Many thanks again @fullyint. I had a similar issue where all of a sudden I was getting Incorrect sudo password when provisioning when I had no problems before with admin_user (admin). Using --ask-become-pass worked, but it was the same password in my vault file. I tried decrypting/re-encrypting the vault file, but that didn’t work.
So, just documenting what worked, per above:
set sshd_permit_root_login: true , then:
ansible-playbook server.yml -e env=production --tags sshd --ask-become-pass
ansible-playbook server.yml -e env=production --tags users
set sshd_permit_root_login: false , then:
ansible-playbook server.yml -e env=production --tags sshd