Ansible is powerful and flexible. People use it in many different ways, and one of the ways we can understand how to use it for security automation is to keep track of and read playbooks created for specific use cases.
Projects such as Algo, DebOps, and OpenStack are large Ansible playbook projects that are well maintained and secure by default.
DebOps (https://debops.org) is a project created by Maciej Delmanowski. It contains a collection of various Ansible playbooks that can be used for Debian and Ubuntu hosts. This project has more than 128 Ansible roles, which are customized for production use cases and work with multiple environments.
We can see a list of available playbook services at https://github.com/debops/debops-playbooks: