From 7278636073202990ad1775819ae144dfb766367a Mon Sep 17 00:00:00 2001
From: asteroide <thomas.duval@orange.com>
Date: Fri, 10 Jul 2015 17:35:34 +0200
Subject: Hamonize the uses of UUID and name in core.py.

Change-Id: I15e3c2e8a3f3ce5778bb8366c78eb2657b317686
---
 .../moon/policies/mls_conf/authz/assignment.json   | 25 --------
 .../moon/policies/mls_conf/authz/metadata.json     | 18 ------
 .../moon/policies/mls_conf/authz/metarule.json     | 12 ----
 .../moon/policies/mls_conf/authz/rules.json        | 13 ----
 .../moon/policies/mls_conf/authz/scope.json        | 24 --------
 .../moon/policies/policy_admin/assignment.json     | 41 +++++++++++++
 .../moon/policies/policy_admin/metadata.json       | 19 ++++++
 .../moon/policies/policy_admin/metarule.json       | 12 ++++
 .../moon/policies/policy_admin/perimeter.json      | 30 ++++++++++
 .../examples/moon/policies/policy_admin/rules.json | 22 +++++++
 .../examples/moon/policies/policy_admin/scope.json | 39 ++++++++++++
 .../moon/policies/policy_authz/assignment.json     | 67 +++++++++++++++++++++
 .../moon/policies/policy_authz/metadata.json       | 23 +++++++
 .../moon/policies/policy_authz/metarule.json       | 24 ++++++++
 .../moon/policies/policy_authz/perimeter.json      | 21 +++++++
 .../examples/moon/policies/policy_authz/rules.json | 41 +++++++++++++
 .../examples/moon/policies/policy_authz/scope.json | 49 +++++++++++++++
 .../moon/policies/policy_mls_admin/assignment.json | 37 ------------
 .../moon/policies/policy_mls_admin/metadata.json   | 18 ------
 .../moon/policies/policy_mls_admin/metarule.json   | 12 ----
 .../moon/policies/policy_mls_admin/perimeter.json  | 29 ---------
 .../moon/policies/policy_mls_admin/rules.json      | 20 -------
 .../moon/policies/policy_mls_admin/scope.json      | 35 -----------
 .../moon/policies/policy_mls_authz/assignment.json | 23 -------
 .../moon/policies/policy_mls_authz/metadata.json   | 19 ------
 .../moon/policies/policy_mls_authz/metarule.json   | 12 ----
 .../moon/policies/policy_mls_authz/perimeter.json  | 16 -----
 .../moon/policies/policy_mls_authz/rules.json      | 13 ----
 .../moon/policies/policy_mls_authz/scope.json      | 24 --------
 .../moon/policies/policy_r2/assignment.json        | 70 ----------------------
 .../examples/moon/policies/policy_r2/metadata.json | 23 -------
 .../examples/moon/policies/policy_r2/metarule.json | 24 --------
 .../examples/moon/policies/policy_r2/rule.json     | 41 -------------
 .../policies/policy_rbac_admin/assignment.json     | 37 ------------
 .../moon/policies/policy_rbac_admin/metadata.json  | 18 ------
 .../moon/policies/policy_rbac_admin/metarule.json  | 12 ----
 .../moon/policies/policy_rbac_admin/perimeter.json | 29 ---------
 .../moon/policies/policy_rbac_admin/rules.json     | 20 -------
 .../moon/policies/policy_rbac_admin/scope.json     | 35 -----------
 .../policies/policy_rbac_authz/assignment.json     | 28 ---------
 .../moon/policies/policy_rbac_authz/metadata.json  | 19 ------
 .../moon/policies/policy_rbac_authz/metarule.json  | 12 ----
 .../moon/policies/policy_rbac_authz/perimeter.json | 16 -----
 .../moon/policies/policy_rbac_authz/rules.json     |  6 --
 .../moon/policies/policy_rbac_authz/scope.json     | 24 --------
 45 files changed, 388 insertions(+), 764 deletions(-)
 delete mode 100644 keystone-moon/examples/moon/policies/mls_conf/authz/assignment.json
 delete mode 100644 keystone-moon/examples/moon/policies/mls_conf/authz/metadata.json
 delete mode 100644 keystone-moon/examples/moon/policies/mls_conf/authz/metarule.json
 delete mode 100644 keystone-moon/examples/moon/policies/mls_conf/authz/rules.json
 delete mode 100644 keystone-moon/examples/moon/policies/mls_conf/authz/scope.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_admin/assignment.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_admin/metadata.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_admin/metarule.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_admin/perimeter.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_admin/rules.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_admin/scope.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_authz/assignment.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_authz/metadata.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_authz/metarule.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_authz/perimeter.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_authz/rules.json
 create mode 100644 keystone-moon/examples/moon/policies/policy_authz/scope.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_admin/assignment.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_admin/metadata.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_admin/metarule.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_admin/perimeter.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_admin/rules.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_admin/scope.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_authz/assignment.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_authz/metadata.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_authz/metarule.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_authz/perimeter.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_authz/rules.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_mls_authz/scope.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_r2/assignment.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_r2/metadata.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_r2/metarule.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_r2/rule.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_admin/assignment.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_admin/metadata.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_admin/metarule.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_admin/perimeter.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_admin/rules.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_admin/scope.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_authz/assignment.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_authz/metadata.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_authz/metarule.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_authz/perimeter.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_authz/rules.json
