Updated with updates to sudoers for the indicated user which should be apigee.

tasks/main.yml

diff --git a/tasks/main.yml b/tasks/main.yml
index 9ed4de4..6c13382 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,6 +1,11 @@
 ---
 # tasks file for /usr/local/google/home/friasc/apigee-workspace/apigee-opdk-role-workspace/apigee-opdk-admin-user
+- name: User must be set or default will be used
+  set_fact:
+    user: "{{ user | default('apigee') }}"
+
 - name: Copy local public keys to server for user {{ user }}
+  become: yes
   authorized_key:
     user: '{{ user }}'
     state: present
@@ -8,13 +13,16 @@
   when: pubkey_path is defined | default(False)
 
 - name: Update user with NOPASSWD
+  become: yes
   lineinfile:
     state: present
-    line: "{{ user | default('apigee') }} ALL = NOPASSWD : ALL"
-    path: /etc/sudoers
+    create: yes
+    line: "{{ user }} ALL = NOPASSWD : ALL"
+    path: "/etc/sudoers.d/{{ user }}-user"
     validate: '/usr/sbin/visudo -cf %s'
 
 - name: Permit root login over SSH
+  become: yes
   lineinfile:
     state: present
     dest: /etc/ssh/sshd_config