diff --git a/common/deploy-steps.j2 b/common/deploy-steps.j2
index e94b3dcafb..8ae8b67090 100644
--- a/common/deploy-steps.j2
+++ b/common/deploy-steps.j2
@@ -60,6 +60,12 @@ parameters:
     default: false
     description: Whether to run config management (e.g. Puppet) in debug mode.
     type: boolean
+  HideSensitiveLogs:
+    default: true
+    type: boolean
+    description: >
+      Set it to false if you don't want to activate the no_log feature within
+      ansible modules.
   EnablePuppet:
     default: true
     description: Whether to run the puppet (baremetal) deployment tasks.
@@ -357,6 +363,7 @@ outputs:
         enabled_networks: {get_param: EnabledNetworks}
         net_vip_map: {get_param: NetVipMap}
         nova_additional_cell: {get_param: NovaAdditionalCell}
+        hide_sensitive_logs: {get_param: HideSensitiveLogs}
 {%- for network in networks if network.enabled|default(true) %}
         {{network.name_lower}}_net_name: {get_param: {{network.name}}NetName}
 {%- endfor %}
diff --git a/deployment/haproxy/haproxy-public-tls-inject.yaml b/deployment/haproxy/haproxy-public-tls-inject.yaml
index 3b06af25e2..e741f974f8 100644
--- a/deployment/haproxy/haproxy-public-tls-inject.yaml
+++ b/deployment/haproxy/haproxy-public-tls-inject.yaml
@@ -70,7 +70,7 @@ outputs:
             cert_content: {get_param: SSLCertificate}
             chain_content: {get_param: SSLIntermediateCertificate}
             key_content: {get_param: SSLKey}
-          no_log: true
+          no_log: "{{ hide_sensitive_logs | bool }}"
 
         # We want to ensure we run all this block IFF we have
         # a certificate content.
@@ -135,7 +135,7 @@ outputs:
             # We hence need to do this file creation in two distinct steps
             # and ignore failure on the ownership change.
             - name: push certificate content
-              no_log: true
+              no_log: "{{ hide_sensitive_logs | bool }}"
               copy:
                 dest: "{{cert_path}}"
                 mode: 0440
diff --git a/deployment/ipsec/ipsec-baremetal-ansible.yaml b/deployment/ipsec/ipsec-baremetal-ansible.yaml
index ed8ad1cce7..8b1d42a2d6 100644
--- a/deployment/ipsec/ipsec-baremetal-ansible.yaml
+++ b/deployment/ipsec/ipsec-baremetal-ansible.yaml
@@ -87,13 +87,13 @@ outputs:
           - name: Generate PSK
             command: openssl rand -base64 48
             register: generated_psk
-            no_log: true
+            no_log: "{{ hide_sensitive_logs | bool }}"
           - name: generate ipsec global vars
             set_fact:
               ipsec_psk: "{{ generated_psk.stdout }}"
             delegate_to: "{{item}}"
             delegate_facts: true
-            no_log: true
+            no_log: "{{ hide_sensitive_logs | bool }}"
             with_items:
             - "{{ groups.ipsec }}"
       deploy_steps_tasks:
diff --git a/deployment/nova/novajoin-container-puppet.yaml b/deployment/nova/novajoin-container-puppet.yaml
index 7434c4a485..64b48c15cf 100644
--- a/deployment/nova/novajoin-container-puppet.yaml
+++ b/deployment/nova/novajoin-container-puppet.yaml
@@ -250,7 +250,7 @@ outputs:
         - name: Set FreeIPA OTP fact
           set_fact:
             ipa_otp: {get_param: NovajoinIpaOtp}
-          no_log: true
+          no_log: "{{ hide_sensitive_logs | bool }}"
         - name: create persistent directories
           file:
             path: "{{ item.path }}"