########################

# code that creates users.    #

########################

{%- for user in salt['pillar.get']('set_users') %}

{{user}}:
  group:
    - present
  user.present:
    - fullname: {{ salt['pillar.get']('set_users:set_fullname') }}
    - shell: /bin/bash
    - home: /home/{{user}}
    - password: # Removed :)
    - enforce_password: True
    - groups:
      - {{user}}

  ssh_auth.present:
    - user: {{user}}
    - source: salt://.ssh_keys/{{user}}.authkey
    - config: '%h/.ssh/authorized_keys'
{% endfor %}

########################

# Pillar file                             #

########################

set_users:
  user1:
    - set_fullname: I am user1
    - set_admin: True

  user2:
    - set_fullname: I am user2
    - set_admin: False

set_role:
  - admin-only

# What I need now is someway to tell the user code that:

# if set_role is admin-only then it should only continue if set_admin is True.