diff --git a/ansible/cloud_providers/azure_infrastructure_deployment.yml b/ansible/cloud_providers/azure_infrastructure_deployment.yml
index 5b04147f598..0c94c097b8d 100644
--- a/ansible/cloud_providers/azure_infrastructure_deployment.yml
+++ b/ansible/cloud_providers/azure_infrastructure_deployment.yml
@@ -90,7 +90,7 @@
         content: |
           {
             "adminUsername": { "value": "{{remote_user}}" }, {{ adminPassword }}
-            "sshKeyData": { "value": "{{ env_authorized_key_content_pub }}"},
+            "sshKeyData": { "value": "{{ ssh_provision_pubkey_content | default(env_authorized_key_content_pub) }}"},
             "DNSZone": { "value": "{{HostedZoneId}}"},
             "guid": { "value": "{{guid}}"},
           }
@@ -186,12 +186,26 @@
 # Copy env_vars variables from the config to all hosts
 - import_playbook: ../include_vars.yml
 
-- name: Configure local ssh config for bastion proxy use
-  import_playbook: "{{cloud_provider}}_ssh_config_setup.yml"
-  when: groups["bastions"] is defined and (groups["bastions"]|length>0)
+- name: Step 001.2 Create Inventory and SSH config setup
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  become: false
   tags:
     - must
+    - step001
+    - step001.2
     - create_inventory
+    - create_ssh_config
+  tasks:
+    - when: create_ssh_config | default(true) | bool
+      block:
+        - name: Run Common SSH Config Generator Role
+          when:
+            - groups.bastions is defined
+            - groups.bastions | length > 0
+          include_role:
+            name: infra-common-ssh-config-generate
 
 - name: wait_for_connection for all non-windows machines and set hostname
   hosts:
@@ -203,6 +217,12 @@
     - wait_ssh
     - set_hostname
   tasks:
+    - name: set facts for remote access
+      tags:
+        - create_inventory
+      set_fact:
+        ansible_ssh_extra_args: "{{ ansible_ssh_extra_args|d() }} -F {{ hostvars.localhost.ansible_ssh_config }}"
+
     - name: wait for linux host to be available
       wait_for_connection:
         timeout: 300
diff --git a/ansible/cloud_providers/azure_ssh_config_setup.yml b/ansible/cloud_providers/azure_ssh_config_setup.yml
deleted file mode 100644
index 10c86f58606..00000000000
--- a/ansible/cloud_providers/azure_ssh_config_setup.yml
+++ /dev/null
@@ -1,81 +0,0 @@
----
-- name: SSH config setup
-  hosts: localhost
-  connection: local
-  gather_facts: false
-  become: false
-  tags:
-    - create_ssh_config
-  tasks:
-    - name: Store bastion hostname as a fact
-      set_fact:
-        bastion_hostname: "{{groups['bastions'].0 }}"
-        # This is where the ssh_config file will be created, this file is used to
-        # define the communication method to all the hosts in the deployment
-        ansible_ssh_config: "{{output_dir}}/{{ env_type }}_{{ guid }}_ssh_conf"
-        ansible_known_host: "{{output_dir}}/{{ env_type }}_{{ guid }}_ssh_known_hosts"
-
-    - name: Delete dedicated known_host if it exists (new deployment)
-      file:
-        dest: "{{ansible_known_host}}"
-        state: absent
-
-    - name: delete local ssh config, start fresh
-      file:
-        dest: "{{ ansible_ssh_config }}"
-        state: absent
-
-    - name: Create empty local ssh config
-      file:
-        dest: "{{ ansible_ssh_config }}"
-        state: touch
-
-    - name: Add bastion proxy config to workdir ssh config file
-      blockinfile:
-        dest: "{{ ansible_ssh_config }}"
-        marker: "##### {mark} ADDED BASTION PROXY HOST {{ env_type }}-{{ guid }} ######"
-        content: |
-            Host {{ bastion_hostname }} {{ hostvars[bastion_hostname].shortname |d('')}}
-              Hostname {{ hostvars[bastion_hostname].public_dns_name }}
-              IdentityFile {{ env_authorized_key_path }}
-              IdentitiesOnly yes
-              User {{ remote_user }}
-              ControlMaster auto
-              ControlPath /tmp/{{ guid }}-%r-%h-%p
-              ControlPersist 5m
-              StrictHostKeyChecking no
-              ConnectTimeout 60
-              ConnectionAttempts 10
-              UserKnownHostsFile {{ansible_known_host}}
-      tags:
-        - bastion_proxy_config_main
-
-    - name: Add all hosts to workdir ssh config file
-      blockinfile:
-        dest: "{{ ansible_ssh_config }}"
-        marker: "##### {mark} ADDED Node Proxy Config  {{ item }} {{ env_type }}-{{ guid }} ######"
-        block: |
-            Host {{ item }} {{  hostvars[item].public_ip_address | default('') }} {{ hostvars[item].shortname |d('')}}
-              Hostname {{ hostvars[item].private_ip_address }}
-              User {{ remote_user }}
-              IdentityFile {{ env_authorized_key_path }}
-              ProxyCommand ssh -F {{ ansible_ssh_config }} {{ bastion_hostname }} -W %h:%p
-              StrictHostKeyChecking no
-              UserKnownHostsFile {{ansible_known_host}}
-      when: item not in [bastion_hostname, 'localhost', '127.0.0.1']
-      with_items: "{{ groups['all'] }}"
-      tags:
-        - bastion_proxy_config_hosts
-
-- name: Set ssh extra args for all hosts, use ssh_config just created
-  hosts: all
-  gather_facts: false
-  any_errors_fatal: true
-  ignore_errors: false
-  tags:
-    - step001
-    - ssh_args
-  tasks:
-    - name: add -F option ansible_ssh_extra_args
-      set_fact:
-        ansible_ssh_extra_args: "{{ ansible_ssh_extra_args|default() }} -F {{ hostvars['localhost'].ansible_ssh_config }}"
diff --git a/ansible/roles-infra/infra-azure-create-inventory/tasks/main.yml b/ansible/roles-infra/infra-azure-create-inventory/tasks/main.yml
index 0c3cf7afec2..a96c7bea9d5 100644
--- a/ansible/roles-infra/infra-azure-create-inventory/tasks/main.yml
+++ b/ansible/roles-infra/infra-azure-create-inventory/tasks/main.yml
@@ -59,8 +59,6 @@
       - "{{ 'newnodes' if (item.tags.newnode|d()|bool) else 'all'}}"
     ansible_user: "{{ remote_user }}"
     remote_user: "{{ remote_user | d('azure') }}"
-    ansible_ssh_private_key_file: "{{ ssh_provision_key_path | default(env_authorized_key_path) }}"
-    key_name: "envkey"
     state: "{{item.powerState|d('unknown')}}"
     internaldns: "{{item.tags.internaldns | d(item.osProfile.computerName) |d(item.name)}}"
     instance_id: "{{ item.vmId | d('unknown')}}"
@@ -69,7 +67,6 @@
     private_dns_name: "{{item.tags.internaldns|d(item.name)}}"
     private_ip_address: "{{item.privateIps}}"
     public_ip_address: "{{item.publicIps}}"
-    ansible_host: "{{item.publicIps}}"
     placement: "{{item.zones}}"
     image_id: "{{item.storageProfile.osDisk.image|d('unknown')}}"
     ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
diff --git a/ansible/roles/agnosticd_save_output_dir/tasks/create-output-dir-archive.yml b/ansible/roles/agnosticd_save_output_dir/tasks/create-output-dir-archive.yml
index 6bbdbd36d29..cdfd40e1a4b 100644
--- a/ansible/roles/agnosticd_save_output_dir/tasks/create-output-dir-archive.yml
+++ b/ansible/roles/agnosticd_save_output_dir/tasks/create-output-dir-archive.yml
@@ -15,9 +15,6 @@
     tar -czf {{ agnosticd_save_output_dir_archive_tempfile }} --exclude "google-cloud-sdk" .
   args:
     chdir: "{{ output_dir }}"
-    # Disable warning for using tar command rather than archive module.
-    # archive module does not support chdir type option.
-    warn: false
 
