diff --git a/heat/common/policy.py b/heat/common/policy.py
index e5b68977e..f1e13f6e1 100644
--- a/heat/common/policy.py
+++ b/heat/common/policy.py
@@ -95,5 +95,13 @@ class Enforcer(object):
         """
         return self._check(context, action, target)
 
+    def check_is_admin(self, context):
+        """Whether or not roles contains 'admin' role according to policy.json
+
+           :param context: Heat request context
+           :returns: A non-False value if the user is admin according to policy
+        """
+        return self._check(context, 'context_is_admin', target={}, exc=None)
+
     def clear(self):
         self.enforcer.clear()
diff --git a/heat/tests/policy/check_admin.json b/heat/tests/policy/check_admin.json
new file mode 100644
index 000000000..96a15c83c
--- /dev/null
+++ b/heat/tests/policy/check_admin.json
@@ -0,0 +1,3 @@
+{
+    "context_is_admin":  "role:admin"
+}
diff --git a/heat/tests/test_common_policy.py b/heat/tests/test_common_policy.py
index fab305548..4bc7048e0 100644
--- a/heat/tests/test_common_policy.py
+++ b/heat/tests/test_common_policy.py
@@ -173,3 +173,17 @@ class TestPolicyEnforcer(HeatTestCase):
                                    exc=None, default_rule=default_rule)
         action = 'no_such_action'
         self.assertFalse(enforcer.enforce(ctx, action))
+
+    def test_check_admin(self):
+        self.stub_policyfile('check_admin.json')
+
+        enforcer = policy.Enforcer()
+
+        ctx = utils.dummy_context(roles=[])
+        self.assertFalse(enforcer.check_is_admin(ctx))
+
+        ctx = utils.dummy_context(roles=['not_admin'])
+        self.assertFalse(enforcer.check_is_admin(ctx))
+
+        ctx = utils.dummy_context(roles=['admin'])
+        self.assertTrue(enforcer.check_is_admin(ctx))