Merge pull request #2413 from raben2/devel

Absent Function was not working on user with login profile
2015-11-20 17:00:20 -08:00 · 2015-11-20 17:00:20 -08:00 · 6d722608d6
commit 6d722608d6
parent 1ff0704c0c 83170f21e0
1 changed files with 26 additions and 9 deletions
--- a/cloud/amazon/iam.py
+++ b/cloud/amazon/iam.py
@ -192,14 +192,24 @@ def create_user(module, iam, name, pwd, path, key_state, key_count):
 def delete_user(module, iam, name):
    del_meta = ''
    try:
        current_keys = [ck['access_key_id'] for ck in
            iam.get_all_access_keys(name).list_access_keys_result.access_key_metadata]
        for key in current_keys:
            iam.delete_access_key(key, name)
-        del_meta = iam.delete_user(name).delete_user_response
+        try:
-    except boto.exception.BotoServerError, err:
+            login_profile = iam.get_login_profiles(name).get_login_profile_response
-        error_msg = boto_exception(err)
+        except boto.exception.BotoServerError, err:
            error_msg = boto_exception(err)
            if ('Cannot find Login Profile') in error_msg:
               del_meta = iam.delete_user(name).delete_user_response
            else:
              iam.delete_login_profile(name)
              del_meta = iam.delete_user(name).delete_user_response
    except Exception as ex:
        module.fail_json(changed=False, msg="delete failed %s" %ex)
        if ('must detach all policies first') in error_msg:
            for policy in iam.get_all_user_policies(name).list_user_policies_result.policy_names:
                iam.delete_user_policy(name, policy)
@ -213,7 +223,7 @@ def delete_user(module, iam, name):
                                                            "currently supported by boto. Please detach the polices "
                                                            "through the console and try again." % name)
                else:
-                    module.fail_json(changed=changed, msg=str(err))
+                    module.fail_json(changed=changed, msg=str(error_msg))
            else:
                changed = True
                return del_meta, name, changed
@ -650,15 +660,20 @@ def main():
            else:
                module.exit_json(
                    changed=changed, groups=user_groups, user_name=name, keys=key_list)
        elif state == 'update' and not user_exists:
            module.fail_json(
                msg="The user %s does not exit. No update made." % name)
        elif state == 'absent':
-            if name in orig_user_list:
+            if user_exists:
-                set_users_groups(module, iam, name, '')
+                try:
-                del_meta, name, changed = delete_user(module, iam, name)
+                   set_users_groups(module, iam, name, '')
-                module.exit_json(
+                   del_meta, name, changed = delete_user(module, iam, name)
-                    deletion_meta=del_meta, deleted_user=name, changed=changed)
+                   module.exit_json(deleted_user=name, changed=changed)
                except Exception as ex:
                       module.fail_json(changed=changed, msg=str(ex))
            else:
                module.exit_json(
                    changed=False, msg="User %s is already absent from your AWS IAM users" % name)
@ -690,9 +705,11 @@ def main():
            if not new_path and not new_name:
                module.exit_json(
                    changed=changed, group_name=name, group_path=cur_path)
        elif state == 'update' and not group_exists:
            module.fail_json(
                changed=changed, msg="Update Failed. Group %s doesn't seem to exit!" % name)
        elif state == 'absent':
            if name in orig_group_list:
                removed_group, changed = delete_group(iam=iam, name=name)