If you are not familiar with modules, check out Ansible - Getting Started with Modules.

The openssh_cert module can be used to create a public certificate (such as new_cert.pub) using an existing public key (such as id_rsa.pub) and an existing private key (such as id_rsa). Or, the openssh_keypair module can be used to create a public certificate (such as id_rsa.pub) and private key (such as id_rsa). After generating a new certificate, you may want to use the authorized_key module to append the certificate to authorized_keys files.

- name: Create the new_cert.pub public certificate
  openssh_cert:
    type: user
    signing_key: /home/john.doe/.ssh/id_rsa
    public_key: /home/john.doe/.ssh/id_rsa.pub
    path: /home/john.doe/.ssh/new_cert.pub
    valid_from: always
    valid_to: forever

Optional parameters:

• force - When "no" is used, which is what is used when this parameter is not used, if the certificate already exists, a new certificate will not be generated. When "yes" is used, if the certificate already exists, a new certificate will be created.
• owner (e.g. owner: "john.doe")
• group (e.g. group: "john.doe")
• mode (e.g. mode: "0644")
• regenerate - whether or not to regenerate the private key (see ansible-doc openssh_keypair --snippet)
• seuser - SELinux user (e.g. seuser: "unconfined_u")
• serole - SELinux role (e.g. serole: "object_r")
• setype - SELinux type (e.g. setype: "ssh_t")
• selevel - SELinux level (e.g. selevel: "s0")
• state - present (to create the certificate) or absent (to delete the certifcate)
• type - user, host

Example:

- name: "Create the new_cert.pub public certificate"
  openssh_cert:
    force: "no"
    owner: "john.doe"
    group: "john.doe"
    mode: "0644"
    path: "/home/john.doe/.ssh/new_cert.pub"
    public_key: "/home/john.doe/.ssh/id_rsa.pub"
    seuser: "unconfined_u"
    serole: "object_r"
    setype: "httpd_sys_content_r"
    selevel: "s"
    signing_key: "/home/john.doe/.ssh/id_rsa"
    state: "present"
    type: "user"
    valid_from: always
    valid_to: forever