iam_role.py remove_policies should remove all of the requested policies (not just the first) (#56331)

The remove_policies function in iam_role.py enumerates a list of policies to remove. However, due to an indentation issue on the return True line, only the first such policy would be removed. This change outdents the return True so that all of the the requested policies are removed.
2019-05-21 10:09:26 +10:00 · 2019-05-21 10:09:26 +10:00 · d8a5efa00c
commit d8a5efa00c
parent 493cf817a9
1 changed files with 3 additions and 1 deletions
--- a/lib/ansible/modules/cloud/amazon/iam_role.py
+++ b/lib/ansible/modules/cloud/amazon/iam_role.py
@ -210,6 +210,7 @@ def convert_friendly_names_to_arns(connection, module, policy_names):


 def remove_policies(connection, module, policies_to_remove, params):
+    changed = False
    for policy in policies_to_remove:
        try:
            if not module.check_mode:
@ -220,7 +221,8 @@ def remove_policies(connection, module, policies_to_remove, params):
        except BotoCoreError as e:
            module.fail_json(msg="Unable to detach policy {0} from {1}: {2}".format(policy, params['RoleName'], to_native(e)),
                             exception=traceback.format_exc())
-        return True
+        changed = True
+    return changed


 def create_or_update_role(connection, module):