Break out of IAM policy generation to separate module

[cwgem]

While looking at this project's description I noticed the ability to generate IAM policies was present. Doing code analysis of python based Lambdas and looking for boto calls to help generate IAM policies easily is something I've been considering for a long time and was pleased that the groundwork was essentially laid out, specifically:

https://github.com/aws/chalice/blob/master/chalice/analyzer.py

The analysis of the AST for boto calls I think would be more beneficial as a separate module. That way processes could be built around python Lambdas to generate IAM policies automatically. As it is now such tools would have to pull in potentially unrelated code for API Gateway. Curious on your thoughts regarding this.

[jamesls]

We can potentially split this out, but probably not right now. As of now, the analyzer is planned for a fairly big refactor, which might include some changes to the API. The API is actually private so I'd want to have a pretty stable API before extracting it out.

The other option is that once the API is stable/finished, we can publicly document the API and commit to backwards compatibility for the analyzer. Yes, you would have to download chalice which might contain code you don't need, but it is a fairly small package as is and might be a reasonable compromise if extracting it out proves too cumbersome to maintain.

[cwgem]

@jamesls Sounds good. Just to get an idea is the analyzer code refactor something that's a large priority or somewhat more of a nice to have at this point? Trying to gauge whether I should just wait it out or potentially try some things out on my own.