Thanks, Dan!
I've managed to do what I wanted with you help.
I ended up with:
setting hash_behaviour = merge in ansible.cfg
group_vars/all
users:
user1:
comment: "user1"
state: "present"
groups:
- "wheel"
- "dvp"
authorized:
- "ssh-rsa 111"
- "ssh-rsa 222"
There are various ways you could go about doing this. Here's one of them.
users.yml
---
- hosts: all
sudo: yes
tasks:
- name: add users
user: name="{{ item.key }}" comment="{{ item.value.comment }}"
when: inventory_hostname in groups.{{ item.value.hosts|join(',') }}
with_d