 delete mode 100644 keystone-moon/examples/moon/policies/policy_rbac_authz/scope.json

(limited to 'keystone-moon/examples')

diff --git a/keystone-moon/examples/moon/policies/mls_conf/authz/assignment.json b/keystone-moon/examples/moon/policies/mls_conf/authz/assignment.json
deleted file mode 100644
index c917638c..00000000
--- a/keystone-moon/examples/moon/policies/mls_conf/authz/assignment.json
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-    "subject_assignments": {
-        "subject_security_level":{
-            "user1": ["low"],
-            "user2": ["medium"],
-            "user3": ["high"]
-        }
-    },
-
-    "action_assignments": {
-        "computing_action":{
-          "pause": ["vm_admin"],
-          "unpause": ["vm_admin"],
-          "start": ["vm_admin"],
-          "stop": ["vm_admin"]
-        }
-    },
-
-    "object_assignments": {
-        "object_security_level": {
-            "vm1": ["low"],
-            "vm2": ["medium"]
-        }
-    }
-}
\ No newline at end of file
diff --git a/keystone-moon/examples/moon/policies/mls_conf/authz/metadata.json b/keystone-moon/examples/moon/policies/mls_conf/authz/metadata.json
deleted file mode 100644
index 0c21f178..00000000
--- a/keystone-moon/examples/moon/policies/mls_conf/authz/metadata.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-    "name": "MLS_metadata",
-    "model": "MLS",
-    "genre": "authz",
-    "description": "",
-
-    "subject_categories": [
-        "subject_security_level"
-    ],
-
-    "action_categories": [
-        "computing_action"
-    ],
-
-    "object_categories": [
-        "object_security_level"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/mls_conf/authz/metarule.json b/keystone-moon/examples/moon/policies/mls_conf/authz/metarule.json
deleted file mode 100644
index 0f717458..00000000
--- a/keystone-moon/examples/moon/policies/mls_conf/authz/metarule.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "sub_meta_rules": {
-    "relation_super": {
-      "subject_categories": ["subject_security_level"],
-      "action_categories": ["computing_action"],
-      "object_categories": ["object_security_level"],
-      "relation": "relation_super"
-    }
-  },
-  "aggregation": "and_true_aggregation"
-}
-
diff --git a/keystone-moon/examples/moon/policies/mls_conf/authz/rules.json b/keystone-moon/examples/moon/policies/mls_conf/authz/rules.json
deleted file mode 100644
index 7badb6f5..00000000
--- a/keystone-moon/examples/moon/policies/mls_conf/authz/rules.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "relation_super":[
-    ["high", "vm_admin", "medium"],
-    ["high", "vm_admin", "low"],
-    ["medium", "vm_admin", "low"],
-    ["high", "vm_access", "high"],
-    ["high", "vm_access", "medium"],
-    ["high", "vm_access", "low"],
-    ["medium", "vm_access", "medium"],
-    ["medium", "vm_access", "low"],
-    ["low", "vm_access", "low"]
-  ]
-}
\ No newline at end of file
diff --git a/keystone-moon/examples/moon/policies/mls_conf/authz/scope.json b/keystone-moon/examples/moon/policies/mls_conf/authz/scope.json
deleted file mode 100644
index f07b0071..00000000
--- a/keystone-moon/examples/moon/policies/mls_conf/authz/scope.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-  "subject_category_scope": {
-    "subject_security_level": [
-      "high",
-      "medium",
-      "low"
-    ]
-  },
-
-  "action_category_scope": {
-    "computing_action": [
-      "vm_admin",
-      "vm_access"
-    ]
-  },
-
-  "object_category_scope": {
-    "object_security_level": [
-      "high",
-      "medium",
-      "low"
-      ]
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_admin/assignment.json b/keystone-moon/examples/moon/policies/policy_admin/assignment.json
new file mode 100644
index 00000000..9b183a3c
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_admin/assignment.json
@@ -0,0 +1,41 @@
+{
+    "subject_assignments": {
+        "domain":{
+			"admin": ["ft"],
+			"demo": ["xx"]
+        },
+		"role": {
+			"admin": ["admin"]
+		}
+    },
+
+    "action_assignments": {
+        "access": {
+			"read": ["admin", "user"],
+			"write": ["admin"],
+			"create": ["admin"],
+			"delete": ["admin"]
+		}
+    },
+
+    "object_assignments": {
+        "id": {
+		  "subjects": ["subjects"],
+		  "objects": ["objects"],
+		  "actions": ["actions"],
+		  "subject_categories": ["subject_categories"],
+		  "object_categories": ["object_categories"],
+		  "action_categories": ["action_categories"],
+		  "subject_category_scope": ["subject_category_scope"],
+		  "object_category_scope": ["object_category_scope"],
+		  "action_category_scope": ["action_category_scope"],
+		  "sub_rules": ["sub_rules"],
+		  "sub_meta_rule": ["sub_meta_rule"],
+		  "subject_assignments": ["subject_assignments"],
+		  "object_assignments": ["object_assignments"],
+		  "action_assignments": ["action_assignments"],
+		  "sub_meta_rule_relations": ["sub_meta_rule_relations"],
+		  "aggregation_algorithms": ["aggregation_algorithms"]
+		}
+    }
+}
