Comment 11 for bug 1356679

#1 +1 on that

I checked out the current OpenStack Cloud Administrator guide [1], it definitely has some clues on how to edit policy.json, but it does not provide a sample policy.json or even a list of all possible policies. I believe that it needs some improvement.

#2 Logging rules that are being checked also seems rational to me, because, as Gabriel pointed out, it is the easiest way for an administrator to find out what rules are really checked without looking into the code.

[1] http://docs.openstack.org/admin-guide-cloud/content/section_networking_auth.html