLECTIONS_PATH
    version_added: '2.10'
  ini:
  - key: collections_paths
    section: defaults
  - key: collections_path
    section: defaults
    version_added: '2.10'
  name: ordered list of root paths for loading installed Ansible collections content
  type: pathspec
COLLECTIONS_SCAN_SYS_PATH:
  default: true
  description: A boolean to enable or disable scanning the sys.path for installed
    collections
  env:
  - name: ANSIBLE_COLLECTIONS_SCAN_SYS_PATH
  ini:
  - key: collections_scan_sys_path
    section: defaults
  name: Scan PYTHONPATH for installed collections
  type: boolean
COLOR_CHANGED:
  choices: &id001
  - black
  - bright gray
  - blue
  - white
  - green
  - bright blue
  - cyan
  - bright green
  - red
  - bright cyan
  - purple
  - bright red
  - yellow
  - bright purple
  - dark gray
  - bright yellow
  - magenta
  - bright magenta
  - normal
  default: yellow
  description: Defines the color to use on 'Changed' task status
  env:
  - name: ANSIBLE_COLOR_CHANGED
  ini:
  - key: changed
    section: colors
  name: Color for 'changed' task status
COLOR_CONSOLE_PROMPT:
  choices: *id001
  default: white
  description: Defines the default color to use for ansible-console
  env:
  - name: ANSIBLE_COLOR_CONSOLE_PROMPT
  ini:
  - key: console_prompt
    section: colors
  name: Color for ansible-console's prompt task status
  version_added: '2.7'
COLOR_DEBUG:
  choices: *id001
  default: dark gray
  description: Defines the color to use when emitting debug messages
  env:
  - name: ANSIBLE_COLOR_DEBUG
  ini:
  - key: debug
    section: colors
  name: Color for debug statements
COLOR_DEPRECATE:
  choices: *id001
  default: purple
  description: Defines the color to use when emitting deprecation messages
  env:
  - name: ANSIBLE_COLOR_DEPRECATE
  ini:
  - key: deprecate
    section: colors
  name: Color for deprecation messages
COLOR_DIFF_ADD:
  choices: *id001
  default: green
  description: Defines the color to use when showing added lines in diffs
  env:
  - name: ANSIBLE_COLOR_DIFF_ADD
  ini:
  - key: diff_add
    section: colors
  name: Color for diff added display
  yaml:
    key: display.colors.diff.add
COLOR_DIFF_LINES:
  choices: *id001
  default: cyan
  description: Defines the color to use when showing diffs
  env:
  - name: ANSIBLE_COLOR_DIFF_LINES
  ini:
  - key: diff_lines
    section: colors
  name: Color for diff lines display
COLOR_DIFF_REMOVE:
  choices: *id001
  default: red
  description: Defines the color to use when showing removed lines in diffs
  env:
  - name: ANSIBLE_COLOR_DIFF_REMOVE
  ini:
  - key: diff_remove
    section: colors
  name: Color for diff removed display
COLOR_ERROR:
  choices: *id001
  default: red
  description: Defines the color to use when emitting error messages
  env:
  - name: ANSIBLE_COLOR_ERROR
  ini:
  - key: error
    section: colors
  name: Color for error messages
  yaml:
    key: colors.error
COLOR_HIGHLIGHT:
  choices: *id001
  default: white
  description: Defines the color to use for highlighting
  env:
  - name: ANSIBLE_COLOR_HIGHLIGHT
  ini:
  - key: highlight
    section: colors
  name: Color for highlighting
COLOR_OK:
  choices: *id001
  default: green
  description: Defines the color to use when showing 'OK' task status
  env:
  - name: ANSIBLE_COLOR_OK
  ini:
  - key: ok
    section: colors
  name: Color for 'ok' task status
COLOR_SKIP:
  choices: *id001
  default: cyan
  description: Defines the color to use when showing 'Skipped' task status
  env:
  - name: ANSIBLE_COLOR_SKIP
  ini:
  - key: skip
    section: colors
  name: Color for 'skip' task status
COLOR_UNREACHABLE:
  choices: *id001
  default: bright red
  description: Defines the color to use on 'Unreachable' status
  env:
  - name: ANSIBLE_COLOR_UNREACHABLE
  ini:
  - key: unreachable
    section: colors
  name: Color for 'unreachable' host state
COLOR_VERBOSE:
  choices: *id001
  default: blue
  description: Defines the color to use when emitting verbose messages. i.e those
    that show with '-v's.
  env:
  - name: ANSIBLE_COLOR_VERBOSE
  ini:
  - key: verbose
    section: colors
  name: Color for verbose messages
COLOR_WARN:
  choices: *id001
  default: bright purple
  description: Defines the color to use when emitting warning messages
  env:
  - name: ANSIBLE_COLOR_WARN
  ini:
  - key: warn
    section: colors
  name: Color for warning messages
COMMAND_WARNINGS:
  default: false
  deprecated:
    collection_name: ansible.builtin
    version: '2.14'
    why: the command warnings feature is being removed
  description:
  - Ansible can issue a warning when the shell or command module is used and the command
    appears to be similar to an existing Ansible module.
  - These warnings can be silenced by adjusting this setting to False. You can also
    control this at the task level with the module option ``warn``.
  - As of version 2.11, this is disabled by default.
  env:
  - name: ANSIBLE_COMMAND_WARNINGS
  ini:
  - key: command_warnings
    section: defaults
  name: Command module warnings
  type: boolean
  version_added: '1.8'
CONNECTION_FACTS_MODULES:
  default:
    arista.eos.eos: arista.eos.eos_facts
    asa: ansible.legacy.asa_facts
    cisco.asa.asa: cisco.asa.asa_facts
    cisco.ios.ios: cisco.ios.ios_facts
    cisco.iosxr.iosxr: cisco.iosxr.iosxr_facts
    cisco.nxos.nxos: cisco.nxos.nxos_facts
    community.network.ironware: community.network.ironware_facts
    eos: ansible.legacy.eos_facts
    exos: ansible.legacy.exos_facts
    extreme.exos.exos: extreme.exos.exos_facts
    extreme.slxos.slxos: extreme.slxos.slxos_facts
    extreme.voss.voss: extreme.voss.voss_facts
    frr: ansible.legacy.frr_facts
    frr.frr.frr: frr.frr.frr_facts
    ios: ansible.legacy.ios_facts
    iosxr: ansible.legacy.iosxr_facts
    ironware: ansible.legacy.ironware_facts
    junipernetworks.junos.junos: junipernetworks.junos.junos_facts
    junos: ansible.legacy.junos_facts
    nxos: ansible.legacy.nxos_facts
    slxos: ansible.legacy.slxos_facts
    voss: ansible.legacy.voss_facts
    vyos: ansible.legacy.vyos_facts
    vyos.vyos.vyos: vyos.vyos.vyos_facts
  description: Which modules to run during a play's fact gathering stage based on
    connection
  name: Map of connections to fact modules
  type: dict
CONNECTION_PASSWORD_FILE:
  default: null
  description: The password file to use for the connection plugin. --connection-password-file.
  env:
  - name: ANSIBLE_CONNECTION_PASSWORD_FILE
  ini:
  - key: connection_password_file
    section: defaults
  name: Connection password file
  type: path
  version_added: '2.12'
COVERAGE_REMOTE_OUTPUT:
  description:
  - Sets the output directory on the remote host to generate coverage reports to.
  - Currently only used for remote coverage on PowerShell modules.
  - This is for internal use only.
  env:
  - name: _ANSIBLE_COVERAGE_REMOTE_OUTPUT
  name: Sets the output directory and filename prefix to generate coverage run info.
  type: str
  vars:
  - name: _ansible_coverage_remote_output
  version_added: '2.9'
COVERAGE_REMOTE_PATHS:
  default: '*'
  description:
  - A list of paths for files on the Ansible controller to run coverage for when executing
    on the remote host.
  - Only files that match the path glob will have its coverage collected.
  - Multiple path globs can be specified and are separated by ``:``.
  - Currently only used for remote coverage on PowerShell modules.
  - This is for internal use only.
  env:
  - name: _ANSIBLE_COVERAGE_REMOTE_PATH_FILTER
  name: Sets the list of paths to run coverage for.
  type: str
  version_added: '2.9'
DEFAULT_ACTION_PLUGIN_PATH:
  default: ~/.ansible/plugins/action:/usr/share/ansible/plugins/action
  description: Colon separated paths in which Ansible will search for Action Plugins.
  env:
  - name: ANSIBLE_ACTION_PLUGINS
  ini:
  - key: action_plugins
    section: defaults
  name: Action plugins path
  type: pathspec
  yaml:
    key: plugins.action.path
DEFAULT_ALLOW_UNSAFE_LOOKUPS:
  default: false
  description:
  - When enabled, this option allows lookup plugins (whether used in variables as
    ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked
    'unsafe'.
