diff --git a/etc/neutron-fwaas-policy.json b/etc/neutron-fwaas-policy.json
index 3458dad..ecd00ab 100644
--- a/etc/neutron-fwaas-policy.json
+++ b/etc/neutron-fwaas-policy.json
@@ -17,9 +17,11 @@
 
     "create_firewall_policy": "",
     "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewall_policies",
-    "create_firewall_policy:shared": "rule:admin_or_owner",
     "update_firewall_policy": "rule:admin_or_owner",
     "delete_firewall_policy": "rule:admin_or_owner",
+    "create_firewall_policy:shared": "rule:admin_only",
+    "update_firewall_policy:shared": "rule:admin_only",
+    "delete_firewall_policy:shared": "rule:admin_only",
 
     "insert_rule": "rule:admin_or_owner",
     "remove_rule": "rule:admin_or_owner",
diff --git a/neutron_fwaas_dashboard/dashboards/project/firewalls/forms.py b/neutron_fwaas_dashboard/dashboards/project/firewalls/forms.py
index 1d8a709..aff5211 100644
--- a/neutron_fwaas_dashboard/dashboards/project/firewalls/forms.py
+++ b/neutron_fwaas_dashboard/dashboards/project/firewalls/forms.py
@@ -131,9 +131,29 @@ class UpdatePolicy(forms.SelfHandlingForm):
 
     failure_url = 'horizon:project:firewalls:index'
 
+    def __init__(self, request, *args, **kwargs):
+        super(UpdatePolicy, self).__init__(request, *args, **kwargs)
+        # Only admin user can update the 'shared' attribute
+        self.ignore_shared = False
+        if not policy.check((("neutron-fwaas",
+                              "update_firewall_policy:shared"),),
+                            request):
+            self.fields['shared'].widget = forms.CheckboxInput(
+                attrs={'readonly': 'readonly', 'disabled': 'disabled'})
+            self.fields['shared'].help_text = _(
+                'Non admin users are not allowed to set the shared property '
+                'of the policy.')
+            self.ignore_shared = True
+
     def handle(self, request, context):
         policy_id = self.initial['policy_id']
         name_or_id = context.get('name') or policy_id
+
+        # Remove 'shared' from the context if the user is not allowed to
+        # change this field
+        if self.ignore_shared and 'shared' in context:
+            del context['shared']
+
         try:
             policy = api_fwaas.policy_update(request, policy_id, **context)
             msg = _('Policy %s was successfully updated.') % name_or_id
diff --git a/neutron_fwaas_dashboard/dashboards/project/firewalls/workflows.py b/neutron_fwaas_dashboard/dashboards/project/firewalls/workflows.py
index 72b72fa..d075fa5 100644
--- a/neutron_fwaas_dashboard/dashboards/project/firewalls/workflows.py
+++ b/neutron_fwaas_dashboard/dashboards/project/firewalls/workflows.py
@@ -292,6 +292,18 @@ class AddPolicyAction(workflows.Action):
     def __init__(self, request, *args, **kwargs):
         super(AddPolicyAction, self).__init__(request, *args, **kwargs)
 
+        # Only admin user can update the 'shared' attribute
+        self.ignore_shared = False
+        if not policy.check((("neutron-fwaas",
+                              "create_firewall_policy:shared"),),
+                            request):
+            self.fields['shared'].widget = forms.CheckboxInput(
+                attrs={'readonly': 'readonly', 'disabled': 'disabled'})
+            self.fields['shared'].help_text = _(
+                'Non admin users are not allowed to set the shared property '
+                'of the policy.')
+            self.ignore_shared = True
+
     class Meta(object):
         name = _("Policy")
         permissions = ('openstack.services.network',)