ansible-freeipa/playbooks/sudorule/ensure-sudorule-sudocmd-is-present.yml

---
- name: Tests
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
  - ipasudorule:
      ipaadmin_password: MyPassword123
      name: testrule1
      allow_sudocmd:
      - /sbin/ifconfig
      deny_sudocmd:
      - /usr/bin/vim
      allow_sudocmdgroup:
      - devops
      deny_sudocmdgroup:
      - users
      action: member