  - By default, such data is marked as unsafe to prevent the templating engine from
    evaluating any jinja2 templating language, as this could represent a security
    risk. This option is provided to allow for backward compatibility, however users
    should first consider adding allow_unsafe=True to any lookups which may be expected
    to contain data which may be run through the templating engine late
  env: []
  ini:
  - key: allow_unsafe_lookups
    section: defaults
  name: Allow unsafe lookups
  type: boolean
  version_added: 2.2.3
DEFAULT_ASK_PASS:
  default: false
  description:
  - This controls whether an Ansible playbook should prompt for a login password.
    If using SSH keys for authentication, you probably do not needed to change this
    setting.
  env:
  - name: ANSIBLE_ASK_PASS
  ini:
  - key: ask_pass
    section: defaults
  name: Ask for the login password
  type: boolean
  yaml:
    key: defaults.ask_pass
DEFAULT_ASK_VAULT_PASS:
  default: false
  description:
  - This controls whether an Ansible playbook should prompt for a vault password.
  env:
  - name: ANSIBLE_ASK_VAULT_PASS
  ini:
  - key: ask_vault_pass
    section: defaults
  name: Ask for the vault password(s)
  type: boolean
DEFAULT_BECOME:
  default: false
  description: Toggles the use of privilege escalation, allowing you to 'become' another
    user after login.
  env:
  - name: ANSIBLE_BECOME
  ini:
  - key: become
    section: privilege_escalation
  name: Enable privilege escalation (become)
  type: boolean
DEFAULT_BECOME_ASK_PASS:
  default: false
  description: Toggle to prompt for privilege escalation password.
  env:
  - name: ANSIBLE_BECOME_ASK_PASS
  ini:
  - key: become_ask_pass
    section: privilege_escalation
  name: Ask for the privilege escalation (become) password
  type: boolean
DEFAULT_BECOME_EXE:
  default: null
  description: executable to use for privilege escalation, otherwise Ansible will
    depend on PATH
  env:
  - name: ANSIBLE_BECOME_EXE
  ini:
  - key: become_exe
    section: privilege_escalation
  name: Choose 'become' executable
DEFAULT_BECOME_FLAGS:
  default: null
  description: Flags to pass to the privilege escalation executable.
  env:
  - name: ANSIBLE_BECOME_FLAGS
  ini:
  - key: become_flags
    section: privilege_escalation
  name: Set 'become' executable options
DEFAULT_BECOME_METHOD:
  default: sudo
  description: Privilege escalation method to use when `become` is enabled.
  env:
  - name: ANSIBLE_BECOME_METHOD
  ini:
  - key: become_method
    section: privilege_escalation
  name: Choose privilege escalation method
DEFAULT_BECOME_USER:
  default: root
  description: The user your login/remote user 'becomes' when using privilege escalation,
    most systems will use 'root' when no user is specified.
  env:
  - name: ANSIBLE_BECOME_USER
  ini:
  - key: become_user
    section: privilege_escalation
  name: Set the user you 'become' via privilege escalation
  yaml:
    key: become.user
DEFAULT_CACHE_PLUGIN_PATH:
  default: ~/.ansible/plugins/cache:/usr/share/ansible/plugins/cache
  description: Colon separated paths in which Ansible will search for Cache Plugins.
  env:
  - name: ANSIBLE_CACHE_PLUGINS
  ini:
  - key: cache_plugins
    section: defaults
  name: Cache Plugins Path
  type: pathspec
DEFAULT_CALLBACK_PLUGIN_PATH:
  default: ~/.ansible/plugins/callback:/usr/share/ansible/plugins/callback
  description: Colon separated paths in which Ansible will search for Callback Plugins.
  env:
  - name: ANSIBLE_CALLBACK_PLUGINS
  ini:
  - key: callback_plugins
    section: defaults
  name: Callback Plugins Path
  type: pathspec
  yaml:
    key: plugins.callback.path
DEFAULT_CLICONF_PLUGIN_PATH:
  default: ~/.ansible/plugins/cliconf:/usr/share/ansible/plugins/cliconf
  description: Colon separated paths in which Ansible will search for Cliconf Plugins.
  env:
  - name: ANSIBLE_CLICONF_PLUGINS
  ini:
  - key: cliconf_plugins
    section: defaults
  name: Cliconf Plugins Path
  type: pathspec
DEFAULT_CONNECTION_PLUGIN_PATH:
  default: ~/.ansible/plugins/connection:/usr/share/ansible/plugins/connection
  description: Colon separated paths in which Ansible will search for Connection Plugins.
  env:
  - name: ANSIBLE_CONNECTION_PLUGINS
  ini:
  - key: connection_plugins
    section: defaults
  name: Connection Plugins Path
  type: pathspec
  yaml:
    key: plugins.connection.path
DEFAULT_DEBUG:
  default: false
  description:
  - Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing.  Debug
    output can also include secret information despite no_log settings being enabled,
    which means debug mode should not be used in production.
  env:
  - name: ANSIBLE_DEBUG
  ini:
  - key: debug
    section: defaults
  name: Debug mode
  type: boolean
DEFAULT_EXECUTABLE:
  default: /bin/sh
  description:
  - This indicates the command to use to spawn a shell under for Ansible's execution
    needs on a target. Users may need to change this in rare instances when shell
    usage is constrained, but in most cases it may be left as is.
  env:
  - name: ANSIBLE_EXECUTABLE
  ini:
  - key: executable
    section: defaults
  name: Target shell executable
DEFAULT_FACT_PATH:
  default: null
  description:
  - This option allows you to globally configure a custom path for 'local_facts' for
    the implied M(ansible.builtin.setup) task when using fact gathering.
  - 'If not set, it will fallback to the default from the M(ansible.builtin.setup)
    module: ``/etc/ansible/facts.d``.'
  - This does **not** affect  user defined tasks that use the M(ansible.builtin.setup)
    module.
  env:
  - name: ANSIBLE_FACT_PATH
  ini:
  - key: fact_path
    section: defaults
  name: local fact path
  type: string
  yaml:
    key: facts.gathering.fact_path
DEFAULT_FILTER_PLUGIN_PATH:
  default: ~/.ansible/plugins/filter:/usr/share/ansible/plugins/filter
  description: Colon separated paths in which Ansible will search for Jinja2 Filter
    Plugins.
  env:
  - name: ANSIBLE_FILTER_PLUGINS
  ini:
  - key: filter_plugins
    section: defaults
  name: Jinja2 Filter Plugins Path
  type: pathspec
DEFAULT_FORCE_HANDLERS:
  default: false
  description:
  - This option controls if notified handlers run on a host even if a failure occurs
    on that host.
  - When false, the handlers will not run if a failure has occurred on a host.
  - This can also be set per play or on the command line. See Handlers and Failure
    for more details.
  env:
  - name: ANSIBLE_FORCE_HANDLERS
  ini:
  - key: force_handlers
    section: defaults
  name: Force handlers to run after failure
  type: boolean
  version_added: 1.9.1
DEFAULT_FORKS:
  default: 5
  description: Maximum number of forks Ansible will use to execute tasks on target
    hosts.
  env:
  - name: ANSIBLE_FORKS
  ini:
  - key: forks
    section: defaults
  name: Number of task forks
  type: integer
DEFAULT_GATHERING:
  choices:
  - smart
  - explicit
  - implicit
  default: implicit
  description:
  - This setting controls the default policy of fact gathering (facts discovered about
    remote systems).
  - 'When ''implicit'' (the default), the cache plugin will be ignored and facts will
    be gathered per play unless ''gather_facts: False'' is set.'
  - When 'explicit' the inverse is true, facts will not be gathered unless directly
    requested in the play.
  - The 'smart' value means each new host that has no facts discovered will be scanned,
    but if the same host is addressed in multiple plays it will not be contacted again
    in the playbook run.
  - This option can be useful for those wishing to save fact gathering time. Both
    'smart' and 'explicit' will use the cache plugin.
  env:
  - name: ANSIBLE_GATHERING
  ini:
  - key: gathering
    section: defaults
  name: Gathering behaviour
  version_added: '1.6'
DEFAULT_GATHER_SUBSET:
  default:
  - all
  description:
  - Set the `gather_subset` option for the M(ansible.builtin.setup) task in the implicit
    fact gathering. See the module documentation for specifics.
  - It does **not** apply to user defined M(ansible.builtin.setup) tasks.
  env:
  - name: ANSIBLE_GATHER_SUBSET
  ini:
  - key: gather_subset
    section: defaults
  name: Gather facts subset
  type: list
  version_added: '2.1'
DEFAULT_GATHER_TIMEOUT:
  default: 10
  description:
  - Set the timeout in seconds for the implicit fact gathering.
  - It does **not** apply to user defined M(ansible.builtin.setup) tasks.
  env:
  - name: ANSIBLE_GATHER_TIMEOUT
  ini:
  - key: gather_timeout
    section: defaults
  name: Gather facts timeout
  type: integer
  yaml:
    key: defaults.gather_timeout
DEFAULT_HASH_BEHAVIOUR:
  choices:
    merge: Any dictionary variable will be recursively merged with new definitions
      across the different variable definition sources.
    replace: Any variable that is defined more than once is overwritten using the
      order from variable precedence rules (highest wins).
  default: replace
  description:
  - This setting controls how duplicate definitions of dictionary variables (aka hash,
    map, associative array) are handled in Ansible.
