diff --git a/handlers/main.yml b/handlers/main.yml
index 4002daa..a5ee2d6 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -38,3 +38,12 @@
   listen:
     - "Restart trove services"
     - "venv changed"
+
+# NOTE (noonedeadpunk): Remove this task after Xena release
+- name: Remove obsoleted policy.json
+  file:
+    path: "/etc/trove/policy.json"
+    state: absent
+  listen:
+    - "Restart trove services"
+    - "venv changed"
diff --git a/tasks/trove_post_install.yml b/tasks/trove_post_install.yml
index de12084..336f3ef 100644
--- a/tasks/trove_post_install.yml
+++ b/tasks/trove_post_install.yml
@@ -33,14 +33,32 @@
       dest: "/etc/trove/trove.conf"
       config_overrides: "{{ trove_config_overrides }}"
       config_type: "ini"
-    - src: "policy.json.j2"
-      dest: "/etc/trove/policy.json"
-      config_overrides: "{{ trove_policy_overrides }}"
-      config_type: "json"
   notify:
     - Restart trove API services
   when: inventory_hostname in groups['trove_api']
 
+- name: Implement policy.yaml if there are overrides configured
+  config_template:
+    content: "{{ trove_policy_overrides }}"
+    dest: "/etc/trove/policy.yaml"
+    owner: "{{ trove_system_user_name }}"
+    group: "{{ trove_system_group_name }}"
+    mode: "0644"
+    config_type: yaml
+  when:
+    - trove_policy_overrides | length > 0
+  tags:
+    - trove-policy-override
+
+- name: Remove legacy policy.yaml file
+  file:
+    path: "/etc/trove/policy.yaml"
+    state: absent
+  when:
+    - trove_policy_overrides | length == 0
+  tags:
+    - trove-policy-override
+
 - name: Drop trove-conductor Config(s)
   config_template:
     src: "{{ item.src }}"
diff --git a/templates/policy.json.j2 b/templates/policy.json.j2
deleted file mode 100644
index 902f430..0000000
--- a/templates/policy.json.j2
+++ /dev/null
@@ -1,97 +0,0 @@
-{
-    "admin": "role:admin or is_admin:True",
-    "admin_or_owner": "rule:admin or tenant:%(tenant)s",
-    "default": "rule:admin_or_owner",
-
-    "instance:create": "rule:admin_or_owner",
-    "instance:delete": "rule:admin_or_owner",
-    "instance:force_delete": "rule:admin_or_owner",
-    "instance:index": "rule:admin_or_owner",
-    "instance:show": "rule:admin_or_owner",
-    "instance:update": "rule:admin_or_owner",
-    "instance:edit": "rule:admin_or_owner",
-    "instance:restart": "rule:admin_or_owner",
-    "instance:resize_volume": "rule:admin_or_owner",
-    "instance:resize_flavor": "rule:admin_or_owner",
-    "instance:reset_status": "rule:admin",
-    "instance:promote_to_replica_source": "rule:admin_or_owner",
-    "instance:eject_replica_source": "rule:admin_or_owner",
-    "instance:configuration": "rule:admin_or_owner",
-    "instance:guest_log_list": "rule:admin_or_owner",
-    "instance:backups": "rule:admin_or_owner",
-    "instance:module_list": "rule:admin_or_owner",
-    "instance:module_apply": "rule:admin_or_owner",
-    "instance:module_remove": "rule:admin_or_owner",
-
-    "instance:extension:root:create": "rule:admin_or_owner",
-    "instance:extension:root:delete": "rule:admin_or_owner",
-    "instance:extension:root:index": "rule:admin_or_owner",
-
-    "instance:extension:user:create": "rule:admin_or_owner",
-    "instance:extension:user:delete": "rule:admin_or_owner",
-    "instance:extension:user:index": "rule:admin_or_owner",
-    "instance:extension:user:show": "rule:admin_or_owner",
-    "instance:extension:user:update": "rule:admin_or_owner",
-    "instance:extension:user:update_all": "rule:admin_or_owner",
-
-    "instance:extension:user_access:update": "rule:admin_or_owner",
-    "instance:extension:user_access:delete": "rule:admin_or_owner",
-    "instance:extension:user_access:index": "rule:admin_or_owner",
-
-    "instance:extension:database:create": "rule:admin_or_owner",
-    "instance:extension:database:delete": "rule:admin_or_owner",
-    "instance:extension:database:index": "rule:admin_or_owner",
-    "instance:extension:database:show": "rule:admin_or_owner",
-
-    "cluster:create": "rule:admin_or_owner",
-    "cluster:delete": "rule:admin_or_owner",
-    "cluster:force_delete": "rule:admin_or_owner",
-    "cluster:index": "rule:admin_or_owner",
-    "cluster:show": "rule:admin_or_owner",
-    "cluster:show_instance": "rule:admin_or_owner",
-    "cluster:action": "rule:admin_or_owner",
-    "cluster:reset-status": "rule:admin",
-
-    "cluster:extension:root:create": "rule:admin_or_owner",
-    "cluster:extension:root:delete": "rule:admin_or_owner",
-    "cluster:extension:root:index": "rule:admin_or_owner",
-
-    "backup:create": "rule:admin_or_owner",
-    "backup:delete": "rule:admin_or_owner",
-    "backup:index": "rule:admin_or_owner",
-    "backup:show": "rule:admin_or_owner",
-
-    "configuration:create": "rule:admin_or_owner",
-    "configuration:delete": "rule:admin_or_owner",
-    "configuration:index": "rule:admin_or_owner",
-    "configuration:show": "rule:admin_or_owner",
-    "configuration:instances": "rule:admin_or_owner",
-    "configuration:update": "rule:admin_or_owner",
-    "configuration:edit": "rule:admin_or_owner",
-
-    "configuration-parameter:index": "rule:admin_or_owner",
-    "configuration-parameter:show": "rule:admin_or_owner",
-    "configuration-parameter:index_by_version": "rule:admin_or_owner",
-    "configuration-parameter:show_by_version": "rule:admin_or_owner",
-
-    "datastore:index": "",
-    "datastore:show": "",
-    "datastore:version_show": "",
-    "datastore:version_show_by_uuid": "",
-    "datastore:version_index": "",
-    "datastore:list_associated_flavors": "",
-    "datastore:list_associated_volume_types": "",
-
-    "flavor:index": "",
-    "flavor:show": "",
-
-    "limits:index": "rule:admin_or_owner",
-
-    "module:create": "rule:admin_or_owner",
-    "module:delete": "rule:admin_or_owner",
-    "module:index": "rule:admin_or_owner",
-    "module:show": "rule:admin_or_owner",
-    "module:instances": "rule:admin_or_owner",
-    "module:update": "rule:admin_or_owner",
-    "module:reapply": "rule:admin_or_owner"
-}