diff --git a/ansible/roles/aodh/tasks/config.yml b/ansible/roles/aodh/tasks/config.yml
index d420bd6c61ce93fb5bf543f85ff5cf3c999e857d..90179933a93a977bd2429a1919357b1bbb01fbc5 100644
--- a/ansible/roles/aodh/tasks/config.yml
+++ b/ansible/roles/aodh/tasks/config.yml
@@ -45,3 +45,14 @@
     dest: "{{ node_config_directory }}/{{ item }}/wsgi-aodh.conf"
   with_items:
     - "aodh-api"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/aodh/policy.json"
+  register: aodh_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/aodh/policy.json"
+    dest: "{{ node_config_directory }}/aodh/policy.json"
+  when:
+    aodh_policy.stat.exists
diff --git a/ansible/roles/barbican/tasks/config.yml b/ansible/roles/barbican/tasks/config.yml
index 38383d54480985fc6d3455cf47d656a480bbcbd3..fab9b3ddacf67bb5aae5c410745c303af1fd58f9 100644
--- a/ansible/roles/barbican/tasks/config.yml
+++ b/ansible/roles/barbican/tasks/config.yml
@@ -51,3 +51,14 @@
     - "barbican-api"
     - "barbican-keystone-listener"
     - "barbican-worker"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/barbican/policy.json"
+  register: barbican_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/barbican/policy.json"
+    dest: "{{ node_config_directory }}/barbican/policy.json"
+  when:
+    barbican_policy.stat.exists
diff --git a/ansible/roles/ceilometer/tasks/config.yml b/ansible/roles/ceilometer/tasks/config.yml
index 5d9336fec9f7168548ebb1762bdef08dc22ddd20..ef990c447764814f864e29a2dace043eb08e3ab1 100644
--- a/ansible/roles/ceilometer/tasks/config.yml
+++ b/ansible/roles/ceilometer/tasks/config.yml
@@ -59,3 +59,14 @@
     - "event_definitions.yaml"
     - "event_pipeline.yaml"
     - "pipeline.yaml"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/ceilometer/policy.json"
+  register: ceilometer_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/ceilometer/policy.json"
+    dest: "{{ node_config_directory }}/ceilometer/policy.json"
+  when:
+    ceilometer_policy.stat.exist
diff --git a/ansible/roles/cinder/tasks/config.yml b/ansible/roles/cinder/tasks/config.yml
index f4018781609abfe92b60d49003a33d7c7db333b7..800401615b8bd2b72d4267c044972d47afaa8a3b 100644
--- a/ansible/roles/cinder/tasks/config.yml
+++ b/ansible/roles/cinder/tasks/config.yml
@@ -38,3 +38,14 @@
     - "cinder-backup"
     - "cinder-scheduler"
     - "cinder-volume"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/cinder/policy.json"
+  register: cinder_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/cinder/policy.json"
+    dest: "{{ node_config_directory }}/cinder/policy.json"
+  when:
+    cinder_policy.stat.exists
diff --git a/ansible/roles/cloudkitty/tasks/config.yml b/ansible/roles/cloudkitty/tasks/config.yml
index 234109eba84c5c6228990fbaf4d992202c2d3b71..ea3d13cbbfa7261e3817a439793b39715b4fcb8f 100644
--- a/ansible/roles/cloudkitty/tasks/config.yml
+++ b/ansible/roles/cloudkitty/tasks/config.yml
@@ -32,3 +32,14 @@
   with_items:
     - "cloudkitty-api"
     - "cloudkitty-processor"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/cloudkitty/policy.json"
+  register: cloudkitty_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/cloudkitty/policy.json"
+    dest: "{{ node_config_directory }}/cloudkitty/policy.json"
+  when:
+    cloudkitty_policy.stat.exists
diff --git a/ansible/roles/congress/tasks/config.yml b/ansible/roles/congress/tasks/config.yml
index 832a2da8655b2e52d7bc8c80b4ad33c00610faee..0e9a63135624c2668ed1e247a4569e7c99a93d9c 100644
--- a/ansible/roles/congress/tasks/config.yml
+++ b/ansible/roles/congress/tasks/config.yml
@@ -35,3 +35,14 @@
     - "congress-api"
     - "congress-policy-engine"
     - "congress-datasource"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/congress/policy.json"
+  register: congress_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/congress/policy.json"
+    dest: "{{ node_config_directory }}/congress/policy.json"
+  when:
+    congress_policy.stat.exists
diff --git a/ansible/roles/glance/tasks/config.yml b/ansible/roles/glance/tasks/config.yml
index 88cb5c446a001e1badc5101ae6e15688d0ef09d0..743815ba88b38d80e23368643698c2b0654a4ce8 100644
