diff --git a/lib/ansible/modules/clustering/k8s/k8s_auth.py b/lib/ansible/modules/clustering/k8s/k8s_auth.py
index 8a1b3e4efdd..03690ab34f4 100644
--- a/lib/ansible/modules/clustering/k8s/k8s_auth.py
+++ b/lib/ansible/modules/clustering/k8s/k8s_auth.py
@@ -74,42 +74,37 @@ requirements:
 '''
 
 EXAMPLES = '''
-- block:
-  # It's good practice to store login credentials in a secure vault and not
-  # directly in playbooks.
-  - include_vars: k8s_passwords.yml
-
-  - name: Log in (obtain access token)
-    k8s_auth:
+- hosts: localhost
+  module_defaults:
+    group/k8s:
       host: https://k8s.example.com/
       ssl_ca_cert: ca.pem
-      username: admin
-      password: "{{ k8s_admin_password }}"
-    register: k8s_auth_results
+  tasks:
+  - block:
+    # It's good practice to store login credentials in a secure vault and not
+    # directly in playbooks.
+    - include_vars: k8s_passwords.yml
 
-  - name: Preserve auth info as both a fact and a yaml anchor for easy access later
-    # Both the fact and the anchor are called 'k8s_auth_params'
-    set_fact:
-      k8s_auth_params: &k8s_auth_params
-        host: "{{ k8s_auth_results.k8s_auth.host }}"
-        ssl_ca_cert: "{{ k8s_auth_results.k8s_auth.ssl_ca_cert }}"
-        verify_ssl: "{{ k8s_auth_results.k8s_auth.verify_ssl }}"
+    - name: Log in (obtain access token)
+      k8s_auth:
+        username: admin
+        password: "{{ k8s_admin_password }}"
+      register: k8s_auth_results
+
+    # Previous task provides the token/api_key, while all other parameters
+    # are taken from module_defaults
+    - name: Get a list of all pods from any namespace
+      k8s_facts:
         api_key: "{{ k8s_auth_results.k8s_auth.api_key }}"
+        kind: Pod
+      register: pod_list
 
-  # Previous task generated I(k8s_auth) fact, which you can then use
-  # in k8s modules like this:
-  - name: Get a list of all pods from any namespace
-    k8s_facts:
-      <<: *k8s_auth_params
-      kind: Pod
-    register: pod_list
-
-  always:
-  - name: If login succeeded, try to log out (revoke access token)
-    when: k8s_auth_params is defined
-    k8s_auth:
-      state: absent
-      <<: *k8s_auth_params
+    always:
+    - name: If login succeeded, try to log out (revoke access token)
+      when: k8s_auth_results.k8s_auth.api_key is defined
+      k8s_auth:
+        state: absent
+        api_key: "{{ k8s_auth_results.k8s_auth.api_key }}"
 '''
 
 # Returned value names need to match k8s modules parameter names, to make it