@dennisk -
I know it probably doesn't help a lot now, but please feel free to look at my Github pages. I typically do some demos when I teach the course and for Ansible, I shared the playbooks on Github.
https://github.com/tmichett/RH294/tree/master/Ansible_Playbooks/Chapter4/data-secret
In this instance, I have the secret file listed there directly.
https://github.com/tmichett/RH294/blob/master/Ansible_Playbooks/Chapter4/data-secret/CH4_GE_Managing...
To explain things a little bit further ...
https://docs.ansible.com/ansible/2.8/modules/user_module.html?highlight=user
Password:
Optionally set the user's password to this crypted value.
On macOS systems, this value has to be cleartext. Beware of security issues.
To create a disabled account on Linux systems, set this to '!' or '*'.
To create a disabled account on OpenBSD, set this to '*************'.
https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-pa...
There are also other methods of doing this ... I'm assuming you were in the DO407 or the RH294 course performing a Vault lab for managing secrets. There is another Advanced Ansible course DO447: https://www.redhat.com/en/services/training/do447-advanced-automation-ansible-best-practices that dives into Ansible deeper mentioning proper version control with git and discusses usage of filters, etc.
In that course you learn things like ...
user:
name: "{{ item }}"
password: "{{ password | password_hash('sha512') }}"
update_password: on_create
Travis Michette, RHCA XIII
https://rhtapps.redhat.com/verify?certId=111-134-086
SENIOR TECHNICAL INSTRUCTOR / CERTIFIED INSTRUCTOR AND EXAMINER
Red Hat Certification + Training
