cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #2352 from bermudezjd/feature/iam_policy_present_state_includes_policy_changes

Browse source 
Feature/iam policy present state includes policy changes
This commit is contained in:
Toshio Kuratomi 2016-02-24 08:50:50 -08:00
commit e9454fa44f
1 changed files with 16 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
cloud/amazon/iam_policy.py
View file

@ -147,11 +147,11 @@ def user_action(module, iam, name, policy_name, skip, pdoc, state):
get_user_policy_result.policy_document) == pdoc:
policy_match = True
if state == 'present' and skip:
if policy_name not in current_policies and not policy_match:
changed = True
iam.put_user_policy(name, policy_name, pdoc)
elif state == 'present' and not skip:
if state == 'present':
# If policy document does not already exist (either it's changed
# or the policy is not present) or if we're not skipping dupes then
# make the put call. Note that the put call does a create or update.
if not policy_match or not skip:
changed = True
iam.put_user_policy(name, policy_name, pdoc)
elif state == 'absent':
@ -193,11 +193,12 @@ def role_action(module, iam, name, policy_name, skip, pdoc, state):
if urllib.unquote(iam.get_role_policy(name, pol).
get_role_policy_result.policy_document) == pdoc:
policy_match = True
if state == 'present' and skip:
if policy_name not in current_policies and not policy_match:
changed = True
iam.put_role_policy(name, policy_name, pdoc)
elif state == 'present' and not skip:
if state == 'present':
# If policy document does not already exist (either it's changed
# or the policy is not present) or if we're not skipping dupes then
# make the put call. Note that the put call does a create or update.
if not policy_match or not skip:
changed = True
iam.put_role_policy(name, policy_name, pdoc)
elif state == 'absent':
@ -236,11 +237,11 @@ def group_action(module, iam, name, policy_name, skip, pdoc, state):
if policy_match:
msg=("The policy document you specified already exists "
"under the name %s." % pol)
if state == 'present' and skip:
if policy_name not in current_policies and not policy_match:
changed = True
iam.put_group_policy(name, policy_name, pdoc)
elif state == 'present' and not skip:
if state == 'present':
# If policy document does not already exist (either it's changed
# or the policy is not present) or if we're not skipping dupes then
# make the put call. Note that the put call does a create or update.
if not policy_match or not skip:
changed = True
iam.put_group_policy(name, policy_name, pdoc)
elif state == 'absent':