52 lines
1.6 KiB
YAML
52 lines
1.6 KiB
YAML
- name: Install all updates and reboot as many times as needed
|
|
ansible.windows.win_updates:
|
|
category_names: '*'
|
|
reboot: true
|
|
|
|
- name: Install all security, critical, and rollup updates without a scheduled task
|
|
ansible.windows.win_updates:
|
|
category_names:
|
|
- SecurityUpdates
|
|
- CriticalUpdates
|
|
- UpdateRollups
|
|
|
|
#- name: Search-only, return list of found updates (if any), log to C:\ansible_wu.txt
|
|
# ansible.windows.win_updates:
|
|
# category_names: SecurityUpdates
|
|
# state: searched
|
|
# log_path: C:\ansible_wu.txt
|
|
|
|
#- name: Install all security updates with automatic reboots
|
|
# ansible.windows.win_updates:
|
|
# category_names:
|
|
# - SecurityUpdates
|
|
# reboot: true
|
|
|
|
#- name: Install only particular updates based on the KB numbers
|
|
# ansible.windows.win_updates:
|
|
# category_names:
|
|
# - SecurityUpdates
|
|
# accept_list:
|
|
# - KB4056892
|
|
# - KB4073117
|
|
|
|
#- name: Exclude updates based on the update title
|
|
# ansible.windows.win_updates:
|
|
# category_names:
|
|
# - SecurityUpdates
|
|
# - CriticalUpdates
|
|
# reject_list:
|
|
# - Windows Malicious Software Removal Tool for Windows
|
|
# - \d{4}-\d{2} Cumulative Update for Windows Server 2016
|
|
|
|
# Optionally, you can increase the reboot_timeout to survive long updates during reboot
|
|
- name: Ensure we wait long enough for the updates to be applied during reboot
|
|
ansible.windows.win_updates:
|
|
reboot: true
|
|
reboot_timeout: 3600
|
|
|
|
# Search and download Windows updates
|
|
#- name: Search and download Windows updates without installing them
|
|
# ansible.windows.win_updates:
|
|
# state: downloaded
|