diff --git a/etc/policy.json b/etc/policy.json
index eada2acfb..3e735276e 100644
--- a/etc/policy.json
+++ b/etc/policy.json
@@ -1,12 +1,6 @@
 {
     "default": "rule:admin_or_owner",
 
-    "services:list": "rule:admin_or_owner",
-
-    "tasks:get": "rule:admin_or_owner",
-    "tasks:list": "rule:admin_or_owner",
-    "tasks:update": "rule:admin_or_owner",
-
     "workbooks:create": "rule:admin_or_owner",
     "workbooks:delete": "rule:admin_or_owner",
     "workbooks:get": "rule:admin_or_owner",
diff --git a/mistral/policies/__init__.py b/mistral/policies/__init__.py
index bec9fb428..de4e2bb4b 100644
--- a/mistral/policies/__init__.py
+++ b/mistral/policies/__init__.py
@@ -21,6 +21,8 @@ from mistral.policies import cron_trigger
 from mistral.policies import environment
 from mistral.policies import execution
 from mistral.policies import member
+from mistral.policies import service
+from mistral.policies import task
 
 
 def list_rules():
@@ -31,5 +33,7 @@ def list_rules():
         cron_trigger.list_rules(),
         environment.list_rules(),
         execution.list_rules(),
-        member.list_rules()
+        member.list_rules(),
+        service.list_rules(),
+        task.list_rules()
     )
diff --git a/mistral/policies/service.py b/mistral/policies/service.py
new file mode 100644
index 000000000..6bc2e83b3
--- /dev/null
+++ b/mistral/policies/service.py
@@ -0,0 +1,36 @@
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+from oslo_policy import policy
+
+from mistral.policies import base
+
+SERVICES = 'services:%s'
+
+rules = [
+    policy.DocumentedRuleDefault(
+        name=SERVICES % 'list',
+        check_str=base.RULE_ADMIN_OR_OWNER,
+        description='Return all Mistral services.',
+        operations=[
+            {
+                'path': '/v2/services',
+                'method': 'GET'
+            }
+        ]
+    )
+]
+
+
+def list_rules():
+    return rules
diff --git a/mistral/policies/task.py b/mistral/policies/task.py
new file mode 100644
index 000000000..a3261d9b7
--- /dev/null
+++ b/mistral/policies/task.py
@@ -0,0 +1,58 @@
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+from oslo_policy import policy
+
+from mistral.policies import base
+
+TASKS = 'tasks:%s'
+
+rules = [
+    policy.DocumentedRuleDefault(
+        name=TASKS % 'get',
+        check_str=base.RULE_ADMIN_OR_OWNER,
+        description='Return the specified task.',
+        operations=[
+            {
+                'path': '/v2/tasks/{task_id}',
+                'method': 'GET'
+            }
+        ]
+    ),
+    policy.DocumentedRuleDefault(
+        name=TASKS % 'list',
+        check_str=base.RULE_ADMIN_OR_OWNER,
+        description='Return all tasks.',
+        operations=[
+            {
+                'path': '/v2/tasks',
+                'method': 'GET'
+            }
+        ]
+    ),
+    policy.DocumentedRuleDefault(
+        name=TASKS % 'update',
+        check_str=base.RULE_ADMIN_OR_OWNER,
+        description='Update the specified task execution.',
+        operations=[
+            {
+                'path': '/v2/tasks',
+                'method': 'PUT'
+            }
+        ]
+    )
+]
+
+
+def list_rules():
+    return rules
diff --git a/mistral/tests/unit/fake_policy.py b/mistral/tests/unit/fake_policy.py
index ba00529da..79d83d3f6 100644
--- a/mistral/tests/unit/fake_policy.py
+++ b/mistral/tests/unit/fake_policy.py
@@ -15,12 +15,6 @@
 policy_data = """{
     "default": "rule:admin_or_owner",
 
-    "services:list": "rule:admin_or_owner",
-
-    "tasks:get": "rule:admin_or_owner",
-    "tasks:list": "rule:admin_or_owner",
-    "tasks:update": "rule:admin_or_owner",
-
     "workbooks:create": "rule:admin_or_owner",
     "workbooks:delete": "rule:admin_or_owner",
     "workbooks:get": "rule:admin_or_owner",