Add SQS queue policy attachment functionality (#1716)

* Add SQS queue policy attachment functionality

SQS queue has no attribute 'Policy' until one is attached, so this special
case must be handled uniquely

SQS queue Policy can now be passed in as json

cloud/amazon/sqs_queue.py

@@ -22,7 +22,9 @@ description:
   - Create or delete AWS SQS queues.
   - Update attributes on existing queues.
 version_added: "2.0"
-author: Alan Loi (@loia)
+author:
+  - Alan Loi (@loia)
+  - Fernando Jose Pando (@nand0p)
 requirements:
   - "boto >= 2.33.0"
 options:
@@ -61,6 +63,12 @@ options:
       - The receive message wait time in seconds.
     required: false
     default: null
+  policy:
+    description:
+      - The json dict policy to attach to queue
+    required: false
+    default: null
+    version_added: "2.1"
 extends_documentation_fragment:
     - aws
     - ec2
@@ -76,6 +84,7 @@ EXAMPLES = '''
     maximum_message_size: 1024
     delivery_delay: 30
     receive_message_wait_time: 20
+    policy: "{{ json_dict }}"
 
 # Delete SQS queue
 - sqs_queue:
@@ -102,6 +111,7 @@ def create_or_update_sqs_queue(connection, module):
         maximum_message_size=module.params.get('maximum_message_size'),
         delivery_delay=module.params.get('delivery_delay'),
         receive_message_wait_time=module.params.get('receive_message_wait_time'),
+        policy=module.params.get('policy'),
     )
 
     result = dict(
@@ -136,7 +146,8 @@ def update_sqs_queue(queue,
                      message_retention_period=None,
                      maximum_message_size=None,
                      delivery_delay=None,
-                     receive_message_wait_time=None):
+                     receive_message_wait_time=None,
+                     policy=None):
     changed = False
 
     changed = set_queue_attribute(queue, 'VisibilityTimeout', default_visibility_timeout,
@@ -149,6 +160,8 @@ def update_sqs_queue(queue,
                                   check_mode=check_mode) or changed
     changed = set_queue_attribute(queue, 'ReceiveMessageWaitTimeSeconds', receive_message_wait_time,
                                   check_mode=check_mode) or changed
+    changed = set_queue_attribute(queue, 'Policy', policy,
+                                  check_mode=check_mode) or changed
     return changed
 
 
@@ -156,7 +169,17 @@ def set_queue_attribute(queue, attribute, value, check_mode=False):
     if not value:
         return False
 
-    existing_value = queue.get_attributes(attributes=attribute)[attribute]
+    try:
+        existing_value = queue.get_attributes(attributes=attribute)[attribute]
+    except:
+        existing_value = ''
+
+    # convert dict attributes to JSON strings (sort keys for comparing)
+    if attribute is 'Policy':
+        value = json.dumps(value, sort_keys=True)
+        if existing_value:
+            existing_value = json.dumps(json.loads(existing_value), sort_keys=True)
+
     if str(value) != existing_value:
         if not check_mode:
             queue.set_attribute(attribute, value)
@@ -200,6 +223,7 @@ def main():
         maximum_message_size=dict(type='int'),
         delivery_delay=dict(type='int'),
         receive_message_wait_time=dict(type='int'),
+        policy=dict(type='dict', required=False),
     ))
 
     module = AnsibleModule(