Here “sudohosts” is a subdirectory of group_vars/ and any .yml in that “sudohosts” sub dir should get picked up by any hosts you’ve listed in the “sudohosts” group in the inventory.
Yes, I am aware of all that. I left all of that out for the sake of brevity.
However, as far as I can tell, my problem is not with variables, it is with configuration settings. If there is a variable to accomplish my task, I cannot find it.
For settings that are 'host specific' you'll find there are existing
variables that can be used, as for 'ask password' those are 'global'
so they cannot be host specific. Passwords are prompted for BEFORE any
host data is looked at and only once per run, not per host contacted.