Based on my reading of the code, the main policy.json file needs to exist (although it isn't clear if it has to contain anything) [1]. The policy_dirs are then searched *after* loading the main policy.json by combining the paths where oslo.config is looking for configuration files (--config-dirs) with the subdir names in the policy_dirs configuration value [2]. That is, policy_dirs should not contain a full path, but a partial path to be appended to values like /etc/myapp to produce /etc/myapp/policy.d.
Based on my reading of the code, the main policy.json file needs to exist (although it isn't clear if it has to contain anything) [1]. The policy_dirs are then searched *after* loading the main policy.json by combining the paths where oslo.config is looking for configuration files (--config-dirs) with the subdir names in the policy_dirs configuration value [2]. That is, policy_dirs should not contain a full path, but a partial path to be appended to values like /etc/myapp to produce /etc/myapp/ policy. d.
[1] https:/ /github. com/openstack/ oslo-incubator/ blob/master/ openstack/ common/ policy. py#L247 will result in an exception if the file does not exist /github. com/openstack/ oslo-incubator/ blob/master/ openstack/ common/ policy. py#L250
[2] https:/