--- a/ansible/roles/glance/tasks/config.yml
+++ b/ansible/roles/glance/tasks/config.yml
@@ -29,3 +29,14 @@
     dest: "{{ node_config_directory }}/{{ item.service }}/{{ item.service }}.conf"
   when: inventory_hostname in groups[item.group]
   with_items: "{{ glance_service_groups }}"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/glance/policy.json"
+  register: glance_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/glance/policy.json"
+    dest: "{{ node_config_directory }}/glance/policy.json"
+  when:
+    glance_policy.stat.exists
diff --git a/ansible/roles/gnocchi/tasks/config.yml b/ansible/roles/gnocchi/tasks/config.yml
index 2e7a75a8a46723a8ab75cc55ebe2a0387b79e918..b6fa16dd077342c0b4e83372e4faf2796f302c2e 100644
--- a/ansible/roles/gnocchi/tasks/config.yml
+++ b/ansible/roles/gnocchi/tasks/config.yml
@@ -50,3 +50,14 @@
     dest: "{{ node_config_directory }}/{{ item }}/wsgi-gnocchi.conf"
   with_items:
     - "gnocchi-api"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/gnocchi/policy.json"
+  register: gnocchi_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/gnocchi/policy.json"
+    dest: "{{ node_config_directory }}/gnocchi/policy.json"
+  when:
+    gnocchi_policy.stat.exists
diff --git a/ansible/roles/heat/tasks/config.yml b/ansible/roles/heat/tasks/config.yml
index 41b9effaf4de6bed8089e00dd5ea8a487136beb8..dca462a5081c193f91a8f95a0ece895f059302d9 100644
--- a/ansible/roles/heat/tasks/config.yml
+++ b/ansible/roles/heat/tasks/config.yml
@@ -42,3 +42,14 @@
     - "heat-api"
     - "heat-api-cfn"
     - "heat-engine"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/heat/policy.json"
+  register: heat_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/heat/policy.json"
+    dest: "{{ node_config_directory }}/heat/policy.json"
+  when:
+    heat_policy.stat.exists
diff --git a/ansible/roles/ironic/tasks/config.yml b/ansible/roles/ironic/tasks/config.yml
index 89ac3b51c3f5625ed3fd25ca98c02e4c58099491..797b4948240627e20221d4da9309b09c13006057 100644
--- a/ansible/roles/ironic/tasks/config.yml
+++ b/ansible/roles/ironic/tasks/config.yml
@@ -37,3 +37,14 @@
     - "ironic-api"
     - "ironic-conductor"
     - "ironic-inspector"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/ironic/policy.json"
+  register: ironic_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/ironic/policy.json"
+    dest: "{{ node_config_directory }}/ironic/policy.json"
+  when:
+    ironic_policy.stat.exists
diff --git a/ansible/roles/keystone/tasks/config.yml b/ansible/roles/keystone/tasks/config.yml
index e39e7d6188a3a4fd903f4da504d7edb5e17fa764..e531d6869091840d75691d014a6184fadf267841 100644
--- a/ansible/roles/keystone/tasks/config.yml
+++ b/ansible/roles/keystone/tasks/config.yml
@@ -1,5 +1,5 @@
 ---
-- name: Check if Policies shall be overwritten
+- name: Check if policies shall be overwritten
   local_action: stat path="{{ node_custom_config }}/keystone/policy.json"
   register: keystone_policy
 
diff --git a/ansible/roles/kuryr/tasks/config.yml b/ansible/roles/kuryr/tasks/config.yml
index 8b31c7ab146db399cddba0b9194dbd5d2bd7897c..001793780c842f5eb86ea6c4e46b2468e0dd08d2 100644
--- a/ansible/roles/kuryr/tasks/config.yml
+++ b/ansible/roles/kuryr/tasks/config.yml
@@ -23,3 +23,14 @@
   template:
     src: "kuryr.spec.j2"
     dest: "{{ node_config_directory }}/kuryr/kuryr.spec"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/kuryr/policy.json"
+  register: kuryr_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/kuryr/policy.json"
+    dest: "{{ node_config_directory }}/kuryr/policy.json"
+  when:
+    kuryr_policy.stat.exists
diff --git a/ansible/roles/magnum/tasks/config.yml b/ansible/roles/magnum/tasks/config.yml
index 183b6bb43f4f023b6e525628086a2d6859fbb8c4..5baa4a6ca8b5e45e7611a05b9a096d89ec7105ea 100644
--- a/ansible/roles/magnum/tasks/config.yml
+++ b/ansible/roles/magnum/tasks/config.yml
@@ -32,3 +32,14 @@
   with_items:
     - "magnum-api"
     - "magnum-conductor"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/magnum/policy.json"
+  register: magnum_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/magnum/policy.json"
