def main()

in plugins/modules/ali_ram_policy.py [0:0]


def main():
    argument_spec = ecs_argument_spec()
    argument_spec.update(dict(
        state=dict(default='present', choices=['present', 'absent']),
        policy_document=dict(type='str', aliases=['policy']),
        policy_name=dict(type='str', required=True, aliases=['name']),
        description=dict(type='str'),
        user_name=dict(type='str'),
        group_name=dict(type='str'),
        role_name=dict(type='str'),
        policy_type=dict(type='str', choices=['System', 'Custom'], aliases=['type'])
    ))

    module = AnsibleModule(argument_spec=argument_spec)

    if HAS_FOOTMARK is False:
        module.fail_json(msg='footmark required for this module.')

    ram_conn = ram_connect(module)

    # Get values of variable
    state = module.params['state']
    policy_name = module.params['policy_name']
    user_name = module.params['user_name']
    group_name = module.params['group_name']
    role_name = module.params['role_name']
    policy_type = module.params['policy_type']
    changed = False

    # Check if policy exists
    policy = policy_exists(module, ram_conn, policy_name)

    if state == 'absent':
        if user_name:
            try:
                module.exit_json(changed=policy.detach_policy_from_user(user_name=user_name, policy_type=policy_type), policy=policy.read())
            except RAMResponseError as ex:
                module.fail_json(msg='Unable to detach policy {0} from user {1}, error: {2}'.format(policy_name, user_name, ex))
        if group_name:
            try:
                module.exit_json(changed=policy.detach_policy_from_group(group_name=group_name, policy_type=policy_type), policy=policy.read())
            except RAMResponseError as ex:
                module.fail_json(msg='Unable to detach policy {0} from group {1}, error: {2}'.format(policy_name, group_name, ex))
        if role_name:
            try:
                module.exit_json(changed=policy.detach_policy_from_role(role_name=role_name, policy_type=policy_type), policy=policy.read())
            except RAMResponseError as ex:
                module.fail_json(msg='Unable to detach policy {0} from role {1}, error: {2}'.format(policy_name, role_name, ex))
        if not policy:
            module.exit_json(changed=changed, policy={})
        try:
            module.exit_json(changed=policy.delete(), policy={})
        except RAMResponseError as ex:
            module.fail_json(msg='Unable to delete policy {0}, error: {1}'.format(policy_name, ex))

    if not policy:
        try:
            policy = ram_conn.create_policy(**module.params)
            module.exit_json(changed=True, policy=policy.read())
        except RAMResponseError as e:
            module.fail_json(msg='Unable to create policy, error: {0}'.format(e))

    if user_name and policy_type:
        try:
            changed = policy.attach_policy_to_user(policy_type=policy_type, user_name=user_name)
            module.exit_json(changed=changed, policy=policy.read())
        except Exception as e:
            module.fail_json(msg='Unable to attach policy to user, error: {0}'.format(e))

    if group_name and policy_type:
        try:
            changed = policy.attach_policy_to_group(policy_type=policy_type, group_name=group_name)
            module.exit_json(changed=changed, policy=policy.read())
        except Exception as e:
            module.fail_json(msg='Unable to attach policy to group, error: {0}'.format(e))

    if role_name and policy_type:
        try:
            changed = policy.attach_policy_to_role(policy_type=policy_type, role_name=role_name)
            module.exit_json(changed=changed, policy=policy.read())
        except Exception as e:
            module.fail_json(msg='Unable to attach policy to role, error: {0}'.format(e))