diff --git a/roles/cron-access/tasks/main.yml b/roles/cron-access/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..09e97aea34682a7e66782f3f2e98389ffa3f892a
--- /dev/null
+++ b/roles/cron-access/tasks/main.yml
@@ -0,0 +1,8 @@
+- name: Adding pamd access for users who can run cron jobs
+  lineinfile:
+    path: /etc/security/access.conf
+    state: present
+    insertbefore: '^-:ALL EXCEPT root systems ec2-user debian ubuntu admin :ALL'
+    line: '+: cron-users : cron crond :0'
+  become: true
+  become_user: root