diff --git a/keystone-moon/examples/moon/policies/policy_admin/metadata.json b/keystone-moon/examples/moon/policies/policy_admin/metadata.json
new file mode 100644
index 00000000..29770673
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_admin/metadata.json
@@ -0,0 +1,19 @@
+{
+    "name": "MLS_metadata",
+    "model": "RBAC",
+    "genre": "admin",
+    "description": "",
+
+    "subject_categories": [
+        "domain",
+		"role"
+    ],
+
+    "action_categories": [
+        "access"
+    ],
+
+    "object_categories": [
+        "id"
+    ]
+}
diff --git a/keystone-moon/examples/moon/policies/policy_admin/metarule.json b/keystone-moon/examples/moon/policies/policy_admin/metarule.json
new file mode 100644
index 00000000..1cb06eb5
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_admin/metarule.json
@@ -0,0 +1,12 @@
+{
+    "sub_meta_rules": {
+		"rbac_rule": {
+			"subject_categories": ["role", "domain"],
+			"action_categories": ["access"],
+			"object_categories": ["id"],
+			"algorithm": "inclusion"
+		}
+	},
+	"aggregation": "all_true"
+}
+
diff --git a/keystone-moon/examples/moon/policies/policy_admin/perimeter.json b/keystone-moon/examples/moon/policies/policy_admin/perimeter.json
new file mode 100644
index 00000000..b5edec1c
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_admin/perimeter.json
@@ -0,0 +1,30 @@
+{
+    "subjects": [
+        "admin",
+        "demo"
+    ],
+    "actions": [
+        "read",
+        "write",
+        "create",
+        "delete"
+    ],
+    "objects": [
+        "subjects",
+        "objects",
+        "actions",
+        "subject_categories",
+        "object_categories",
+        "action_categories",
+        "subject_category_scope",
+        "object_category_scope",
+        "action_category_scope",
+        "sub_rules",
+        "subject_assignments",
+        "object_assignments",
+        "action_assignments",
+        "sub_meta_rule_relations",
+        "aggregation_algorithms",
+        "sub_meta_rule"
+    ]
+}
diff --git a/keystone-moon/examples/moon/policies/policy_admin/rules.json b/keystone-moon/examples/moon/policies/policy_admin/rules.json
new file mode 100644
index 00000000..650405a9
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_admin/rules.json
@@ -0,0 +1,22 @@
+{
+  "rbac_rule":[ 
+    
+    ["admin" , "ft", "admin", "subjects"],
+    ["admin" , "ft", "admin", "objects"],
+    ["admin" , "ft", "admin", "actions"],
+    ["admin" , "ft", "admin", "subject_categories"],
+    ["admin" , "ft", "admin", "object_categories"],
+    ["admin" , "ft", "admin", "action_categories"],
+    ["admin" , "ft", "admin", "subject_category_scope"],
+    ["admin" , "ft", "admin", "object_category_scope"],
+    ["admin" , "ft", "admin", "action_category_scope"],
+    ["admin" , "ft", "admin", "sub_rules"],
+    ["admin" , "ft", "admin", "sub_meta_rule"],
+    ["admin" , "ft", "admin", "subject_assignments"],
+    ["admin" , "ft", "admin", "object_assignments"],
+    ["admin" , "ft", "admin", "action_assignments"],
+    ["admin" , "ft", "admin", "sub_meta_rule_relations"],
+    ["admin" , "ft", "admin", "aggregation_algorithms"]
+    
+  ]
+}
diff --git a/keystone-moon/examples/moon/policies/policy_admin/scope.json b/keystone-moon/examples/moon/policies/policy_admin/scope.json
new file mode 100644
index 00000000..ee6f570e
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_admin/scope.json
@@ -0,0 +1,39 @@
+{
+  "subject_category_scope": {
+    "role": [
+      "admin"
+    ],
+    "domain": [
+      "ft",
+      "xx"
+    ]
+  },
+
+  "action_category_scope": {
+    "access": [
+      "admin",
+      "user"
+    ]
+  },
+
+  "object_category_scope": {
+    "id": [
+        "subjects",
+        "objects",
+        "actions",
+        "subject_categories",
+        "object_categories",
+        "action_categories",
+        "subject_category_scope",
+        "object_category_scope",
+        "action_category_scope",
+        "sub_rules",
+        "sub_meta_rule",
+        "subject_assignments",
+        "object_assignments",
+        "action_assignments",
+        "sub_meta_rule_relations",
+        "aggregation_algorithms"
+      ]
+    }
+}
diff --git a/keystone-moon/examples/moon/policies/policy_authz/assignment.json b/keystone-moon/examples/moon/policies/policy_authz/assignment.json
new file mode 100644
index 00000000..ebab0ec6
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_authz/assignment.json
@@ -0,0 +1,67 @@
+{
+    "subject_assignments": {
+        "subject_security_level":{
+			"admin": ["high"],
+			"demo": ["medium"]
+        },
+		"domain":{
+			"admin": ["ft"],
+			"demo": ["xx"]
+        },
+		"role": {
+			"admin": ["admin"],
+			"demo": ["dev"]
+		}
+    },
+
+    "action_assignments": {
+        "resource_action":{
+			"pause": ["vm_admin"],
+			"unpause": ["vm_admin"],
+			"start": ["vm_admin"],
+			"stop": ["vm_admin"],
+			"list": ["vm_access", "vm_admin"],
+			"create": ["vm_admin"],
+			"storage_list": ["storage_access"],
+			"download": ["storage_access"],
+			"post": ["storage_admin"],
+			"upload": ["storage_admin"]
+        },
+		"access": {
+			"pause": ["write"],
+			"unpause": ["write"],
+			"start": ["write"],
+			"stop": ["write"],
+			"list": ["read"],
+			"create": ["write"],
+			"storage_list": ["read"],
+			"download": ["read"],
+			"post": ["write"],
+			"upload": ["write"]
+		}
+    },
+
+    "object_assignments": {
+        "object_security_level": {
+            "servers": ["low"],
+			"vm1": ["low"],
+			"vm2": ["medium"],
+			"file1": ["low"],
+			"file2": ["medium"]
+        },
+		"type": {
+			"servers": ["computing"],
+			"vm1": ["computing"],
+			"vm2": ["computing"],
+			"file1": ["storage"],
+			"file2": ["storage"]
+		},
+		"id": {
+			"servers": ["servers"],
