From c0d135e44c19e5b51aa3276d64a3abcfe2ccdb19 Mon Sep 17 00:00:00 2001
From: whiter <rob.white@truelocal.com.au>
Date: Thu, 15 Oct 2015 13:21:05 +1100
Subject: [PATCH] Allow iam_policy to maintain idempotentce if the role
 referenced has been removed

---
 lib/ansible/modules/cloud/amazon/iam_policy.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/ansible/modules/cloud/amazon/iam_policy.py b/lib/ansible/modules/cloud/amazon/iam_policy.py
index 07a3ff6de08..74fd4050495 100644
--- a/lib/ansible/modules/cloud/amazon/iam_policy.py
+++ b/lib/ansible/modules/cloud/amazon/iam_policy.py
@@ -181,6 +181,14 @@ def role_action(module, iam, name, policy_name, skip, pdoc, state):
     current_policies = [cp for cp in iam.list_role_policies(name).
                                         list_role_policies_result.
                                         policy_names]
+  except boto.exception.BotoServerError as e:
+    if e.error_code == "NoSuchEntity":
+      # Role doesn't exist so it's safe to assume the policy doesn't either
+      module.exit_json(changed=False)
+    else:
+      module.fail_json(e.message)
+      
+  try:    
     for pol in current_policies:
       if urllib.unquote(iam.get_role_policy(name, pol).
                         get_role_policy_result.policy_document) == pdoc: