From d8a5efa00cb582d43fdd13ef92f4f8b132900a6b Mon Sep 17 00:00:00 2001 From: Matthew Horoschun Date: Tue, 21 May 2019 10:09:26 +1000 Subject: [PATCH] iam_role.py remove_policies should remove all of the requested policies (not just the first) (#56331) The remove_policies function in iam_role.py enumerates a list of policies to remove. However, due to an indentation issue on the return True line, only the first such policy would be removed. This change outdents the return True so that all of the the requested policies are removed. --- lib/ansible/modules/cloud/amazon/iam_role.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/ansible/modules/cloud/amazon/iam_role.py b/lib/ansible/modules/cloud/amazon/iam_role.py index 9f549e1db09..e43d797c8d8 100644 --- a/lib/ansible/modules/cloud/amazon/iam_role.py +++ b/lib/ansible/modules/cloud/amazon/iam_role.py @@ -210,6 +210,7 @@ def convert_friendly_names_to_arns(connection, module, policy_names): def remove_policies(connection, module, policies_to_remove, params): + changed = False for policy in policies_to_remove: try: if not module.check_mode: @@ -220,7 +221,8 @@ def remove_policies(connection, module, policies_to_remove, params): except BotoCoreError as e: module.fail_json(msg="Unable to detach policy {0} from {1}: {2}".format(policy, params['RoleName'], to_native(e)), exception=traceback.format_exc()) - return True + changed = True + return changed def create_or_update_role(connection, module):