+			"vm1": ["vm1"],
+			"vm2": ["vm2"],
+			"file1": ["file1"],
+			"file2": ["file2"]
+		}
+    }
+}
diff --git a/keystone-moon/examples/moon/policies/policy_authz/metadata.json b/keystone-moon/examples/moon/policies/policy_authz/metadata.json
new file mode 100644
index 00000000..4a5a5a1a
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_authz/metadata.json
@@ -0,0 +1,23 @@
+{
+    "name": "MLS_metadata",
+    "model": "MLS",
+    "genre": "authz",
+    "description": "Multi Layer Security authorization policy",
+
+    "subject_categories": [
+        "subject_security_level",
+		"domain",
+		"role"
+    ],
+
+    "action_categories": [
+        "resource_action",
+        "access"
+    ],
+
+    "object_categories": [
+        "object_security_level",
+		"type",
+		"id"
+    ]
+}
diff --git a/keystone-moon/examples/moon/policies/policy_authz/metarule.json b/keystone-moon/examples/moon/policies/policy_authz/metarule.json
new file mode 100644
index 00000000..df683ca9
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_authz/metarule.json
@@ -0,0 +1,24 @@
+{
+    "sub_meta_rules": {
+		"mls_rule": {
+			"subject_categories": ["subject_security_level"],
+			"action_categories": ["resource_action"],
+			"object_categories": ["object_security_level"],
+			"algorithm": "inclusion"
+		},
+		"dte_rule": {
+			"subject_categories": ["domain"],
+			"action_categories": ["access"],
+			"object_categories": ["type"],
+			"algorithm": "inclusion"
+		},
+		"rbac_rule": {
+			"subject_categories": ["role", "domain"],
+			"action_categories": ["access"],
+			"object_categories": ["id"],
+			"algorithm": "inclusion"
+		}
+	},
+	"aggregation": "all_true"
+}
+
diff --git a/keystone-moon/examples/moon/policies/policy_authz/perimeter.json b/keystone-moon/examples/moon/policies/policy_authz/perimeter.json
new file mode 100644
index 00000000..be029c13
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_authz/perimeter.json
@@ -0,0 +1,21 @@
+{
+    "subjects": [
+        "admin",
+        "demo"
+    ],
+    "actions": [
+        "pause",
+        "unpause",
+        "start",
+        "stop",
+        "create",
+        "list"
+    ],
+    "objects": [
+        "servers",
+        "vm1",
+        "vm2",
+        "file1",
+        "file2"
+    ]
+}
diff --git a/keystone-moon/examples/moon/policies/policy_authz/rules.json b/keystone-moon/examples/moon/policies/policy_authz/rules.json
new file mode 100644
index 00000000..73e791d7
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_authz/rules.json
@@ -0,0 +1,41 @@
+{
+	"mls_rule":[
+		["high", "vm_admin", "medium"],
+		["high", "vm_admin", "low"],
+		["medium", "vm_admin", "low"],
+		["high", "vm_access", "high"],
+		["high", "vm_access", "medium"],
+		["high", "vm_access", "low"],
+		["medium", "vm_access", "medium"],
+		["medium", "vm_access", "low"],
+		["low", "vm_access", "low"]
+	],
+	"dte_rule":[
+		["ft", "read", "computing"],
+		["ft", "write", "computing"],
+		["ft", "read", "storage"],
+		["ft", "write", "storage"],
+		["xx", "read", "storage"]
+	],
+	"rbac_rule":[
+		["dev", "xx", "read", "servers"],
+		["dev", "xx", "read", "vm1"],
+		["dev", "xx", "read", "vm2"],
+		["dev", "xx", "read", "file1"],
+		["dev", "xx", "read", "file2"],
+		["dev", "xx", "write", "vm1"],
+		["dev", "xx", "write", "vm2"],
+		["dev", "xx", "write", "file1"],
+		["dev", "xx", "write", "file2"],
+		["admin", "xx", "read", "servers"],
+		["admin", "ft", "read", "servers"],
+		["admin", "ft", "read", "vm1"],
+		["admin", "ft", "read", "vm2"],
+		["admin", "ft", "read", "file1"],
+		["admin", "ft", "read", "file2"],
+		["admin", "ft", "write", "vm1"],
+		["admin", "ft", "write", "vm2"],
+		["admin", "ft", "write", "file1"],
+		["admin", "ft", "write", "file2"]
+	]
+}
diff --git a/keystone-moon/examples/moon/policies/policy_authz/scope.json b/keystone-moon/examples/moon/policies/policy_authz/scope.json
new file mode 100644
index 00000000..b22ad2aa
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_authz/scope.json
@@ -0,0 +1,49 @@
+{
+  "subject_category_scope": {
+    "role": [
+      "admin",
+      "dev"
+    ],
+    "subject_security_level": [
+      "high",
+      "medium",
+      "low"
+    ],
+    "domain": [
+      "ft",
+      "xx"
+    ]
+  },
+
+  "action_category_scope": {
+    "resource_action": [
+      "vm_admin",
+      "vm_access",
+      "storage_admin",
+      "storage_access"
+    ],
+    "access": [
+      "write",
+      "read"
+    ]
+  },
+
+  "object_category_scope": {
+    "object_security_level": [
+      "high",
+      "medium",
+      "low"
+      ],
+    "type": [
+      "computing",
+      "storage"
+    ],
+    "id": [
+      "servers",
+      "vm1",
+      "vm2",
+      "file1",
+      "file2"
+    ]
+  }
+}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_admin/assignment.json b/keystone-moon/examples/moon/policies/policy_mls_admin/assignment.json
deleted file mode 100644
index e1c208df..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_admin/assignment.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
-    "subject_assignments": {
-        "role":{
-            "admin": ["admin" ]
-        }
-    },
-
-    "action_assignments": {
-        "ie_action":{
-            "read": ["ie_admin", "ie_access"],
-            "write": ["ie_admin"],
-            "create": ["ie_admin"],
-            "delete": ["ie_admin"]
-        }
-    },
-
-    "object_assignments": {
-        "id": {
-            "subjects": ["subjects"],
-            "objects": ["objects"],
-            "actions": ["actions"],
-            "subject_categories": ["subject_categories"],
-            "object_categories": ["object_categories"],
-            "action_categories": ["action_categories"],
