Investigate 1password secrets automation
1password now has a supported route for automating access to 1password: https://support.1password.com/secrets-automation/
This includes a terraform provider: https://github.com/1Password/terraform-provider-onepassword and an ansible collection: https://github.com/1Password/ansible-onepasswordconnect-collection
Have a dive through the docs and see a) if it meets our needs and b) how much work it would be to port this module over to using it.