+    dest: "{{ node_config_directory }}/magnum/policy.json"
+  when:
+    magnum_policy.stat.exists
diff --git a/ansible/roles/manila/tasks/config.yml b/ansible/roles/manila/tasks/config.yml
index 4f83ff55b46a5685276708a7803703fe3ad64aaf..9ae45d1d66c7ad00b3358d5fba6c8bf2fa0d8178 100644
--- a/ansible/roles/manila/tasks/config.yml
+++ b/ansible/roles/manila/tasks/config.yml
@@ -52,3 +52,14 @@
     dest: "{{ node_config_directory }}/{{ item }}/manila.conf"
   with_items:
     - "manila-share"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/manila/policy.json"
+  register: manila_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/manila/policy.json"
+    dest: "{{ node_config_directory }}/manila/policy.json"
+  when:
+    manila_policy.stat.exists
diff --git a/ansible/roles/mistral/tasks/config.yml b/ansible/roles/mistral/tasks/config.yml
index 8c6d0d616c7dfb915d8e87fa1b80ab5221482457..723074eac4438048669f2962ff42285e5bcc3c49 100644
--- a/ansible/roles/mistral/tasks/config.yml
+++ b/ansible/roles/mistral/tasks/config.yml
@@ -35,3 +35,14 @@
     - "mistral-api"
     - "mistral-engine"
     - "mistral-executor"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/mistral/policy.json"
+  register: mistral_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/mistral/policy.json"
+    dest: "{{ node_config_directory }}/mistral/policy.json"
+  when:
+    mistral_policy.stat.exists
diff --git a/ansible/roles/murano/tasks/config.yml b/ansible/roles/murano/tasks/config.yml
index a544a4a087f6f4fcf2c7f9c3ad1f249eef3c6aae..779c277d546e3f274a1f0248531eda4ab6143cf0 100644
--- a/ansible/roles/murano/tasks/config.yml
+++ b/ansible/roles/murano/tasks/config.yml
@@ -32,3 +32,14 @@
   with_items:
     - "murano-api"
     - "murano-engine"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/murano/policy.json"
+  register: murano_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/murano/policy.json"
+    dest: "{{ node_config_directory }}/murano/policy.json"
+  when:
+    murano_policy.stat.exists
diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index 1c7d0238b7ea0b8e9d22d6482e4b80bd54303c5a..82921cd96e5e3cfe3bf5cf31d0eaf314773cebd4 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -183,3 +183,14 @@
     dest: "{{ node_config_directory }}/{{ item }}/vpnaas_agent.ini"
   with_items:
     - "neutron-vpnaas-agent"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/neutron/policy.json"
+  register: neutron_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/neutron/policy.json"
+    dest: "{{ node_config_directory }}/neutron/policy.json"
+  when:
+    neutron_policy.stat.exists
diff --git a/ansible/roles/nova/tasks/config.yml b/ansible/roles/nova/tasks/config.yml
index 8841635704aa4b5b1b8d363d1897761e4ead4639..b8750b93006119e1bd46119564bb44cf2406facf 100644
--- a/ansible/roles/nova/tasks/config.yml
+++ b/ansible/roles/nova/tasks/config.yml
@@ -83,3 +83,14 @@
     - { src: "id_rsa", dest: "id_rsa" }
     - { src: "id_rsa.pub", dest: "id_rsa.pub" }
     - { src: "ssh_config.j2", dest: "ssh_config" }
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/nova/policy.json"
+  register: nova_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/nova/policy.json"
+    dest: "{{ node_config_directory }}/nova/policy.json"
+  when:
+    nova_policy.stat.exists
diff --git a/ansible/roles/rally/tasks/config.yml b/ansible/roles/rally/tasks/config.yml
index c210dc338f5a5a387df1bdc11a51ac11293331c1..3304915de3ac18697a8b1f6e26a873196e995e49 100644
--- a/ansible/roles/rally/tasks/config.yml
+++ b/ansible/roles/rally/tasks/config.yml
@@ -24,3 +24,14 @@
     dest: "{{ node_config_directory }}/{{ item }}/rally.conf"
   with_items:
     - "rally"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/rally/policy.json"
+  register: rally_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/rally/policy.json"
+    dest: "{{ node_config_directory }}/rally/policy.json"
+  when:
+    rally_policy.stat.exists
diff --git a/ansible/roles/sahara/tasks/config.yml b/ansible/roles/sahara/tasks/config.yml
index b3a3405ccaa7501006f5cc34c2faa3885d8e2a63..a83df50caed5fdbd8067738fbadb6aeda2defb72 100644