  - This does not affect variables whose values are scalars (integers, strings) or
    arrays.
  - '**WARNING**, changing this setting is not recommended as this is fragile and
    makes your content (plays, roles, collections) non portable, leading to continual
    confusion and misuse. Don''t change this setting unless you think you have an
    absolute need for it.'
  - We recommend avoiding reusing variable names and relying on the ``combine`` filter
    and ``vars`` and ``varnames`` lookups to create merged versions of the individual
    variables. In our experience this is rarely really needed and a sign that too
    much complexity has been introduced into the data structures and plays.
  - For some uses you can also look into custom vars_plugins to merge on input, even
    substituting the default ``host_group_vars`` that is in charge of parsing the
    ``host_vars/`` and ``group_vars/`` directories. Most users of this setting are
    only interested in inventory scope, but the setting itself affects all sources
    and makes debugging even harder.
  - All playbooks and roles in the official examples repos assume the default for
    this setting.
  - Changing the setting to ``merge`` applies across variable sources, but many sources
    will internally still overwrite the variables. For example ``include_vars`` will
    dedupe variables internally before updating Ansible, with 'last defined' overwriting
    previous definitions in same file.
  - The Ansible project recommends you **avoid ``merge`` for new projects.**
  - It is the intention of the Ansible developers to eventually deprecate and remove
    this setting, but it is being kept as some users do heavily rely on it. New projects
    should **avoid 'merge'**.
  env:
  - name: ANSIBLE_HASH_BEHAVIOUR
  ini:
  - key: hash_behaviour
    section: defaults
  name: Hash merge behaviour
  type: string
DEFAULT_HOST_LIST:
  default: /etc/ansible/hosts
  description: Comma separated list of Ansible inventory sources
  env:
  - name: ANSIBLE_INVENTORY
  expand_relative_paths: true
  ini:
  - key: inventory
    section: defaults
  name: Inventory Source
  type: pathlist
  yaml:
    key: defaults.inventory
DEFAULT_HTTPAPI_PLUGIN_PATH:
  default: ~/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi
  description: Colon separated paths in which Ansible will search for HttpApi Plugins.
  env:
  - name: ANSIBLE_HTTPAPI_PLUGINS
  ini:
  - key: httpapi_plugins
    section: defaults
  name: HttpApi Plugins Path
  type: pathspec
DEFAULT_INTERNAL_POLL_INTERVAL:
  default: 0.001
  description:
  - This sets the interval (in seconds) of Ansible internal processes polling each
    other. Lower values improve performance with large playbooks at the expense of
    extra CPU load. Higher values are more suitable for Ansible usage in automation
    scenarios, when UI responsiveness is not required but CPU usage might be a concern.
  - The default corresponds to the value hardcoded in Ansible <= 2.1
  env: []
  ini:
  - key: internal_poll_interval
    section: defaults
  name: Internal poll interval
  type: float
  version_added: '2.2'
DEFAULT_INVENTORY_PLUGIN_PATH:
  default: ~/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory
  description: Colon separated paths in which Ansible will search for Inventory Plugins.
  env:
  - name: ANSIBLE_INVENTORY_PLUGINS
  ini:
  - key: inventory_plugins
    section: defaults
  name: Inventory Plugins Path
  type: pathspec
DEFAULT_JINJA2_EXTENSIONS:
  default: []
  description:
  - This is a developer-specific feature that allows enabling additional Jinja2 extensions.
  - See the Jinja2 documentation for details. If you do not know what these do, you
    probably don't need to change this settingĀ :)
  env:
  - name: ANSIBLE_JINJA2_EXTENSIONS
  ini:
  - key: jinja2_extensions
    section: defaults
  name: Enabled Jinja2 extensions
DEFAULT_JINJA2_NATIVE:
  default: false
  description: This option preserves variable types during template operations. This
    requires Jinja2 >= 2.10.
  env:
  - name: ANSIBLE_JINJA2_NATIVE
  ini:
  - key: jinja2_native
    section: defaults
  name: Use Jinja2's NativeEnvironment for templating
  type: boolean
  version_added: 2.7
  yaml:
    key: jinja2_native
DEFAULT_KEEP_REMOTE_FILES:
  default: false
  description:
  - Enables/disables the cleaning up of the temporary files Ansible used to execute
    the tasks on the remote.
  - If this option is enabled it will disable ``ANSIBLE_PIPELINING``.
  env:
  - name: ANSIBLE_KEEP_REMOTE_FILES
  ini:
  - key: keep_remote_files
    section: defaults
  name: Keep remote files
  type: boolean
DEFAULT_LIBVIRT_LXC_NOSECLABEL:
  default: false
  description:
  - This setting causes libvirt to connect to lxc containers by passing --noseclabel
    to virsh. This is necessary when running on systems which do not have SELinux.
  env:
  - deprecated:
      alternatives: the ``ANSIBLE_LIBVIRT_LXC_NOSECLABEL`` environment variable
      collection_name: ansible.builtin
      version: '2.12'
      why: environment variables without ``ANSIBLE_`` prefix are deprecated
    name: LIBVIRT_LXC_NOSECLABEL
  - name: ANSIBLE_LIBVIRT_LXC_NOSECLABEL
  ini:
  - key: libvirt_lxc_noseclabel
    section: selinux
  name: No security label on Lxc
  type: boolean
  version_added: '2.1'
DEFAULT_LOAD_CALLBACK_PLUGINS:
  default: false
  description:
  - Controls whether callback plugins are loaded when running /usr/bin/ansible. This
    may be used to log activity from the command line, send notifications, and so
    on. Callback plugins are always loaded for ``ansible-playbook``.
  env:
  - name: ANSIBLE_LOAD_CALLBACK_PLUGINS
  ini:
  - key: bin_ansible_callbacks
    section: defaults
  name: Load callbacks for adhoc
  type: boolean
  version_added: '1.8'
DEFAULT_LOCAL_TMP:
  default: ~/.ansible/tmp
  description: Temporary directory for Ansible to use on the controller.
  env:
  - name: ANSIBLE_LOCAL_TEMP
  ini:
  - key: local_tmp
    section: defaults
  name: Controller temporary directory
  type: tmppath
DEFAULT_LOG_FILTER:
  default: []
  description: List of logger names to filter out of the log file
  env:
  - name: ANSIBLE_LOG_FILTER
  ini:
  - key: log_filter
    section: defaults
  name: Name filters for python logger
  type: list
DEFAULT_LOG_PATH:
  default: null
  description: File to which Ansible will log on the controller. When empty logging
    is disabled.
  env:
  - name: ANSIBLE_LOG_PATH
  ini:
  - key: log_path
    section: defaults
  name: Ansible log file path
  type: path
DEFAULT_LOOKUP_PLUGIN_PATH:
  default: ~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup
  description: Colon separated paths in which Ansible will search for Lookup Plugins.
  env:
  - name: ANSIBLE_LOOKUP_PLUGINS
  ini:
  - key: lookup_plugins
    section: defaults
  name: Lookup Plugins Path
  type: pathspec
  yaml:
    key: defaults.lookup_plugins
DEFAULT_MANAGED_STR:
  default: Ansible managed
  description: Sets the macro for the 'ansible_managed' variable available for M(ansible.builtin.template)
    and M(ansible.windows.win_template) modules.  This is only relevant for those
    two modules.
  env: []
  ini:
  - key: ansible_managed
    section: defaults
  name: Ansible managed
  yaml:
    key: defaults.ansible_managed
DEFAULT_MODULE_ARGS:
  default: null
  description:
  - This sets the default arguments to pass to the ``ansible`` adhoc binary if no
    ``-a`` is specified.
  env:
  - name: ANSIBLE_MODULE_ARGS
  ini:
  - key: module_args
    section: defaults
  name: Adhoc default arguments
DEFAULT_MODULE_COMPRESSION:
  default: ZIP_DEFLATED
  description: Compression scheme to use when transferring Python modules to the target.
  env: []
  ini:
  - key: module_compression
    section: defaults
  name: Python module compression
DEFAULT_MODULE_NAME:
  default: command
  description: Module to use with the ``ansible`` AdHoc command, if none is specified
    via ``-m``.
  env: []
  ini:
  - key: module_name
    section: defaults
  name: Default adhoc module
DEFAULT_MODULE_PATH:
  default: ~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
  description: Colon separated paths in which Ansible will search for Modules.
  env:
  - name: ANSIBLE_LIBRARY
  ini:
  - key: library
    section: defaults
  name: Modules Path
  type: pathspec
DEFAULT_MODULE_UTILS_PATH:
  default: ~/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils
  description: Colon separated paths in which Ansible will search for Module utils
    files, which are shared by modules.
  env:
  - name: ANSIBLE_MODULE_UTILS
  ini:
  - key: module_utils
    section: defaults
  name: Module Utils Path
  type: pathspec
DEFAULT_NETCONF_PLUGIN_PATH:
  default: ~/.ansible/plugins/netconf:/usr/share/ansible/plugins/netconf
  description: Colon separated paths in which Ansible will search for Netconf Plugins.
