From 02f737cdee10eb19d1ef832291a4aa8d55a170b6 Mon Sep 17 00:00:00 2001
From: Kalle Lehtonen <kjl@iki.fi>
Date: Tue, 5 Apr 2016 16:55:49 +0300
Subject: [PATCH] Fix and add more error handling for role policies

In case role policy was deleted, we did not handle at all if there

was authorization issue to do the deletion. Also add message when

role is not found and the policy is skipped.
---
 lib/ansible/modules/cloud/amazon/iam_policy.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/ansible/modules/cloud/amazon/iam_policy.py b/lib/ansible/modules/cloud/amazon/iam_policy.py
index 3522eb7ff8e..df18c7ca368 100644
--- a/lib/ansible/modules/cloud/amazon/iam_policy.py
+++ b/lib/ansible/modules/cloud/amazon/iam_policy.py
@@ -184,7 +184,7 @@ def role_action(module, iam, name, policy_name, skip, pdoc, state):
   except boto.exception.BotoServerError as e:
     if e.error_code == "NoSuchEntity":
       # Role doesn't exist so it's safe to assume the policy doesn't either
-      module.exit_json(changed=False)
+      module.exit_json(changed=False, msg="No such role, policy will be skipped.")
     else:
       module.fail_json(msg=e.message)
 
@@ -213,6 +213,8 @@ def role_action(module, iam, name, policy_name, skip, pdoc, state):
           changed = False
           module.exit_json(changed=changed,
                            msg="%s policy is already absent" % policy_name)
+        else:
+          module.fail_json(msg=err.message)
 
     updated_policies = [cp for cp in iam.list_role_policies(name).
                                         list_role_policies_result.