diff --git a/roles/etcd/tasks/pre_upgrade.yml b/roles/etcd/tasks/pre_upgrade.yml
index 0f171094a..78e893bc7 100644
--- a/roles/etcd/tasks/pre_upgrade.yml
+++ b/roles/etcd/tasks/pre_upgrade.yml
@@ -33,7 +33,7 @@
 
 - name: "Pre-upgrade | remove etcd-proxy if it exists"
   command: "{{ docker_bin_dir }}/docker rm -f {{item}}"
-  with_items: "{{etcd_proxy_container.stdout_lines}}"
+  with_items: "{{etcd_proxy_container.stdout_lines | default([]) }}"
 
 - name: "Pre-upgrade | see if etcdctl is installed"
   stat:
diff --git a/roles/vault/tasks/bootstrap/sync_secrets.yml b/roles/vault/tasks/bootstrap/sync_secrets.yml
index 3b5af775a..288a2c099 100644
--- a/roles/vault/tasks/bootstrap/sync_secrets.yml
+++ b/roles/vault/tasks/bootstrap/sync_secrets.yml
@@ -4,7 +4,7 @@
   vars:
     sync_file: "{{ item }}"
     sync_file_dir: "{{ vault_secrets_dir }}"
-    sync_file_hosts: "{{ groups.vault }}"
+    sync_file_hosts: "{{ groups.vault | default([]) }}"
   with_items:
     - root_token
     - unseal_keys
diff --git a/roles/vault/tasks/bootstrap/sync_vault_certs.yml b/roles/vault/tasks/bootstrap/sync_vault_certs.yml
index ab088753f..eac9b5eb1 100644
--- a/roles/vault/tasks/bootstrap/sync_vault_certs.yml
+++ b/roles/vault/tasks/bootstrap/sync_vault_certs.yml
@@ -4,7 +4,7 @@
   vars:
     sync_file: "ca.pem"
     sync_file_dir: "{{ vault_cert_dir }}"
-    sync_file_hosts: "{{ groups.vault }}"
+    sync_file_hosts: "{{ groups.vault | default([]) }}"
     sync_file_is_cert: true
 
 - name: bootstrap/sync_vault_certs | Set facts for vault sync_file results
@@ -19,7 +19,7 @@
   vars:
     sync_file: "api.pem"
     sync_file_dir: "{{ vault_cert_dir }}"
-    sync_file_hosts: "{{ groups.vault }}"
+    sync_file_hosts: "{{ groups.vault | default([]) }}"
     sync_file_is_cert: true
 
 - name: bootstrap/sync_vault_certs | Set fact if Vault's API cert is needed
@@ -29,4 +29,3 @@
 - name: bootstrap/sync_vault_certs | Unset sync_file_results after api.pem sync
   set_fact:
     sync_file_results: []
-
diff --git a/roles/vault/tasks/shared/check_vault.yml b/roles/vault/tasks/shared/check_vault.yml
index 8a81ae5f2..75f26602b 100644
--- a/roles/vault/tasks/shared/check_vault.yml
+++ b/roles/vault/tasks/shared/check_vault.yml
@@ -28,4 +28,4 @@
 - name: check_vault | Set fact about the Vault cluster's initialization state
   set_fact:
     vault_cluster_is_initialized: "{{ vault_is_initialized or hostvars[item]['vault_is_initialized'] }}"
-  with_items: "{{ groups.vault }}"
+  with_items: "{{ groups.vault | default([])  }}"
diff --git a/roles/vault/tasks/shared/find_leader.yml b/roles/vault/tasks/shared/find_leader.yml
index 0c1a697d3..49f172303 100644
--- a/roles/vault/tasks/shared/find_leader.yml
+++ b/roles/vault/tasks/shared/find_leader.yml
@@ -13,5 +13,5 @@
 - name: find_leader | Set fact for current http leader
   set_fact:
     vault_leader_url: "{{ vault_config.listener.tcp.tls_disable|d()|ternary('http', 'https') }}://{{ item }}:{{ vault_port }}"
-  with_items: "{{ groups.vault }}"
+  with_items: "{{ groups.vault | default([])  }}"
   when: "hostvars[item]['vault_leader_check'].get('status') == 200"
diff --git a/roles/vault/tasks/shared/sync_auth_certs.yml b/roles/vault/tasks/shared/sync_auth_certs.yml
index 7bd9c4b49..78e427c69 100644
--- a/roles/vault/tasks/shared/sync_auth_certs.yml
+++ b/roles/vault/tasks/shared/sync_auth_certs.yml
@@ -4,7 +4,7 @@
   vars:
     sync_file: "auth-ca.pem"
     sync_file_dir: "{{ vault_cert_dir }}"
-    sync_file_hosts: "{{ groups.vault }}"
+    sync_file_hosts: "{{ groups.vault | default([]) }}"
     sync_file_is_cert: true
 
 - name: shared/sync_auth_certs | Set facts for vault sync_file results