  env:
  - name: ANSIBLE_NETCONF_PLUGINS
  ini:
  - key: netconf_plugins
    section: defaults
  name: Netconf Plugins Path
  type: pathspec
DEFAULT_NO_LOG:
  default: false
  description: Toggle Ansible's display and logging of task details, mainly used to
    avoid security disclosures.
  env:
  - name: ANSIBLE_NO_LOG
  ini:
  - key: no_log
    section: defaults
  name: No log
  type: boolean
DEFAULT_NO_TARGET_SYSLOG:
  default: false
  description:
  - Toggle Ansible logging to syslog on the target when it executes tasks. On Windows
    hosts this will disable a newer style PowerShell modules from writting to the
    event log.
  env:
  - name: ANSIBLE_NO_TARGET_SYSLOG
  ini:
  - key: no_target_syslog
    section: defaults
  name: No syslog on target
  type: boolean
  vars:
  - name: ansible_no_target_syslog
    version_added: '2.10'
  yaml:
    key: defaults.no_target_syslog
DEFAULT_NULL_REPRESENTATION:
  default: null
  description: What templating should return as a 'null' value. When not set it will
    let Jinja2 decide.
  env:
  - name: ANSIBLE_NULL_REPRESENTATION
  ini:
  - key: null_representation
    section: defaults
  name: Represent a null
  type: none
DEFAULT_POLL_INTERVAL:
  default: 15
  description:
  - For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling),
    this is how often to check back on the status of those tasks when an explicit
    poll interval is not supplied. The default is a reasonably moderate 15 seconds
    which is a tradeoff between checking in frequently and providing a quick turnaround
    when something may have completed.
  env:
  - name: ANSIBLE_POLL_INTERVAL
  ini:
  - key: poll_interval
    section: defaults
  name: Async poll interval
  type: integer
DEFAULT_PRIVATE_KEY_FILE:
  default: null
  description:
  - Option for connections using a certificate or key file to authenticate, rather
    than an agent or passwords, you can set the default value here to avoid re-specifying
    --private-key with every invocation.
  env:
  - name: ANSIBLE_PRIVATE_KEY_FILE
  ini:
  - key: private_key_file
    section: defaults
  name: Private key file
  type: path
DEFAULT_PRIVATE_ROLE_VARS:
  default: false
  description:
  - Makes role variables inaccessible from other roles.
  - This was introduced as a way to reset role variables to default values if a role
    is used more than once in a playbook.
  env:
  - name: ANSIBLE_PRIVATE_ROLE_VARS
  ini:
  - key: private_role_vars
    section: defaults
  name: Private role variables
  type: boolean
  yaml:
    key: defaults.private_role_vars
DEFAULT_REMOTE_PORT:
  default: null
  description: Port to use in remote connections, when blank it will use the connection
    plugin default.
  env:
  - name: ANSIBLE_REMOTE_PORT
  ini:
  - key: remote_port
    section: defaults
  name: Remote port
  type: integer
  yaml:
    key: defaults.remote_port
DEFAULT_REMOTE_USER:
  description:
  - Sets the login user for the target machines
  - When blank it uses the connection plugin's default, normally the user currently
    executing Ansible.
  env:
  - name: ANSIBLE_REMOTE_USER
  ini:
  - key: remote_user
    section: defaults
  name: Login/Remote User
DEFAULT_ROLES_PATH:
  default: ~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
  description: Colon separated paths in which Ansible will search for Roles.
  env:
  - name: ANSIBLE_ROLES_PATH
  expand_relative_paths: true
  ini:
  - key: roles_path
    section: defaults
  name: Roles path
  type: pathspec
  yaml:
    key: defaults.roles_path
DEFAULT_SELINUX_SPECIAL_FS:
  default: fuse, nfs, vboxsf, ramfs, 9p, vfat
  description:
  - Some filesystems do not support safe operations and/or return inconsistent errors,
    this setting makes Ansible 'tolerate' those in the list w/o causing fatal errors.
  - Data corruption may occur and writes are not always verified when a filesystem
    is in the list.
  env:
  - name: ANSIBLE_SELINUX_SPECIAL_FS
    version_added: '2.9'
  ini:
  - key: special_context_filesystems
    section: selinux
  name: Problematic file systems
  type: list
DEFAULT_STDOUT_CALLBACK:
  default: default
  description:
  - Set the main callback used to display Ansible output, you can only have one at
    a time.
  - You can have many other callbacks, but just one can be in charge of stdout.
  env:
  - name: ANSIBLE_STDOUT_CALLBACK
  ini:
  - key: stdout_callback
    section: defaults
  name: Main display callback plugin
DEFAULT_STRATEGY:
  default: linear
  description: Set the default strategy used for plays.
  env:
  - name: ANSIBLE_STRATEGY
  ini:
  - key: strategy
    section: defaults
  name: Implied strategy
  version_added: '2.3'
DEFAULT_STRATEGY_PLUGIN_PATH:
  default: ~/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy
  description: Colon separated paths in which Ansible will search for Strategy Plugins.
  env:
  - name: ANSIBLE_STRATEGY_PLUGINS
  ini:
  - key: strategy_plugins
    section: defaults
  name: Strategy Plugins Path
  type: pathspec
DEFAULT_SU:
  default: false
  description: Toggle the use of "su" for tasks.
  env:
  - name: ANSIBLE_SU
  ini:
  - key: su
    section: defaults
  type: boolean
  yaml:
    key: defaults.su
DEFAULT_SYSLOG_FACILITY:
  default: LOG_USER
  description: Syslog facility to use when Ansible logs to the remote target
  env:
  - name: ANSIBLE_SYSLOG_FACILITY
  ini:
  - key: syslog_facility
    section: defaults
  name: syslog facility
DEFAULT_TERMINAL_PLUGIN_PATH:
  default: ~/.ansible/plugins/terminal:/usr/share/ansible/plugins/terminal
  description: Colon separated paths in which Ansible will search for Terminal Plugins.
  env:
  - name: ANSIBLE_TERMINAL_PLUGINS
  ini:
  - key: terminal_plugins
    section: defaults
  name: Terminal Plugins Path
  type: pathspec
DEFAULT_TEST_PLUGIN_PATH:
  default: ~/.ansible/plugins/test:/usr/share/ansible/plugins/test
  description: Colon separated paths in which Ansible will search for Jinja2 Test
    Plugins.
  env:
  - name: ANSIBLE_TEST_PLUGINS
  ini:
  - key: test_plugins
    section: defaults
  name: Jinja2 Test Plugins Path
  type: pathspec
DEFAULT_TIMEOUT:
  default: 10
  description: This is the default timeout for connection plugins to use.
  env:
  - name: ANSIBLE_TIMEOUT
  ini:
  - key: timeout
    section: defaults
  name: Connection timeout
  type: integer
DEFAULT_TRANSPORT:
  default: smart
  description: Default connection plugin to use, the 'smart' option will toggle between
    'ssh' and 'paramiko' depending on controller OS and ssh versions
  env:
  - name: ANSIBLE_TRANSPORT
  ini:
  - key: transport
    section: defaults
  name: Connection plugin
DEFAULT_UNDEFINED_VAR_BEHAVIOR:
  default: true
  description:
  - When True, this causes ansible templating to fail steps that reference variable
    names that are likely typoed.
  - Otherwise, any '{{ template_expression }}' that contains undefined variables will
    be rendered in a template or ansible action line exactly as written.
  env:
  - name: ANSIBLE_ERROR_ON_UNDEFINED_VARS
  ini:
  - key: error_on_undefined_vars
    section: defaults
  name: Jinja2 fail on undefined
  type: boolean
  version_added: '1.3'
DEFAULT_VARS_PLUGIN_PATH:
  default: ~/.ansible/plugins/vars:/usr/share/ansible/plugins/vars
  description: Colon separated paths in which Ansible will search for Vars Plugins.
  env:
  - name: ANSIBLE_VARS_PLUGINS
  ini:
  - key: vars_plugins
    section: defaults
  name: Vars Plugins Path
  type: pathspec
DEFAULT_VAULT_ENCRYPT_IDENTITY:
  description: The vault_id to use for encrypting by default. If multiple vault_ids
    are provided, this specifies which to use for encryption. The --encrypt-vault-id
    cli option overrides the configured value.
  env:
  - name: ANSIBLE_VAULT_ENCRYPT_IDENTITY
  ini:
  - key: vault_encrypt_identity
    section: defaults
  name: Vault id to use for encryption
  yaml:
    key: defaults.vault_encrypt_identity
DEFAULT_VAULT_IDENTITY:
  default: default
  description: The label to use for the default vault id label in cases where a vault
    id label is not provided
  env:
  - name: ANSIBLE_VAULT_IDENTITY
  ini:
  - key: vault_identity
    section: defaults
  name: Vault id label
  yaml:
    key: defaults.vault_identity
DEFAULT_VAULT_IDENTITY_LIST:
  default: []
  description: A list of vault-ids to use by default. Equivalent to multiple --vault-id
    args. Vault-ids are tried in order.