 - when: agnosticd_save_output_dir_archive_password is defined
   name: Encrypt tarball using password
diff --git a/docs/SSH_keys_and_access.adoc b/docs/SSH_keys_and_access.adoc
index b57e3309a5d..fa3bf94dbc2 100644
--- a/docs/SSH_keys_and_access.adoc
+++ b/docs/SSH_keys_and_access.adoc
@@ -7,6 +7,7 @@ This section describes how SSH keys are managed in agnosticd.
 Here is the list of agnosticd cloud providers that follow this workflow:
 
 * ec2
+* azure
 
 Long-term, we want all cloud providers to comply.
 
diff --git a/tools/execution_environments/ee-multicloud-public/bindep.txt b/tools/execution_environments/ee-multicloud-public/bindep.txt
index 84a9f9658e3..fdd66035a69 100644
--- a/tools/execution_environments/ee-multicloud-public/bindep.txt
+++ b/tools/execution_environments/ee-multicloud-public/bindep.txt
@@ -10,6 +10,7 @@ krb5-libs
 libcurl-devel
 libxml2-devel
 microdnf
+openssl
 openssl-devel
 # Another distribution of python for extra CLIs and to avoid dependency hell
 python36
diff --git a/tools/execution_environments/ee-multicloud-public/execution-environment.yml b/tools/execution_environments/ee-multicloud-public/execution-environment.yml
index afd7054c47e..309afb514a7 100644
--- a/tools/execution_environments/ee-multicloud-public/execution-environment.yml
+++ b/tools/execution_environments/ee-multicloud-public/execution-environment.yml
@@ -4,8 +4,8 @@ version: 1
 build_arg_defaults:
   # Get the full list from:
   # https://catalog.redhat.com/software/containers/search?p=1&build_categories_list=Automation%20Execution%20Environment
-  EE_BASE_IMAGE: 'quay.io/ansible/ansible-runner:devel'
-  #EE_BASE_IMAGE: 'quay.io/ansible/ansible-runner:stable-2.12-latest'
+  #EE_BASE_IMAGE: 'quay.io/ansible/ansible-runner:devel'
+  EE_BASE_IMAGE: 'quay.io/ansible/ansible-runner:stable-2.12-latest'
   #EE_BUILDER_IMAGE: 'registry.redhat.io/ansible-automation-platform-21/ansible-builder-rhel8'
   #EE_BASE_IMAGE: registry.redhat.io/ansible-automation-platform-21/ee-29-rhel8:1.0.0-46
   #EE_BASE_IMAGE: registry.redhat.io/ansible-automation-platform-21/ee-supported-rhel8:1.0.1-15
diff --git a/tools/execution_environments/ee-multicloud-public/readme.adoc b/tools/execution_environments/ee-multicloud-public/readme.adoc
index 64f36ed1767..cb3db834926 100644
--- a/tools/execution_environments/ee-multicloud-public/readme.adoc
+++ b/tools/execution_environments/ee-multicloud-public/readme.adoc
@@ -1,4 +1,8 @@
 == Changelog ==
+=== v0.0.7 ===
+
+* add `openssl` binaries
+
 === v0.0.6 ===
 
 * Cleanup requirements.txt file, let builder pull the dependencies from collections