diff --git a/etc/policy.json b/etc/policy.json
index 78dd1e4c..3d60dcdc 100644
--- a/etc/policy.json
+++ b/etc/policy.json
@@ -5,6 +5,7 @@
     "admin_only": "rule:context_is_admin",
     "regular_user": "",
     "shared": "field:networks:shared=True",
+    "shared_firewalls": "field:firewalls:shared=True",
     "external": "field:networks:router:external=True",
     "default": "rule:admin_or_owner",
 
@@ -71,13 +72,13 @@
     "delete_firewall": "rule:admin_or_owner",
 
     "create_firewall_policy": "",
-    "get_firewall_policy": "rule:admin_or_owner",
+    "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewalls",
     "create_firewall_policy:shared": "rule:admin_or_owner",
     "update_firewall_policy": "rule:admin_or_owner",
     "delete_firewall_policy": "rule:admin_or_owner",
 
     "create_firewall_rule": "",
-    "get_firewall_rule": "rule:admin_or_owner",
+    "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls",
     "create_firewall_rule:shared": "rule:admin_or_owner",
     "get_firewall_rule:shared": "rule:admin_or_owner",
     "update_firewall_rule": "rule:admin_or_owner",