diff --git a/templates/policy.json.j2 b/templates/policy.json.j2
index a32ad1cc..c51f564a 100644
--- a/templates/policy.json.j2
+++ b/templates/policy.json.j2
@@ -25,12 +25,18 @@
     "volume:delete_snapshot_metadata": "rule:admin_or_owner",
     "volume:update_snapshot_metadata": "rule:admin_or_owner",
     "volume:extend": "rule:admin_or_owner",
+    "volume:extend_attached_volume": "rule:admin_or_owner",
     "volume:update_readonly_flag": "rule:admin_or_owner",
     "volume:retype": "rule:admin_or_owner",
     "volume:update": "rule:admin_or_owner",
+    "volume:revert_to_snapshot": "rule:admin_or_owner",
 
     "volume_extension:types_manage": "rule:admin_api",
-    "volume_extension:types_extra_specs": "rule:admin_api",
+    "volume_extension:types_extra_specs:create": "rule:admin_api",
+    "volume_extension:types_extra_specs:delete": "rule:admin_api",
+    "volume_extension:types_extra_specs:index": "rule:admin_api",
+    "volume_extension:types_extra_specs:show": "rule:admin_api",
+    "volume_extension:types_extra_specs:update": "rule:admin_api",
     "volume_extension:access_types_qos_specs_id": "rule:admin_api",
     "volume_extension:access_types_extra_specs": "rule:admin_api",
     "volume_extension:volume_type_access": "rule:admin_or_owner",
@@ -41,6 +47,12 @@
     "volume_extension:extended_snapshot_attributes": "rule:admin_or_owner",
     "volume_extension:volume_image_metadata": "rule:admin_or_owner",
 
+    "volume_extension:qos_specs_manage:create": "rule:admin_api",
+    "volume_extension:qos_specs_manage:get": "rule:admin_api",
+    "volume_extension:qos_specs_manage:get_all": "rule:admin_api",
+    "volume_extension:qos_specs_manage:update": "rule:admin_api",
+    "volume_extension:qos_specs_manage:delete": "rule:admin_api",
+
     "volume_extension:quotas:show": "",
     "volume_extension:quotas:update": "rule:admin_api",
     "volume_extension:quotas:delete": "rule:admin_api",
@@ -132,6 +144,11 @@
     "group:reset_group_snapshot_status":"rule:admin_api",
     "group:reset_status":"rule:admin_api",
 
+    "group:enable_replication": "rule:admin_or_owner",
+    "group:disable_replication": "rule:admin_or_owner",
+    "group:failover_replication": "rule:admin_or_owner",
+    "group:list_replication_targets": "rule:admin_or_owner",
+
     "scheduler_extension:scheduler_stats:get_pools" : "rule:admin_api",
     "message:delete": "rule:admin_or_owner",
     "message:get": "rule:admin_or_owner",