---
- name: Patch Windows DCs using PowerShell via JEA
  hosts: windows
  gather_facts: no
  tasks:
    - name: Search for updates
      win_shell: Get-WindowsUpdate
      register: search_output

    - name: Install updates
      win_shell: Install-WindowsUpdate -AcceptAll -AutoReboot
      register: install_output

    - name: Reboot the system
      win_shell: Restart-Computer -Force
      when: install_output.stdout | search("RebootRequired")