iam_managed_policy: use python 3 compatible policy comparison - fixes #31474 (#31535)

* Move compare_policies and hashable_policy functions into module_utils/ec2 * Use compare_policies which is compatible with python 2 and 3. * rename function to indicate internal use * s3_bucket: don't set changed to false if it has had the chance to be changed to true already.
2025-10-09 18:04:02 -07:00 · 2017-10-18 18:55:45 -04:00 · 2017-10-18 18:55:45 -04:00 · 73abce83a9
commit 73abce83a9
parent 883169ab6b
3 changed files with 95 additions and 98 deletions
--- a/lib/ansible/modules/cloud/amazon/iam_managed_policy.py
+++ b/lib/ansible/modules/cloud/amazon/iam_managed_policy.py
@ -117,7 +117,7 @@ except ImportError:

 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils.ec2 import (boto3_conn, get_aws_connection_info, ec2_argument_spec, AWSRetry,
-                                      sort_json_policy_dict, camel_dict_to_snake_dict, HAS_BOTO3)
+                                      camel_dict_to_snake_dict, HAS_BOTO3, compare_policies)
 from ansible.module_utils._text import to_native


@ -174,8 +174,8 @@ def get_or_create_policy_version(module, iam, policy, policy_document):
            module.fail_json(msg="Couldn't get policy version %s: %s" % (v['VersionId'], str(e)),
                             exception=traceback.format_exc(),
                             **camel_dict_to_snake_dict(e.response))
-        if sort_json_policy_dict(document) == sort_json_policy_dict(
-                json.loads(policy_document)):
+        # If the current policy matches the existing one
+        if not compare_policies(document, json.loads(to_native(policy_document))):
            return v, False

    # No existing version so create one