Fix and add more error handling for role policies

In case role policy was deleted, we did not handle at all if there was authorization issue to do the deletion. Also add message when role is not found and the policy is skipped.
2016-04-05 16:55:49 +03:00 · 2016-04-05 16:55:49 +03:00 · 02f737cdee
commit 02f737cdee
parent 8210ede9b4
1 changed files with 3 additions and 1 deletions
--- a/lib/ansible/modules/cloud/amazon/iam_policy.py
+++ b/lib/ansible/modules/cloud/amazon/iam_policy.py
@ -184,7 +184,7 @@ def role_action(module, iam, name, policy_name, skip, pdoc, state):
  except boto.exception.BotoServerError as e:
    if e.error_code == "NoSuchEntity":
      # Role doesn't exist so it's safe to assume the policy doesn't either
-      module.exit_json(changed=False)
+      module.exit_json(changed=False, msg="No such role, policy will be skipped.")
    else:
      module.fail_json(msg=e.message)

@ -213,6 +213,8 @@ def role_action(module, iam, name, policy_name, skip, pdoc, state):
          changed = False
          module.exit_json(changed=changed,
                           msg="%s policy is already absent" % policy_name)
+        else:
+          module.fail_json(msg=err.message)

    updated_policies = [cp for cp in iam.list_role_policies(name).
                                        list_role_policies_result.