diff --git a/etc/murano/policy.json b/etc/murano/policy.json
index c15120864..7ca710fba 100644
--- a/etc/murano/policy.json
+++ b/etc/murano/policy.json
@@ -1,7 +1,5 @@
 {
     "context_is_admin": "role:admin",
     "admin_api": "is_admin:True",
-    "default": "",
-
-    "execute_action": "rule:default"
+    "default": ""
 }
diff --git a/murano/common/policies/__init__.py b/murano/common/policies/__init__.py
index e592f47c7..67375500b 100644
--- a/murano/common/policies/__init__.py
+++ b/murano/common/policies/__init__.py
@@ -15,6 +15,7 @@
 
 import itertools
 
+from murano.common.policies import action
 from murano.common.policies import category
 from murano.common.policies import deployment
 from murano.common.policies import env_template
@@ -24,6 +25,7 @@ from murano.common.policies import package
 
 def list_rules():
     return itertools.chain(
+        action.list_rules(),
         category.list_rules(),
         deployment.list_rules(),
         environment.list_rules(),
diff --git a/murano/common/policies/action.py b/murano/common/policies/action.py
new file mode 100644
index 000000000..5262204a2
--- /dev/null
+++ b/murano/common/policies/action.py
@@ -0,0 +1,38 @@
+# Copyright 2017 AT&T Corporation.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from oslo_policy import policy
+
+from murano.common.policies import base
+
+action_policies = [
+    policy.DocumentedRuleDefault(
+        name='execute_action',
+        check_str=base.RULE_DEFAULT,
+        description="""Excute an available action on a deployed environment,
+retrieve the task status of an executed action, or retrieve the result of
+an executed static action.""",
+        operations=[
+            {'path': 'v1/environments/{environment_id}/actions/{action_id}',
+             'method': 'POST'},
+            {'path': 'v1/environments/{environment_id}/actions/{task_id}',
+             'method': 'GET'},
+            {'path': 'v1/actions',
+             'method': 'POST'}])
+]
+
+
+def list_rules():
+    return action_policies