diff --git a/nova/api/openstack/compute/aggregates.py b/nova/api/openstack/compute/aggregates.py
index 34619a87a..549c49584 100644
--- a/nova/api/openstack/compute/aggregates.py
+++ b/nova/api/openstack/compute/aggregates.py
@@ -27,9 +27,9 @@ from nova.api import validation
 from nova.compute import api as compute_api
 from nova import exception
 from nova.i18n import _
+from nova.policies import aggregates as aggr_policies
 
 ALIAS = "os-aggregates"
-authorize = extensions.os_compute_authorizer(ALIAS)
 
 
 def _get_context(req):
@@ -45,7 +45,7 @@ class AggregateController(wsgi.Controller):
     def index(self, req):
         """Returns a list a host aggregate's id, name, availability_zone."""
         context = _get_context(req)
-        authorize(context, action='index')
+        context.can(aggr_policies.POLICY_ROOT % 'index')
         aggregates = self.api.get_aggregate_list(context)
         return {'aggregates': [self._marshall_aggregate(a)['aggregate']
                                for a in aggregates]}
@@ -60,7 +60,7 @@ class AggregateController(wsgi.Controller):
         optional availability zone.
         """
         context = _get_context(req)
-        authorize(context, action='create')
+        context.can(aggr_policies.POLICY_ROOT % 'create')
         host_aggregate = body["aggregate"]
         name = common.normalize_name(host_aggregate["name"])
         avail_zone = host_aggregate.get("availability_zone")
@@ -87,7 +87,7 @@ class AggregateController(wsgi.Controller):
     def show(self, req, id):
         """Shows the details of an aggregate, hosts and metadata included."""
         context = _get_context(req)
-        authorize(context, action='show')
+        context.can(aggr_policies.POLICY_ROOT % 'show')
         try:
             aggregate = self.api.get_aggregate(context, id)
         except exception.AggregateNotFound as e:
@@ -100,7 +100,7 @@ class AggregateController(wsgi.Controller):
     def update(self, req, id, body):
         """Updates the name and/or availability_zone of given aggregate."""
         context = _get_context(req)
-        authorize(context, action='update')
+        context.can(aggr_policies.POLICY_ROOT % 'update')
         updates = body["aggregate"]
         if 'name' in updates:
             updates['name'] = common.normalize_name(updates['name'])
@@ -123,7 +123,7 @@ class AggregateController(wsgi.Controller):
     def delete(self, req, id):
         """Removes an aggregate by id."""
         context = _get_context(req)
-        authorize(context, action='delete')
+        context.can(aggr_policies.POLICY_ROOT % 'delete')
         try:
             self.api.delete_aggregate(context, id)
         except exception.AggregateNotFound as e:
@@ -142,7 +142,7 @@ class AggregateController(wsgi.Controller):
         host = body['add_host']['host']
 
         context = _get_context(req)
-        authorize(context, action='add_host')
+        context.can(aggr_policies.POLICY_ROOT % 'add_host')
         try:
             aggregate = self.api.add_host_to_aggregate(context, id, host)
         except (exception.AggregateNotFound,
@@ -164,7 +164,7 @@ class AggregateController(wsgi.Controller):
         host = body['remove_host']['host']
 
         context = _get_context(req)
-        authorize(context, action='remove_host')
+        context.can(aggr_policies.POLICY_ROOT % 'remove_host')
         try:
             aggregate = self.api.remove_host_from_aggregate(context, id, host)
         except (exception.AggregateNotFound, exception.AggregateHostNotFound,
@@ -184,7 +184,7 @@ class AggregateController(wsgi.Controller):
     def _set_metadata(self, req, id, body):
         """Replaces the aggregate's existing metadata with new metadata."""
         context = _get_context(req)
-        authorize(context, action='set_metadata')
+        context.can(aggr_policies.POLICY_ROOT % 'set_metadata')
 
         metadata = body["set_metadata"]["metadata"]
         try: