diff --git a/tasks/keystone_db_setup.yml b/tasks/keystone_db_setup.yml
index 7c887187..d9064222 100644
--- a/tasks/keystone_db_setup.yml
+++ b/tasks/keystone_db_setup.yml
@@ -41,8 +41,8 @@
 
 - name: Perform a Keystone DB sync
   command: "{{ keystone_bin }}/keystone-manage db_sync"
-  sudo: yes
-  sudo_user: "{{ keystone_system_user_name }}"
+  become: yes
+  become_user: "{{ keystone_system_user_name }}"
   tags:
     - keystone-db-setup
     - keystone-db-sync
diff --git a/tasks/keystone_fernet_keys_create.yml b/tasks/keystone_fernet_keys_create.yml
index 15e55457..c4ed0739 100644
--- a/tasks/keystone_fernet_keys_create.yml
+++ b/tasks/keystone_fernet_keys_create.yml
@@ -25,8 +25,8 @@
     {{ keystone_bin }}/keystone-manage fernet_setup
                                        --keystone-user "{{ keystone_system_user_name }}"
                                        --keystone-group "{{ keystone_system_group_name }}"
-  sudo: yes
-  sudo_user: "{{ keystone_system_user_name }}"
+  become: yes
+  become_user: "{{ keystone_system_user_name }}"
   when: not _fernet_keys.stat.exists
   tags:
     - keystone-setup
@@ -38,8 +38,8 @@
     {{ keystone_bin }}/keystone-manage fernet_rotate
                                        --keystone-user "{{ keystone_system_user_name }}"
                                        --keystone-group "{{ keystone_system_group_name }}"
-  sudo: yes
-  sudo_user: "{{ keystone_system_user_name }}"
+  become: yes
+  become_user: "{{ keystone_system_user_name }}"
   when: _fernet_keys.stat.exists
   tags:
     - keystone-fernet
diff --git a/tasks/keystone_fernet_keys_distribute.yml b/tasks/keystone_fernet_keys_distribute.yml
index 59302d93..c9e2f433 100644
--- a/tasks/keystone_fernet_keys_distribute.yml
+++ b/tasks/keystone_fernet_keys_distribute.yml
@@ -20,8 +20,8 @@
           --delete \
           {{ keystone_fernet_tokens_key_repository }}/ \
           {{ keystone_system_user_name }}@{{ hostvars[item]['ansible_ssh_host'] }}:{{ keystone_fernet_tokens_key_repository }}/
-  sudo: yes
-  sudo_user: "{{ keystone_system_user_name }}"
+  become: yes
+  become_user: "{{ keystone_system_user_name }}"
   with_items: groups['keystone_all'][1:]
   tags:
     - keystone-fernet-distribute
diff --git a/tasks/keystone_idp_metadata.yml b/tasks/keystone_idp_metadata.yml
index 70e4e5f9..48eebac4 100644
--- a/tasks/keystone_idp_metadata.yml
+++ b/tasks/keystone_idp_metadata.yml
@@ -16,8 +16,8 @@
 - name: Generate IdP metadata
   shell: |
     {{ keystone_bin }}/keystone-manage saml_idp_metadata > {{ keystone_idp.idp_metadata_path }}
-  sudo: yes
-  sudo_user: "{{ keystone_system_user_name }}"
+  become: yes
+  become_user: "{{ keystone_system_user_name }}"
   when: keystone_idp is defined
   notify:
     - Restart Apache