-            "subject_category_scope": ["subject_category_scope"],
-            "object_category_scope": ["object_category_scope"],
-            "action_category_scope": ["action_category_scope"],
-            "sub_rules": ["sub_rules"],
-            "sub_meta_rule": ["sub_meta_rule"],
-            "subject_assignments": ["subject_assignments"],
-            "object_assignments": ["object_assignments"],
-            "action_assignments": ["action_assignments"],
-            "sub_meta_rule_relations": ["sub_meta_rule_relations"],
-            "aggregation_algorithms": ["aggregation_algorithms"]
-        }
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_admin/metadata.json b/keystone-moon/examples/moon/policies/policy_mls_admin/metadata.json
deleted file mode 100644
index f65cb271..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_admin/metadata.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-    "name": "RBAC_metadata",
-    "model": "RBAC",
-    "genre": "authz",
-    "description": "Role Based access Control authorization policy",
-
-    "subject_categories": [
-        "role"
-    ],
-
-    "action_categories": [
-        "ie_action"
-    ],
-
-    "object_categories": [
-        "id"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_admin/metarule.json b/keystone-moon/examples/moon/policies/policy_mls_admin/metarule.json
deleted file mode 100644
index 3a2c7b75..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_admin/metarule.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "sub_meta_rules": {
-    "relation_super": {
-      "subject_categories": ["role"],
-      "action_categories": ["ie_action"],
-      "object_categories": ["id"],
-      "relation": "relation_super"
-    }
-  },
-  "aggregation": "and_true_aggregation"
-}
-
diff --git a/keystone-moon/examples/moon/policies/policy_mls_admin/perimeter.json b/keystone-moon/examples/moon/policies/policy_mls_admin/perimeter.json
deleted file mode 100644
index e570aae1..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_admin/perimeter.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
-    "subjects": [
-        "admin"
-    ],
-    "actions": [
-        "read",
-        "write",
-        "create",
-        "delete"
-    ],
-    "objects": [
-        "subjects",
-        "objects",
-        "actions",
-        "subject_categories",
-        "object_categories",
-        "action_categories",
-        "subject_category_scope",
-        "object_category_scope",
-        "action_category_scope",
-        "sub_rules",
-        "subject_assignments",
-        "object_assignments",
-        "action_assignments",
-        "sub_meta_rule_relations",
-        "aggregation_algorithms",
-        "sub_meta_rule"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_admin/rules.json b/keystone-moon/examples/moon/policies/policy_mls_admin/rules.json
deleted file mode 100644
index e17ba8f3..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_admin/rules.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
-  "relation_super":[
-    ["admin", "ie_admin", "subjects"],
-    ["admin", "ie_admin", "objects"],
-    ["admin", "ie_admin", "actions"],
-    ["admin", "ie_admin", "subject_categories"],
-    ["admin", "ie_admin", "object_categories"],
-    ["admin", "ie_admin", "action_categories"],
-    ["admin", "ie_admin", "subject_category_scope"],
-    ["admin", "ie_admin", "object_category_scope"],
-    ["admin", "ie_admin", "action_category_scope"],
-    ["admin", "ie_admin", "sub_rules"],
-    ["admin", "ie_admin", "sub_meta_rule"],
-    ["admin", "ie_admin", "subject_assignments"],
-    ["admin", "ie_admin", "object_assignments"],
-    ["admin", "ie_admin", "action_assignments"],
-    ["admin", "ie_admin", "sub_meta_rule_relations"],
-    ["admin", "ie_admin", "aggregation_algorithms"]
-  ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_admin/scope.json b/keystone-moon/examples/moon/policies/policy_mls_admin/scope.json
deleted file mode 100644
index faf06d2c..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_admin/scope.json
+++ /dev/null
@@ -1,35 +0,0 @@
-{
-  "subject_category_scope": {
-    "role": [
-      "admin"
-    ]
-  },
-
-  "action_category_scope": {
-    "ie_action": [
-      "ie_access",
-      "ie_admin"
-    ]
-  },
-
-  "object_category_scope": {
-    "id": [
-        "subjects",
-        "objects",
-        "actions",
-        "subject_categories",
-        "object_categories",
-        "action_categories",
-        "subject_category_scope",
-        "object_category_scope",
-        "action_category_scope",
-        "sub_rules",
-        "sub_meta_rule",
-        "subject_assignments",
-        "object_assignments",
-        "action_assignments",
-        "sub_meta_rule_relations",
-        "aggregation_algorithms"
-      ]
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_authz/assignment.json b/keystone-moon/examples/moon/policies/policy_mls_authz/assignment.json
deleted file mode 100644
index e2a244b3..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_authz/assignment.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "subject_assignments": {
-        "subject_security_level":{
-        }
-    },
-
-    "action_assignments": {
-        "computing_action":{
-          "pause": ["vm_admin"],
-          "unpause": ["vm_admin"],
-          "start": ["vm_admin"],
-          "stop": ["vm_admin"],
-          "list": ["vm_access", "vm_admin"],
-          "create": ["vm_admin"]
-        }
-    },
-
-    "object_assignments": {
-        "object_security_level": {
-            "servers": ["low"]
-        }
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_authz/metadata.json b/keystone-moon/examples/moon/policies/policy_mls_authz/metadata.json
