From c60baf0ca738f4cf616f8128661bc78ef8f72ae5 Mon Sep 17 00:00:00 2001
From: chalupaa <42819471+chalupaa@users.noreply.github.com>
Date: Wed, 5 Sep 2018 13:59:14 -0500
Subject: [PATCH] [aws] lambda_policy fix update when principal is an account
 number (#44871)

Fix KeyError on update when principal is an account number
(cherry picked from commit 1f3e7ea061c69c81efa09318b21812c5bca7d1a6)
---
 lib/ansible/modules/cloud/amazon/lambda_policy.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/ansible/modules/cloud/amazon/lambda_policy.py b/lib/ansible/modules/cloud/amazon/lambda_policy.py
index 2e7a1b403c..2b647c2be0 100644
--- a/lib/ansible/modules/cloud/amazon/lambda_policy.py
+++ b/lib/ansible/modules/cloud/amazon/lambda_policy.py
@@ -236,7 +236,14 @@ def extract_statement(policy, sid):
     for statement in policy['Statement']:
         if statement['Sid'] == sid:
             policy_statement['action'] = statement['Action']
-            policy_statement['principal'] = statement['Principal']['Service']
+            try:
+                policy_statement['principal'] = statement['Principal']['Service']
+            except KeyError:
+                pass
+            try:
+                policy_statement['principal'] = statement['Principal']['AWS']
+            except KeyError:
+                pass
             try:
                 policy_statement['source_arn'] = statement['Condition']['ArnLike']['AWS:SourceArn']
             except KeyError: