diff --git a/initial_install/roles/baseline_sudo/tasks/main.yml b/initial_install/roles/baseline_sudo/tasks/main.yml
index 9ba6a53..a8e5c4d 100644
--- a/initial_install/roles/baseline_sudo/tasks/main.yml
+++ b/initial_install/roles/baseline_sudo/tasks/main.yml
@@ -7,10 +7,11 @@
 - name: Ensure automation user has passwordless sudo
   ansible.builtin.copy:
     dest: /etc/sudoers.d/automation
-    content: "automation ALL=(ALL) NOPASSWD:ALL"
     owner: root
     group: root
     mode: '0440'
+    content: |
+      automation ALL=(ALL:ALL) NOPASSWD: ALL
     validate: 'visudo -cf %s'
 
 - name: Ensure sudo binary has correct permissions