diff --git a/roles/sudo/defaults/main.yml b/roles/sudo/defaults/main.yml
index 763e582..97a74d5 100644
--- a/roles/sudo/defaults/main.yml
+++ b/roles/sudo/defaults/main.yml
@@ -1,3 +1,7 @@
 ---
 
 sudo_admin_groups: "{{ system_admin_groups | default(ad_auth | default(False) | ternary(['Domain\ Admins'],['admins'])) }}"
+
+sudo_defaults: {}
+# sudo_defaults:
+#   timestamp_timeout: 10
diff --git a/roles/sudo/templates/fws.j2 b/roles/sudo/templates/fws.j2
index 295b783..2a6fa6a 100644
--- a/roles/sudo/templates/fws.j2
+++ b/roles/sudo/templates/fws.j2
@@ -1,3 +1,7 @@
+{% for def in sudo_defaults.keys() | list %}
+Defaults {{ def }}={{ sudo_defaults[def] }}
+{% endfor %}
+
 {% for group in sudo_admin_groups %}
 %{{ group }} ALL=(ALL) ALL
 {% endfor %}