  env:
  - name: ANSIBLE_VAULT_IDENTITY_LIST
  ini:
  - key: vault_identity_list
    section: defaults
  name: Default vault ids
  type: list
  yaml:
    key: defaults.vault_identity_list
DEFAULT_VAULT_ID_MATCH:
  default: false
  description: If true, decrypting vaults with a vault id will only try the password
    from the matching vault-id
  env:
  - name: ANSIBLE_VAULT_ID_MATCH
  ini:
  - key: vault_id_match
    section: defaults
  name: Force vault id match
  yaml:
    key: defaults.vault_id_match
DEFAULT_VAULT_PASSWORD_FILE:
  default: null
  description:
  - The vault password file to use. Equivalent to --vault-password-file or --vault-id
  - If executable, it will be run and the resulting stdout will be used as the password.
  env:
  - name: ANSIBLE_VAULT_PASSWORD_FILE
  ini:
  - key: vault_password_file
    section: defaults
  name: Vault password file
  type: path
  yaml:
    key: defaults.vault_password_file
DEFAULT_VERBOSITY:
  default: 0
  description: Sets the default verbosity, equivalent to the number of ``-v`` passed
    in the command line.
  env:
  - name: ANSIBLE_VERBOSITY
  ini:
  - key: verbosity
    section: defaults
  name: Verbosity
  type: integer
DEPRECATION_WARNINGS:
  default: true
  description: Toggle to control the showing of deprecation warnings
  env:
  - name: ANSIBLE_DEPRECATION_WARNINGS
  ini:
  - key: deprecation_warnings
    section: defaults
  name: Deprecation messages
  type: boolean
DEVEL_WARNING:
  default: true
  description: Toggle to control showing warnings related to running devel
  env:
  - name: ANSIBLE_DEVEL_WARNING
  ini:
  - key: devel_warning
    section: defaults
  name: Running devel warning
  type: boolean
DIFF_ALWAYS:
  default: false
  description: Configuration toggle to tell modules to show differences when in 'changed'
    status, equivalent to ``--diff``.
  env:
  - name: ANSIBLE_DIFF_ALWAYS
  ini:
  - key: always
    section: diff
  name: Show differences
  type: bool
DIFF_CONTEXT:
  default: 3
  description: How many lines of context to show when displaying the differences between
    files.
  env:
  - name: ANSIBLE_DIFF_CONTEXT
  ini:
  - key: context
    section: diff
  name: Difference context
  type: integer
DISPLAY_ARGS_TO_STDOUT:
  default: false
  description:
  - 'Normally ``ansible-playbook`` will print a header for each task that is run.
    These headers will contain the name: field from the task if you specified one.
    If you didn''t then ``ansible-playbook`` uses the task''s action to help you tell
    which task is presently running. Sometimes you run many of the same action and
    so you want more information about the task to differentiate it from others of
    the same action. If you set this variable to True in the config then ``ansible-playbook``
    will also include the task''s arguments in the header.'
  - This setting defaults to False because there is a chance that you have sensitive
    values in your parameters and you do not want those to be printed.
  - 'If you set this to True you should be sure that you have secured your environment''s
    stdout (no one can shoulder surf your screen and you aren''t saving stdout to
    an insecure file) or made sure that all of your playbooks explicitly added the
    ``no_log: True`` parameter to tasks which have sensitive values See How do I keep
    secret data in my playbook? for more information.'
  env:
  - name: ANSIBLE_DISPLAY_ARGS_TO_STDOUT
  ini:
  - key: display_args_to_stdout
    section: defaults
  name: Show task arguments
  type: boolean
  version_added: '2.1'
DISPLAY_SKIPPED_HOSTS:
  default: true
  description: Toggle to control displaying skipped task/host entries in a task in
    the default callback
  env:
  - deprecated:
      alternatives: the ``ANSIBLE_DISPLAY_SKIPPED_HOSTS`` environment variable
      collection_name: ansible.builtin
      version: '2.12'
      why: environment variables without ``ANSIBLE_`` prefix are deprecated
    name: DISPLAY_SKIPPED_HOSTS
  - name: ANSIBLE_DISPLAY_SKIPPED_HOSTS
  ini:
  - key: display_skipped_hosts
    section: defaults
  name: Show skipped results
  type: boolean
DOCSITE_ROOT_URL:
  default: https://docs.ansible.com/ansible-core/
  description: Root docsite URL used to generate docs URLs in warning/error text;
    must be an absolute URL with valid scheme and trailing slash.
  ini:
  - key: docsite_root_url
    section: defaults
  name: Root docsite URL
  version_added: '2.8'
DOC_FRAGMENT_PLUGIN_PATH:
  default: ~/.ansible/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments
  description: Colon separated paths in which Ansible will search for Documentation
    Fragments Plugins.
  env:
  - name: ANSIBLE_DOC_FRAGMENT_PLUGINS
  ini:
  - key: doc_fragment_plugins
    section: defaults
  name: documentation fragment plugins path
  type: pathspec
DUPLICATE_YAML_DICT_KEY:
  choices:
  - warn
  - error
  - ignore
  default: warn
  description:
  - By default Ansible will issue a warning when a duplicate dict key is encountered
    in YAML.
  - These warnings can be silenced by adjusting this setting to False.
  env:
  - name: ANSIBLE_DUPLICATE_YAML_DICT_KEY
  ini:
  - key: duplicate_dict_key
    section: defaults
  name: Controls ansible behaviour when finding duplicate keys in YAML.
  type: string
  version_added: '2.9'
ENABLE_TASK_DEBUGGER:
  default: false
  description:
  - Whether or not to enable the task debugger, this previously was done as a strategy
    plugin.
  - Now all strategy plugins can inherit this behavior. The debugger defaults to activating
    when
  - a task is failed on unreachable. Use the debugger keyword for more flexibility.
  env:
  - name: ANSIBLE_ENABLE_TASK_DEBUGGER
  ini:
  - key: enable_task_debugger
    section: defaults
  name: Whether to enable the task debugger
  type: boolean
  version_added: '2.5'
ERROR_ON_MISSING_HANDLER:
  default: true
  description: Toggle to allow missing handlers to become a warning instead of an
    error when notifying.
  env:
  - name: ANSIBLE_ERROR_ON_MISSING_HANDLER
  ini:
  - key: error_on_missing_handler
    section: defaults
  name: Missing handler error
  type: boolean
FACTS_MODULES:
  default:
  - smart
  description: Which modules to run during a play's fact gathering stage, using the
    default of 'smart' will try to figure it out based on connection type.
  env:
  - name: ANSIBLE_FACTS_MODULES
  ini:
  - key: facts_modules
    section: defaults
  name: Gather Facts Modules
  type: list
  vars:
  - name: ansible_facts_modules
GALAXY_CACHE_DIR:
  default: ~/.ansible/galaxy_cache
  description:
  - The directory that stores cached responses from a Galaxy server.
  - This is only used by the ``ansible-galaxy collection install`` and ``download``
    commands.
  - Cache files inside this dir will be ignored if they are world writable.
  env:
  - name: ANSIBLE_GALAXY_CACHE_DIR
  ini:
  - key: cache_dir
    section: galaxy
  type: path
  version_added: '2.11'
GALAXY_DISPLAY_PROGRESS:
  default: null
  description:
  - Some steps in ``ansible-galaxy`` display a progress wheel which can cause issues
    on certain displays or when outputing the stdout to a file.
  - This config option controls whether the display wheel is shown or not.
  - The default is to show the display wheel if stdout has a tty.
  env:
  - name: ANSIBLE_GALAXY_DISPLAY_PROGRESS
  ini:
  - key: display_progress
    section: galaxy
  type: bool
  version_added: '2.10'
GALAXY_IGNORE_CERTS:
  default: false
  description:
  - If set to yes, ansible-galaxy will not validate TLS certificates. This can be
    useful for testing against a server with a self-signed certificate.
  env:
  - name: ANSIBLE_GALAXY_IGNORE
  ini:
  - key: ignore_certs
    section: galaxy
  name: Galaxy validate certs
  type: boolean
GALAXY_ROLE_SKELETON:
  description: Role or collection skeleton directory to use as a template for the
    ``init`` action in ``ansible-galaxy``, same as ``--role-skeleton``.
  env:
  - name: ANSIBLE_GALAXY_ROLE_SKELETON
  ini:
  - key: role_skeleton
    section: galaxy
  name: Galaxy role or collection skeleton directory
  type: path
GALAXY_ROLE_SKELETON_IGNORE:
  default:
  - ^.git$
  - ^.*/.git_keep$
  description: patterns of files to ignore inside a Galaxy role or collection skeleton
    directory
  env:
  - name: ANSIBLE_GALAXY_ROLE_SKELETON_IGNORE
  ini:
  - key: role_skeleton_ignore
    section: galaxy
  name: Galaxy skeleton ignore
  type: list
GALAXY_SERVER:
  default: https://galaxy.ansible.com
  description: URL to prepend when roles don't specify the full URI, assume they are
    referencing this server as the source.
  env:
  - name: ANSIBLE_GALAXY_SERVER
  ini:
  - key: server
    section: galaxy
  yaml:
    key: galaxy.server
GALAXY_SERVER_LIST:
  description:
  - A list of Galaxy servers to use when installing a collection.
