diff --git a/ansible/roles/baremetal/defaults/main.yml b/ansible/roles/baremetal/defaults/main.yml
index 36ff1f2241..64d32a9bad 100644
--- a/ansible/roles/baremetal/defaults/main.yml
+++ b/ansible/roles/baremetal/defaults/main.yml
@@ -9,6 +9,7 @@ docker_gpg_fingerprint: "58118E89F3A912897C070ADBF76221572C52609D"
 customize_etc_hosts: True
 
 create_kolla_user: True
+create_kolla_user_sudoers: "{{ create_kolla_user }}"
 
 kolla_user: "kolla"
 kolla_group: "kolla"
diff --git a/ansible/roles/baremetal/tasks/post-install.yml b/ansible/roles/baremetal/tasks/post-install.yml
index ef29cfcd9d..498453a368 100644
--- a/ansible/roles/baremetal/tasks/post-install.yml
+++ b/ansible/roles/baremetal/tasks/post-install.yml
@@ -21,7 +21,7 @@
     path: /etc/sudoers.d/kolla-ansible-users
     state: touch
   become: True
-  when: create_kolla_user | bool
+  when: create_kolla_user_sudoers | bool
 
 - name: Grant kolla user passwordless sudo
   lineinfile:
@@ -30,7 +30,7 @@
     regexp: '^{{ kolla_group }}'
     line: '{{ kolla_group }} ALL=(ALL) NOPASSWD: ALL'
   become: True
-  when: create_kolla_user | bool
+  when: create_kolla_user_sudoers | bool
 
 - name: Ensure virtualenv has correct ownership
   file:
diff --git a/releasenotes/notes/optional-sudoers-f5ea08d6f7cbed2b.yaml b/releasenotes/notes/optional-sudoers-f5ea08d6f7cbed2b.yaml
new file mode 100644
index 0000000000..7455d426df
--- /dev/null
+++ b/releasenotes/notes/optional-sudoers-f5ea08d6f7cbed2b.yaml
@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    Adds support for skipping the configuration of sudoers files in the
+    ``kolla-ansible bootstrap-servers`` command. This depends on the
+    ``create_kolla_user_sudoers`` variable, which defaults to the same value as
+    ``create_kolla_user``.