[aws] New module: iam_password_policy (#36200)

* Adding iam_password_policy module

* fixing various issues -- error handling, bugs

* fixing various issues based on tests

* renaming dummy var

* fixing type reference in documentation

* adding int tests and other updates

* removing typo

* fixing auth for int tests

* removing int tests for now

* readding integration tests w/ unsupported designation

* removing conflicting group

* Update aliases

* Fix unused variable

test/integration/targets/iam_password_policy/aliases

@@ -0,0 +1,2 @@
+cloud/aws
+unsupported

test/integration/targets/iam_password_policy/tasks/main.yaml

@@ -0,0 +1,90 @@
+- name: set connection information for all tasks
+  set_fact:
+    aws_connection_info: &aws_connection_info
+      aws_access_key: "{{ aws_access_key }}"
+      aws_secret_key: "{{ aws_secret_key }}"
+      security_token: "{{ security_token }}"
+      region: "{{ aws_region }}"
+  no_log: true
+
+- name: set iam password policy
+  iam_password_policy:
+    <<: *aws_connection_info
+    state: present
+    min_pw_length: 8
+    require_symbols: false
+    require_numbers: true
+    require_uppercase: true
+    require_lowercase: true
+    allow_pw_change: true
+    pw_max_age: 60
+    pw_reuse_prevent: 5
+    pw_expire: false
+  register: result
+
+- name: assert that changes were made
+  assert:
+    that:
+      - result.changed
+
+- name: verify iam password policy has been created
+  iam_password_policy:
+    <<: *aws_connection_info
+    state: present
+    min_pw_length: 8
+    require_symbols: false
+    require_numbers: true
+    require_uppercase: true
+    require_lowercase: true
+    allow_pw_change: true
+    pw_max_age: 60
+    pw_reuse_prevent: 5
+    pw_expire: false
+  register: result
+
+- name: assert that no changes were made
+  assert:
+    that:
+      - not result.changed
+
+- name: update iam password policy
+  iam_password_policy:
+    <<: *aws_connection_info
+    state: present
+    min_pw_length: 15
+    require_symbols: true
+    require_numbers: true
+    require_uppercase: true
+    require_lowercase: true
+    allow_pw_change: true
+    pw_max_age: 30
+    pw_reuse_prevent: 10
+    pw_expire: true
+  register: result
+
+- name: assert that updates were made
+  assert:
+    that:
+      - result.changed
+
+- name: remove iam password policy
+  iam_password_policy:
+    <<: *aws_connection_info
+    state: absent
+  register: result
+
+- name: assert password policy has been removed
+  assert:
+    that:
+      - result.changed
+
+- name: verify password policy has been removed
+  iam_password_policy:
+    <<: *aws_connection_info
+    state: absent
+  register: result
+
+- name: assert no changes were made
+  assert:
+    that:
+      - not result.changed

test/units/modules/cloud/amazon/test_iam_password_policy.py

@@ -0,0 +1,25 @@
+import boto3
+import pytest
+
+from units.modules.utils import set_module_args
+from ansible.module_utils.ec2 import HAS_BOTO3
+from ansible.modules.cloud.amazon import iam_password_policy
+
+if not HAS_BOTO3:
+    pytestmark = pytest.mark.skip("iam_password_policy.py requires the `boto3` and `botocore` modules")
+
+
+def test_warn_if_state_not_specified():
+    set_module_args({
+        "min_pw_length": "8",
+        "require_symbols": "false",
+        "require_numbers": "true",
+        "require_uppercase": "true",
+        "require_lowercase": "true",
+        "allow_pw_change": "true",
+        "pw_max_age": "60",
+        "pw_reuse_prevent": "5",
+        "pw_expire": "false"
+    })
+    with pytest.raises(SystemExit):
+        print(iam_password_policy.main())