  - The value corresponds to the config ini header ``[galaxy_server.{{item}}]`` which
    defines the server details.
  - See :ref:`galaxy_server_config` for more details on how to define a Galaxy server.
  - The order of servers in this list is used to as the order in which a collection
    is resolved.
  - Setting this config option will ignore the :ref:`galaxy_server` config option.
  env:
  - name: ANSIBLE_GALAXY_SERVER_LIST
  ini:
  - key: server_list
    section: galaxy
  type: list
  version_added: '2.9'
GALAXY_TOKEN_PATH:
  default: ~/.ansible/galaxy_token
  description: Local path to galaxy access token file
  env:
  - name: ANSIBLE_GALAXY_TOKEN_PATH
  ini:
  - key: token_path
    section: galaxy
  type: path
  version_added: '2.9'
HOST_KEY_CHECKING:
  default: true
  description: Set this to "False" if you want to avoid host key checking by the underlying
    tools Ansible uses to connect to the host
  env:
  - name: ANSIBLE_HOST_KEY_CHECKING
  ini:
  - key: host_key_checking
    section: defaults
  name: Check host keys
  type: boolean
HOST_PATTERN_MISMATCH:
  choices:
  - warning
  - error
  - ignore
  default: warning
  description: This setting changes the behaviour of mismatched host patterns, it
    allows you to force a fatal error, a warning or just ignore it
  env:
  - name: ANSIBLE_HOST_PATTERN_MISMATCH
  ini:
  - key: host_pattern_mismatch
    section: inventory
  name: Control host pattern mismatch behaviour
  version_added: '2.8'
INJECT_FACTS_AS_VARS:
  default: true
  description:
  - Facts are available inside the `ansible_facts` variable, this setting also pushes
    them as their own vars in the main namespace.
  - Unlike inside the `ansible_facts` dictionary, these will have an `ansible_` prefix.
  env:
  - name: ANSIBLE_INJECT_FACT_VARS
  ini:
  - key: inject_facts_as_vars
    section: defaults
  type: boolean
  version_added: '2.5'
INTERPRETER_PYTHON:
  default: auto
  description:
  - Path to the Python interpreter to be used for module execution on remote targets,
    or an automatic discovery mode. Supported discovery modes are ``auto`` (the default),
    ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes
    employ a lookup table to use the included system Python (on distributions known
    to include one), falling back to a fixed ordered list of well-known Python interpreter
    locations if a platform-specific default is not available. The fallback behavior
    will issue a warning that the interpreter should be set explicitly (since interpreters
    installed later may change which one is used). This warning behavior can be disabled
    by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy``
    provides all the same behavior, but for backwards-compatibility with older Ansible
    releases that always defaulted to ``/usr/bin/python``, will use that interpreter
    if present.
  env:
  - name: ANSIBLE_PYTHON_INTERPRETER
  ini:
  - key: interpreter_python
    section: defaults
  name: Python interpreter path (or automatic discovery behavior) used for module
    execution
  vars:
  - name: ansible_python_interpreter
  version_added: '2.8'
INTERPRETER_PYTHON_DISTRO_MAP:
  default:
    centos: &id002
      '6': /usr/bin/python
      '8': /usr/libexec/platform-python
      '9': /usr/bin/python3
    debian:
      '10': /usr/bin/python3
      '8': /usr/bin/python
    fedora:
      '23': /usr/bin/python3
    oracle: *id002
    redhat: *id002
    rhel: *id002
    ubuntu:
      '14': /usr/bin/python
      '16': /usr/bin/python3
  name: Mapping of known included platform pythons for various Linux distros
  version_added: '2.8'
INTERPRETER_PYTHON_FALLBACK:
  default:
  - python3.10
  - python3.9
  - python3.8
  - python3.7
  - python3.6
  - python3.5
  - /usr/bin/python3
  - /usr/libexec/platform-python
  - python2.7
  - python2.6
  - /usr/bin/python
  - python
  name: Ordered list of Python interpreters to check for in discovery
  type: list
  vars:
  - name: ansible_interpreter_python_fallback
  version_added: '2.8'
INVALID_TASK_ATTRIBUTE_FAILED:
  default: true
  description: If 'false', invalid attributes for a task will result in warnings instead
    of errors
  env:
  - name: ANSIBLE_INVALID_TASK_ATTRIBUTE_FAILED
  ini:
  - key: invalid_task_attribute_failed
    section: defaults
  name: Controls whether invalid attributes for a task result in errors instead of
    warnings
  type: boolean
  version_added: '2.7'
INVENTORY_ANY_UNPARSED_IS_FAILED:
  default: false
  description: 'If ''true'', it is a fatal error when any given inventory source cannot
    be successfully parsed by any available inventory plugin; otherwise, this situation
    only attracts a warning.

    '
  env:
  - name: ANSIBLE_INVENTORY_ANY_UNPARSED_IS_FAILED
  ini:
  - key: any_unparsed_is_failed
    section: inventory
  name: Controls whether any unparseable inventory source is a fatal error
  type: boolean
  version_added: '2.7'
INVENTORY_CACHE_ENABLED:
  default: false
  description:
  - Toggle to turn on inventory caching.
  - This setting has been moved to the individual inventory plugins as a plugin option
    :ref:`inventory_plugins`.
  - The existing configuration settings are still accepted with the inventory plugin
    adding additional options from inventory configuration.
  - This message will be removed in 2.16.
  env:
  - name: ANSIBLE_INVENTORY_CACHE
  ini:
  - key: cache
    section: inventory
  name: Inventory caching enabled
  type: bool
INVENTORY_CACHE_PLUGIN:
  description:
  - The plugin for caching inventory.
  - This setting has been moved to the individual inventory plugins as a plugin option
    :ref:`inventory_plugins`.
  - The existing configuration settings are still accepted with the inventory plugin
    adding additional options from inventory and fact cache configuration.
  - This message will be removed in 2.16.
  env:
  - name: ANSIBLE_INVENTORY_CACHE_PLUGIN
  ini:
  - key: cache_plugin
    section: inventory
  name: Inventory cache plugin
INVENTORY_CACHE_PLUGIN_CONNECTION:
  description:
  - The inventory cache connection.
  - This setting has been moved to the individual inventory plugins as a plugin option
    :ref:`inventory_plugins`.
  - The existing configuration settings are still accepted with the inventory plugin
    adding additional options from inventory and fact cache configuration.
  - This message will be removed in 2.16.
  env:
  - name: ANSIBLE_INVENTORY_CACHE_CONNECTION
  ini:
  - key: cache_connection
    section: inventory
  name: Inventory cache plugin URI to override the defaults section
INVENTORY_CACHE_PLUGIN_PREFIX:
  default: ansible_inventory_
  description:
  - The table prefix for the cache plugin.
  - This setting has been moved to the individual inventory plugins as a plugin option
    :ref:`inventory_plugins`.
  - The existing configuration settings are still accepted with the inventory plugin
    adding additional options from inventory and fact cache configuration.
  - This message will be removed in 2.16.
  env:
  - name: ANSIBLE_INVENTORY_CACHE_PLUGIN_PREFIX
  ini:
  - key: cache_prefix
    section: inventory
  name: Inventory cache plugin table prefix
INVENTORY_CACHE_TIMEOUT:
  default: 3600
  description:
  - Expiration timeout for the inventory cache plugin data.
  - This setting has been moved to the individual inventory plugins as a plugin option
    :ref:`inventory_plugins`.
  - The existing configuration settings are still accepted with the inventory plugin
    adding additional options from inventory and fact cache configuration.
  - This message will be removed in 2.16.
  env:
  - name: ANSIBLE_INVENTORY_CACHE_TIMEOUT
  ini:
  - key: cache_timeout
    section: inventory
  name: Inventory cache plugin expiration timeout
INVENTORY_ENABLED:
  default:
  - host_list
  - script
  - auto
  - yaml
  - ini
  - toml
  description: List of enabled inventory plugins, it also determines the order in
    which they are used.
  env:
  - name: ANSIBLE_INVENTORY_ENABLED
  ini:
  - key: enable_plugins
    section: inventory
  name: Active Inventory plugins
  type: list
INVENTORY_EXPORT:
  default: false
  description: Controls if ansible-inventory will accurately reflect Ansible's view
    into inventory or its optimized for exporting.
  env:
  - name: ANSIBLE_INVENTORY_EXPORT
  ini:
  - key: export
    section: inventory
  name: Set ansible-inventory into export mode
  type: bool
INVENTORY_IGNORE_EXTS:
  default: '{{(REJECT_EXTS + (''.orig'', ''.ini'', ''.cfg'', ''.retry''))}}'
  description: List of extensions to ignore when using a directory as an inventory
    source
  env:
  - name: ANSIBLE_INVENTORY_IGNORE
  ini:
  - key: inventory_ignore_extensions
    section: defaults
  - key: ignore_extensions
    section: inventory
  name: Inventory ignore extensions
  type: list
INVENTORY_IGNORE_PATTERNS:
  default: []
  description: List of patterns to ignore when using a directory as an inventory source
  env:
  - name: ANSIBLE_INVENTORY_IGNORE_REGEX
  ini:
  - key: inventory_ignore_patterns
    section: defaults
  - key: ignore_patterns
    section: inventory
  name: Inventory ignore patterns
  type: list
INVENTORY_UNPARSED_IS_FAILED:
  default: false
  description: 'If ''true'' it is a fatal error if every single potential inventory
    source fails to parse, otherwise this situation will only attract a warning.

