diff --git a/hooks/neutron_api_utils.py b/hooks/neutron_api_utils.py
index 6b63d3dd..7c33c8ba 100755
--- a/hooks/neutron_api_utils.py
+++ b/hooks/neutron_api_utils.py
@@ -146,6 +146,7 @@ NEUTRON_DEFAULT = '/etc/default/neutron-server'
 CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt'
 MEMCACHED_CONF = '/etc/memcached.conf'
 API_PASTE_INI = '%s/api-paste.ini' % NEUTRON_CONF_DIR
+ADMIN_POLICY = "/etc/neutron/policy.d/00-admin.json"
 # NOTE:(fnordahl) placeholder ml2_conf_srov.ini pointing users to ml2_conf.ini
 # Due to how neutron init scripts are laid out on various Linux
 # distributions we put the [ml2_sriov] section in ml2_conf.ini instead
@@ -461,6 +462,13 @@ def resource_map(release=None):
     release = release or os_release('neutron-common')
 
     resource_map = deepcopy(BASE_RESOURCE_MAP)
+    if CompareOpenStackReleases(release) >= 'queens':
+        resource_map[ADMIN_POLICY] = {
+            'contexts': [
+                neutron_api_context.IdentityServiceContext(
+                    service='neutron',
+                    service_user='neutron')],
+            'services': ['neutron-server']}
     if CompareOpenStackReleases(release) >= 'liberty':
         resource_map.update(LIBERTY_RESOURCE_MAP)
 
diff --git a/templates/queens/00-admin.json b/templates/queens/00-admin.json
new file mode 100644
index 00000000..3ebb1d46
--- /dev/null
+++ b/templates/queens/00-admin.json
@@ -0,0 +1,2 @@
+"is_service_project": "project_id:{{ service_project_id }} or domain_id:{{ service_domain_id }}"
+"context_is_admin": "role:admin and (is_admin_project:True or rule:is_service_project)"
diff --git a/unit_tests/test_neutron_api_utils.py b/unit_tests/test_neutron_api_utils.py
index b25c2c1d..3a7ccdb1 100644
--- a/unit_tests/test_neutron_api_utils.py
+++ b/unit_tests/test_neutron_api_utils.py
@@ -178,6 +178,19 @@ class TestNeutronAPIUtils(CharmTestCase):
         [self.assertIn(q_conf, _map.keys()) for q_conf in confs]
         self.assertTrue(nutils.APACHE_24_CONF not in _map.keys())
 
+    @patch.object(nutils, 'manage_plugin')
+    @patch('os.path.exists')
+    def test_resource_map_queens(self, _path_exists, _manage_plugin):
+        _path_exists.return_value = False
+        _manage_plugin.return_value = True
+        self.os_release.return_value = 'queens'
+        _map = nutils.resource_map()
+        confs = [nutils.NEUTRON_CONF, nutils.NEUTRON_DEFAULT,
+                 nutils.APACHE_CONF, nutils.NEUTRON_LBAAS_CONF,
+                 nutils.NEUTRON_VPNAAS_CONF, nutils.ADMIN_POLICY]
+        [self.assertIn(q_conf, _map.keys()) for q_conf in confs]
+        self.assertTrue(nutils.APACHE_24_CONF not in _map.keys())
+
     @patch.object(nutils, 'manage_plugin')
     @patch('os.path.exists')
     def test_resource_map_apache24(self, _path_exists, _manage_plugin):