Rewrite iam_policy using boto3 (ansible#63924)

* reworked iam_policy * Deprecate policy_document option * deprecate defaulting skip_duplicates to true * No longer explicitly catch ParamValidationError. ParamValidationErrror is already caught by ClientError * Work with complex policy objects rather than json documents comparisons can better cope with the special cases (eg True vs "True" ) * Enable check_mode tests and fix related 'changed' bug * changelog * doc cleanup based on review
Akasurde · Nov 20, 2019 · f1311d3 · f1311d3
1 parent 426e37e
commit f1311d3
Show file tree

Hide file tree

Showing 4 changed files with 522 additions and 498 deletions.
diff --git a/changelogs/fragments/63924-boto3.yml b/changelogs/fragments/63924-boto3.yml
@@ -0,0 +1,5 @@
+minor_changes:
+- "iam_policy - The iam_policy module has been migrated from boto to boto3."
+deprecated_features:
+- "iam_policy - The ``policy_document`` will be removed in Ansible 2.14.  To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin."
+- "iam_policy - The default value of ``skip_duplicates`` will change in Ansible 2.14 from ``true`` to ``false``."
diff --git a/docs/docsite/rst/porting_guides/porting_guide_2.10.rst b/docs/docsite/rst/porting_guides/porting_guide_2.10.rst
@@ -68,11 +68,15 @@ The following functionality will be removed in Ansible 2.14. Please update updat
 * :ref:`ec2_key <ec2_key_module>`: the ``wait`` option will be removed. It has had no effect since Ansible 2.5.
 * :ref:`ec2_key <ec2_key_module>`: the ``wait_timeout`` option will be removed. It has had no effect since Ansible 2.5.
 * :ref:`ec2_lc <ec2_lc_module>`: the ``associate_public_ip_address`` option will be removed. It has always been ignored by the module.
+* :ref:`iam_policy <iam_policy_module>`: the ``policy_document`` option will be removed. To maintain the existing behavior use the ``policy_json`` option and read the file with the ``lookup`` plugin.
+
 
 
 The following functionality will change in Ansible 2.14. Please update update your playbooks accordingly.
 
 * The :ref:`docker_container <docker_container_module>` module has a new option, ``container_default_behavior``, whose default value will change from ``compatibility`` to ``no_defaults``. Set to an explicit value to avoid deprecation warnings.
+* :ref:`iam_policy <iam_policy_module>`: the default value for the ``skip_duplicates`` option will change from ``true`` to ``false``.  To maintain the existing behavior explicitly set it to ``true``.
+
 
 The following modules will be removed in Ansible 2.14. Please update your playbooks accordingly.