    '
  env:
  - name: ANSIBLE_INVENTORY_UNPARSED_FAILED
  ini:
  - key: unparsed_is_failed
    section: inventory
  name: Unparsed Inventory failure
  type: bool
JINJA2_NATIVE_WARNING:
  default: true
  description: Toggle to control showing warnings related to running a Jinja version
    older than required for jinja2_native
  env:
  - name: ANSIBLE_JINJA2_NATIVE_WARNING
  ini:
  - key: jinja2_native_warning
    section: defaults
  name: Running older than required Jinja version for jinja2_native warning
  type: boolean
LOCALHOST_WARNING:
  default: true
  description:
  - By default Ansible will issue a warning when there are no hosts in the inventory.
  - These warnings can be silenced by adjusting this setting to False.
  env:
  - name: ANSIBLE_LOCALHOST_WARNING
  ini:
  - key: localhost_warning
    section: defaults
  name: Warning when using implicit inventory with only localhost
  type: boolean
  version_added: '2.6'
MAX_FILE_SIZE_FOR_DIFF:
  default: 104448
  description: Maximum size of files to be considered for diff display
  env:
  - name: ANSIBLE_MAX_DIFF_SIZE
  ini:
  - key: max_diff_size
    section: defaults
  name: Diff maximum file size
  type: int
MODULE_IGNORE_EXTS:
  default: '{{(REJECT_EXTS + (''.yaml'', ''.yml'', ''.ini''))}}'
  description:
  - List of extensions to ignore when looking for modules to load
  - This is for rejecting script and binary module fallback extensions
  env:
  - name: ANSIBLE_MODULE_IGNORE_EXTS
  ini:
  - key: module_ignore_exts
    section: defaults
  name: Module ignore extensions
  type: list
NETCONF_SSH_CONFIG:
  default: null
  description: This variable is used to enable bastion/jump host with netconf connection.
    If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config
    file, alternatively it can be set to custom ssh configuration file path to read
    the bastion/jump host settings.
  env:
  - name: ANSIBLE_NETCONF_SSH_CONFIG
  ini:
  - key: ssh_config
    section: netconf_connection
  yaml:
    key: netconf_connection.ssh_config
NETWORK_GROUP_MODULES:
  default:
  - eos
  - nxos
  - ios
  - iosxr
  - junos
  - enos
  - ce
  - vyos
  - sros
  - dellos9
  - dellos10
  - dellos6
  - asa
  - aruba
  - aireos
  - bigip
  - ironware
  - onyx
  - netconf
  - exos
  - voss
  - slxos
  description: 'TODO: write it'
  env:
  - deprecated:
      alternatives: the ``ANSIBLE_NETWORK_GROUP_MODULES`` environment variable
      collection_name: ansible.builtin
      version: '2.12'
      why: environment variables without ``ANSIBLE_`` prefix are deprecated
    name: NETWORK_GROUP_MODULES
  - name: ANSIBLE_NETWORK_GROUP_MODULES
  ini:
  - key: network_group_modules
    section: defaults
  name: Network module families
  type: list
  yaml:
    key: defaults.network_group_modules
OLD_PLUGIN_CACHE_CLEARING:
  default: false
  description: Previously Ansible would only clear some of the plugin loading caches
    when loading new roles, this led to some behaviours in which a plugin loaded in
    prevoius plays would be unexpectedly 'sticky'. This setting allows to return to
    that behaviour.
  env:
  - name: ANSIBLE_OLD_PLUGIN_CACHE_CLEAR
  ini:
  - key: old_plugin_cache_clear
    section: defaults
  type: boolean
  version_added: '2.8'
PARAMIKO_HOST_KEY_AUTO_ADD:
  default: false
  description: 'TODO: write it'
  env:
  - name: ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD
  ini:
  - key: host_key_auto_add
    section: paramiko_connection
  type: boolean
PARAMIKO_LOOK_FOR_KEYS:
  default: true
  description: 'TODO: write it'
  env:
  - name: ANSIBLE_PARAMIKO_LOOK_FOR_KEYS
  ini:
  - key: look_for_keys
    section: paramiko_connection
  name: look for keys
  type: boolean
PERSISTENT_COMMAND_TIMEOUT:
  default: 30
  description: This controls the amount of time to wait for response from remote device
    before timing out persistent connection.
  env:
  - name: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT
  ini:
  - key: command_timeout
    section: persistent_connection
  name: Persistence command timeout
  type: int
PERSISTENT_CONNECT_RETRY_TIMEOUT:
  default: 15
  description: This controls the retry timeout for persistent connection to connect
    to the local domain socket.
  env:
  - name: ANSIBLE_PERSISTENT_CONNECT_RETRY_TIMEOUT
  ini:
  - key: connect_retry_timeout
    section: persistent_connection
  name: Persistence connection retry timeout
  type: integer
PERSISTENT_CONNECT_TIMEOUT:
  default: 30
  description: This controls how long the persistent connection will remain idle before
    it is destroyed.
  env:
  - name: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT
  ini:
  - key: connect_timeout
    section: persistent_connection
  name: Persistence timeout
  type: integer
PERSISTENT_CONTROL_PATH_DIR:
  default: ~/.ansible/pc
  description: Path to socket to be used by the connection persistence system.
  env:
  - name: ANSIBLE_PERSISTENT_CONTROL_PATH_DIR
  ini:
  - key: control_path_dir
    section: persistent_connection
  name: Persistence socket path
  type: path
PLAYBOOK_DIR:
  description:
  - A number of non-playbook CLIs have a ``--playbook-dir`` argument; this sets the
    default value for it.
  env:
  - name: ANSIBLE_PLAYBOOK_DIR
  ini:
  - key: playbook_dir
    section: defaults
  name: playbook dir override for non-playbook CLIs (ala --playbook-dir)
  type: path
  version_added: '2.9'
PLAYBOOK_VARS_ROOT:
  choices:
  - top
  - bottom
  - all
  default: top
  description:
  - This sets which playbook dirs will be used as a root to process vars plugins,
    which includes finding host_vars/group_vars
  - The ``top`` option follows the traditional behaviour of using the top playbook
    in the chain to find the root directory.
  - The ``bottom`` option follows the 2.4.0 behaviour of using the current playbook
    to find the root directory.
  - The ``all`` option examines from the first parent to the current playbook.
  env:
  - name: ANSIBLE_PLAYBOOK_VARS_ROOT
  ini:
  - key: playbook_vars_root
    section: defaults
  name: playbook vars files root
  version_added: 2.4.1
PLUGIN_FILTERS_CFG:
  default: null
  description:
  - A path to configuration for filtering which plugins installed on the system are
    allowed to be used.
  - See :ref:`plugin_filtering_config` for details of the filter file's format.
  - ' The default is /etc/ansible/plugin_filters.yml'
  ini:
  - deprecated:
      alternatives: the "defaults" section instead
      collection_name: ansible.builtin
      version: '2.12'
      why: specifying "plugin_filters_cfg" under the "default" section is deprecated
    key: plugin_filters_cfg
    section: default
  - key: plugin_filters_cfg
    section: defaults
  name: Config file for limiting valid plugins
  type: path
  version_added: 2.5.0
PYTHON_MODULE_RLIMIT_NOFILE:
  default: 0
  description:
  - Attempts to set RLIMIT_NOFILE soft limit to the specified value when executing
    Python modules (can speed up subprocess usage on Python 2.x. See https://bugs.python.org/issue11284).
    The value will be limited by the existing hard limit. Default value of 0 does
    not attempt to adjust existing system-defined limits.
  env:
  - name: ANSIBLE_PYTHON_MODULE_RLIMIT_NOFILE
  ini:
  - key: python_module_rlimit_nofile
    section: defaults
  name: Adjust maximum file descriptor soft limit during Python module execution
  vars:
  - name: ansible_python_module_rlimit_nofile
  version_added: '2.8'
RETRY_FILES_ENABLED:
  default: false
  description: This controls whether a failed Ansible playbook should create a .retry
    file.
  env:
  - name: ANSIBLE_RETRY_FILES_ENABLED
  ini:
  - key: retry_files_enabled
    section: defaults
  name: Retry files
  type: bool
RETRY_FILES_SAVE_PATH:
  default: null
  description:
  - This sets the path in which Ansible will save .retry files when a playbook fails
    and retry files are enabled.
