Hello!
I was so enticed by the iam modules slated for Ansible 2.0 that I decided to download the current devel them into a 1.9.4 project and see if they would work… and they do! At least, for what I’m trying to do which is to create an iam role and then attach a policy to it. What I noticed in experimenting with iam_policy was that it wouldn’t register a change if I kept the iam_name the same, but updated the policy_json. Since I have the module code, I looked into it and the only way to register a change for this scenario is to set skip_duplicates flag to False. Doing so will always result in an attempted boto update and results in Ansible marking the module as changed regardless of whether the policy document/json itself has changed. I’d like an option for the module to only call iam.put_role_policy if the policy document has changed or if the policy doesn’t exist at all. I’m happy to submit a PR but I wanted to get a sense of what the present state for this module should be? If the policy exists, but the contents change then should I add an updated state, or is it reasonable for this be part of the existing present state?
Thanks!
Jaime