Sudo file using Ansible

Manual sudo configuration is risky and hard to maintain at scale.

With Ansible, sudo rules can be managed safely and consistently, reducing the chance of lockouts and privilege misconfigurations.

---
- name: Manage sudo configuration using Ansible
hosts: all
become: yes
tasks:
- name: Configure sudo access for devops group
copy:
dest: /etc/sudoers.d/devops
content: "%devops ALL=(ALL) NOPASSWD: ALL"
owner: root
group: root
mode: '0440'
validate: '/usr/sbin/visudo -cf %s'