--- a/ansible/roles/sahara/tasks/config.yml
+++ b/ansible/roles/sahara/tasks/config.yml
@@ -32,3 +32,14 @@
   with_items:
     - "sahara-api"
     - "sahara-engine"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/sahara/policy.json"
+  register: sahara_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/sahara/policy.json"
+    dest: "{{ node_config_directory }}/sahara/policy.json"
+  when:
+    sahara_policy.stat.exists
diff --git a/ansible/roles/searchlight/tasks/config.yml b/ansible/roles/searchlight/tasks/config.yml
index b31b1d81e11f1175f36ebca8d97e97a292bfd504..4237b6bdd9941d6c3b040d8660157e315031b470 100644
--- a/ansible/roles/searchlight/tasks/config.yml
+++ b/ansible/roles/searchlight/tasks/config.yml
@@ -30,3 +30,14 @@
   with_items:
     - "searchlight-api"
     - "searchlight-listener"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/searchlight/policy.json"
+  register: searchlight_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/searchlight/policy.json"
+    dest: "{{ node_config_directory }}/searchlight/policy.json"
+  when:
+    searchlight_policy.stat.exists
diff --git a/ansible/roles/senlin/tasks/config.yml b/ansible/roles/senlin/tasks/config.yml
index fa714f550808db17dcc457b61bc5cdaa4bbbe642..17ff0f83aa7760ae74bb5266a3a07f224cdf7138 100644
--- a/ansible/roles/senlin/tasks/config.yml
+++ b/ansible/roles/senlin/tasks/config.yml
@@ -32,3 +32,14 @@
   with_items:
     - "senlin-api"
     - "senlin-engine"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/senlin/policy.json"
+  register: senlin_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/senlin/policy.json"
+    dest: "{{ node_config_directory }}/senlin/policy.json"
+  when:
+    senlin_policy.stat.exists
diff --git a/ansible/roles/swift/tasks/config.yml b/ansible/roles/swift/tasks/config.yml
index dc04ffaff5d174e5b8d80e133a0163e0a6cd1a0b..10c26de5a693efbadff75c2332fde9881eb6eccc 100644
--- a/ansible/roles/swift/tasks/config.yml
+++ b/ansible/roles/swift/tasks/config.yml
@@ -152,3 +152,14 @@
     - "container.ring.gz"
     - "object.builder"
     - "object.ring.gz"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/swift/policy.json"
+  register: swift_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/swift/policy.json"
+    dest: "{{ node_config_directory }}/swift/policy.json"
+  when:
+    swift_policy.stat.exists
diff --git a/ansible/roles/tempest/tasks/config.yml b/ansible/roles/tempest/tasks/config.yml
index 3375790f9008e92859ee53467343c358af1f4969..6422270d3a1f0bfda359f2f5b6d18ed02f7372ea 100644
--- a/ansible/roles/tempest/tasks/config.yml
+++ b/ansible/roles/tempest/tasks/config.yml
@@ -24,3 +24,14 @@
     dest: "{{ node_config_directory }}/{{ item }}/tempest.conf"
   with_items:
     - "tempest"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/tempest/policy.json"
+  register: tempest_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/tempest/policy.json"
+    dest: "{{ node_config_directory }}/tempest/policy.json"
+  when:
+    tempest_policy.stat.exists
diff --git a/ansible/roles/watcher/tasks/config.yml b/ansible/roles/watcher/tasks/config.yml
index 5116c3ebb49ac8b64546cb70f282b32da5f7f0d8..9d4ae9f7a9d0bc6615c73f10760a8b9a9727ece9 100644
--- a/ansible/roles/watcher/tasks/config.yml
+++ b/ansible/roles/watcher/tasks/config.yml
@@ -35,3 +35,14 @@
     - "watcher-api"
     - "watcher-engine"
     - "watcher-applier"
+
+- name: Check if policies shall be overwritten
+  local_action: stat path="{{ node_custom_config }}/watcher/policy.json"
+  register: watcher_policy
+
+- name: Copying over existing policy.json
+  template:
+    src: "{{ node_custom_config }}/watcher/policy.json"
+    dest: "{{ node_config_directory }}/watcher/policy.json"
+  when:
+    watcher_policy.stat.exists
diff --git a/releasenotes/notes/custom-policies-5a9bb2b59d19b484.yaml b/releasenotes/notes/custom-policies-5a9bb2b59d19b484.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..8097b2c2d10c96db62892bd6abe6aebdba5755ed
--- /dev/null
+++ b/releasenotes/notes/custom-policies-5a9bb2b59d19b484.yaml
@@ -0,0 +1,3 @@
+---
+features:
+  - Allow customisation of policy.json files per service.