- register: policy
  when: host.state == 'present'
  local_action:
    module: copy
    dest: minio/policies/backup-{{ hostname }}.json
    content: |
      {
        "Version": "2012-10-17",
        "Statement": [
          {
            "Action": [
              "s3:ListBucket"
            ],
            "Effect": "Allow",
            "Resource": [
              "arn:aws:s3:::backup-{{ hostname }}/*"
            ],
            "Sid": ""
          },
          {
            "Action": [
              "s3:GetObject",
              "s3:DeleteObject",
              "s3:PutObject"
            ],
            "Effect": "Allow",
            "Resource": [
              "arn:aws:s3:::backup-{{ hostname }}/*"
            ],
            "Sid": ""
          }
        ]
      }

- name: Registering policy
  when: policy.changed
  command: mc admin policy add {{ minio_config }} backup-{{ hostname }} minio/policies/backup-{{ hostname }}.json

- name: checking if bucked exists
  command: mc ls --json "{{ minio_config }}"
  register: cmd_ls
  failed_when: false

#- debug: var=foo
#  vars:  
#    foo: "{{ cmd_ls.stdout_lines | map('from_json') | list }}"

#- debug: var=foo
#  vars:  
#    foo: "{{ cmd_ls.stdout_lines | map('from_json') | list | json_query('[?key==`backup-' + hostname + '/`]') }}"

- name: Creating backup bucket
  vars:
    len: "{{ cmd_ls.stdout_lines | map('from_json') | list | json_query('[?key==`backup-' + hostname + '/`]') | length }}"
  when: len == "0"
  command: mc mb {{ minio_config }}/backup-{{ hostname }}

- name: Removing policy file
  when: host.state != 'present'
  register: removed
  file:
    path: minio/policies/backup-{{ hostname }}.json
    state: absent

- name: Unregistering policy
  when: removed.changed
  command: mc admin policy remove {{ minio_config }} backup-{{ hostname }}