1 files changed, 42 insertions, 8 deletions

diff --git a/nova/policies/networks.py b/nova/policies/networks.py
index a4d065f47d..ff68cc7ea0 100644
--- a/nova/policies/networks.py
+++ b/nova/policies/networks.py
@@ -13,8 +13,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
-from oslo_policy import policy
-
 from nova.policies import base
 
 
@@ -23,12 +21,48 @@ POLICY_ROOT = 'os_compute_api:os-networks:%s'
 
 
 networks_policies = [
-    policy.RuleDefault(
-        name=BASE_POLICY_NAME,
-        check_str=base.RULE_ADMIN_API),
-    policy.RuleDefault(
-        name=POLICY_ROOT % 'view',
-        check_str=base.RULE_ADMIN_OR_OWNER),
+    base.create_rule_default(
+        BASE_POLICY_NAME,
+        base.RULE_ADMIN_API,
+        """Create and delete a network, add and disassociate a network
+from a project.
+
+These APIs are only available with nova-network which is deprecated.""",
+        [
+            {
+                'method': 'POST',
+                'path': '/os-networks'
+            },
+            {
+                'method': 'POST',
+                'path': '/os-networks/add'
+            },
+            {
+                'method': 'DELETE',
+                'path': '/os-networks/{network_id}'
+            },
+            {
+                'method': 'POST',
+                'path': '/os-networks/{network_id}/action (disassociate)'
+            }
+        ]),
+    base.create_rule_default(
+        POLICY_ROOT % 'view',
+        base.RULE_ADMIN_OR_OWNER,
+        """List networks for the project and show details for a network.
+
+These APIs are proxy calls to the Network service. These are all
+deprecated.""",
+        [
+            {
+                'method': 'GET',
+                'path': '/os-networks'
+            },
+            {
+                'method': 'GET',
+                'path': '/os-networks/{network_id}'
+            }
+        ]),
 ]