First: you need to indent password:
in your playbook, because you want it to be a variable:
vars:
password: hashed_password
If it's not indented then Ansible considers it a play parameter and throws an error because password
is not.
Second: unless you are setting the password for a user on OSX, you need to provide a hashed value of a password. Follow the detailed instructions, but basically you need to provide the output of:
mkpasswd --method=SHA-512
Or install passlib
with:
pip install passlib
and run:
python -c "from passlib.hash import sha512_crypt; import getpass; print sha512_crypt.encrypt(getpass.getpass())"