deleted file mode 100644
index 56dc57df..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_authz/metadata.json
+++ /dev/null
@@ -1,19 +0,0 @@
-{
-    "name": "MLS_metadata",
-    "model": "MLS",
-    "genre": "authz",
-    "description": "Multi Layer Security authorization policy",
-
-    "subject_categories": [
-        "subject_security_level"
-    ],
-
-    "action_categories": [
-        "computing_action",
-        "storage_action"
-    ],
-
-    "object_categories": [
-        "object_security_level"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_authz/metarule.json b/keystone-moon/examples/moon/policies/policy_mls_authz/metarule.json
deleted file mode 100644
index 0f717458..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_authz/metarule.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "sub_meta_rules": {
-    "relation_super": {
-      "subject_categories": ["subject_security_level"],
-      "action_categories": ["computing_action"],
-      "object_categories": ["object_security_level"],
-      "relation": "relation_super"
-    }
-  },
-  "aggregation": "and_true_aggregation"
-}
-
diff --git a/keystone-moon/examples/moon/policies/policy_mls_authz/perimeter.json b/keystone-moon/examples/moon/policies/policy_mls_authz/perimeter.json
deleted file mode 100644
index 4bf88de7..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_authz/perimeter.json
+++ /dev/null
@@ -1,16 +0,0 @@
-{
-    "subjects": [
-        "admin"
-    ],
-    "actions": [
-        "pause",
-        "unpause",
-        "start",
-        "stop",
-        "create",
-        "list"
-    ],
-    "objects": [
-        "servers"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_authz/rules.json b/keystone-moon/examples/moon/policies/policy_mls_authz/rules.json
deleted file mode 100644
index f018a6fc..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_authz/rules.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "relation_super":[
-    ["high", "vm_admin", "medium"],
-    ["high", "vm_admin", "low"],
-    ["medium", "vm_admin", "low"],
-    ["high", "vm_access", "high"],
-    ["high", "vm_access", "medium"],
-    ["high", "vm_access", "low"],
-    ["medium", "vm_access", "medium"],
-    ["medium", "vm_access", "low"],
-    ["low", "vm_access", "low"]
-  ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_mls_authz/scope.json b/keystone-moon/examples/moon/policies/policy_mls_authz/scope.json
deleted file mode 100644
index d3146acb..00000000
--- a/keystone-moon/examples/moon/policies/policy_mls_authz/scope.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-  "subject_category_scope": {
-    "subject_security_level": [
-      "high",
-      "medium",
-      "low"
-    ]
-  },
-
-  "action_category_scope": {
-    "computing_action": [
-      "vm_access",
-      "vm_admin"
-    ]
-  },
-
-  "object_category_scope": {
-    "object_security_level": [
-      "high",
-      "medium",
-      "low"
-      ]
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_r2/assignment.json b/keystone-moon/examples/moon/policies/policy_r2/assignment.json
deleted file mode 100644
index f907de5a..00000000
--- a/keystone-moon/examples/moon/policies/policy_r2/assignment.json
+++ /dev/null
@@ -1,70 +0,0 @@
-{
-    "subject_assignments": {
-        "subject_security_level":{
-			"user1": ["high"],
-			"user2": ["medium"],
-			"user3": ["low"]
-        },
-		"domain":{
-			"user1": ["ft"],
-			"user2": ["ft"],
-			"user3": ["xxx"]
-        },
-		"role": {
-			"user1": ["admin"],
-			"user2": ["dev"],
-			"user3": ["admin", "dev"]
-		}
-    },
-
-    "action_assignments": {
-        "resource_action":{
-			"pause": ["vm_admin"],
-			"unpause": ["vm_admin"],
-			"start": ["vm_admin"],
-			"stop": ["vm_admin"],
-			"list": ["vm_access", "vm_admin"],
-			"create": ["vm_admin"]
-			"storage_list": ["storage_access"],
-			"download": ["storage_access"],
-			"post": ["storage_admin"]
-			"upload": ["storage_admin"]
-        },
-		"access": {
-			"pause": ["write"],
-			"unpause": ["write"],
-			"start": ["write"],
-			"stop": ["write"],
-			"list": ["read"],
-			"create": ["write"]
-			"storage_list": ["read"],
-			"download": ["read"],
-			"post": ["write"]
-			"upload": ["write"]
-		}
-    },
-
-    "object_assignments": {
-        "object_security_level": {
-            "servers": ["low"],
-			"vm1": ["low"],
-			"vm2": ["medium"],
-			"file1": ["low"],
-			"file2": ["medium"]
-        },
-		"type": {
-			"servers": ["computing"],
-			"vm1": ["computing"],
-			"vm2": ["computing"],
-			"file1": ["storage"],
-			"file2": ["storage"]
-		},
-		"id": {
-			"servers": ["servers"],
-			"vm1": ["vm1"],
-			"vm2": ["vm2"],
-			"file1": ["file1"],
-			"file2": ["file2"]
-		}
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_r2/metadata.json b/keystone-moon/examples/moon/policies/policy_r2/metadata.json
deleted file mode 100644
index 4a5a5a1a..00000000
--- a/keystone-moon/examples/moon/policies/policy_r2/metadata.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "name": "MLS_metadata",
-    "model": "MLS",
-    "genre": "authz",
-    "description": "Multi Layer Security authorization policy",
-
-    "subject_categories": [
-        "subject_security_level",
-		"domain",
-		"role"
-    ],
-
-    "action_categories": [
-        "resource_action",
-        "access"
-    ],
-
-    "object_categories": [
-        "object_security_level",
-		"type",
-		"id"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_r2/metarule.json b/keystone-moon/examples/moon/policies/policy_r2/metarule.json
deleted file mode 100644
index df683ca9..00000000
--- a/keystone-moon/examples/moon/policies/policy_r2/metarule.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-    "sub_meta_rules": {
-		"mls_rule": {
