diff --git a/templates/api-paste.ini b/templates/icehouse/api-paste.ini
similarity index 100%
rename from templates/api-paste.ini
rename to templates/icehouse/api-paste.ini
diff --git a/templates/heat.conf b/templates/icehouse/heat.conf
similarity index 100%
rename from templates/heat.conf
rename to templates/icehouse/heat.conf
diff --git a/templates/juno/api-paste.ini b/templates/juno/api-paste.ini
new file mode 120000
index 0000000..b5817b9
--- /dev/null
+++ b/templates/juno/api-paste.ini
@@ -0,0 +1 @@
+../icehouse/api-paste.ini
\ No newline at end of file
diff --git a/templates/juno/heat.conf b/templates/juno/heat.conf
new file mode 120000
index 0000000..26f6a17
--- /dev/null
+++ b/templates/juno/heat.conf
@@ -0,0 +1 @@
+../icehouse/heat.conf
\ No newline at end of file
diff --git a/templates/kilo/api-paste.ini b/templates/kilo/api-paste.ini
new file mode 100644
index 0000000..463f1b8
--- /dev/null
+++ b/templates/kilo/api-paste.ini
@@ -0,0 +1,95 @@
+
+# heat-api pipeline
+[pipeline:heat-api]
+pipeline = faultwrap ssl versionnegotiation authurl authtoken context apiv1app
+
+# heat-api pipeline for standalone heat
+# ie. uses alternative auth backend that authenticates users against keystone
+# using username and password instead of validating token (which requires
+# an admin/service token).
+# To enable, in heat.conf:
+#   [paste_deploy]
+#   flavor = standalone
+#
+[pipeline:heat-api-standalone]
+pipeline = faultwrap ssl versionnegotiation authurl authpassword context apiv1app
+
+# heat-api pipeline for custom cloud backends
+# i.e. in heat.conf:
+#   [paste_deploy]
+#   flavor = custombackend
+#
+[pipeline:heat-api-custombackend]
+pipeline = faultwrap versionnegotiation context custombackendauth apiv1app
+
+# heat-api-cfn pipeline
+[pipeline:heat-api-cfn]
+pipeline = cfnversionnegotiation ec2authtoken authtoken context apicfnv1app
+
+# heat-api-cfn pipeline for standalone heat
+# relies exclusively on authenticating with ec2 signed requests
+[pipeline:heat-api-cfn-standalone]
+pipeline = cfnversionnegotiation ec2authtoken context apicfnv1app
+
+# heat-api-cloudwatch pipeline
+[pipeline:heat-api-cloudwatch]
+pipeline = versionnegotiation ec2authtoken authtoken context apicwapp
+
+# heat-api-cloudwatch pipeline for standalone heat
+# relies exclusively on authenticating with ec2 signed requests
+[pipeline:heat-api-cloudwatch-standalone]
+pipeline = versionnegotiation ec2authtoken context apicwapp
+
+[app:apiv1app]
+paste.app_factory = heat.common.wsgi:app_factory
+heat.app_factory = heat.api.openstack.v1:API
+
+[app:apicfnv1app]
+paste.app_factory = heat.common.wsgi:app_factory
+heat.app_factory = heat.api.cfn.v1:API
+
+[app:apicwapp]
+paste.app_factory = heat.common.wsgi:app_factory
+heat.app_factory = heat.api.cloudwatch:API
+
+[filter:versionnegotiation]
+paste.filter_factory = heat.common.wsgi:filter_factory
+heat.filter_factory = heat.api.openstack:version_negotiation_filter
+
+[filter:faultwrap]
+paste.filter_factory = heat.common.wsgi:filter_factory
+heat.filter_factory = heat.api.openstack:faultwrap_filter
+
+[filter:cfnversionnegotiation]
+paste.filter_factory = heat.common.wsgi:filter_factory
+heat.filter_factory = heat.api.cfn:version_negotiation_filter
+
+[filter:cwversionnegotiation]
+paste.filter_factory = heat.common.wsgi:filter_factory
+heat.filter_factory = heat.api.cloudwatch:version_negotiation_filter
+
+[filter:context]
+paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
+
+[filter:ec2authtoken]
+paste.filter_factory = heat.api.aws.ec2token:EC2Token_filter_factory
+
+[filter:ssl]
+paste.filter_factory = heat.common.wsgi:filter_factory
+heat.filter_factory = heat.api.openstack:sslmiddleware_filter
+
+# Middleware to set auth_url header appropriately
+[filter:authurl]
+paste.filter_factory = heat.common.auth_url:filter_factory
+
+# Auth middleware that validates token against keystone
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+
+# Auth middleware that validates username/password against keystone
+[filter:authpassword]
+paste.filter_factory = heat.common.auth_password:filter_factory
+
+# Auth middleware that validates against custom backend
+[filter:custombackendauth]
+paste.filter_factory = heat.common.custom_backend_auth:filter_factory
diff --git a/templates/kilo/heat.conf b/templates/kilo/heat.conf
new file mode 100644
index 0000000..a9f417e
--- /dev/null
+++ b/templates/kilo/heat.conf
@@ -0,0 +1,68 @@
+[DEFAULT]
+use_syslog = {{ use_syslog }}
+debug = False
+verbose = False
+log_dir = /var/log/heat
+instance_user=ec2-user
+instance_driver=heat.engine.nova
+plugin_dirs=/usr/lib64/heat,/usr/lib/heat
+environment_dir=/etc/heat/environment.d
+deferred_auth_method=password
+host=heat
+auth_encryption_key={{ encryption_key }}
+
+{% if database_host -%}
+# < Icehouse db config
+sql_connection = {{ database_type }}://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
+{% endif -%}
+
+{% if rabbitmq_host or rabbitmq_hosts -%}
+rabbit_userid = {{ rabbitmq_user }}
+rabbit_virtual_host = {{ rabbitmq_virtual_host }}
+rabbit_password = {{ rabbitmq_password }}
+{% if rabbitmq_hosts -%}
+rabbit_hosts = {{ rabbitmq_hosts }}
+{% if rabbitmq_ha_queues -%}
+rabbit_ha_queues = True
+rabbit_durable_queues = False
+{% endif -%}
+{% else -%}
+rabbit_host = {{ rabbitmq_host }}
+{% endif -%}
+{% if rabbit_ssl_port -%}
+rabbit_use_ssl = True
+rabbit_port = {{ rabbit_ssl_port }}
+{% if rabbit_ssl_ca -%}
+kombu_ssl_ca_certs = {{ rabbit_ssl_ca }}
+{% endif -%}
+{% endif -%}
+{% endif -%}
+
+{% if auth_host -%}
+[keystone_authtoken]
+auth_uri = {{ service_protocol }}://{{ service_host }}:{{ service_port }}/v2.0
+auth_host = {{ auth_host }}
+auth_port = {{ auth_port }}
+auth_protocol = {{ auth_protocol }}
+admin_tenant_name = {{ admin_tenant_name }}
+admin_user = {{ admin_user }}
+admin_password = {{ admin_password }}
+{% endif -%}
+
+[ec2_authtoken]
+auth_uri = {{service_protocol }}://{{ service_host }}:{{ service_port }}/v2.0
+keystone_ec2_uri = {{service_protocol }}://{{ service_host }}:{{ service_port }}/v2.0/ec2tokens
+
+{% if database_host -%}
+[database]
+connection = {{ database_type }}://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
+{% endif -%}
+
+[paste_deploy]
+api_paste_config=/etc/heat/api-paste.ini
+
+[heat_api]
+bind_port=8004
+
+[heat_api_cfn]
+bind_port=8000