Add SQS queue policy attachment functionality (#1716)

* Add SQS queue policy attachment functionality SQS queue has no attribute 'Policy' until one is attached, so this special case must be handled uniquely SQS queue Policy can now be passed in as json
9 years ago · 94c5e16fe3
parent ad54180d17
commit 94c5e16fe3
1 changed files with 28 additions and 8 deletions
--- a/lib/ansible/modules/extras/cloud/amazon/sqs_queue.py
+++ b/lib/ansible/modules/extras/cloud/amazon/sqs_queue.py
@ -22,7 +22,9 @@ description:
  - Create or delete AWS SQS queues.
  - Update attributes on existing queues.
 version_added: "2.0"
-author: Alan Loi (@loia)
+author:
+  - Alan Loi (@loia)
+  - Fernando Jose Pando (@nand0p)
 requirements:
  - "boto >= 2.33.0"
 options:
@ -61,13 +63,15 @@ options:
      - The receive message wait time in seconds.
    required: false
    default: null
-  region:
+  policy:
    description:
-      - The AWS region to use. If not specified then the value of the EC2_REGION environment variable, if any, is used.
+      - The json dict policy to attach to queue
    required: false
-    aliases: ['aws_region', 'ec2_region']
-
-extends_documentation_fragment: aws
+    default: null
+    version_added: "2.1"
+extends_documentation_fragment:
+    - aws
+    - ec2
 """

 EXAMPLES = '''
@ -80,6 +84,7 @@ EXAMPLES = '''
    maximum_message_size: 1024
    delivery_delay: 30
    receive_message_wait_time: 20
+    policy: "{{ json_dict }}"

 # Delete SQS queue
 - sqs_queue:
@ -106,6 +111,7 @@ def create_or_update_sqs_queue(connection, module):
        maximum_message_size=module.params.get('maximum_message_size'),
        delivery_delay=module.params.get('delivery_delay'),
        receive_message_wait_time=module.params.get('receive_message_wait_time'),
+        policy=module.params.get('policy'),
    )

    result = dict(
@ -140,7 +146,8 @@ def update_sqs_queue(queue,
                     message_retention_period=None,
                     maximum_message_size=None,
                     delivery_delay=None,
-                     receive_message_wait_time=None):
+                     receive_message_wait_time=None,
+                     policy=None):
    changed = False

    changed = set_queue_attribute(queue, 'VisibilityTimeout', default_visibility_timeout,
@ -153,6 +160,8 @@ def update_sqs_queue(queue,
                                  check_mode=check_mode) or changed
    changed = set_queue_attribute(queue, 'ReceiveMessageWaitTimeSeconds', receive_message_wait_time,
                                  check_mode=check_mode) or changed
+    changed = set_queue_attribute(queue, 'Policy', policy,
+                                  check_mode=check_mode) or changed
    return changed


@ -160,7 +169,17 @@ def set_queue_attribute(queue, attribute, value, check_mode=False):
    if not value:
        return False

-    existing_value = queue.get_attributes(attributes=attribute)[attribute]
+    try:
+        existing_value = queue.get_attributes(attributes=attribute)[attribute]
+    except:
+        existing_value = ''
+
+    # convert dict attributes to JSON strings (sort keys for comparing)
+    if attribute is 'Policy':
+        value = json.dumps(value, sort_keys=True)
+        if existing_value:
+            existing_value = json.dumps(json.loads(existing_value), sort_keys=True)
+
    if str(value) != existing_value:
        if not check_mode:
            queue.set_attribute(attribute, value)
@ -204,6 +223,7 @@ def main():
        maximum_message_size=dict(type='int'),
        delivery_delay=dict(type='int'),
        receive_message_wait_time=dict(type='int'),
+        policy=dict(type='dict', required=False),
    ))

    module = AnsibleModule(