-			"subject_categories": ["subject_security_level"],
-			"action_categories": ["resource_action"],
-			"object_categories": ["object_security_level"],
-			"algorithm": "inclusion"
-		},
-		"dte_rule": {
-			"subject_categories": ["domain"],
-			"action_categories": ["access"],
-			"object_categories": ["type"],
-			"algorithm": "inclusion"
-		},
-		"rbac_rule": {
-			"subject_categories": ["role", "domain"],
-			"action_categories": ["access"],
-			"object_categories": ["id"],
-			"algorithm": "inclusion"
-		}
-	},
-	"aggregation": "all_true"
-}
-
diff --git a/keystone-moon/examples/moon/policies/policy_r2/rule.json b/keystone-moon/examples/moon/policies/policy_r2/rule.json
deleted file mode 100644
index 348f6d63..00000000
--- a/keystone-moon/examples/moon/policies/policy_r2/rule.json
+++ /dev/null
@@ -1,41 +0,0 @@
-{
-	"mls_rule":[
-		["high", "vm_admin", "medium"],
-		["high", "vm_admin", "low"],
-		["medium", "vm_admin", "low"],
-		["high", "vm_access", "high"],
-		["high", "vm_access", "medium"],
-		["high", "vm_access", "low"],
-		["medium", "vm_access", "medium"],
-		["medium", "vm_access", "low"],
-		["low", "vm_access", "low"]
-	],
-	"dte_rule":[
-		["ft", "read", "computing"],
-		["ft", "write", "computing"],
-		["ft", "read", "storage"],
-		["ft", "write", "storage"],
-		["xxx", "read", "storage"]
-	],
-	"rbac_rule":[
-		[dev", "xxx", "read", "servers"],
-		["dev", "xxx", "read", "vm1"],
-		["dev", "xxx", "read", "vm2"],
-		["dev", "xxx", "read", "file1"],
-		["dev", "xxx", "read", "file2"],
-		["dev", "xxx", "write", "vm1"],
-		["dev", "xxx", "write", "vm2"],
-		["dev", "xxx", "write", "file1"],
-		["dev", "xxx", "write", "file2"],
-		["admin", "xxx", "read", "servers"],
-		["admin", "ft", "read", "servers"],
-		["admin", "ft", "read", "vm1"],
-		["admin", "ft", "read", "vm2"],
-		["admin", "ft", "read", "file1"],
-		["admin", "ft", "read", "file2"],
-		["admin", "ft", "write", "vm1"],
-		["admin", "ft", "write", "vm2"],
-		["admin", "ft", "write", "file1"],
-		["admin", "ft", "write", "file2"]
-	],
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_admin/assignment.json b/keystone-moon/examples/moon/policies/policy_rbac_admin/assignment.json
deleted file mode 100644
index e1c208df..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_admin/assignment.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
-    "subject_assignments": {
-        "role":{
-            "admin": ["admin" ]
-        }
-    },
-
-    "action_assignments": {
-        "ie_action":{
-            "read": ["ie_admin", "ie_access"],
-            "write": ["ie_admin"],
-            "create": ["ie_admin"],
-            "delete": ["ie_admin"]
-        }
-    },
-
-    "object_assignments": {
-        "id": {
-            "subjects": ["subjects"],
-            "objects": ["objects"],
-            "actions": ["actions"],
-            "subject_categories": ["subject_categories"],
-            "object_categories": ["object_categories"],
-            "action_categories": ["action_categories"],
-            "subject_category_scope": ["subject_category_scope"],
-            "object_category_scope": ["object_category_scope"],
-            "action_category_scope": ["action_category_scope"],
-            "sub_rules": ["sub_rules"],
-            "sub_meta_rule": ["sub_meta_rule"],
-            "subject_assignments": ["subject_assignments"],
-            "object_assignments": ["object_assignments"],
-            "action_assignments": ["action_assignments"],
-            "sub_meta_rule_relations": ["sub_meta_rule_relations"],
-            "aggregation_algorithms": ["aggregation_algorithms"]
-        }
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_admin/metadata.json b/keystone-moon/examples/moon/policies/policy_rbac_admin/metadata.json
deleted file mode 100644
index f65cb271..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_admin/metadata.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-    "name": "RBAC_metadata",
-    "model": "RBAC",
-    "genre": "authz",
-    "description": "Role Based access Control authorization policy",
-
-    "subject_categories": [
-        "role"
-    ],
-
-    "action_categories": [
-        "ie_action"
-    ],
-
-    "object_categories": [
-        "id"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_admin/metarule.json b/keystone-moon/examples/moon/policies/policy_rbac_admin/metarule.json
deleted file mode 100644
index 3a2c7b75..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_admin/metarule.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "sub_meta_rules": {
-    "relation_super": {
-      "subject_categories": ["role"],
-      "action_categories": ["ie_action"],
-      "object_categories": ["id"],
-      "relation": "relation_super"
-    }
-  },
-  "aggregation": "and_true_aggregation"
-}
-
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_admin/perimeter.json b/keystone-moon/examples/moon/policies/policy_rbac_admin/perimeter.json
deleted file mode 100644
index e570aae1..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_admin/perimeter.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
-    "subjects": [
-        "admin"
-    ],
-    "actions": [
-        "read",
-        "write",
-        "create",
-        "delete"
-    ],
-    "objects": [
-        "subjects",
-        "objects",
-        "actions",
-        "subject_categories",
-        "object_categories",
-        "action_categories",
-        "subject_category_scope",
-        "object_category_scope",
-        "action_category_scope",
-        "sub_rules",
-        "subject_assignments",
-        "object_assignments",
-        "action_assignments",
-        "sub_meta_rule_relations",
-        "aggregation_algorithms",
