Giving sudoers access to any user or group via ansible

For one of my learning projects I needed have passwordless sudo access for a user and group (my sys-admin brain goes "urg urg!").

  • sudo access to a group which does not have sudo power
  • sudo access to a user who does not have a sudo power, not a part of any of the sudoers group (ex: wheel)

Here is an example of the ansible-playbook which gives password less sudo access to a group.

- name: Using the copy module
  hosts: all
  become: yes
    - name: Create devops group
        name: devops
        state: present
    - name: Create devops user
        name: devops
        group: devops
    - name: Give sudo access to devops user
        path: /etc/sudoers
        insertafter: 'root    ALL=(ALL)       ALL'
        block: |
          # Gives sudo access to the devops group
          %devops        ALL=(ALL)       NOPASSWD: ALL

Created the devops user, a member of devops group. With the following task gave the sudo access to the devops group. Added devops group in the `/etc/sudoers’ file.

This passwordless sudo access might be good and necessary for labs to practice & learn. But is not advicable at any point of time to perform the same for any network connected system.

Show Comments