What is the nature and description of the request?
Cu requires to use infra.controller_configuration.settings role.
Cu wants to describe their SAML authentication settings in variables inside the project, and apply them using the *infra.controller_configuration.settings* role.
As part of the SAML settings, SAML Service Provider private key is to be provided, they declare it in the project in a `vault_vars/lab/saml_private_key.yml` file, then we encrypt it using Ansible-vault.
Inside the playbook, we include the file using the *ansible.builtin.include_vars* module in the pre-tasks section and provide the password upon playbook execution.
The variable value is referenced by the `controller_settings` dictionary and used by the *infra.controller_configuration.settings* role. In the standard Ansible execution log, we can see the private key value in clear text several times during the execution of this role.
How would you like to achieve this?
Add no_log: True for the option where the private key of SAML is provided.
As no_log: True is restricted to plays and tasks only, Cu is unable to set it to the role.
They are using some role from Red Hat Automation Hub.