-        "sub_meta_rule"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_admin/rules.json b/keystone-moon/examples/moon/policies/policy_rbac_admin/rules.json
deleted file mode 100644
index e17ba8f3..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_admin/rules.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
-  "relation_super":[
-    ["admin", "ie_admin", "subjects"],
-    ["admin", "ie_admin", "objects"],
-    ["admin", "ie_admin", "actions"],
-    ["admin", "ie_admin", "subject_categories"],
-    ["admin", "ie_admin", "object_categories"],
-    ["admin", "ie_admin", "action_categories"],
-    ["admin", "ie_admin", "subject_category_scope"],
-    ["admin", "ie_admin", "object_category_scope"],
-    ["admin", "ie_admin", "action_category_scope"],
-    ["admin", "ie_admin", "sub_rules"],
-    ["admin", "ie_admin", "sub_meta_rule"],
-    ["admin", "ie_admin", "subject_assignments"],
-    ["admin", "ie_admin", "object_assignments"],
-    ["admin", "ie_admin", "action_assignments"],
-    ["admin", "ie_admin", "sub_meta_rule_relations"],
-    ["admin", "ie_admin", "aggregation_algorithms"]
-  ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_admin/scope.json b/keystone-moon/examples/moon/policies/policy_rbac_admin/scope.json
deleted file mode 100644
index faf06d2c..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_admin/scope.json
+++ /dev/null
@@ -1,35 +0,0 @@
-{
-  "subject_category_scope": {
-    "role": [
-      "admin"
-    ]
-  },
-
-  "action_category_scope": {
-    "ie_action": [
-      "ie_access",
-      "ie_admin"
-    ]
-  },
-
-  "object_category_scope": {
-    "id": [
-        "subjects",
-        "objects",
-        "actions",
-        "subject_categories",
-        "object_categories",
-        "action_categories",
-        "subject_category_scope",
-        "object_category_scope",
-        "action_category_scope",
-        "sub_rules",
-        "sub_meta_rule",
-        "subject_assignments",
-        "object_assignments",
-        "action_assignments",
-        "sub_meta_rule_relations",
-        "aggregation_algorithms"
-      ]
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/assignment.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/assignment.json
deleted file mode 100644
index e804b56a..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_authz/assignment.json
+++ /dev/null
@@ -1,28 +0,0 @@
-{
-    "subject_assignments": {
-        "role":{
-          "admin": ["admin" ]
-        }
-    },
-
-    "action_assignments": {
-        "computing_action":{
-          "pause": ["vm_admin"],
-          "unpause": ["vm_admin"],
-          "start": ["vm_admin"],
-          "stop": ["vm_admin"],
-          "list": ["vm_access", "vm_admin"],
-          "create": ["vm_admin"]
-        },
-        "storage_action":{
-          "get": ["vm_access"],
-          "set": ["vm_access", "vm_admin"]
-        }
-    },
-
-    "object_assignments": {
-        "id": {
-            "servers": ["servers"]
-        }
-    }
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/metadata.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/metadata.json
deleted file mode 100644
index 7f34ed7a..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_authz/metadata.json
+++ /dev/null
@@ -1,19 +0,0 @@
-{
-    "name": "MLS_metadata",
-    "model": "MLS",
-    "genre": "authz",
-    "description": "Multi Layer Security authorization policy",
-
-    "subject_categories": [
-        "role"
-    ],
-
-    "action_categories": [
-        "computing_action",
-        "storage_action"
-    ],
-
-    "object_categories": [
-        "id"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/metarule.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/metarule.json
deleted file mode 100644
index ce828339..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_authz/metarule.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "sub_meta_rules": {
-    "relation_super": {
-      "subject_categories": ["role"],
-      "action_categories": ["computing_action", "storage_action"],
-      "object_categories": ["id"],
-      "relation": "relation_super"
-    }
-  },
-  "aggregation": "and_true_aggregation"
-}
-
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/perimeter.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/perimeter.json
deleted file mode 100644
index 4bf88de7..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_authz/perimeter.json
+++ /dev/null
@@ -1,16 +0,0 @@
-{
-    "subjects": [
-        "admin"
-    ],
-    "actions": [
-        "pause",
-        "unpause",
-        "start",
-        "stop",
-        "create",
-        "list"
-    ],
-    "objects": [
-        "servers"
-    ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/rules.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/rules.json
deleted file mode 100644
index 7f9dc3bb..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_authz/rules.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-  "relation_super":[
-    ["admin", "vm_admin", "vm_admin", "servers"],
-    ["admin", "vm_access", "vm_access", "servers"]
-  ]
-}
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/scope.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/scope.json
deleted file mode 100644
index 34c5350a..00000000
--- a/keystone-moon/examples/moon/policies/policy_rbac_authz/scope.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-  "subject_category_scope": {
-    "role": [
-      "admin"
-    ]
-  },
-
-  "action_category_scope": {
-    "computing_action": [
-      "vm_access",
-      "vm_admin"
-    ],
-    "storage_action": [
-      "vm_access",
-      "vm_admin"
-    ]
-  },
-
-  "object_category_scope": {
-    "id": [
-      "servers"
-      ]
-    }
-}
-- 
cgit 1.2.3-korg