How to use policy_document in iam_policy module?

user90 · August 20, 2015, 5:49pm

Hello, can you provide me example how to use policy_document from iam_policy module?
policy_document: “policy.json.j2” (In policy.json.j2 I store json, copied from AWS policy generator and want to save formatting for readability, policy.json.j2 stored in templates/ folder)

I’v got an exception:
No such file or directory: ‘policy.json.j2’

kevin_wessel · August 20, 2015, 10:32pm

Hi Сергей Жеревчук,

I usually pass my policy as a json file which I store under the files directory, please see my directory structure below:

files/
policies/
policy.json

main.yml

In my playbook I reference the file like so:

name: Create and attach IAM policy to IAM role
iam_policy:
iam_type: role
aws_access_key: “{{ aws_access_key_id }}”
aws_secret_key: “{{ aws_secret_access_key }}”
iam_name: iam-role
policy_name: new-policy-name
state: present
policy_document: “files/policies/linux-standard.json”

This works for me

I hope that helps.

user90 · August 21, 2015, 9:07am

Hi, kevin. It’s work for me too. Also I realized, that I can save rendered template in tmp directory and then use policy_document. Thanks.

Michael_Weinrich · August 21, 2015, 9:53pm

You can also use policy_json to pass the policy directly as string. I added this a while ago because I had the need to use a real template as policy, not a static file.

Topic		Views
AWS IAM role and policy assume_role_policy_document not parsing json Ansible Project aws	0	June 28, 2017
Whether and how to propose a change to the iam_policy module Ansible Project	0	October 20, 2015
iam_policy update state? Ansible Developer	1	October 25, 2015
module params doing JSON conversion? Ansible Developer aws	8	April 7, 2015
Issue with yaml in jinja2 Ansible Project aws	2	March 6, 2023

How to use policy_document in iam_policy module?

Related topics