  - This file will be overwritten after each run with the list of failed hosts from
    all plays.
  env:
  - name: ANSIBLE_RETRY_FILES_SAVE_PATH
  ini:
  - key: retry_files_save_path
    section: defaults
  name: Retry files path
  type: path
RUN_VARS_PLUGINS:
  choices:
  - demand
  - start
  default: demand
  description:
  - This setting can be used to optimize vars_plugin usage depending on user's inventory
    size and play selection.
  - Setting to C(demand) will run vars_plugins relative to inventory sources anytime
    vars are 'demanded' by tasks.
  - Setting to C(start) will run vars_plugins relative to inventory sources after
    importing that inventory source.
  env:
  - name: ANSIBLE_RUN_VARS_PLUGINS
  ini:
  - key: run_vars_plugins
    section: defaults
  name: When should vars plugins run relative to inventory
  type: str
  version_added: '2.10'
SHOW_CUSTOM_STATS:
  default: false
  description: This adds the custom stats set via the set_stats plugin to the default
    output
  env:
  - name: ANSIBLE_SHOW_CUSTOM_STATS
  ini:
  - key: show_custom_stats
    section: defaults
  name: Display custom stats
  type: bool
STRING_CONVERSION_ACTION:
  default: warn
  description:
  - Action to take when a module parameter value is converted to a string (this does
    not affect variables). For string parameters, values such as '1.00', "['a', 'b',]",
    and 'yes', 'y', etc. will be converted by the YAML parser unless fully quoted.
  - Valid options are 'error', 'warn', and 'ignore'.
  - Since 2.8, this option defaults to 'warn' but will change to 'error' in 2.12.
  env:
  - name: ANSIBLE_STRING_CONVERSION_ACTION
  ini:
  - key: string_conversion_action
    section: defaults
  type: string
  version_added: '2.8'
STRING_TYPE_FILTERS:
  default:
  - string
  - to_json
  - to_nice_json
  - to_yaml
  - to_nice_yaml
  - ppretty
  - json
  description:
  - This list of filters avoids 'type conversion' when templating variables
  - Useful when you want to avoid conversion into lists or dictionaries for JSON strings,
    for example.
  env:
  - name: ANSIBLE_STRING_TYPE_FILTERS
  ini:
  - key: dont_type_filters
    section: jinja2
  name: Filters to preserve strings
  type: list
SYSTEM_WARNINGS:
  default: true
  description:
  - Allows disabling of warnings related to potential issues on the system running
    ansible itself (not on the managed hosts)
  - These may include warnings about 3rd party packages or other conditions that should
    be resolved if possible.
  env:
  - name: ANSIBLE_SYSTEM_WARNINGS
  ini:
  - key: system_warnings
    section: defaults
  name: System warnings
  type: boolean
TAGS_RUN:
  default: []
  description: default list of tags to run in your plays, Skip Tags has precedence.
  env:
  - name: ANSIBLE_RUN_TAGS
  ini:
  - key: run
    section: tags
  name: Run Tags
  type: list
  version_added: '2.5'
TAGS_SKIP:
  default: []
  description: default list of tags to skip in your plays, has precedence over Run
    Tags
  env:
  - name: ANSIBLE_SKIP_TAGS
  ini:
  - key: skip
    section: tags
  name: Skip Tags
  type: list
  version_added: '2.5'
TASK_DEBUGGER_IGNORE_ERRORS:
  default: true
  description:
  - This option defines whether the task debugger will be invoked on a failed task
    when ignore_errors=True is specified.
  - True specifies that the debugger will honor ignore_errors, False will not honor
    ignore_errors.
  env:
  - name: ANSIBLE_TASK_DEBUGGER_IGNORE_ERRORS
  ini:
  - key: task_debugger_ignore_errors
    section: defaults
  name: Whether a failed task with ignore_errors=True will still invoke the debugger
  type: boolean
  version_added: '2.7'
TASK_TIMEOUT:
  default: 0
  description:
  - Set the maximum time (in seconds) that a task can run for.
  - If set to 0 (the default) there is no timeout.
  env:
  - name: ANSIBLE_TASK_TIMEOUT
  ini:
  - key: task_timeout
    section: defaults
  name: Task Timeout
  type: integer
  version_added: '2.10'
TRANSFORM_INVALID_GROUP_CHARS:
  choices:
  - always
  - never
  - ignore
  - silently
  default: never
  description:
  - Make ansible transform invalid characters in group names supplied by inventory
    sources.
  - If 'never' it will allow for the group name but warn about the issue.
  - When 'ignore', it does the same as 'never', without issuing a warning.
  - When 'always' it will replace any invalid characters with '_' (underscore) and
    warn the user
  - When 'silently', it does the same as 'always', without issuing a warning.
  env:
  - name: ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS
  ini:
  - key: force_valid_group_names
    section: defaults
  name: Transform invalid characters in group names
  type: string
  version_added: '2.8'
USE_PERSISTENT_CONNECTIONS:
  default: false
  description: Toggles the use of persistence for connections.
  env:
  - name: ANSIBLE_USE_PERSISTENT_CONNECTIONS
  ini:
  - key: use_persistent_connections
    section: defaults
  name: Persistence
  type: boolean
VALIDATE_ACTION_GROUP_METADATA:
  default: true
  description:
  - A toggle to disable validating a collection's 'metadata' entry for a module_defaults
    action group. Metadata containing unexpected fields or value types will produce
    a warning when this is True.
  env:
  - name: ANSIBLE_VALIDATE_ACTION_GROUP_METADATA
  ini:
  - key: validate_action_group_metadata
    section: defaults
  type: bool
  version_added: '2.12'
VARIABLE_PLUGINS_ENABLED:
  default:
  - host_group_vars
  description: Whitelist for variable plugins that require it.
  env:
  - name: ANSIBLE_VARS_ENABLED
  ini:
  - key: vars_plugins_enabled
    section: defaults
  name: Vars plugin enabled list
  type: list
  version_added: '2.10'
VARIABLE_PRECEDENCE:
  default:
  - all_inventory
  - groups_inventory
  - all_plugins_inventory
  - all_plugins_play
  - groups_plugins_inventory
  - groups_plugins_play
  description: Allows to change the group variable precedence merge order.
  env:
  - name: ANSIBLE_PRECEDENCE
  ini:
  - key: precedence
    section: defaults
  name: Group variable precedence
  type: list
  version_added: '2.4'
VERBOSE_TO_STDERR:
  default: false
  description:
  - Force 'verbose' option to use stderr instead of stdout
  env:
  - name: ANSIBLE_VERBOSE_TO_STDERR
  ini:
  - key: verbose_to_stderr
    section: defaults
  type: bool
  version_added: '2.8'
WIN_ASYNC_STARTUP_TIMEOUT:
  default: 5
  description:
  - For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling),
    this is how long, in seconds, to wait for the task spawned by Ansible to connect
    back to the named pipe used on Windows systems. The default is 5 seconds. This
    can be too low on slower systems, or systems under heavy load.
  - This is not the total time an async command can run for, but is a separate timeout
    to wait for an async command to start. The task will only start to be timed against
    its async_timeout once it has connected to the pipe, so the overall maximum duration
    the task can take will be extended by the amount specified here.
  env:
  - name: ANSIBLE_WIN_ASYNC_STARTUP_TIMEOUT
  ini:
  - key: win_async_startup_timeout
    section: defaults
  name: Windows Async Startup Timeout
  type: integer
  vars:
  - name: ansible_win_async_startup_timeout
  version_added: '2.10'
WORKER_SHUTDOWN_POLL_COUNT:
  default: 0
  description:
  - The maximum number of times to check Task Queue Manager worker processes to verify
    they have exited cleanly.
  - After this limit is reached any worker processes still running will be terminated.
  - This is for internal use only.
  env:
  - name: ANSIBLE_WORKER_SHUTDOWN_POLL_COUNT
  name: Worker Shutdown Poll Count
  type: integer
  version_added: '2.10'
WORKER_SHUTDOWN_POLL_DELAY:
  default: 0.1
  description:
  - The number of seconds to sleep between polling loops when checking Task Queue
    Manager worker processes to verify they have exited cleanly.
  - This is for internal use only.
  env:
  - name: ANSIBLE_WORKER_SHUTDOWN_POLL_DELAY
  name: Worker Shutdown Poll Delay
  type: float
  version_added: '2.10'
YAML_FILENAME_EXTENSIONS:
  default:
  - .yml
  - .yaml
  - .json
  description:
  - Check all of these extensions when looking for 'variable' files which should be
    YAML or JSON or vaulted versions of these.
  - This affects vars_files, include_vars, inventory and vars plugins among others.
  env:
  - name: ANSIBLE_YAML_FILENAME_EXT
  ini:
  - key: yaml_valid_extensions
    section: defaults
  name: Valid YAML extensions
  type: list



See also

Advertising: