From 537cd1dfb8f63df7f457e686024433fec83ba568 Mon Sep 17 00:00:00 2001
From: Matej Stajduhar <matej.stajduhar@codeenigma.com>
Date: Tue, 15 Apr 2025 16:01:25 +0200
Subject: [PATCH 1/2] Fixing-inline-policy-tasks

---
 roles/aws/aws_iam_role/tasks/main.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/aws/aws_iam_role/tasks/main.yml b/roles/aws/aws_iam_role/tasks/main.yml
index 3fd911087..8f67e33c8 100644
--- a/roles/aws/aws_iam_role/tasks/main.yml
+++ b/roles/aws/aws_iam_role/tasks/main.yml
@@ -9,17 +9,17 @@
           Resource: "{{ aws_iam_role.inline_policies.resource }}"
     state: present
   register: _inline_iam_policy
-  when: aws_iam_role.inline_policies.action is defined and aws_iam_role.inline_policies.action > 0
+  when: aws_iam_role.inline_policies.action is defined and aws_iam_role.inline_policies.action | length > 0
 
 - name: Join managed and inline policy.
   ansible.builtin.set_fact:
     _combined_policies: "{{ aws_iam_role.managed_policies + [_inline_iam_policy.arn] }}"
-  when: aws_iam_role.inline_policies.action is defined and aws_iam_role.inline_policies.action > 0
+  when: aws_iam_role.inline_policies.action is defined and aws_iam_role.inline_policies.action | length > 0
 
 - name: Create combined var if inline policy is not defined or empty.
   ansible.builtin.set_fact:
     _combined_policies: "{{ aws_iam_role.managed_policies }}"
-  when: aws_iam_role.inline_policies.action is not defined or aws_iam_role.inline_policies.action == 0
+  when: aws_iam_role.inline_policies.action is not defined or aws_iam_role.inline_policies.action | length == 0
 
 - name: Create assume role policy document if predefined string is passed.
   ansible.builtin.set_fact:

From 64278892acfcd19ec57f1905294aa909b103ebf2 Mon Sep 17 00:00:00 2001
From: Matej Stajduhar <matej.stajduhar@codeenigma.com>
Date: Tue, 15 Apr 2025 16:06:32 +0200
Subject: [PATCH 2/2] Changing-action-for-inline-policies

---
 roles/aws/aws_backup_validation/tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/aws/aws_backup_validation/tasks/main.yml b/roles/aws/aws_backup_validation/tasks/main.yml
index 2424b7cff..d8e7b1ef4 100644
--- a/roles/aws/aws_backup_validation/tasks/main.yml
+++ b/roles/aws/aws_backup_validation/tasks/main.yml
@@ -45,7 +45,8 @@
       inline_policies:
         name: "PassRole"
         resource: "*"
-        action: "iam:PassRole"
+        action:
+          - "iam:PassRole"
       policy_document: "{{ lookup('file', 'pass_role_backup.j2') }}"
       managed_policies:
         - arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup