From 187f9cd0a2c5e0c1709605a1909a742e8dbba839 Mon Sep 17 00:00:00 2001
From: Prachi Damle <prachi@cloud.com>
Date: Mon, 24 Feb 2014 16:59:27 -0800
Subject: [PATCH] iam/plugin: Rename Acl to IAM everywhere

---
 api/src/com/cloud/event/EventTypes.java       |  20 +-
 .../cloudstack/api/ApiCommandJobType.java     |   4 +-
 .../apache/cloudstack/api/ApiConstants.java   |  26 +-
 .../api/response/AccountResponse.java         |   2 +-
 .../cloud/template/TemplateManagerImpl.java   |   4 +-
 ...=> spring-iam-access-checkers-context.xml} |   8 +-
 ...pCmd.java => AddAccountToIAMGroupCmd.java} |  36 +--
 ...va => AddIAMPermissionToIAMPolicyCmd.java} |  45 +--
 ....java => AttachIAMPolicyToAccountCmd.java} |  26 +-
 ...java => AttachIAMPolicyToIAMGroupCmd.java} |  38 +--
 ...clGroupCmd.java => CreateIAMGroupCmd.java} |  44 +--
 ...PolicyCmd.java => CreateIAMPolicyCmd.java} |  46 +--
 ...clGroupCmd.java => DeleteIAMGroupCmd.java} |  18 +-
 ...PolicyCmd.java => DeleteIAMPolicyCmd.java} |  26 +-
 ...clGroupsCmd.java => ListIAMGroupsCmd.java} |  28 +-
 ...liciesCmd.java => ListIAMPoliciesCmd.java} |  28 +-
 ...java => RemoveAccountFromIAMGroupCmd.java} |  36 +--
 ... RemoveIAMPermissionFromIAMPolicyCmd.java} |  42 +--
 ...ava => RemoveIAMPolicyFromAccountCmd.java} |  30 +-
 ...va => RemoveIAMPolicyFromIAMGroupCmd.java} |  38 +--
 ...oupResponse.java => IAMGroupResponse.java} |  28 +-
 ...sponse.java => IAMPermissionResponse.java} |  20 +-
 ...cyResponse.java => IAMPolicyResponse.java} |  34 +--
 ...{AclApiService.java => IAMApiService.java} |  54 ++--
 ...erviceImpl.java => IAMApiServiceImpl.java} | 250 ++++++++--------
 .../iam/RoleBasedAPIAccessChecker.java        |  12 +-
 .../iam/RoleBasedEntityAccessChecker.java     |  34 +--
 .../iam/RoleBasedEntityQuerySelector.java     |  48 +--
 .../test/IAMApiServiceTest.java}              | 186 ++++++------
 .../iam/api/{AclGroup.java => IAMGroup.java}  |  74 ++---
 .../api/{AclPolicy.java => IAMPolicy.java}    |  82 ++---
 ...rmission.java => IAMPolicyPermission.java} |   2 +-
 .../apache/cloudstack/iam/api/IAMService.java |  48 +--
 ...yMapVO.java => IAMAccountPolicyMapVO.java} |   8 +-
 ...ntMapVO.java => IAMGroupAccountMapVO.java} |   8 +-
 ...icyMapVO.java => IAMGroupPolicyMapVO.java} |   8 +-
 .../{AclGroupVO.java => IAMGroupVO.java}      |  10 +-
 ...sionVO.java => IAMPolicyPermissionVO.java} |  10 +-
 .../{AclPolicyVO.java => IAMPolicyVO.java}    |  18 +-
 .../cloudstack/iam/server/IAMServiceImpl.java | 282 +++++++++---------
 .../server/dao/AclAccountPolicyMapDao.java    |  17 --
 .../iam/server/dao/AclGroupPolicyMapDao.java  |  16 -
 .../server/dao/IAMAccountPolicyMapDao.java    |  17 ++
 ...l.java => IAMAccountPolicyMapDaoImpl.java} |  22 +-
 ...MapDao.java => IAMGroupAccountMapDao.java} |  16 +-
 ...pl.java => IAMGroupAccountMapDaoImpl.java} |  40 +--
 .../{AclGroupDao.java => IAMGroupDao.java}    |   8 +-
 ...GroupDaoImpl.java => IAMGroupDaoImpl.java} |  14 +-
 .../iam/server/dao/IAMGroupPolicyMapDao.java  |  16 +
 ...mpl.java => IAMGroupPolicyMapDaoImpl.java} |  22 +-
 .../{AclPolicyDao.java => IAMPolicyDao.java}  |   8 +-
 ...licyDaoImpl.java => IAMPolicyDaoImpl.java} |  14 +-
 ...onDao.java => IAMPolicyPermissionDao.java} |  18 +-
 ...l.java => IAMPolicyPermissionDaoImpl.java} |  42 +--
 .../cloudstack/iam/IAMServiceUnitTest.java    |  76 ++---
 setup/db/db/schema-430to440.sql               |  76 ++---
 56 files changed, 1095 insertions(+), 1088 deletions(-)
 rename services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/{spring-acl-role-based-access-checkers-context.xml => spring-iam-access-checkers-context.xml} (88%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{AddAccountToAclGroupCmd.java => AddAccountToIAMGroupCmd.java} (77%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{AddAclPermissionToAclPolicyCmd.java => AddIAMPermissionToIAMPolicyCmd.java} (74%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{AttachAclPolicyToAccountCmd.java => AttachIAMPolicyToAccountCmd.java} (81%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{AttachAclPolicyToAclGroupCmd.java => AttachIAMPolicyToIAMGroupCmd.java} (72%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{CreateAclGroupCmd.java => CreateIAMGroupCmd.java} (79%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{CreateAclPolicyCmd.java => CreateIAMPolicyCmd.java} (77%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{DeleteAclGroupCmd.java => DeleteIAMGroupCmd.java} (88%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{DeleteAclPolicyCmd.java => DeleteIAMPolicyCmd.java} (80%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{ListAclGroupsCmd.java => ListIAMGroupsCmd.java} (72%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{ListAclPoliciesCmd.java => ListIAMPoliciesCmd.java} (72%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{RemoveAccountFromAclGroupCmd.java => RemoveAccountFromIAMGroupCmd.java} (77%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{RemoveAclPermissionFromAclPolicyCmd.java => RemoveIAMPermissionFromIAMPolicyCmd.java} (74%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{RemoveAclPolicyFromAccountCmd.java => RemoveIAMPolicyFromAccountCmd.java} (76%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/command/iam/{RemoveAclPolicyFromAclGroupCmd.java => RemoveIAMPolicyFromIAMGroupCmd.java} (71%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/response/iam/{AclGroupResponse.java => IAMGroupResponse.java} (85%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/response/iam/{AclPermissionResponse.java => IAMPermissionResponse.java} (86%)
 rename services/iam/plugin/src/org/apache/cloudstack/api/response/iam/{AclPolicyResponse.java => IAMPolicyResponse.java} (79%)
 rename services/iam/plugin/src/org/apache/cloudstack/iam/{AclApiService.java => IAMApiService.java} (55%)
 rename services/iam/plugin/src/org/apache/cloudstack/iam/{AclApiServiceImpl.java => IAMApiServiceImpl.java} (74%)
 rename services/iam/plugin/test/org/apache/cloudstack/{acl/AclApiServiceTest.java => iam/test/IAMApiServiceTest.java} (64%)
 rename services/iam/server/src/org/apache/cloudstack/iam/api/{AclGroup.java => IAMGroup.java} (91%)
 rename services/iam/server/src/org/apache/cloudstack/iam/api/{AclPolicy.java => IAMPolicy.java} (91%)
 rename services/iam/server/src/org/apache/cloudstack/iam/api/{AclPolicyPermission.java => IAMPolicyPermission.java} (97%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/{AclAccountPolicyMapVO.java => IAMAccountPolicyMapVO.java} (91%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/{AclGroupAccountMapVO.java => IAMGroupAccountMapVO.java} (91%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/{AclGroupPolicyMapVO.java => IAMGroupPolicyMapVO.java} (91%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/{AclGroupVO.java => IAMGroupVO.java} (92%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/{AclPolicyPermissionVO.java => IAMPolicyPermissionVO.java} (94%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/{AclPolicyVO.java => IAMPolicyVO.java} (87%)
 delete mode 100644 services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java
 delete mode 100644 services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java
 create mode 100644 services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclAccountPolicyMapDaoImpl.java => IAMAccountPolicyMapDaoImpl.java} (67%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclGroupAccountMapDao.java => IAMGroupAccountMapDao.java} (66%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclGroupAccountMapDaoImpl.java => IAMGroupAccountMapDaoImpl.java} (72%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclGroupDao.java => IAMGroupDao.java} (80%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclGroupDaoImpl.java => IAMGroupDaoImpl.java} (82%)
 create mode 100644 services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclGroupPolicyMapDaoImpl.java => IAMGroupPolicyMapDaoImpl.java} (66%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclPolicyDao.java => IAMPolicyDao.java} (81%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclPolicyDaoImpl.java => IAMPolicyDaoImpl.java} (82%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclPolicyPermissionDao.java => IAMPolicyPermissionDao.java} (67%)
 rename services/iam/server/src/org/apache/cloudstack/iam/server/dao/{AclPolicyPermissionDaoImpl.java => IAMPolicyPermissionDaoImpl.java} (77%)

diff --git a/api/src/com/cloud/event/EventTypes.java b/api/src/com/cloud/event/EventTypes.java
index ea496242ef8..d0ade896c20 100755
--- a/api/src/com/cloud/event/EventTypes.java
+++ b/api/src/com/cloud/event/EventTypes.java
@@ -455,17 +455,17 @@ public class EventTypes {
 
     public static final String EVENT_UCS_ASSOCIATED_PROFILE = "UCS.ASSOCIATEPROFILE";
 
-    public static final String EVENT_ACL_POLICY_CREATE = "ACLPOLICY.CREATE";
-    public static final String EVENT_ACL_POLICY_DELETE = "ACLPOLICY.DELETE";
-    public static final String EVENT_ACL_POLICY_GRANT = "ACLPOLICY.GRANT";
-    public static final String EVENT_ACL_POLICY_REVOKE = "ACLPOLICY.REVOKE";
+    public static final String EVENT_IAM_POLICY_CREATE = "IAMPOLICY.CREATE";
+    public static final String EVENT_IAM_POLICY_DELETE = "IAMPOLICY.DELETE";
+    public static final String EVENT_IAM_POLICY_GRANT = "IAMPOLICY.GRANT";
+    public static final String EVENT_IAM_POLICY_REVOKE = "IAMPOLICY.REVOKE";
 
-    public static final String EVENT_ACL_GROUP_UPDATE = "ACLGROUP.UPDATE";
-    public static final String EVENT_ACL_GROUP_CREATE = "ACLGROUP.CREATE";
-    public static final String EVENT_ACL_GROUP_DELETE = "ACLGROUP.DELETE";
-    public static final String EVENT_ACL_GROUP_GRANT = "ACLGROUP.GRANT";
-    public static final String EVENT_ACL_GROUP_REVOKE = "ACLGROUP.REVOKE";
-    public static final String EVENT_ACL_ACCOUNT_POLICY_UPDATE = "ACLACCOUNTPOLICY.UPDATE";
+    public static final String EVENT_IAM_GROUP_UPDATE = "IAMGROUP.UPDATE";
+    public static final String EVENT_IAM_GROUP_CREATE = "IAMGROUP.CREATE";
+    public static final String EVENT_IAM_GROUP_DELETE = "IAMGROUP.DELETE";
+    public static final String EVENT_IAM_GROUP_GRANT = "IAMGROUP.GRANT";
+    public static final String EVENT_IAM_GROUP_REVOKE = "IAMGROUP.REVOKE";
+    public static final String EVENT_IAM_ACCOUNT_POLICY_UPDATE = "IAMACCOUNTPOLICY.UPDATE";
 
     // Object store migration
     public static final String EVENT_MIGRATE_PREPARE_SECONDARY_STORAGE = "MIGRATE.PREPARE.SS";
diff --git a/api/src/org/apache/cloudstack/api/ApiCommandJobType.java b/api/src/org/apache/cloudstack/api/ApiCommandJobType.java
index 0e79e660cad..f27f001f868 100644
--- a/api/src/org/apache/cloudstack/api/ApiCommandJobType.java
+++ b/api/src/org/apache/cloudstack/api/ApiCommandJobType.java
@@ -50,6 +50,6 @@ public enum ApiCommandJobType {
     AffinityGroup,
     InternalLbVm,
     DedicatedGuestVlanRange,
-    AclPolicy,
-    AclGroup
+    IAMPolicy,
+    IAMGroup
 }
\ No newline at end of file
diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java
index 353587255dc..b34f106d6dc 100755
--- a/api/src/org/apache/cloudstack/api/ApiConstants.java
+++ b/api/src/org/apache/cloudstack/api/ApiConstants.java
@@ -543,19 +543,19 @@ public class ApiConstants {
     public static final String ROUTING = "isrouting";
     public static final String MAX_CONNECTIONS = "maxconnections";
     public static final String SERVICE_STATE = "servicestate";
-    public static final String ACL_ACCOUNT_IDS = "accountids";
-    public static final String ACL_MEMBER_ACCOUNTS = "memberaccounts";
-    public static final String ACL_PARENT_POLICY_ID = "parentpolicyid";
-    public static final String ACL_PARENT_POLICY_NAME = "parentpolicyname";
-    public static final String ACL_POLICY_IDS = "policyids";
-    public static final String ACL_POLICIES = "policies";
-    public static final String ACL_APIS = "apis";
-    public static final String ACL_GROUPS = "groups";
-    public static final String ACL_PERMISSIONS = "permission";
-    public static final String ACL_ACTION = "action";
-    public static final String ACL_SCOPE = "scope";
-    public static final String ACL_SCOPE_ID = "scopeid";
-    public static final String ACL_ALLOW_DENY = "permission";
+    public static final String IAM_ACCOUNT_IDS = "accountids";
+    public static final String IAM_MEMBER_ACCOUNTS = "memberaccounts";
+    public static final String IAM_PARENT_POLICY_ID = "parentpolicyid";
+    public static final String IAM_PARENT_POLICY_NAME = "parentpolicyname";
+    public static final String IAM_POLICY_IDS = "policyids";
+    public static final String IAM_POLICIES = "policies";
+    public static final String IAM_APIS = "apis";
+    public static final String IAM_GROUPS = "groups";
+    public static final String IAM_PERMISSIONS = "permission";
+    public static final String IAM_ACTION = "action";
+    public static final String IAM_SCOPE = "scope";
+    public static final String IAM_SCOPE_ID = "scopeid";
+    public static final String IAM_ALLOW_DENY = "permission";
     public static final String ENTITY_TYPE = "entitytype";
     public static final String ENTITY_ID = "entityid";
     public static final String ACCESS_TYPE = "accesstype";
diff --git a/api/src/org/apache/cloudstack/api/response/AccountResponse.java b/api/src/org/apache/cloudstack/api/response/AccountResponse.java
index 7d3678559c4..991b162ac1b 100644
--- a/api/src/org/apache/cloudstack/api/response/AccountResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/AccountResponse.java
@@ -239,7 +239,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
     @Param(description = "true if account is default, false otherwise", since = "4.2.0")
     private Boolean isDefault;
 
-    @SerializedName(ApiConstants.ACL_GROUPS)
+    @SerializedName(ApiConstants.IAM_GROUPS)
     @Param(description = "the list of acl groups that account belongs to")
     private List<String> groups;
 
diff --git a/server/src/com/cloud/template/TemplateManagerImpl.java b/server/src/com/cloud/template/TemplateManagerImpl.java
index a8aa7858006..f27fb745931 100755
--- a/server/src/com/cloud/template/TemplateManagerImpl.java
+++ b/server/src/com/cloud/template/TemplateManagerImpl.java
@@ -1273,7 +1273,7 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
             permit.put(ApiConstants.ENTITY_TYPE, IAMEntityType.VirtualMachineTemplate.toString());
             permit.put(ApiConstants.ENTITY_ID, id);
             permit.put(ApiConstants.ACCESS_TYPE, AccessType.UseEntry);
-            permit.put(ApiConstants.ACL_ACTION, "listTemplates");
+            permit.put(ApiConstants.IAM_ACTION, "listTemplates");
             permit.put(ApiConstants.ACCOUNTS, accountIds);
             _messageBus.publish(_name, EntityManager.MESSAGE_GRANT_ENTITY_EVENT, PublishScope.LOCAL, permit);
         } else if ("remove".equalsIgnoreCase(operation)) {
@@ -1290,7 +1290,7 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
             permit.put(ApiConstants.ENTITY_TYPE, IAMEntityType.VirtualMachineTemplate.toString());
             permit.put(ApiConstants.ENTITY_ID, id);
             permit.put(ApiConstants.ACCESS_TYPE, AccessType.UseEntry);
-            permit.put(ApiConstants.ACL_ACTION, "listTemplates");
+            permit.put(ApiConstants.IAM_ACTION, "listTemplates");
             permit.put(ApiConstants.ACCOUNTS, accountIds);
             _messageBus.publish(_name, EntityManager.MESSAGE_REVOKE_ENTITY_EVENT, PublishScope.LOCAL, permit);
         } else if ("reset".equalsIgnoreCase(operation)) {
diff --git a/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml b/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-iam-access-checkers-context.xml
similarity index 88%
rename from services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml
rename to services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-iam-access-checkers-context.xml
index 5cc2dbd9e92..fb0ddf37aa3 100644
--- a/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml
+++ b/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-iam-access-checkers-context.xml
@@ -27,9 +27,9 @@
                       http://www.springframework.org/schema/context/spring-context-3.0.xsd"
                       >                     
 
-    <bean id="RoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.RoleBasedAPIAccessChecker" />
-    <bean id="RoleBasedEntityAccessChecker" class="org.apache.cloudstack.acl.RoleBasedEntityAccessChecker" />
-    <bean id="RoleBasedEntityQuerySelector" class="org.apache.cloudstack.acl.RoleBasedEntityQuerySelector" />
-    <bean id="AclApiServiceImpl" class="org.apache.cloudstack.acl.api.AclApiServiceImpl" />
+    <bean id="RoleBasedAPIAccessChecker" class="org.apache.cloudstack.iam.RoleBasedAPIAccessChecker" />
+    <bean id="RoleBasedEntityAccessChecker" class="org.apache.cloudstack.iam.RoleBasedEntityAccessChecker" />
+    <bean id="RoleBasedEntityQuerySelector" class="org.apache.cloudstack.iam.RoleBasedEntityQuerySelector" />
+    <bean id="AclApiServiceImpl" class="org.apache.cloudstack.iam.AclApiServiceImpl" />
 
 </beans>
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAccountToAclGroupCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAccountToIAMGroupCmd.java
similarity index 77%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAccountToAclGroupCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAccountToIAMGroupCmd.java
index b63f6355046..bea3fc97d10 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAccountToAclGroupCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAccountToIAMGroupCmd.java
@@ -22,7 +22,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -32,9 +32,9 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.AccountResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclGroup;
+import org.apache.cloudstack.iam.api.IAMGroup;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.InsufficientCapacityException;
@@ -42,13 +42,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "addAccountToAclGroup", description = "add account to an acl group", responseObject = AclGroupResponse.class)
-public class AddAccountToAclGroupCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(AddAccountToAclGroupCmd.class.getName());
-    private static final String s_name = "addaccounttoaclgroupresponse";
+@APICommand(name = "addAccountToIAMGroup", description = "add account to an iam group", responseObject = IAMGroupResponse.class)
+public class AddAccountToIAMGroupCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(AddAccountToIAMGroupCmd.class.getName());
+    private static final String s_name = "addaccounttoiamgroupresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -56,12 +56,12 @@ public class AddAccountToAclGroupCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclGroupResponse.class,
-            required = true, description = "The ID of the acl group")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMGroupResponse.class,
+ required = true, description = "The ID of the iam group")
     private Long id;
 
     @ACL
-    @Parameter(name = ApiConstants.ACCOUNTS, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = AccountResponse.class, description = "comma separated list of account id that are going to be assigned to the acl group.")
+    @Parameter(name = ApiConstants.ACCOUNTS, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = AccountResponse.class, description = "comma separated list of account id that are going to be assigned to the iam group.")
     private List<Long> accountIdList;
 
 
@@ -98,30 +98,30 @@ public class AddAccountToAclGroupCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl group Id: " + getId());
-        AclGroup result = _aclApiSrv.addAccountsToGroup(accountIdList, id);
+        CallContext.current().setEventDetails("IAM group Id: " + getId());
+        IAMGroup result = _iamApiSrv.addAccountsToGroup(accountIdList, id);
         if (result != null){
-            AclGroupResponse response = _aclApiSrv.createAclGroupResponse(result);
+            IAMGroupResponse response = _iamApiSrv.createIAMGroupResponse(result);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add accounts to acl group");
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add accounts to iam group");
         }
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_GROUP_UPDATE;
+        return EventTypes.EVENT_IAM_GROUP_UPDATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "adding accounts to acl group";
+        return "adding accounts to iam group";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclGroup;
+        return ApiCommandJobType.IAMGroup;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAclPermissionToAclPolicyCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddIAMPermissionToIAMPolicyCmd.java
similarity index 74%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAclPermissionToAclPolicyCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddIAMPermissionToIAMPolicyCmd.java
index e0ecb50ac64..86afd10a5c2 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddAclPermissionToAclPolicyCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AddIAMPermissionToIAMPolicyCmd.java
@@ -21,7 +21,7 @@ import javax.inject.Inject;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.acl.PermissionScope;
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -30,10 +30,10 @@ import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.InsufficientCapacityException;
@@ -41,13 +41,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "addAclPermissionToAclPolicy", description = "Add Acl permission to an acl policy", responseObject = AclPolicyResponse.class)
-public class AddAclPermissionToAclPolicyCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(AddAclPermissionToAclPolicyCmd.class.getName());
-    private static final String s_name = "addaclpermissiontoaclpolicyresponse";
+@APICommand(name = "addIAMPermissionToIAMPolicy", description = "Add IAM permission to an iam policy", responseObject = IAMPolicyResponse.class)
+public class AddIAMPermissionToIAMPolicyCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(AddIAMPermissionToIAMPolicyCmd.class.getName());
+    private static final String s_name = "addiampermissiontoiampolicyresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -55,21 +55,21 @@ public class AddAclPermissionToAclPolicyCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclPolicyResponse.class,
-            required = true, description = "The ID of the acl policy")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMPolicyResponse.class,
+ required = true, description = "The ID of the iam policy")
     private Long id;
 
-    @Parameter(name = ApiConstants.ACL_ACTION, type = CommandType.STRING, required = true, description = "action api name.")
+    @Parameter(name = ApiConstants.IAM_ACTION, type = CommandType.STRING, required = true, description = "action api name.")
     private String action;
 
     @Parameter(name = ApiConstants.ENTITY_TYPE, type = CommandType.STRING, required = false, description = "entity class simple name.")
     private String entityType;
 
-    @Parameter(name = ApiConstants.ACL_SCOPE, type = CommandType.STRING,
-            required = false, description = "acl permission scope")
+    @Parameter(name = ApiConstants.IAM_SCOPE, type = CommandType.STRING,
+ required = false, description = "iam permission scope")
     private String scope;
 
-    @Parameter(name = ApiConstants.ACL_SCOPE_ID, type = CommandType.UUID, required = false, description = "The ID of the permission scope id")
+    @Parameter(name = ApiConstants.IAM_SCOPE_ID, type = CommandType.UUID, required = false, description = "The ID of the permission scope id")
     private Long scopeId;
 
 
@@ -120,32 +120,33 @@ public class AddAclPermissionToAclPolicyCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl policy Id: " + getId());
+        CallContext.current().setEventDetails("IAM policy Id: " + getId());
         // Only explicit ALLOW is supported for this release, no explicit deny
-        AclPolicy result = _aclApiSrv.addAclPermissionToAclPolicy(id, entityType, PermissionScope.valueOf(scope),
+        IAMPolicy result = _iamApiSrv.addIAMPermissionToIAMPolicy(id, entityType, PermissionScope.valueOf(scope),
                 scopeId, action, Permission.Allow, false);
         if (result != null) {
-            AclPolicyResponse response = _aclApiSrv.createAclPolicyResponse(result);
+            IAMPolicyResponse response = _iamApiSrv.createIAMPolicyResponse(result);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to grant permission to acl policy " + getId());
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to grant permission to iam policy "
+                    + getId());
         }
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_POLICY_GRANT;
+        return EventTypes.EVENT_IAM_POLICY_GRANT;
     }
 
     @Override
     public String getEventDescription() {
-        return "granting permission to acl policy";
+        return "granting permission to iam policy";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclPolicy;
+        return ApiCommandJobType.IAMPolicy;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachAclPolicyToAccountCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachIAMPolicyToAccountCmd.java
similarity index 81%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachAclPolicyToAccountCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachIAMPolicyToAccountCmd.java
index c16f8bd9caf..fc174cf1594 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachAclPolicyToAccountCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachIAMPolicyToAccountCmd.java
@@ -22,7 +22,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -32,7 +32,7 @@ import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.AccountResponse;
 import org.apache.cloudstack.api.response.SuccessResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
 
 import com.cloud.event.EventTypes;
@@ -41,13 +41,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "attachAclPolicyToAccount", description = "attach acl policy to accounts", responseObject = SuccessResponse.class)
-public class AttachAclPolicyToAccountCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(AttachAclPolicyToAccountCmd.class.getName());
-    private static final String s_name = "attachaclpolicytoaccountresponse";
+@APICommand(name = "attachIAMPolicyToAccount", description = "attach iam policy to accounts", responseObject = SuccessResponse.class)
+public class AttachIAMPolicyToAccountCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(AttachIAMPolicyToAccountCmd.class.getName());
+    private static final String s_name = "attachiampolicytoaccountresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -55,8 +55,8 @@ public class AttachAclPolicyToAccountCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclPolicyResponse.class,
-            required = true, description = "The ID of the acl policy")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMPolicyResponse.class,
+ required = true, description = "The ID of the iam policy")
     private Long id;
 
     @ACL
@@ -97,8 +97,8 @@ public class AttachAclPolicyToAccountCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl policy Id: " + getId());
-        _aclApiSrv.attachAclPolicyToAccounts(id, accountIdList);
+        CallContext.current().setEventDetails("IAM policy Id: " + getId());
+        _iamApiSrv.attachIAMPolicyToAccounts(id, accountIdList);
         SuccessResponse response = new SuccessResponse();
         response.setResponseName(getCommandName());
         setResponseObject(response);
@@ -106,12 +106,12 @@ public class AttachAclPolicyToAccountCmd extends BaseAsyncCmd {
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_ACCOUNT_POLICY_UPDATE;
+        return EventTypes.EVENT_IAM_ACCOUNT_POLICY_UPDATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "adding acl policy to accounts";
+        return "adding IAM policy to accounts";
     }
 
     @Override
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachAclPolicyToAclGroupCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachIAMPolicyToIAMGroupCmd.java
similarity index 72%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachAclPolicyToAclGroupCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachIAMPolicyToIAMGroupCmd.java
index cd2a3d568b6..1705c4a91c3 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachAclPolicyToAclGroupCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/AttachIAMPolicyToIAMGroupCmd.java
@@ -22,7 +22,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -31,10 +31,10 @@ import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclGroup;
+import org.apache.cloudstack.iam.api.IAMGroup;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.InsufficientCapacityException;
@@ -42,13 +42,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "attachAclPolicyToAclGroup", description = "attach acl policy to an acl group", responseObject = AclGroupResponse.class)
-public class AttachAclPolicyToAclGroupCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(AttachAclPolicyToAclGroupCmd.class.getName());
-    private static final String s_name = "attachaclpolicytoaclgroupresponse";
+@APICommand(name = "attachIAMPolicyToIAMGroup", description = "attach iam policy to an iam group", responseObject = IAMGroupResponse.class)
+public class AttachIAMPolicyToIAMGroupCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(AttachIAMPolicyToIAMGroupCmd.class.getName());
+    private static final String s_name = "attachiampolicytoiamgroupresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -56,12 +56,12 @@ public class AttachAclPolicyToAclGroupCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclGroupResponse.class,
-            required = true, description = "The ID of the acl group")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMGroupResponse.class,
+ required = true, description = "The ID of the iam group")
     private Long id;
 
     @ACL
-    @Parameter(name = ApiConstants.ACL_POLICIES, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = AclPolicyResponse.class, description = "comma separated list of acl policy id that are going to be applied to the acl group.")
+    @Parameter(name = ApiConstants.IAM_POLICIES, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = IAMPolicyResponse.class, description = "comma separated list of iam policy id that are going to be applied to the iam group.")
     private List<Long> policyIdList;
 
 
@@ -98,30 +98,30 @@ public class AttachAclPolicyToAclGroupCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl group Id: " + getId());
-        AclGroup result = _aclApiSrv.attachAclPoliciesToGroup(policyIdList, id);
+        CallContext.current().setEventDetails("IAM group Id: " + getId());
+        IAMGroup result = _iamApiSrv.attachIAMPoliciesToGroup(policyIdList, id);
         if (result != null){
-            AclGroupResponse response = _aclApiSrv.createAclGroupResponse(result);
+            IAMGroupResponse response = _iamApiSrv.createIAMGroupResponse(result);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add roles to acl group");
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add roles to iam group");
         }
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_GROUP_UPDATE;
+        return EventTypes.EVENT_IAM_GROUP_UPDATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "adding acl roles to acl group";
+        return "adding iam roles to iam group";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclGroup;
+        return ApiCommandJobType.IAMGroup;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateAclGroupCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateIAMGroupCmd.java
similarity index 79%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateAclGroupCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateIAMGroupCmd.java
index 3805c9f273b..d0b9bc6b1c1 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateAclGroupCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateIAMGroupCmd.java
@@ -20,7 +20,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
 import org.apache.cloudstack.api.ApiConstants;
@@ -29,37 +29,37 @@ import org.apache.cloudstack.api.BaseAsyncCreateCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.DomainResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclGroup;
+import org.apache.cloudstack.iam.api.IAMGroup;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.ResourceAllocationException;
 import com.cloud.user.Account;
 
-@APICommand(name = "createAclGroup", responseObject = AclGroupResponse.class, description = "Creates an acl group")
-public class CreateAclGroupCmd extends BaseAsyncCreateCmd {
-    public static final Logger s_logger = Logger.getLogger(CreateAclGroupCmd.class.getName());
+@APICommand(name = "createIAMGroup", responseObject = IAMGroupResponse.class, description = "Creates an IAM group")
+public class CreateIAMGroupCmd extends BaseAsyncCreateCmd {
+    public static final Logger s_logger = Logger.getLogger(CreateIAMGroupCmd.class.getName());
 
-    private static final String s_name = "createaclgroupresponse";
+    private static final String s_name = "createiamgroupresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     // ///////////////////////////////////////////////////
     // ////////////// API parameters /////////////////////
     // ///////////////////////////////////////////////////
 
-    @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "an account for the acl group. Must be used with domainId.")
+    @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "an account for the iam group. Must be used with domainId.")
     private String accountName;
 
-    @Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID, description = "domainId of the account owning the acl group", entityType = DomainResponse.class)
+    @Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID, description = "domainId of the account owning the iam group", entityType = DomainResponse.class)
     private Long domainId;
 
-    @Parameter(name = ApiConstants.DESCRIPTION, type = CommandType.STRING, description = "optional description of the acl group")
+    @Parameter(name = ApiConstants.DESCRIPTION, type = CommandType.STRING, description = "optional description of the iam group")
     private String description;
 
-    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "name of the acl group")
+    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "name of the iam group")
     private String name;
 
 
@@ -117,52 +117,52 @@ public class CreateAclGroupCmd extends BaseAsyncCreateCmd {
 
     @Override
     public void execute() {
-        AclGroup grp = _entityMgr.findById(AclGroup.class, getEntityId());
+        IAMGroup grp = _entityMgr.findById(IAMGroup.class, getEntityId());
         if (grp != null) {
-            AclGroupResponse response = _aclApiSrv.createAclGroupResponse(grp);
+            IAMGroupResponse response = _iamApiSrv.createIAMGroupResponse(grp);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create acl group:" + name);
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create iam group:" + name);
         }
     }
 
     @Override
     public void create() throws ResourceAllocationException {
         Account account = CallContext.current().getCallingAccount();
-        AclGroup result = _aclApiSrv.createAclGroup(account, name, description);
+        IAMGroup result = _iamApiSrv.createIAMGroup(account, name, description);
         if (result != null) {
             setEntityId(result.getId());
             setEntityUuid(result.getUuid());
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create acl group entity" + name);
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create iam group entity" + name);
         }
 
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_GROUP_CREATE;
+        return EventTypes.EVENT_IAM_GROUP_CREATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "creating Acl group";
+        return "creating IAM group";
     }
 
     @Override
     public String getCreateEventType() {
-        return EventTypes.EVENT_ACL_GROUP_CREATE;
+        return EventTypes.EVENT_IAM_GROUP_CREATE;
     }
 
     @Override
     public String getCreateEventDescription() {
-        return "creating acl group";
+        return "creating IAM group";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclGroup;
+        return ApiCommandJobType.IAMGroup;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateAclPolicyCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateIAMPolicyCmd.java
similarity index 77%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateAclPolicyCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateIAMPolicyCmd.java
index 3bddc35a120..be863de308b 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateAclPolicyCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/CreateIAMPolicyCmd.java
@@ -20,7 +20,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -30,41 +30,41 @@ import org.apache.cloudstack.api.BaseAsyncCreateCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.DomainResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicy;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.ResourceAllocationException;
 import com.cloud.user.Account;
 
-@APICommand(name = "createAclPolicy", responseObject = AclPolicyResponse.class, description = "Creates an acl policy")
-public class CreateAclPolicyCmd extends BaseAsyncCreateCmd {
-    public static final Logger s_logger = Logger.getLogger(CreateAclPolicyCmd.class.getName());
+@APICommand(name = "createIAMPolicy", responseObject = IAMPolicyResponse.class, description = "Creates an iam policy")
+public class CreateIAMPolicyCmd extends BaseAsyncCreateCmd {
+    public static final Logger s_logger = Logger.getLogger(CreateIAMPolicyCmd.class.getName());
 
-    private static final String s_name = "createaclpolicyresponse";
+    private static final String s_name = "createiampolicyresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     // ///////////////////////////////////////////////////
     // ////////////// API parameters /////////////////////
     // ///////////////////////////////////////////////////
 
-    @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "an account for the acl policy. Must be used with domainId.")
+    @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "an account for the iam policy. Must be used with domainId.")
     private String accountName;
 
-    @Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID, description = "domainId of the account owning the acl policy", entityType = DomainResponse.class)
+    @Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID, description = "domainId of the account owning the iam policy", entityType = DomainResponse.class)
     private Long domainId;
 
-    @Parameter(name = ApiConstants.DESCRIPTION, type = CommandType.STRING, description = "optional description of the acl policy")
+    @Parameter(name = ApiConstants.DESCRIPTION, type = CommandType.STRING, description = "optional description of the iam policy")
     private String description;
 
-    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "name of the acl policy")
+    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "name of the iam policy")
     private String name;
 
     @ACL
-    @Parameter(name = ApiConstants.ACL_PARENT_POLICY_ID, type = CommandType.UUID, description = "The ID of parent acl policy.", entityType = AclPolicyResponse.class)
+    @Parameter(name = ApiConstants.IAM_PARENT_POLICY_ID, type = CommandType.UUID, description = "The ID of parent iam policy.", entityType = IAMPolicyResponse.class)
     private Long parentPolicyId;
 
 
@@ -124,52 +124,52 @@ public class CreateAclPolicyCmd extends BaseAsyncCreateCmd {
 
     @Override
     public void execute() {
-        AclPolicy policy = _entityMgr.findById(AclPolicy.class, getEntityId());
+        IAMPolicy policy = _entityMgr.findById(IAMPolicy.class, getEntityId());
         if (policy != null) {
-            AclPolicyResponse response = _aclApiSrv.createAclPolicyResponse(policy);
+            IAMPolicyResponse response = _iamApiSrv.createIAMPolicyResponse(policy);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create acl policy:" + name);
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create iam policy:" + name);
         }
     }
 
     @Override
     public void create() throws ResourceAllocationException {
         Account account = CallContext.current().getCallingAccount();
-        AclPolicy result = _aclApiSrv.createAclPolicy(account, name, description, parentPolicyId);
+        IAMPolicy result = _iamApiSrv.createIAMPolicy(account, name, description, parentPolicyId);
         if (result != null) {
             setEntityId(result.getId());
             setEntityUuid(result.getUuid());
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create acl policy entity" + name);
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create iam policy entity" + name);
         }
 
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_POLICY_CREATE;
+        return EventTypes.EVENT_IAM_POLICY_CREATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "creating Acl policy";
+        return "creating IAM policy";
     }
 
     @Override
     public String getCreateEventType() {
-        return EventTypes.EVENT_ACL_POLICY_CREATE;
+        return EventTypes.EVENT_IAM_POLICY_CREATE;
     }
 
     @Override
     public String getCreateEventDescription() {
-        return "creating acl policy";
+        return "creating IAM policy";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclPolicy;
+        return ApiCommandJobType.IAMPolicy;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteAclGroupCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteIAMGroupCmd.java
similarity index 88%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteAclGroupCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteIAMGroupCmd.java
index 38f13f4d48d..f5d40fc003c 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteAclGroupCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteIAMGroupCmd.java
@@ -20,7 +20,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -30,25 +30,25 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.SuccessResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
 
 import com.cloud.event.EventTypes;
 import com.cloud.user.Account;
 
 @APICommand(name = "deleteAclGroup", description = "Deletes acl group", responseObject = SuccessResponse.class)
-public class DeleteAclGroupCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(DeleteAclGroupCmd.class.getName());
+public class DeleteIAMGroupCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(DeleteIAMGroupCmd.class.getName());
     private static final String s_name = "deleteaclgroupresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _aclApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "The ID of the acl group.", required = true, entityType = AclGroupResponse.class)
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "The ID of the acl group.", required = true, entityType = IAMGroupResponse.class)
     private Long id;
 
 
@@ -76,7 +76,7 @@ public class DeleteAclGroupCmd extends BaseAsyncCmd {
 
     @Override
     public void execute(){
-        boolean result = _aclApiSrv.deleteAclGroup(id);
+        boolean result = _aclApiSrv.deleteIAMGroup(id);
         if (result) {
             SuccessResponse response = new SuccessResponse(getCommandName());
             setResponseObject(response);
@@ -87,7 +87,7 @@ public class DeleteAclGroupCmd extends BaseAsyncCmd {
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_GROUP_DELETE;
+        return EventTypes.EVENT_IAM_GROUP_DELETE;
     }
 
     @Override
@@ -97,6 +97,6 @@ public class DeleteAclGroupCmd extends BaseAsyncCmd {
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclGroup;
+        return ApiCommandJobType.IAMGroup;
     }
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteAclPolicyCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteIAMPolicyCmd.java
similarity index 80%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteAclPolicyCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteIAMPolicyCmd.java
index c9fc9ba51cc..037f4cd5991 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteAclPolicyCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/DeleteIAMPolicyCmd.java
@@ -20,7 +20,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -30,25 +30,25 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.SuccessResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 
 import com.cloud.event.EventTypes;
 import com.cloud.user.Account;
 
-@APICommand(name = "deleteAclPolicy", description = "Deletes acl policy", responseObject = SuccessResponse.class)
-public class DeleteAclPolicyCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(DeleteAclPolicyCmd.class.getName());
-    private static final String s_name = "deleteaclpolicyresponse";
+@APICommand(name = "deleteIAMPolicy", description = "Deletes iam policy", responseObject = SuccessResponse.class)
+public class DeleteIAMPolicyCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(DeleteIAMPolicyCmd.class.getName());
+    private static final String s_name = "deleteiampolicyresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "The ID of the acl role.", required = true, entityType = AclPolicyResponse.class)
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "The ID of the iam policy.", required = true, entityType = IAMPolicyResponse.class)
     private Long id;
 
 
@@ -76,27 +76,27 @@ public class DeleteAclPolicyCmd extends BaseAsyncCmd {
 
     @Override
     public void execute(){
-        boolean result = _aclApiSrv.deleteAclPolicy(id);
+        boolean result = _iamApiSrv.deleteIAMPolicy(id);
         if (result) {
             SuccessResponse response = new SuccessResponse(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete acl policy");
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete iam policy");
         }
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_POLICY_DELETE;
+        return EventTypes.EVENT_IAM_POLICY_DELETE;
     }
 
     @Override
     public String getEventDescription() {
-        return "Deleting Acl role";
+        return "Deleting IAM policy";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclPolicy;
+        return ApiCommandJobType.IAMPolicy;
     }
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListAclGroupsCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListIAMGroupsCmd.java
similarity index 72%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListAclGroupsCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListIAMGroupsCmd.java
index 2e724932907..ece87fa3379 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListAclGroupsCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListIAMGroupsCmd.java
@@ -20,41 +20,41 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListDomainResourcesCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.response.ListResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
 
 
-@APICommand(name = "listAclGroups", description = "Lists acl groups", responseObject = AclGroupResponse.class)
-public class ListAclGroupsCmd extends BaseListDomainResourcesCmd {
-    public static final Logger s_logger = Logger.getLogger(ListAclGroupsCmd.class.getName());
+@APICommand(name = "listIAMGroups", description = "Lists iam groups", responseObject = IAMGroupResponse.class)
+public class ListIAMGroupsCmd extends BaseListDomainResourcesCmd {
+    public static final Logger s_logger = Logger.getLogger(ListIAMGroupsCmd.class.getName());
 
-    private static final String s_name = "listaclgroupsresponse";
+    private static final String s_name = "listiamgroupsresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
 
-    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, description = "lists acl groups by name")
-    private String aclGroupName;
+    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, description = "lists iam groups by name")
+    private String iamGroupName;
 
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "list the acl group by the id provided", entityType = AclGroupResponse.class)
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "list the iam group by the id provided", entityType = IAMGroupResponse.class)
     private Long id;
 
 
     /////////////////////////////////////////////////////
     /////////////////// Accessors ///////////////////////
     /////////////////////////////////////////////////////
-    public String getAclGroupName() {
-        return aclGroupName;
+    public String getIAMGroupName() {
+        return iamGroupName;
     }
 
 
@@ -74,7 +74,7 @@ public class ListAclGroupsCmd extends BaseListDomainResourcesCmd {
     @Override
     public void execute(){
 
-        ListResponse<AclGroupResponse> response = _aclApiSrv.listAclGroups(id, aclGroupName, getDomainId(),
+        ListResponse<IAMGroupResponse> response = _iamApiSrv.listIAMGroups(id, iamGroupName, getDomainId(),
                 getStartIndex(), getPageSizeVal());
         response.setResponseName(getCommandName());
         setResponseObject(response);
@@ -83,6 +83,6 @@ public class ListAclGroupsCmd extends BaseListDomainResourcesCmd {
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclGroup;
+        return ApiCommandJobType.IAMGroup;
     }
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListAclPoliciesCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListIAMPoliciesCmd.java
similarity index 72%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListAclPoliciesCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListIAMPoliciesCmd.java
index b5b2d8d01e4..096cc3b4ce8 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListAclPoliciesCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/ListIAMPoliciesCmd.java
@@ -20,41 +20,41 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListDomainResourcesCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.response.ListResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 
 
-@APICommand(name = "listAclPolicies", description = "Lists acl policies", responseObject = AclPolicyResponse.class)
-public class ListAclPoliciesCmd extends BaseListDomainResourcesCmd {
-    public static final Logger s_logger = Logger.getLogger(ListAclPoliciesCmd.class.getName());
+@APICommand(name = "listIAMPolicies", description = "Lists IAM policies", responseObject = IAMPolicyResponse.class)
+public class ListIAMPoliciesCmd extends BaseListDomainResourcesCmd {
+    public static final Logger s_logger = Logger.getLogger(ListIAMPoliciesCmd.class.getName());
 
-    private static final String s_name = "listaclpoliciesresponse";
+    private static final String s_name = "listiampoliciesresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
 
-    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, description = "lists acl policies by name")
-    private String aclPolicyName;
+    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, description = "lists iam policies by name")
+    private String iamPolicyName;
 
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "list the acl policy by the id provided", entityType = AclPolicyResponse.class)
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, description = "list the iam policy by the id provided", entityType = IAMPolicyResponse.class)
     private Long id;
 
 
     /////////////////////////////////////////////////////
     /////////////////// Accessors ///////////////////////
     /////////////////////////////////////////////////////
-    public String getAclPolicyName() {
-        return aclPolicyName;
+    public String getIAMPolicyName() {
+        return iamPolicyName;
     }
 
 
@@ -74,7 +74,7 @@ public class ListAclPoliciesCmd extends BaseListDomainResourcesCmd {
     @Override
     public void execute(){
 
-        ListResponse<AclPolicyResponse> response = _aclApiSrv.listAclPolicies(id, aclPolicyName, getDomainId(),
+        ListResponse<IAMPolicyResponse> response = _iamApiSrv.listIAMPolicies(id, iamPolicyName, getDomainId(),
                 getStartIndex(), getPageSizeVal());
         response.setResponseName(getCommandName());
         setResponseObject(response);
@@ -83,6 +83,6 @@ public class ListAclPoliciesCmd extends BaseListDomainResourcesCmd {
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclPolicy;
+        return ApiCommandJobType.IAMPolicy;
     }
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAccountFromAclGroupCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAccountFromIAMGroupCmd.java
similarity index 77%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAccountFromAclGroupCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAccountFromIAMGroupCmd.java
index a370e0a490b..5ff5039c7b0 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAccountFromAclGroupCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAccountFromIAMGroupCmd.java
@@ -22,7 +22,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -32,9 +32,9 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.AccountResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclGroup;
+import org.apache.cloudstack.iam.api.IAMGroup;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.InsufficientCapacityException;
@@ -42,13 +42,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "removeAccountFromAclGroup", description = "remove accounts from an acl group", responseObject = AclGroupResponse.class)
-public class RemoveAccountFromAclGroupCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(RemoveAccountFromAclGroupCmd.class.getName());
-    private static final String s_name = "removeaccountfromaclgroupresponse";
+@APICommand(name = "removeAccountFromIAMGroup", description = "remove accounts from an iam group", responseObject = IAMGroupResponse.class)
+public class RemoveAccountFromIAMGroupCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(RemoveAccountFromIAMGroupCmd.class.getName());
+    private static final String s_name = "removeaccountfromiamgroupresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -56,12 +56,12 @@ public class RemoveAccountFromAclGroupCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclGroupResponse.class,
-            required = true, description = "The ID of the acl group")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMGroupResponse.class,
+ required = true, description = "The ID of the iam group")
     private Long id;
 
     @ACL
-    @Parameter(name = ApiConstants.ACCOUNTS, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = AccountResponse.class, description = "comma separated list of account id that are going to be assigned to the acl group.")
+    @Parameter(name = ApiConstants.ACCOUNTS, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = AccountResponse.class, description = "comma separated list of account id that are going to be assigned to the iam group.")
     private List<Long> accountIdList;
 
 
@@ -98,30 +98,30 @@ public class RemoveAccountFromAclGroupCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl group Id: " + getId());
-        AclGroup result = _aclApiSrv.removeAccountsFromGroup(accountIdList, id);
+        CallContext.current().setEventDetails("IAM group Id: " + getId());
+        IAMGroup result = _iamApiSrv.removeAccountsFromGroup(accountIdList, id);
         if (result != null){
-            AclGroupResponse response = _aclApiSrv.createAclGroupResponse(result);
+            IAMGroupResponse response = _iamApiSrv.createIAMGroupResponse(result);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove accounts from acl group");
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove accounts from iam group");
         }
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_GROUP_UPDATE;
+        return EventTypes.EVENT_IAM_GROUP_UPDATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "removing accounts from acl group";
+        return "removing accounts from iam group";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclGroup;
+        return ApiCommandJobType.IAMGroup;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPermissionFromAclPolicyCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPermissionFromIAMPolicyCmd.java
similarity index 74%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPermissionFromAclPolicyCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPermissionFromIAMPolicyCmd.java
index 9236ef16561..db04ef7d22b 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPermissionFromAclPolicyCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPermissionFromIAMPolicyCmd.java
@@ -21,7 +21,7 @@ import javax.inject.Inject;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.acl.PermissionScope;
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -30,9 +30,9 @@ import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicy;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.InsufficientCapacityException;
@@ -40,13 +40,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "removeAclPermissionFromAclPolicy", description = "Remove acl permission from an acl policy", responseObject = AclPolicyResponse.class)
-public class RemoveAclPermissionFromAclPolicyCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(RemoveAclPermissionFromAclPolicyCmd.class.getName());
-    private static final String s_name = "removeaclpermissionfromaclpolicyresponse";
+@APICommand(name = "removeIAMPermissionFromIAMPolicy", description = "Remove iam permission from an iam policy", responseObject = IAMPolicyResponse.class)
+public class RemoveIAMPermissionFromIAMPolicyCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(RemoveIAMPermissionFromIAMPolicyCmd.class.getName());
+    private static final String s_name = "removeiampermissionfromiampolicyresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -54,21 +54,21 @@ public class RemoveAclPermissionFromAclPolicyCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclPolicyResponse.class,
-            required = true, description = "The ID of the acl policy")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMPolicyResponse.class,
+            required = true, description = "The ID of the iam policy")
     private Long id;
 
-    @Parameter(name = ApiConstants.ACL_ACTION, type = CommandType.STRING, required = true, description = "action api name.")
+    @Parameter(name = ApiConstants.IAM_ACTION, type = CommandType.STRING, required = true, description = "action api name.")
     private String action;
 
     @Parameter(name = ApiConstants.ENTITY_TYPE, type = CommandType.STRING, required = false, description = "entity class simple name.")
     private String entityType;
 
-    @Parameter(name = ApiConstants.ACL_SCOPE, type = CommandType.STRING,
-            required = false, description = "acl permission scope")
+    @Parameter(name = ApiConstants.IAM_SCOPE, type = CommandType.STRING,
+            required = false, description = "iam permission scope")
     private String scope;
 
-    @Parameter(name = ApiConstants.ACL_SCOPE_ID, type = CommandType.UUID, required = false, description = "The ID of the permission scope id")
+    @Parameter(name = ApiConstants.IAM_SCOPE_ID, type = CommandType.UUID, required = false, description = "The ID of the permission scope id")
     private Long scopeId;
 
 
@@ -118,30 +118,30 @@ public class RemoveAclPermissionFromAclPolicyCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl policy Id: " + getId());
-        AclPolicy result = _aclApiSrv.removeAclPermissionFromAclPolicy(id, entityType, PermissionScope.valueOf(scope), scopeId, action);
+        CallContext.current().setEventDetails("IAM policy Id: " + getId());
+        IAMPolicy result = _iamApiSrv.removeIAMPermissionFromIAMPolicy(id, entityType, PermissionScope.valueOf(scope), scopeId, action);
         if (result != null) {
-            AclPolicyResponse response = _aclApiSrv.createAclPolicyResponse(result);
+            IAMPolicyResponse response = _iamApiSrv.createIAMPolicyResponse(result);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove permission from acl policy " + getId());
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove permission from iam policy " + getId());
         }
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_POLICY_REVOKE;
+        return EventTypes.EVENT_IAM_POLICY_REVOKE;
     }
 
     @Override
     public String getEventDescription() {
-        return "removing permission from acl policy";
+        return "removing permission from iam policy";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclPolicy;
+        return ApiCommandJobType.IAMPolicy;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPolicyFromAccountCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPolicyFromAccountCmd.java
similarity index 76%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPolicyFromAccountCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPolicyFromAccountCmd.java
index bf2c4933047..b665e84e266 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPolicyFromAccountCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPolicyFromAccountCmd.java
@@ -22,7 +22,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -31,8 +31,8 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.SuccessResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
 
 import com.cloud.event.EventTypes;
@@ -41,13 +41,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "removeAclPolicyFromAccount", description = "remove acl policy from accounts", responseObject = SuccessResponse.class)
-public class RemoveAclPolicyFromAccountCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(RemoveAclPolicyFromAccountCmd.class.getName());
-    private static final String s_name = "removeaclpolicyfromaccountresponse";
+@APICommand(name = "removeIAMPolicyFromAccount", description = "remove iam policy from accounts", responseObject = SuccessResponse.class)
+public class RemoveIAMPolicyFromAccountCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(RemoveIAMPolicyFromAccountCmd.class.getName());
+    private static final String s_name = "removeiampolicyfromaccountresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -55,12 +55,12 @@ public class RemoveAclPolicyFromAccountCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclGroupResponse.class,
-            required = true, description = "The ID of the acl group")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMGroupResponse.class,
+ required = true, description = "The ID of the iam group")
     private Long id;
 
     @ACL
-    @Parameter(name = ApiConstants.ACCOUNTS, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = AclPolicyResponse.class, description = "comma separated list of acl policy id that are going to be applied to the acl group.")
+    @Parameter(name = ApiConstants.ACCOUNTS, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = IAMPolicyResponse.class, description = "comma separated list of iam policy id that are going to be applied to the iam group.")
     private List<Long> accountIdList;
 
 
@@ -97,8 +97,8 @@ public class RemoveAclPolicyFromAccountCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl policy Id: " + getId());
-        _aclApiSrv.removeAclPolicyFromAccounts(id, accountIdList);
+        CallContext.current().setEventDetails("IAM policy Id: " + getId());
+        _iamApiSrv.removeIAMPolicyFromAccounts(id, accountIdList);
         SuccessResponse response = new SuccessResponse();
         response.setResponseName(getCommandName());
         setResponseObject(response);
@@ -106,12 +106,12 @@ public class RemoveAclPolicyFromAccountCmd extends BaseAsyncCmd {
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_ACCOUNT_POLICY_UPDATE;
+        return EventTypes.EVENT_IAM_ACCOUNT_POLICY_UPDATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "removing acl policy from accounts";
+        return "removing iam policy from accounts";
     }
 
     @Override
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPolicyFromAclGroupCmd.java b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPolicyFromIAMGroupCmd.java
similarity index 71%
rename from services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPolicyFromAclGroupCmd.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPolicyFromIAMGroupCmd.java
index 88dfa7bd778..a99143d9f56 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveAclPolicyFromAclGroupCmd.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/command/iam/RemoveIAMPolicyFromIAMGroupCmd.java
@@ -22,7 +22,7 @@ import javax.inject.Inject;
 
 import org.apache.log4j.Logger;
 
-import org.apache.cloudstack.iam.AclApiService;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
@@ -31,10 +31,10 @@ import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.BaseAsyncCmd;
 import org.apache.cloudstack.api.Parameter;
 import org.apache.cloudstack.api.ServerApiException;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.iam.api.AclGroup;
+import org.apache.cloudstack.iam.api.IAMGroup;
 
 import com.cloud.event.EventTypes;
 import com.cloud.exception.InsufficientCapacityException;
@@ -42,13 +42,13 @@ import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.user.Account;
 
 
-@APICommand(name = "removeAclPolicyFromAclGroup", description = "remove acl policy from an acl group", responseObject = AclGroupResponse.class)
-public class RemoveAclPolicyFromAclGroupCmd extends BaseAsyncCmd {
-    public static final Logger s_logger = Logger.getLogger(RemoveAclPolicyFromAclGroupCmd.class.getName());
-    private static final String s_name = "removeaclpolicyfromaclgroupresponse";
+@APICommand(name = "removeIAMPolicyFromIAMGroup", description = "remove iam policy from an iam group", responseObject = IAMGroupResponse.class)
+public class RemoveIAMPolicyFromIAMGroupCmd extends BaseAsyncCmd {
+    public static final Logger s_logger = Logger.getLogger(RemoveIAMPolicyFromIAMGroupCmd.class.getName());
+    private static final String s_name = "removeiampolicyfromiamgroupresponse";
 
     @Inject
-    public AclApiService _aclApiSrv;
+    public IAMApiService _iamApiSrv;
 
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
@@ -56,12 +56,12 @@ public class RemoveAclPolicyFromAclGroupCmd extends BaseAsyncCmd {
 
 
     @ACL
-    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AclGroupResponse.class,
-            required = true, description = "The ID of the acl group")
+    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = IAMGroupResponse.class,
+ required = true, description = "The ID of the iam group")
     private Long id;
 
     @ACL
-    @Parameter(name = ApiConstants.ACL_POLICIES, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = AclPolicyResponse.class, description = "comma separated list of acl policy id that are going to be applied to the acl group.")
+    @Parameter(name = ApiConstants.IAM_POLICIES, type = CommandType.LIST, collectionType = CommandType.UUID, entityType = IAMPolicyResponse.class, description = "comma separated list of iam policy id that are going to be applied to the iam group.")
     private List<Long> policyIdList;
 
 
@@ -98,30 +98,30 @@ public class RemoveAclPolicyFromAclGroupCmd extends BaseAsyncCmd {
     @Override
     public void execute() throws ResourceUnavailableException,
             InsufficientCapacityException, ServerApiException {
-        CallContext.current().setEventDetails("Acl group Id: " + getId());
-        AclGroup result = _aclApiSrv.removeAclPoliciesFromGroup(policyIdList, id);
+        CallContext.current().setEventDetails("IAM group Id: " + getId());
+        IAMGroup result = _iamApiSrv.removeIAMPoliciesFromGroup(policyIdList, id);
         if (result != null){
-            AclGroupResponse response = _aclApiSrv.createAclGroupResponse(result);
+            IAMGroupResponse response = _iamApiSrv.createIAMGroupResponse(result);
             response.setResponseName(getCommandName());
             setResponseObject(response);
         } else {
-            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add roles to acl group");
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add roles to iam group");
         }
     }
 
     @Override
     public String getEventType() {
-        return EventTypes.EVENT_ACL_GROUP_UPDATE;
+        return EventTypes.EVENT_IAM_GROUP_UPDATE;
     }
 
     @Override
     public String getEventDescription() {
-        return "removing acl roles from acl group";
+        return "removing IAM roles from IAM group";
     }
 
     @Override
     public ApiCommandJobType getInstanceType() {
-        return ApiCommandJobType.AclGroup;
+        return ApiCommandJobType.IAMGroup;
     }
 
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclGroupResponse.java b/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMGroupResponse.java
similarity index 85%
rename from services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclGroupResponse.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMGroupResponse.java
index 8c4adc1cc39..af28d53ff3c 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclGroupResponse.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMGroupResponse.java
@@ -25,47 +25,47 @@ import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseResponse;
 import org.apache.cloudstack.api.EntityReference;
 import org.apache.cloudstack.api.response.ControlledViewEntityResponse;
-import org.apache.cloudstack.iam.api.AclGroup;
+import org.apache.cloudstack.iam.api.IAMGroup;
 
 import com.cloud.serializer.Param;
 
 @SuppressWarnings("unused")
-@EntityReference(value = AclGroup.class)
-public class AclGroupResponse extends BaseResponse implements ControlledViewEntityResponse {
+@EntityReference(value = IAMGroup.class)
+public class IAMGroupResponse extends BaseResponse implements ControlledViewEntityResponse {
 
     @SerializedName(ApiConstants.ID)
-    @Param(description = "the ID of the acl group")
+    @Param(description = "the ID of the iam group")
     private String id;
 
     @SerializedName(ApiConstants.NAME)
-    @Param(description = "the name of the acl group")
+    @Param(description = "the name of the iam group")
     private String name;
 
     @SerializedName(ApiConstants.DESCRIPTION)
-    @Param(description = "the description of the acl group")
+    @Param(description = "the description of the iam group")
     private String description;
 
     @SerializedName(ApiConstants.DOMAIN_ID)
-    @Param(description = "the domain ID of the acl group")
+    @Param(description = "the domain ID of the iam group")
     private String domainId;
 
     @SerializedName(ApiConstants.DOMAIN)
-    @Param(description = "the domain name of the acl role")
+    @Param(description = "the domain name of the iam role")
     private String domainName;
 
     @SerializedName(ApiConstants.ACCOUNT)
     @Param(description = "the account owning the policy")
     private String accountName;
 
-    @SerializedName(ApiConstants.ACL_MEMBER_ACCOUNTS)
-    @Param(description = "account names assigned to this acl group ")
+    @SerializedName(ApiConstants.IAM_MEMBER_ACCOUNTS)
+    @Param(description = "account names assigned to this iam group ")
     private Set<String> accountNameList;
 
-    @SerializedName(ApiConstants.ACL_POLICIES)
-    @Param(description = "acl policies attached to this acl group ")
+    @SerializedName(ApiConstants.IAM_POLICIES)
+    @Param(description = "iam policies attached to this iam group ")
     private Set<String> policyNameList;
 
-    public AclGroupResponse() {
+    public IAMGroupResponse() {
         accountNameList = new LinkedHashSet<String>();
         policyNameList = new LinkedHashSet<String>();
     }
@@ -181,7 +181,7 @@ public class AclGroupResponse extends BaseResponse implements ControlledViewEnti
             return false;
         if (getClass() != obj.getClass())
             return false;
-        AclGroupResponse other = (AclGroupResponse)obj;
+        IAMGroupResponse other = (IAMGroupResponse)obj;
         if (id == null) {
             if (other.id != null)
                 return false;
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclPermissionResponse.java b/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMPermissionResponse.java
similarity index 86%
rename from services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclPermissionResponse.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMPermissionResponse.java
index 68b4df9c496..b7af4dad4b2 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclPermissionResponse.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMPermissionResponse.java
@@ -22,13 +22,13 @@ import org.apache.cloudstack.acl.IAMEntityType;
 import org.apache.cloudstack.acl.PermissionScope;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseResponse;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
 
 import com.cloud.serializer.Param;
 
-public class AclPermissionResponse extends BaseResponse {
+public class IAMPermissionResponse extends BaseResponse {
 
-    @SerializedName(ApiConstants.ACL_ACTION)
+    @SerializedName(ApiConstants.IAM_ACTION)
     @Param(description = "action of this permission")
     private String action;
 
@@ -36,17 +36,17 @@ public class AclPermissionResponse extends BaseResponse {
     @Param(description = "the entity type of this permission")
     private IAMEntityType entityType;
 
-    @SerializedName(ApiConstants.ACL_SCOPE)
+    @SerializedName(ApiConstants.IAM_SCOPE)
     @Param(description = "scope of this permission")
     private PermissionScope scope;
 
-    @SerializedName(ApiConstants.ACL_SCOPE_ID)
+    @SerializedName(ApiConstants.IAM_SCOPE_ID)
     @Param(description = "scope id of this permission")
     private Long scopeId;
 
-    @SerializedName(ApiConstants.ACL_ALLOW_DENY)
+    @SerializedName(ApiConstants.IAM_ALLOW_DENY)
     @Param(description = "allow or deny of this permission")
-    private AclPolicyPermission.Permission permission;
+    private IAMPolicyPermission.Permission permission;
 
     public IAMEntityType getEntityType() {
         return entityType;
@@ -80,11 +80,11 @@ public class AclPermissionResponse extends BaseResponse {
         this.scopeId = scopeId;
     }
 
-    public AclPolicyPermission.Permission getPermission() {
+    public IAMPolicyPermission.Permission getPermission() {
         return permission;
     }
 
-    public void setPermission(AclPolicyPermission.Permission permission) {
+    public void setPermission(IAMPolicyPermission.Permission permission) {
         this.permission = permission;
     }
 
@@ -107,7 +107,7 @@ public class AclPermissionResponse extends BaseResponse {
             return false;
         if (getClass() != obj.getClass())
             return false;
-        AclPermissionResponse other = (AclPermissionResponse) obj;
+        IAMPermissionResponse other = (IAMPermissionResponse) obj;
         if ((entityType == null && other.entityType != null) || !entityType.equals(other.entityType)) {
             return false;
         } else if ((action == null && other.action != null) || !action.equals(other.action)) {
diff --git a/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclPolicyResponse.java b/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMPolicyResponse.java
similarity index 79%
rename from services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclPolicyResponse.java
rename to services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMPolicyResponse.java
index 12d90deaa94..dc29369a39c 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/AclPolicyResponse.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/api/response/iam/IAMPolicyResponse.java
@@ -25,44 +25,44 @@ import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseResponse;
 import org.apache.cloudstack.api.EntityReference;
 import org.apache.cloudstack.api.response.ControlledViewEntityResponse;
-import org.apache.cloudstack.iam.api.AclPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicy;
 
 import com.cloud.serializer.Param;
 
 @SuppressWarnings("unused")
-@EntityReference(value = AclPolicy.class)
-public class AclPolicyResponse extends BaseResponse implements ControlledViewEntityResponse {
+@EntityReference(value = IAMPolicy.class)
+public class IAMPolicyResponse extends BaseResponse implements ControlledViewEntityResponse {
 
     @SerializedName(ApiConstants.ID)
-    @Param(description = "the ID of the acl policy")
+    @Param(description = "the ID of the iam policy")
     private String id;
 
     @SerializedName(ApiConstants.NAME)
-    @Param(description = "the name of the acl policy")
+    @Param(description = "the name of the iam policy")
     private String name;
 
     @SerializedName(ApiConstants.DESCRIPTION)
-    @Param(description = "the description of the acl policy")
+    @Param(description = "the description of the iam policy")
     private String description;
 
     @SerializedName(ApiConstants.DOMAIN_ID)
-    @Param(description = "the domain ID of the acl policy")
+    @Param(description = "the domain ID of the iam policy")
     private String domainId;
 
     @SerializedName(ApiConstants.DOMAIN)
-    @Param(description = "the domain name of the acl policy")
+    @Param(description = "the domain name of the iam policy")
     private String domainName;
 
     @SerializedName(ApiConstants.ACCOUNT)
     @Param(description = "the account owning the policy")
     private String accountName;
 
-    @SerializedName(ApiConstants.ACL_PERMISSIONS)
-    @Param(description = "set of permissions for the acl policy")
-    private Set<AclPermissionResponse> permissionList;
+    @SerializedName(ApiConstants.IAM_PERMISSIONS)
+    @Param(description = "set of permissions for the iam policy")
+    private Set<IAMPermissionResponse> permissionList;
 
-    public AclPolicyResponse() {
-        permissionList = new LinkedHashSet<AclPermissionResponse>();
+    public IAMPolicyResponse() {
+        permissionList = new LinkedHashSet<IAMPermissionResponse>();
     }
 
     @Override
@@ -98,15 +98,15 @@ public class AclPolicyResponse extends BaseResponse implements ControlledViewEnt
         this.domainName = domainName;
     }
 
-    public Set<AclPermissionResponse> getPermissionList() {
+    public Set<IAMPermissionResponse> getPermissionList() {
         return permissionList;
     }
 
-    public void setPermissionList(Set<AclPermissionResponse> perms) {
+    public void setPermissionList(Set<IAMPermissionResponse> perms) {
         permissionList = perms;
     }
 
-    public void addPermission(AclPermissionResponse perm) {
+    public void addPermission(IAMPermissionResponse perm) {
         permissionList.add(perm);
     }
 
@@ -163,7 +163,7 @@ public class AclPolicyResponse extends BaseResponse implements ControlledViewEnt
             return false;
         if (getClass() != obj.getClass())
             return false;
-        AclPolicyResponse other = (AclPolicyResponse) obj;
+        IAMPolicyResponse other = (IAMPolicyResponse) obj;
         if (id == null) {
             if (other.id != null)
                 return false;
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/AclApiService.java b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiService.java
similarity index 55%
rename from services/iam/plugin/src/org/apache/cloudstack/iam/AclApiService.java
rename to services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiService.java
index 0cb1e228b85..b9e680a5da6 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/AclApiService.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiService.java
@@ -21,50 +21,50 @@ import java.util.List;
 import org.apache.cloudstack.acl.PermissionScope;
 import org.apache.cloudstack.acl.SecurityChecker.AccessType;
 import org.apache.cloudstack.api.response.ListResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 
 import com.cloud.user.Account;
 import com.cloud.utils.component.PluggableService;
 
-public interface AclApiService extends PluggableService {
+public interface IAMApiService extends PluggableService {
 
     /* ACL group related interfaces */
-    AclGroup createAclGroup(Account caller, String aclGroupName, String description);
+    IAMGroup createIAMGroup(Account caller, String iamGroupName, String description);
 
-    boolean deleteAclGroup(Long aclGroupId);
+    boolean deleteIAMGroup(Long iamGroupId);
 
-    List<AclGroup> listAclGroups(long accountId);
+    List<IAMGroup> listIAMGroups(long accountId);
 
-    AclGroup addAccountsToGroup(List<Long> acctIds, Long groupId);
+    IAMGroup addAccountsToGroup(List<Long> acctIds, Long groupId);
 
-    AclGroup removeAccountsFromGroup(List<Long> acctIds, Long groupId);
+    IAMGroup removeAccountsFromGroup(List<Long> acctIds, Long groupId);
 
-    /* ACL Policy related interfaces */
-    AclPolicy createAclPolicy(Account caller, String aclPolicyName, String description, Long parentPolicyId);
+    /* IAM Policy related interfaces */
+    IAMPolicy createIAMPolicy(Account caller, String iamPolicyName, String description, Long parentPolicyId);
 
-    boolean deleteAclPolicy(long aclPolicyId);
+    boolean deleteIAMPolicy(long iamPolicyId);
 
-    List<AclPolicy> listAclPolicies(long accountId);
+    List<IAMPolicy> listIAMPolicies(long accountId);
 
-    AclGroup attachAclPoliciesToGroup(List<Long> policyIds, Long groupId);
+    IAMGroup attachIAMPoliciesToGroup(List<Long> policyIds, Long groupId);
 
-    AclGroup removeAclPoliciesFromGroup(List<Long> policyIds, Long groupId);
+    IAMGroup removeIAMPoliciesFromGroup(List<Long> policyIds, Long groupId);
 
-    void attachAclPolicyToAccounts(Long policyId, List<Long> accountIds);
+    void attachIAMPolicyToAccounts(Long policyId, List<Long> accountIds);
 
-    void removeAclPolicyFromAccounts(Long policyId, List<Long> accountIds);
+    void removeIAMPolicyFromAccounts(Long policyId, List<Long> accountIds);
 
-    AclPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, PermissionScope scope, Long scopeId,
+    IAMPolicy addIAMPermissionToIAMPolicy(long iamPolicyId, String entityType, PermissionScope scope, Long scopeId,
             String action, Permission perm, Boolean recursive);
 
-    AclPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, PermissionScope scope, Long scopeId, String action);
+    IAMPolicy removeIAMPermissionFromIAMPolicy(long iamPolicyId, String entityType, PermissionScope scope, Long scopeId, String action);
 
-    AclPolicyPermission getAclPolicyPermission(long accountId, String entityType, String action);
+    IAMPolicyPermission getIAMPolicyPermission(long accountId, String entityType, String action);
 
     /* Utility routine to grant/revoke invidivual resource to list of accounts */
     void grantEntityPermissioinToAccounts(String entityType, Long entityId, AccessType accessType, String action, List<Long> accountIds);
@@ -72,13 +72,13 @@ public interface AclApiService extends PluggableService {
     void revokeEntityPermissioinFromAccounts(String entityType, Long entityId, AccessType accessType, String action, List<Long> accountIds);
 
     /* Response Generation */
-    AclPolicyResponse createAclPolicyResponse(AclPolicy policy);
+    IAMPolicyResponse createIAMPolicyResponse(IAMPolicy policy);
 
-    AclGroupResponse createAclGroupResponse(AclGroup group);
+    IAMGroupResponse createIAMGroupResponse(IAMGroup group);
 
-    ListResponse<AclGroupResponse> listAclGroups(Long aclGroupId, String aclGroupName,
+    ListResponse<IAMGroupResponse> listIAMGroups(Long iamGroupId, String iamGroupName,
             Long domainId, Long startIndex, Long pageSize);
 
-    ListResponse<AclPolicyResponse> listAclPolicies(Long aclPolicyId, String aclPolicyName,
+    ListResponse<IAMPolicyResponse> listIAMPolicies(Long iamPolicyId, String iamPolicyName,
             Long domainId, Long startIndex, Long pageSize);
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/AclApiServiceImpl.java b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
similarity index 74%
rename from services/iam/plugin/src/org/apache/cloudstack/iam/AclApiServiceImpl.java
rename to services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
index 996f8d4de3f..de57a41ea8f 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/AclApiServiceImpl.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
@@ -33,31 +33,31 @@ import org.apache.cloudstack.acl.PermissionScope;
 import org.apache.cloudstack.acl.SecurityChecker.AccessType;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListCmd;
-import org.apache.cloudstack.api.command.iam.AddAccountToAclGroupCmd;
-import org.apache.cloudstack.api.command.iam.AddAclPermissionToAclPolicyCmd;
-import org.apache.cloudstack.api.command.iam.AttachAclPolicyToAccountCmd;
-import org.apache.cloudstack.api.command.iam.AttachAclPolicyToAclGroupCmd;
-import org.apache.cloudstack.api.command.iam.CreateAclGroupCmd;
-import org.apache.cloudstack.api.command.iam.CreateAclPolicyCmd;
-import org.apache.cloudstack.api.command.iam.DeleteAclGroupCmd;
-import org.apache.cloudstack.api.command.iam.DeleteAclPolicyCmd;
-import org.apache.cloudstack.api.command.iam.ListAclGroupsCmd;
-import org.apache.cloudstack.api.command.iam.ListAclPoliciesCmd;
-import org.apache.cloudstack.api.command.iam.RemoveAccountFromAclGroupCmd;
-import org.apache.cloudstack.api.command.iam.RemoveAclPermissionFromAclPolicyCmd;
-import org.apache.cloudstack.api.command.iam.RemoveAclPolicyFromAccountCmd;
-import org.apache.cloudstack.api.command.iam.RemoveAclPolicyFromAclGroupCmd;
+import org.apache.cloudstack.api.command.iam.AddAccountToIAMGroupCmd;
+import org.apache.cloudstack.api.command.iam.AddIAMPermissionToIAMPolicyCmd;
+import org.apache.cloudstack.api.command.iam.AttachIAMPolicyToAccountCmd;
+import org.apache.cloudstack.api.command.iam.AttachIAMPolicyToIAMGroupCmd;
+import org.apache.cloudstack.api.command.iam.CreateIAMGroupCmd;
+import org.apache.cloudstack.api.command.iam.CreateIAMPolicyCmd;
+import org.apache.cloudstack.api.command.iam.DeleteIAMGroupCmd;
+import org.apache.cloudstack.api.command.iam.DeleteIAMPolicyCmd;
+import org.apache.cloudstack.api.command.iam.ListIAMGroupsCmd;
+import org.apache.cloudstack.api.command.iam.ListIAMPoliciesCmd;
+import org.apache.cloudstack.api.command.iam.RemoveAccountFromIAMGroupCmd;
+import org.apache.cloudstack.api.command.iam.RemoveIAMPermissionFromIAMPolicyCmd;
+import org.apache.cloudstack.api.command.iam.RemoveIAMPolicyFromAccountCmd;
+import org.apache.cloudstack.api.command.iam.RemoveIAMPolicyFromIAMGroupCmd;
 import org.apache.cloudstack.api.response.ListResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
-import org.apache.cloudstack.api.response.iam.AclPermissionResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMPermissionResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.framework.messagebus.MessageBus;
 import org.apache.cloudstack.framework.messagebus.MessageSubscriber;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 import org.apache.cloudstack.iam.api.IAMService;
 
 import com.cloud.api.ApiServerService;
@@ -79,10 +79,10 @@ import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.db.DB;
 import com.cloud.utils.db.EntityManager;
 
-@Local(value = {AclApiService.class})
-public class AclApiServiceImpl extends ManagerBase implements AclApiService, Manager {
+@Local(value = {IAMApiService.class})
+public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Manager {
 
-    public static final Logger s_logger = Logger.getLogger(AclApiServiceImpl.class);
+    public static final Logger s_logger = Logger.getLogger(IAMApiServiceImpl.class);
     private String _name;
 
     @Inject
@@ -113,16 +113,16 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
                     Long groupId = acctGroupMap.get(accountId);
                     s_logger.debug("MessageBus message: new Account Added: " + accountId + ", adding it to groupId :"
                             + groupId);
-                    addAccountToAclGroup(accountId, groupId);
+                    addAccountToIAMGroup(accountId, groupId);
                     // add it to domain group too
                     AccountVO account = _accountDao.findById(accountId);
                     Domain domain = _domainDao.findById(account.getDomainId());
                     if (domain != null) {
-                        List<AclGroup> domainGroups = listDomainGroup(domain);
+                        List<IAMGroup> domainGroups = listDomainGroup(domain);
 
                         if (domainGroups != null) {
-                            for (AclGroup group : domainGroups) {
-                                addAccountToAclGroup(accountId, new Long(group.getId()));
+                            for (IAMGroup group : domainGroups) {
+                                addAccountToIAMGroup(accountId, new Long(group.getId()));
                             }
                         }
                     }
@@ -137,7 +137,7 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
                 if (accountId != null) {
                     s_logger.debug("MessageBus message: Account removed: " + accountId
                             + ", releasing the group associations");
-                    removeAccountFromAclGroups(accountId);
+                    removeAccountFromIAMGroups(accountId);
                 }
             }
         });
@@ -161,8 +161,8 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
                 if (domainId != null) {
                     s_logger.debug("MessageBus message: Domain removed: " + domainId + ", removing the domain group");
                     Domain domain = _domainDao.findById(domainId);
-                    List<AclGroup> groups = listDomainGroup(domain);
-                    for (AclGroup group : groups) {
+                    List<IAMGroup> groups = listDomainGroup(domain);
+                    for (IAMGroup group : groups) {
                         _iamSrv.deleteAclGroup(group.getId());
                     }
                 }
@@ -216,7 +216,7 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
                     String entityType = (String)permit.get(ApiConstants.ENTITY_TYPE);
                     Long entityId = (Long)permit.get(ApiConstants.ENTITY_ID);
                     AccessType accessType = (AccessType)permit.get(ApiConstants.ACCESS_TYPE);
-                    String action = (String)permit.get(ApiConstants.ACL_ACTION);
+                    String action = (String)permit.get(ApiConstants.IAM_ACTION);
                     List<Long> acctIds = (List<Long>)permit.get(ApiConstants.ACCOUNTS);
                     s_logger.debug("MessageBus message: grant accounts permission to an entity: (" + entityType + "," + entityId + ")");
                     grantEntityPermissioinToAccounts(entityType, entityId, accessType, action, acctIds);
@@ -232,7 +232,7 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
                     String entityType = (String)permit.get(ApiConstants.ENTITY_TYPE);
                     Long entityId = (Long)permit.get(ApiConstants.ENTITY_ID);
                     AccessType accessType = (AccessType)permit.get(ApiConstants.ACCESS_TYPE);
-                    String action = (String)permit.get(ApiConstants.ACL_ACTION);
+                    String action = (String)permit.get(ApiConstants.IAM_ACTION);
                     List<Long> acctIds = (List<Long>)permit.get(ApiConstants.ACCOUNTS);
                     s_logger.debug("MessageBus message: revoke from accounts permission to an entity: (" + entityType + "," + entityId + ")");
                     revokeEntityPermissioinFromAccounts(entityType, entityId, accessType, action, acctIds);
@@ -275,15 +275,15 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
 
        Domain domain = _domainDao.findById(domainId);
        if (domain != null) {
-            AclPolicy policy = _iamSrv.createAclPolicy(policyName, description, null, domain.getPath());
+            IAMPolicy policy = _iamSrv.createAclPolicy(policyName, description, null, domain.getPath());
             _iamSrv.addAclPermissionToAclPolicy(policy.getId(), entityType, PermissionScope.RESOURCE.toString(),
                     entityId, action, accessType.toString(), Permission.Allow, recursive);
             List<Long> policyList = new ArrayList<Long>();
             policyList.add(new Long(policy.getId()));
 
-           List<AclGroup> domainGroups = listDomainGroup(domain);
+           List<IAMGroup> domainGroups = listDomainGroup(domain);
            if (domainGroups != null) {
-               for (AclGroup group : domainGroups) {
+               for (IAMGroup group : domainGroups) {
                    _iamSrv.attachAclPoliciesToGroup(policyList, group.getId());
                }
            }
@@ -292,49 +292,49 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_GROUP_CREATE, eventDescription = "Creating Acl Group", create = true)
-    public AclGroup createAclGroup(Account caller, String aclGroupName, String description) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_CREATE, eventDescription = "Creating Acl Group", create = true)
+    public IAMGroup createIAMGroup(Account caller, String iamGroupName, String description) {
         Long domainId = caller.getDomainId();
         Domain callerDomain = _domainDao.findById(domainId);
         if (callerDomain == null) {
             throw new InvalidParameterValueException("Caller does not have a domain");
         }
-        return _iamSrv.createAclGroup(aclGroupName, description, callerDomain.getPath());
+        return _iamSrv.createAclGroup(iamGroupName, description, callerDomain.getPath());
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_GROUP_DELETE, eventDescription = "Deleting Acl Group")
-    public boolean deleteAclGroup(final Long aclGroupId) {
-        return _iamSrv.deleteAclGroup(aclGroupId);
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_DELETE, eventDescription = "Deleting Acl Group")
+    public boolean deleteIAMGroup(final Long iamGroupId) {
+        return _iamSrv.deleteAclGroup(iamGroupId);
     }
 
     @Override
-    public List<AclGroup> listAclGroups(long accountId) {
+    public List<IAMGroup> listIAMGroups(long accountId) {
         return _iamSrv.listAclGroups(accountId);
     }
 
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_GROUP_UPDATE, eventDescription = "Adding accounts to acl group")
-    public AclGroup addAccountsToGroup(final List<Long> acctIds, final Long groupId) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_UPDATE, eventDescription = "Adding accounts to acl group")
+    public IAMGroup addAccountsToGroup(final List<Long> acctIds, final Long groupId) {
         return _iamSrv.addAccountsToGroup(acctIds, groupId);
     }
 
 
-    private void removeAccountFromAclGroups(long accountId) {
-        List<AclGroup> groups = listAclGroups(accountId);
+    private void removeAccountFromIAMGroups(long accountId) {
+        List<IAMGroup> groups = listIAMGroups(accountId);
         List<Long> accts = new ArrayList<Long>();
         accts.add(accountId);
         if (groups != null) {
-            for (AclGroup grp : groups) {
+            for (IAMGroup grp : groups) {
                 removeAccountsFromGroup(accts, grp.getId());
             }
         }
     }
 
-    private void addAccountToAclGroup(long accountId, long groupId) {
+    private void addAccountToIAMGroup(long accountId, long groupId) {
         List<Long> accts = new ArrayList<Long>();
         accts.add(accountId);
         addAccountsToGroup(accts, groupId);
@@ -342,96 +342,96 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_GROUP_UPDATE, eventDescription = "Removing accounts from acl group")
-    public AclGroup removeAccountsFromGroup(final List<Long> acctIds, final Long groupId) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_UPDATE, eventDescription = "Removing accounts from acl group")
+    public IAMGroup removeAccountsFromGroup(final List<Long> acctIds, final Long groupId) {
         return _iamSrv.removeAccountsFromGroup(acctIds, groupId);
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_POLICY_CREATE, eventDescription = "Creating Acl Policy", create = true)
-    public AclPolicy createAclPolicy(Account caller, final String aclPolicyName, final String description, final Long parentPolicyId) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_POLICY_CREATE, eventDescription = "Creating IAM Policy", create = true)
+    public IAMPolicy createIAMPolicy(Account caller, final String iamPolicyName, final String description, final Long parentPolicyId) {
         Long domainId = caller.getDomainId();
         Domain callerDomain = _domainDao.findById(domainId);
         if (callerDomain == null) {
             throw new InvalidParameterValueException("Caller does not have a domain");
         }
-        return _iamSrv.createAclPolicy(aclPolicyName, description, parentPolicyId, callerDomain.getPath());
+        return _iamSrv.createAclPolicy(iamPolicyName, description, parentPolicyId, callerDomain.getPath());
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_POLICY_DELETE, eventDescription = "Deleting Acl Policy")
-    public boolean deleteAclPolicy(final long aclPolicyId) {
-        return _iamSrv.deleteAclPolicy(aclPolicyId);
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_POLICY_DELETE, eventDescription = "Deleting IAM Policy")
+    public boolean deleteIAMPolicy(final long iamPolicyId) {
+        return _iamSrv.deleteAclPolicy(iamPolicyId);
     }
 
 
     @Override
-    public List<AclPolicy> listAclPolicies(long accountId) {
+    public List<IAMPolicy> listIAMPolicies(long accountId) {
         return _iamSrv.listAclPolicies(accountId);
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_GROUP_UPDATE, eventDescription = "Attaching policy to acl group")
-    public AclGroup attachAclPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_UPDATE, eventDescription = "Attaching policy to acl group")
+    public IAMGroup attachIAMPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
         return _iamSrv.attachAclPoliciesToGroup(policyIds, groupId);
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_GROUP_UPDATE, eventDescription = "Removing policies from acl group")
-    public AclGroup removeAclPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_UPDATE, eventDescription = "Removing policies from acl group")
+    public IAMGroup removeIAMPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
         return _iamSrv.removeAclPoliciesFromGroup(policyIds, groupId);
     }
 
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_ACCOUNT_POLICY_UPDATE, eventDescription = "Attaching policy to accounts")
-    public void attachAclPolicyToAccounts(final Long policyId, final List<Long> accountIds) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_ACCOUNT_POLICY_UPDATE, eventDescription = "Attaching policy to accounts")
+    public void attachIAMPolicyToAccounts(final Long policyId, final List<Long> accountIds) {
         _iamSrv.attachAclPolicyToAccounts(policyId, accountIds);
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_ACCOUNT_POLICY_UPDATE, eventDescription = "Removing policy from accounts")
-    public void removeAclPolicyFromAccounts(final Long policyId, final List<Long> accountIds) {
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_ACCOUNT_POLICY_UPDATE, eventDescription = "Removing policy from accounts")
+    public void removeIAMPolicyFromAccounts(final Long policyId, final List<Long> accountIds) {
         _iamSrv.removeAclPolicyFromAccounts(policyId, accountIds);
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_POLICY_GRANT, eventDescription = "Granting acl permission to Acl Policy")
-    public AclPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, PermissionScope scope,
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_POLICY_GRANT, eventDescription = "Granting acl permission to IAM Policy")
+    public IAMPolicy addIAMPermissionToIAMPolicy(long iamPolicyId, String entityType, PermissionScope scope,
             Long scopeId, String action, Permission perm, Boolean recursive) {
         Class<?> cmdClass = _apiServer.getCmdClass(action);
         AccessType accessType = null;
         if (BaseListCmd.class.isAssignableFrom(cmdClass)) {
             accessType = AccessType.UseEntry;
         }
-        return _iamSrv.addAclPermissionToAclPolicy(aclPolicyId, entityType, scope.toString(), scopeId, action,
+        return _iamSrv.addAclPermissionToAclPolicy(iamPolicyId, entityType, scope.toString(), scopeId, action,
                 accessType.toString(), perm, recursive);
     }
 
     @DB
     @Override
-    @ActionEvent(eventType = EventTypes.EVENT_ACL_POLICY_REVOKE, eventDescription = "Revoking acl permission from Acl Policy")
-    public AclPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, PermissionScope scope, Long scopeId, String action) {
-        return _iamSrv.removeAclPermissionFromAclPolicy(aclPolicyId, entityType, scope.toString(), scopeId, action);
+    @ActionEvent(eventType = EventTypes.EVENT_IAM_POLICY_REVOKE, eventDescription = "Revoking acl permission from IAM Policy")
+    public IAMPolicy removeIAMPermissionFromIAMPolicy(long iamPolicyId, String entityType, PermissionScope scope, Long scopeId, String action) {
+        return _iamSrv.removeAclPermissionFromAclPolicy(iamPolicyId, entityType, scope.toString(), scopeId, action);
     }
 
     @Override
-    public AclPolicyPermission getAclPolicyPermission(long accountId, String entityType, String action) {
-        List<AclPolicy> policies = _iamSrv.listAclPolicies(accountId);
-        AclPolicyPermission curPerm = null;
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermission> perms = _iamSrv.listPolicyPermissionByActionAndEntity(policy.getId(), action,
+    public IAMPolicyPermission getIAMPolicyPermission(long accountId, String entityType, String action) {
+        List<IAMPolicy> policies = _iamSrv.listAclPolicies(accountId);
+        IAMPolicyPermission curPerm = null;
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermission> perms = _iamSrv.listPolicyPermissionByActionAndEntity(policy.getId(), action,
                     entityType);
             if (perms == null || perms.size() == 0)
                 continue;
-            AclPolicyPermission perm = perms.get(0); // just pick one
+            IAMPolicyPermission perm = perms.get(0); // just pick one
             if (curPerm == null) {
                 curPerm = perm;
             } else if (PermissionScope.valueOf(perm.getScope()).greaterThan(PermissionScope.valueOf(curPerm.getScope()))) {
@@ -445,8 +445,8 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
 
 
     @Override
-    public AclPolicyResponse createAclPolicyResponse(AclPolicy policy) {
-        AclPolicyResponse response = new AclPolicyResponse();
+    public IAMPolicyResponse createIAMPolicyResponse(IAMPolicy policy) {
+        IAMPolicyResponse response = new IAMPolicyResponse();
         response.setId(policy.getUuid());
         response.setName(policy.getName());
         response.setDescription(policy.getDescription());
@@ -464,10 +464,10 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
             response.setAccountName(owner.getAccountName());
         }
         // find permissions associated with this policy
-        List<AclPolicyPermission> permissions = _iamSrv.listPolicyPermissions(policy.getId());
+        List<IAMPolicyPermission> permissions = _iamSrv.listPolicyPermissions(policy.getId());
         if (permissions != null && permissions.size() > 0) {
-            for (AclPolicyPermission permission : permissions) {
-                AclPermissionResponse perm = new AclPermissionResponse();
+            for (IAMPolicyPermission permission : permissions) {
+                IAMPermissionResponse perm = new IAMPermissionResponse();
                 perm.setAction(permission.getAction());
                 if (permission.getEntityType() != null) {
                     perm.setEntityType(IAMEntityType.valueOf(permission.getEntityType()));
@@ -485,8 +485,8 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
     }
 
     @Override
-    public AclGroupResponse createAclGroupResponse(AclGroup group) {
-        AclGroupResponse response = new AclGroupResponse();
+    public IAMGroupResponse createIAMGroupResponse(IAMGroup group) {
+        IAMGroupResponse response = new IAMGroupResponse();
         response.setId(group.getUuid());
         response.setName(group.getName());
         response.setDescription(group.getDescription());
@@ -515,9 +515,9 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
         }
 
         // find all the policies attached to this group
-        List<AclPolicy> policies = _iamSrv.listAclPoliciesByGroup(group.getId());
+        List<IAMPolicy> policies = _iamSrv.listAclPoliciesByGroup(group.getId());
         if (policies != null && policies.size() > 0) {
-            for (AclPolicy policy : policies) {
+            for (IAMPolicy policy : policies) {
                 response.addPolicy(policy.getName());
             }
         }
@@ -527,21 +527,21 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
 
     }
 
-    public List<AclGroup> listDomainGroup(Domain domain) {
+    public List<IAMGroup> listDomainGroup(Domain domain) {
 
         if (domain != null) {
             String domainPath = domain.getPath();
             // search for groups
-            Pair<List<AclGroup>, Integer> result = _iamSrv.listAclGroups(null, "DomainGrp-" + domain.getUuid(),
+            Pair<List<IAMGroup>, Integer> result = _iamSrv.listAclGroups(null, "DomainGrp-" + domain.getUuid(),
                     domainPath, null, null);
             return result.first();
         }
-        return new ArrayList<AclGroup>();
+        return new ArrayList<IAMGroup>();
 
     }
 
     @Override
-    public ListResponse<AclGroupResponse> listAclGroups(Long aclGroupId, String aclGroupName, Long domainId, Long startIndex, Long pageSize) {
+    public ListResponse<IAMGroupResponse> listIAMGroups(Long iamGroupId, String iamGroupName, Long domainId, Long startIndex, Long pageSize) {
         // acl check
         Account caller = CallContext.current().getCallingAccount();
 
@@ -558,12 +558,12 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
         }
         String domainPath = domain.getPath();
         // search for groups
-        Pair<List<AclGroup>, Integer> result = _iamSrv.listAclGroups(aclGroupId, aclGroupName, domainPath, startIndex, pageSize);
+        Pair<List<IAMGroup>, Integer> result = _iamSrv.listAclGroups(iamGroupId, iamGroupName, domainPath, startIndex, pageSize);
         // generate group response
-        ListResponse<AclGroupResponse> response = new ListResponse<AclGroupResponse>();
-        List<AclGroupResponse> groupResponses = new ArrayList<AclGroupResponse>();
-        for (AclGroup group : result.first()) {
-            AclGroupResponse resp = createAclGroupResponse(group);
+        ListResponse<IAMGroupResponse> response = new ListResponse<IAMGroupResponse>();
+        List<IAMGroupResponse> groupResponses = new ArrayList<IAMGroupResponse>();
+        for (IAMGroup group : result.first()) {
+            IAMGroupResponse resp = createIAMGroupResponse(group);
             groupResponses.add(resp);
         }
         response.setResponses(groupResponses, result.second());
@@ -571,7 +571,7 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
     }
 
     @Override
-    public ListResponse<AclPolicyResponse> listAclPolicies(Long aclPolicyId, String aclPolicyName, Long domainId, Long startIndex,
+    public ListResponse<IAMPolicyResponse> listIAMPolicies(Long iamPolicyId, String iamPolicyName, Long domainId, Long startIndex,
             Long pageSize) {
         // acl check
         Account caller = CallContext.current().getCallingAccount();
@@ -589,12 +589,12 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
         }
         String domainPath = domain.getPath();
         // search for policies
-        Pair<List<AclPolicy>, Integer> result = _iamSrv.listAclPolicies(aclPolicyId, aclPolicyName, domainPath, startIndex, pageSize);
+        Pair<List<IAMPolicy>, Integer> result = _iamSrv.listAclPolicies(iamPolicyId, iamPolicyName, domainPath, startIndex, pageSize);
         // generate policy response
-        ListResponse<AclPolicyResponse> response = new ListResponse<AclPolicyResponse>();
-        List<AclPolicyResponse> policyResponses = new ArrayList<AclPolicyResponse>();
-        for (AclPolicy policy : result.first()) {
-            AclPolicyResponse resp = createAclPolicyResponse(policy);
+        ListResponse<IAMPolicyResponse> response = new ListResponse<IAMPolicyResponse>();
+        List<IAMPolicyResponse> policyResponses = new ArrayList<IAMPolicyResponse>();
+        for (IAMPolicy policy : result.first()) {
+            IAMPolicyResponse resp = createIAMPolicyResponse(policy);
             policyResponses.add(resp);
         }
         response.setResponses(policyResponses, result.second());
@@ -604,21 +604,21 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
     @Override
     public void grantEntityPermissioinToAccounts(String entityType, Long entityId, AccessType accessType, String action, List<Long> accountIds) {
         // check if there is already a policy with only this permission added to it
-        AclPolicy policy = _iamSrv.getResourceGrantPolicy(entityType, entityId, accessType.toString(), action);
+        IAMPolicy policy = _iamSrv.getResourceGrantPolicy(entityType, entityId, accessType.toString(), action);
         if (policy == null) {
             // not found, just create a policy with resource grant permission
             Account caller = CallContext.current().getCallingAccount();
             String aclPolicyName = "policyGrant" + entityType + entityId;
             String description = "Policy to grant permission to " + entityType + entityId;
-            policy = createAclPolicy(caller, aclPolicyName, description, null);
+            policy = createIAMPolicy(caller, aclPolicyName, description, null);
             // add permission to this policy
-            addAclPermissionToAclPolicy(policy.getId(), entityType, PermissionScope.RESOURCE, entityId, action, Permission.Allow, false);
+            addIAMPermissionToIAMPolicy(policy.getId(), entityType, PermissionScope.RESOURCE, entityId, action, Permission.Allow, false);
         }
         // attach this policy to list of accounts if not attached already
         Long policyId = policy.getId();
         for (Long acctId : accountIds) {
             if (!isPolicyAttachedToAccount(policyId, acctId)) {
-                attachAclPolicyToAccounts(policyId, Collections.singletonList(acctId));
+                attachIAMPolicyToAccounts(policyId, Collections.singletonList(acctId));
             }
         }
     }
@@ -626,7 +626,7 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
     @Override
     public void revokeEntityPermissioinFromAccounts(String entityType, Long entityId, AccessType accessType, String action, List<Long> accountIds) {
         // there should already a policy with only this permission added to it, this call is mainly used
-        AclPolicy policy = _iamSrv.getResourceGrantPolicy(entityType, entityId, accessType.toString(), action);
+        IAMPolicy policy = _iamSrv.getResourceGrantPolicy(entityType, entityId, accessType.toString(), action);
         if (policy == null) {
             s_logger.warn("Cannot find a policy associated with this entity permissioin to be revoked, just return");
             return;
@@ -635,15 +635,15 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
         Long policyId = policy.getId();
         for (Long acctId : accountIds) {
             if (isPolicyAttachedToAccount(policyId, acctId)) {
-                removeAclPolicyFromAccounts(policyId, Collections.singletonList(acctId));
+                removeIAMPolicyFromAccounts(policyId, Collections.singletonList(acctId));
             }
         }
 
     }
 
     private boolean isPolicyAttachedToAccount(Long policyId, Long accountId) {
-        List<AclPolicy> pList = listAclPolicies(accountId);
-        for (AclPolicy p : pList) {
+        List<IAMPolicy> pList = listIAMPolicies(accountId);
+        for (IAMPolicy p : pList) {
             if (p.getId() == policyId.longValue()) {
                 return true;
             }
@@ -658,7 +658,7 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
         _iamSrv.removeAclPermissionFromAclPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), IAMEntityType.VirtualMachineTemplate.toString(),
                 PermissionScope.RESOURCE.toString(), templateId, "listTemplates");
         // check if there is a policy with only UseEntry permission for this template added
-        AclPolicy policy = _iamSrv.getResourceGrantPolicy(IAMEntityType.VirtualMachineTemplate.toString(), templateId, AccessType.UseEntry.toString(), "listTemplates");
+        IAMPolicy policy = _iamSrv.getResourceGrantPolicy(IAMEntityType.VirtualMachineTemplate.toString(), templateId, AccessType.UseEntry.toString(), "listTemplates");
         if ( policy == null ){
             s_logger.info("No policy found for this template grant: " + templateId + ", no detach to be done");
             return;
@@ -671,20 +671,20 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
     @Override
     public List<Class<?>> getCommands() {
         List<Class<?>> cmdList = new ArrayList<Class<?>>();
-        cmdList.add(CreateAclPolicyCmd.class);
-        cmdList.add(DeleteAclPolicyCmd.class);
-        cmdList.add(ListAclPoliciesCmd.class);
-        cmdList.add(AddAclPermissionToAclPolicyCmd.class);
-        cmdList.add(RemoveAclPermissionFromAclPolicyCmd.class);
-        cmdList.add(AttachAclPolicyToAclGroupCmd.class);
-        cmdList.add(RemoveAclPolicyFromAclGroupCmd.class);
-        cmdList.add(CreateAclGroupCmd.class);
-        cmdList.add(DeleteAclGroupCmd.class);
-        cmdList.add(ListAclGroupsCmd.class);
-        cmdList.add(AddAccountToAclGroupCmd.class);
-        cmdList.add(RemoveAccountFromAclGroupCmd.class);
-        cmdList.add(AttachAclPolicyToAccountCmd.class);
-        cmdList.add(RemoveAclPolicyFromAccountCmd.class);
+        cmdList.add(CreateIAMPolicyCmd.class);
+        cmdList.add(DeleteIAMPolicyCmd.class);
+        cmdList.add(ListIAMPoliciesCmd.class);
+        cmdList.add(AddIAMPermissionToIAMPolicyCmd.class);
+        cmdList.add(RemoveIAMPermissionFromIAMPolicyCmd.class);
+        cmdList.add(AttachIAMPolicyToIAMGroupCmd.class);
+        cmdList.add(RemoveIAMPolicyFromIAMGroupCmd.class);
+        cmdList.add(CreateIAMGroupCmd.class);
+        cmdList.add(DeleteIAMGroupCmd.class);
+        cmdList.add(ListIAMGroupsCmd.class);
+        cmdList.add(AddAccountToIAMGroupCmd.class);
+        cmdList.add(RemoveAccountFromIAMGroupCmd.class);
+        cmdList.add(AttachIAMPolicyToAccountCmd.class);
+        cmdList.add(RemoveIAMPolicyFromAccountCmd.class);
         return cmdList;
     }
 }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java
index 448e45fc101..48e6edefff8 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java
@@ -37,9 +37,9 @@ import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.BaseAsyncCreateCmd;
 import org.apache.cloudstack.api.BaseCmd;
 import org.apache.cloudstack.api.BaseListCmd;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 import org.apache.cloudstack.iam.api.IAMService;
 
 import com.cloud.api.ApiServerService;
@@ -90,7 +90,7 @@ public class RoleBasedAPIAccessChecker extends AdapterBase implements APIChecker
                     + "is null");
         }
 
-        List<AclPolicy> policies = _iamSrv.listAclPolicies(account.getAccountId());
+        List<IAMPolicy> policies = _iamSrv.listAclPolicies(account.getAccountId());
 
         boolean isAllowed = _iamSrv.isActionAllowedForPolicies(commandName, policies);
         if (!isAllowed) {
@@ -259,11 +259,11 @@ public class RoleBasedAPIAccessChecker extends AdapterBase implements APIChecker
 
 
         if (entityTypes == null || entityTypes.length == 0) {
-            _iamSrv.addAclPermissionToAclPolicy(policyId, null, permissionScope.toString(), new Long(AclPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
+            _iamSrv.addAclPermissionToAclPolicy(policyId, null, permissionScope.toString(), new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
                     apiName, (accessType == null) ? null : accessType.toString(), Permission.Allow, false);
         } else {
             for (IAMEntityType entityType : entityTypes) {
-                _iamSrv.addAclPermissionToAclPolicy(policyId, entityType.toString(), permissionScope.toString(), new Long(AclPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
+                _iamSrv.addAclPermissionToAclPolicy(policyId, entityType.toString(), permissionScope.toString(), new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
                         apiName, (accessType == null) ? null : accessType.toString(), Permission.Allow, false);
             }
          }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
index 5420f840fe2..13f69149d4a 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
@@ -28,9 +28,9 @@ import org.apache.cloudstack.acl.ControlledEntity;
 import org.apache.cloudstack.acl.PermissionScope;
 import org.apache.cloudstack.acl.SecurityChecker;
 import org.apache.cloudstack.api.InternalIdentity;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
 import org.apache.cloudstack.iam.api.IAMService;
 
 import com.cloud.acl.DomainChecker;
@@ -64,7 +64,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
 
         if (entity == null && action != null) {
             // check if caller can do this action
-            List<AclPolicy> policies = _iamSrv.listAclPolicies(caller.getAccountId());
+            List<IAMPolicy> policies = _iamSrv.listAclPolicies(caller.getAccountId());
 
             boolean isAllowed = _iamSrv.isActionAllowedForPolicies(action, policies);
             if (!isAllowed) {
@@ -80,11 +80,11 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
         }
 
         // get all Policies of this caller w.r.t the entity
-        List<AclPolicy> policies = getEffectivePolicies(caller, entity);
-        HashMap<AclPolicy, Boolean> policyPermissionMap = new HashMap<AclPolicy, Boolean>();
+        List<IAMPolicy> policies = getEffectivePolicies(caller, entity);
+        HashMap<IAMPolicy, Boolean> policyPermissionMap = new HashMap<IAMPolicy, Boolean>();
 
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermission> permissions = new ArrayList<AclPolicyPermission>();
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermission> permissions = new ArrayList<IAMPolicyPermission>();
 
             if (action != null) {
                 permissions = _iamSrv.listPolicyPermissionByActionAndEntity(policy.getId(), action, entityType);
@@ -100,7 +100,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
                             accessType.toString(), entityType));
                 }
             }
-            for (AclPolicyPermission permission : permissions) {
+            for (IAMPolicyPermission permission : permissions) {
                 if (checkPermissionScope(caller, permission.getScope(), permission.getScopeId(), entity)) {
                     if (permission.getEntityType().equals(entityType)) {
                         policyPermissionMap.put(policy, permission.getPermission().isGranted());
@@ -129,7 +129,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
 
     private boolean checkPermissionScope(Account caller, String scope, Long scopeId, ControlledEntity entity) {
 
-        if(scopeId != null && !scopeId.equals(new Long(AclPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER))){
+        if(scopeId != null && !scopeId.equals(new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER))){
             //scopeId is set
             if (scope.equals(PermissionScope.ACCOUNT.name())) {
                 if(scopeId == entity.getAccountId()){
@@ -147,7 +147,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
                     }
                 }
             }
-        } else if (scopeId == null || scopeId.equals(new Long(AclPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER))) {
+        } else if (scopeId == null || scopeId.equals(new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER))) {
             if (scope.equals(PermissionScope.ACCOUNT.name())) {
                 if(caller.getAccountId() == entity.getAccountId()){
                     return true;
@@ -161,10 +161,10 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
         return false;
     }
 
-    private List<AclPolicy> getEffectivePolicies(Account caller, ControlledEntity entity) {
+    private List<IAMPolicy> getEffectivePolicies(Account caller, ControlledEntity entity) {
 
         // Get the static Policies of the Caller
-        List<AclPolicy> policies = _iamSrv.listAclPolicies(caller.getId());
+        List<IAMPolicy> policies = _iamSrv.listAclPolicies(caller.getId());
 
         // add any dynamic policies w.r.t the entity
         if (caller.getId() == entity.getAccountId()) {
@@ -172,11 +172,11 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
             policies.add(_iamSrv.getResourceOwnerPolicy());
         }
 
-        List<AclGroup> groups = _iamSrv.listAclGroups(caller.getId());
-        for (AclGroup group : groups) {
+        List<IAMGroup> groups = _iamSrv.listAclGroups(caller.getId());
+        for (IAMGroup group : groups) {
             // for each group find the grand parent groups.
-            List<AclGroup> parentGroups = _iamSrv.listParentAclGroups(group.getId());
-            for (AclGroup parentGroup : parentGroups) {
+            List<IAMGroup> parentGroups = _iamSrv.listParentAclGroups(group.getId());
+            for (IAMGroup parentGroup : parentGroups) {
                 policies.addAll(_iamSrv.listRecursiveAclPoliciesByGroup(parentGroup.getId()));
             }
         }
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java
index 4cec0d9acd9..596ac7e164b 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java
@@ -25,9 +25,9 @@ import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.acl.PermissionScope;
 import org.apache.cloudstack.acl.QuerySelector;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
 import org.apache.cloudstack.iam.api.IAMService;
 
 import com.cloud.user.Account;
@@ -44,13 +44,13 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public List<Long> getAuthorizedDomains(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<AclPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
         // for each policy, find granted permission with Domain scope
         List<Long> domainIds = new ArrayList<Long>();
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.DOMAIN.toString());
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.DOMAIN.toString());
             if (pp != null) {
-                for (AclPolicyPermission p : pp) {
+                for (IAMPolicyPermission p : pp) {
                     if (p.getScopeId() != null) {
                         if (p.getScopeId().longValue() == -1) {
                             domainIds.add(caller.getDomainId());
@@ -68,13 +68,13 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public List<Long> getAuthorizedAccounts(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<AclPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
         // for each policy, find granted permission with Account scope
         List<Long> accountIds = new ArrayList<Long>();
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.ACCOUNT.toString());
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.ACCOUNT.toString());
             if (pp != null) {
-                for (AclPolicyPermission p : pp) {
+                for (IAMPolicyPermission p : pp) {
                     if (p.getScopeId() != null) {
                         if (p.getScopeId().longValue() == -1) {
                             accountIds.add(caller.getId());
@@ -92,24 +92,24 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public List<Long> getAuthorizedResources(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<AclPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
 
         // add the policies that grant recursive access
-        List<AclGroup> groups = _iamService.listAclGroups(caller.getId());
-        for (AclGroup group : groups) {
+        List<IAMGroup> groups = _iamService.listAclGroups(caller.getId());
+        for (IAMGroup group : groups) {
             // for each group find the grand parent groups.
-            List<AclGroup> parentGroups = _iamService.listParentAclGroups(group.getId());
-            for (AclGroup parentGroup : parentGroups) {
+            List<IAMGroup> parentGroups = _iamService.listParentAclGroups(group.getId());
+            for (IAMGroup parentGroup : parentGroups) {
                 policies.addAll(_iamService.listRecursiveAclPoliciesByGroup(parentGroup.getId()));
             }
         }
 
         // for each policy, find granted permission with Resource scope
         List<Long> entityIds = new ArrayList<Long>();
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.RESOURCE.toString());
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.RESOURCE.toString());
             if (pp != null) {
-                for (AclPolicyPermission p : pp) {
+                for (IAMPolicyPermission p : pp) {
                     if (p.getScopeId() != null) {
                         entityIds.add(p.getScopeId());
                     }
@@ -123,10 +123,10 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public boolean isGrantedAll(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<AclPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
         // for each policy, find granted permission with ALL scope
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.ALL.toString());
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.ALL.toString());
             if (pp != null && pp.size() > 0) {
                 return true;
             }
@@ -136,9 +136,9 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
 
     @Override
     public List<String> listAclGroupsByAccount(long accountId) {
-        List<AclGroup> groups = _iamService.listAclGroups(accountId);
+        List<IAMGroup> groups = _iamService.listAclGroups(accountId);
         List<String> groupNames = new ArrayList<String>();
-        for (AclGroup grp : groups) {
+        for (IAMGroup grp : groups) {
             groupNames.add(grp.getName());
         }
         return groupNames;
diff --git a/services/iam/plugin/test/org/apache/cloudstack/acl/AclApiServiceTest.java b/services/iam/plugin/test/org/apache/cloudstack/iam/test/IAMApiServiceTest.java
similarity index 64%
rename from services/iam/plugin/test/org/apache/cloudstack/acl/AclApiServiceTest.java
rename to services/iam/plugin/test/org/apache/cloudstack/iam/test/IAMApiServiceTest.java
index daf5b64f133..4b376ce351e 100644
--- a/services/iam/plugin/test/org/apache/cloudstack/acl/AclApiServiceTest.java
+++ b/services/iam/plugin/test/org/apache/cloudstack/iam/test/IAMApiServiceTest.java
@@ -1,4 +1,4 @@
-package org.apache.cloudstack.acl;
+package org.apache.cloudstack.iam.test;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
@@ -34,24 +34,26 @@ import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.support.AnnotationConfigContextLoader;
 
+import org.apache.cloudstack.acl.IAMEntityType;
+import org.apache.cloudstack.acl.PermissionScope;
 import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-import org.apache.cloudstack.iam.AclApiService;
-import org.apache.cloudstack.iam.AclApiServiceImpl;
+import org.apache.cloudstack.iam.IAMApiServiceImpl;
+import org.apache.cloudstack.iam.IAMApiService;
 import org.apache.cloudstack.api.command.user.vm.ListVMsCmd;
 import org.apache.cloudstack.api.response.ListResponse;
-import org.apache.cloudstack.api.response.iam.AclGroupResponse;
-import org.apache.cloudstack.api.response.iam.AclPermissionResponse;
-import org.apache.cloudstack.api.response.iam.AclPolicyResponse;
+import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
+import org.apache.cloudstack.api.response.iam.IAMPermissionResponse;
+import org.apache.cloudstack.api.response.iam.IAMPolicyResponse;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.framework.messagebus.MessageBus;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 import org.apache.cloudstack.iam.api.IAMService;
-import org.apache.cloudstack.iam.server.AclGroupVO;
-import org.apache.cloudstack.iam.server.AclPolicyPermissionVO;
-import org.apache.cloudstack.iam.server.AclPolicyVO;
+import org.apache.cloudstack.iam.server.IAMGroupVO;
+import org.apache.cloudstack.iam.server.IAMPolicyPermissionVO;
+import org.apache.cloudstack.iam.server.IAMPolicyVO;
 import org.apache.cloudstack.test.utils.SpringUtils;
 
 import com.cloud.api.ApiServerService;
@@ -68,7 +70,7 @@ import com.cloud.utils.component.ComponentContext;
 
 @RunWith(SpringJUnit4ClassRunner.class)
 @ContextConfiguration(loader = AnnotationConfigContextLoader.class)
-public class AclApiServiceTest {
+public class IAMApiServiceTest {
 
     @Inject
     IAMService _iamSrv;
@@ -77,7 +79,7 @@ public class AclApiServiceTest {
     DomainDao _domainDao;
 
     @Inject
-    AclApiService _aclSrv;
+    IAMApiService _aclSrv;
 
     @Inject
     AccountManager _accountMgr;
@@ -114,44 +116,44 @@ public class AclApiServiceTest {
     }
 
     @Test
-    public void createAclGroupTest() {
-        AclGroup group = new AclGroupVO("group1", "tester group1");
-        List<AclGroup> groups = new ArrayList<AclGroup>();
+    public void createIAMGroupTest() {
+        IAMGroup group = new IAMGroupVO("group1", "tester group1");
+        List<IAMGroup> groups = new ArrayList<IAMGroup>();
         groups.add(group);
-        Pair<List<AclGroup>, Integer> grpList = new Pair<List<AclGroup>, Integer>(groups, 1);
-        when(_iamSrv.createAclGroup("group1", "tester group1", callerDomainPath)).thenReturn(group);
-        when(_iamSrv.listAclGroups(null, null, callerDomainPath, 0L, 20L)).thenReturn(grpList);
+        Pair<List<IAMGroup>, Integer> grpList = new Pair<List<IAMGroup>, Integer>(groups, 1);
+        when(_iamSrv.createIAMGroup("group1", "tester group1", callerDomainPath)).thenReturn(group);
+        when(_iamSrv.listIAMGroups(null, null, callerDomainPath, 0L, 20L)).thenReturn(grpList);
 
-        AclGroup createdGrp = _aclSrv.createAclGroup(caller, "group1", "tester group1");
-        assertNotNull("Acl group 'group1' failed to create ", createdGrp);
-        ListResponse<AclGroupResponse> grpResp = _aclSrv.listAclGroups(null, null, callerDomainId, 0L, 20L);
+        IAMGroup createdGrp = _aclSrv.createIAMGroup(caller, "group1", "tester group1");
+        assertNotNull("IAM group 'group1' failed to create ", createdGrp);
+        ListResponse<IAMGroupResponse> grpResp = _aclSrv.listIAMGroups(null, null, callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", grpResp.getCount() == 1);
-        AclGroupResponse resp = grpResp.getResponses().get(0);
+        IAMGroupResponse resp = grpResp.getResponses().get(0);
         assertEquals("Error in created group name", "group1", resp.getName());
     }
 
     @Test
-    public void deleteAclGroupTest() {
-        when(_iamSrv.deleteAclGroup(1L)).thenReturn(true);
-        assertTrue("failed to delete acl group 1", _aclSrv.deleteAclGroup(1L));
+    public void deleteIAMGroupTest() {
+        when(_iamSrv.deleteIAMGroup(1L)).thenReturn(true);
+        assertTrue("failed to delete acl group 1", _aclSrv.deleteIAMGroup(1L));
     }
 
     @Test
-    public void listAclGroupTest() {
-        AclGroup group = new AclGroupVO("group1", "tester group1");
-        List<AclGroup> groups = new ArrayList<AclGroup>();
+    public void listIAMGroupTest() {
+        IAMGroup group = new IAMGroupVO("group1", "tester group1");
+        List<IAMGroup> groups = new ArrayList<IAMGroup>();
         groups.add(group);
-        when(_iamSrv.listAclGroups(callerId)).thenReturn(groups);
-        List<AclGroup> grps = _aclSrv.listAclGroups(callerId);
+        when(_iamSrv.listIAMGroups(callerId)).thenReturn(groups);
+        List<IAMGroup> grps = _aclSrv.listIAMGroups(callerId);
         assertTrue(grps != null && grps.size() == 1);
-        AclGroup grp = grps.get(0);
+        IAMGroup grp = grps.get(0);
         assertEquals("Error to retrieve group", "group1", grp.getName());
     }
 
     @Test
     public void addRemoveAccountToGroupTest() {
-        AclGroup group = new AclGroupVO("group1", "tester group1");
-        List<AclGroup> groups = new ArrayList<AclGroup>();
+        IAMGroup group = new IAMGroupVO("group1", "tester group1");
+        List<IAMGroup> groups = new ArrayList<IAMGroup>();
         groups.add(group);
         Long groupId = group.getId();
         List<Long> acctIds = new ArrayList<Long>();
@@ -165,12 +167,12 @@ public class AclApiServiceTest {
         when(_accountDao.findById(acct2.getId())).thenReturn(acct2);
         when(_iamSrv.addAccountsToGroup(acctIds, groupId)).thenReturn(group);
         when(_iamSrv.listAccountsByGroup(groupId)).thenReturn(acctIds);
-        Pair<List<AclGroup>, Integer> grpList = new Pair<List<AclGroup>, Integer>(groups, 1);
-        when(_iamSrv.listAclGroups(null, "group1", callerDomainPath, 0L, 20L)).thenReturn(grpList);
+        Pair<List<IAMGroup>, Integer> grpList = new Pair<List<IAMGroup>, Integer>(groups, 1);
+        when(_iamSrv.listIAMGroups(null, "group1", callerDomainPath, 0L, 20L)).thenReturn(grpList);
         _aclSrv.addAccountsToGroup(acctIds, groupId);
-        ListResponse<AclGroupResponse> grpResp = _aclSrv.listAclGroups(null, "group1", callerDomainId, 0L, 20L);
+        ListResponse<IAMGroupResponse> grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", grpResp.getCount() == 1);
-        AclGroupResponse resp = grpResp.getResponses().get(0);
+        IAMGroupResponse resp = grpResp.getResponses().get(0);
         Set<String> acctNames = resp.getAccountNameList();
         assertEquals("There should be 2 accounts in the group", 2, acctNames.size());
         assertTrue("account1 should be assigned to the group", acctNames.contains("account1"));
@@ -181,7 +183,7 @@ public class AclApiServiceTest {
         rmAccts.add(acct2.getId());
         when(_iamSrv.removeAccountsFromGroup(rmAccts, groupId)).thenReturn(group);
         _aclSrv.removeAccountsFromGroup(acctIds, groupId);
-        grpResp = _aclSrv.listAclGroups(null, "group1", callerDomainId, 0L, 20L);
+        grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", grpResp.getCount() == 1);
         resp = grpResp.getResponses().get(0);
         acctNames = resp.getAccountNameList();
@@ -190,62 +192,62 @@ public class AclApiServiceTest {
     }
 
     @Test
-    public void createAclPolicyTest() {
-        AclPolicy policy = new AclPolicyVO("policy1", "tester policy1");
-        List<AclPolicy> policies = new ArrayList<AclPolicy>();
+    public void createIAMPolicyTest() {
+        IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
+        List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
         policies.add(policy);
-        Pair<List<AclPolicy>, Integer> policyList = new Pair<List<AclPolicy>, Integer>(policies, 1);
-        when(_iamSrv.createAclPolicy("policy1", "tester policy1", null, callerDomainPath)).thenReturn(policy);
-        when(_iamSrv.listAclPolicies(null, null, callerDomainPath, 0L, 20L)).thenReturn(policyList);
+        Pair<List<IAMPolicy>, Integer> policyList = new Pair<List<IAMPolicy>, Integer>(policies, 1);
+        when(_iamSrv.createIAMPolicy("policy1", "tester policy1", null, callerDomainPath)).thenReturn(policy);
+        when(_iamSrv.listIAMPolicies(null, null, callerDomainPath, 0L, 20L)).thenReturn(policyList);
 
-        AclPolicy createdPolicy = _aclSrv.createAclPolicy(caller, "policy1", "tester policy1", null);
-        assertNotNull("Acl policy 'policy1' failed to create ", createdPolicy);
-        ListResponse<AclPolicyResponse> policyResp = _aclSrv.listAclPolicies(null, null, callerDomainId, 0L, 20L);
+        IAMPolicy createdPolicy = _aclSrv.createIAMPolicy(caller, "policy1", "tester policy1", null);
+        assertNotNull("IAM policy 'policy1' failed to create ", createdPolicy);
+        ListResponse<IAMPolicyResponse> policyResp = _aclSrv.listIAMPolicies(null, null, callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", policyResp.getCount() == 1);
-        AclPolicyResponse resp = policyResp.getResponses().get(0);
+        IAMPolicyResponse resp = policyResp.getResponses().get(0);
         assertEquals("Error in created group name", "policy1", resp.getName());
     }
 
     @Test
-    public void deleteAclPolicyTest() {
-        when(_iamSrv.deleteAclPolicy(1L)).thenReturn(true);
-        assertTrue("failed to delete acl policy 1", _aclSrv.deleteAclPolicy(1L));
+    public void deleteIAMPolicyTest() {
+        when(_iamSrv.deleteIAMPolicy(1L)).thenReturn(true);
+        assertTrue("failed to delete acl policy 1", _aclSrv.deleteIAMPolicy(1L));
     }
 
     @Test
-    public void listAclPolicyTest() {
-        AclPolicy policy = new AclPolicyVO("policy1", "tester policy1");
-        List<AclPolicy> policies = new ArrayList<AclPolicy>();
+    public void listIAMPolicyTest() {
+        IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
+        List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
         policies.add(policy);
-        when(_iamSrv.listAclPolicies(callerId)).thenReturn(policies);
-        List<AclPolicy> polys = _aclSrv.listAclPolicies(callerId);
+        when(_iamSrv.listIAMPolicies(callerId)).thenReturn(policies);
+        List<IAMPolicy> polys = _aclSrv.listIAMPolicies(callerId);
         assertTrue(polys != null && polys.size() == 1);
-        AclPolicy p = polys.get(0);
+        IAMPolicy p = polys.get(0);
         assertEquals("Error to retrieve group", "policy1", p.getName());
     }
 
     @Test
     public void addRemovePolicyToGroupTest() {
-        AclGroup group = new AclGroupVO("group1", "tester group1");
-        List<AclGroup> groups = new ArrayList<AclGroup>();
+        IAMGroup group = new IAMGroupVO("group1", "tester group1");
+        List<IAMGroup> groups = new ArrayList<IAMGroup>();
         groups.add(group);
         Long groupId = group.getId();
         List<Long> policyIds = new ArrayList<Long>();
         policyIds.add(100L);
         policyIds.add(200L);
-        AclPolicy policy1 = new AclPolicyVO("policy1", "my first policy");
-        AclPolicy policy2 = new AclPolicyVO("policy2", "my second policy");
-        List<AclPolicy> policies = new ArrayList<AclPolicy>();
+        IAMPolicy policy1 = new IAMPolicyVO("policy1", "my first policy");
+        IAMPolicy policy2 = new IAMPolicyVO("policy2", "my second policy");
+        List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
         policies.add(policy1);
         policies.add(policy2);
-        when(_iamSrv.attachAclPoliciesToGroup(policyIds, groupId)).thenReturn(group);
-        when(_iamSrv.listAclPoliciesByGroup(groupId)).thenReturn(policies);
-        Pair<List<AclGroup>, Integer> grpList = new Pair<List<AclGroup>, Integer>(groups, 1);
-        when(_iamSrv.listAclGroups(null, "group1", callerDomainPath, 0L, 20L)).thenReturn(grpList);
-        _aclSrv.attachAclPoliciesToGroup(policyIds, groupId);
-        ListResponse<AclGroupResponse> grpResp = _aclSrv.listAclGroups(null, "group1", callerDomainId, 0L, 20L);
+        when(_iamSrv.attachIAMPoliciesToGroup(policyIds, groupId)).thenReturn(group);
+        when(_iamSrv.listIAMPoliciesByGroup(groupId)).thenReturn(policies);
+        Pair<List<IAMGroup>, Integer> grpList = new Pair<List<IAMGroup>, Integer>(groups, 1);
+        when(_iamSrv.listIAMGroups(null, "group1", callerDomainPath, 0L, 20L)).thenReturn(grpList);
+        _aclSrv.attachIAMPoliciesToGroup(policyIds, groupId);
+        ListResponse<IAMGroupResponse> grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", grpResp.getCount() == 1);
-        AclGroupResponse resp = grpResp.getResponses().get(0);
+        IAMGroupResponse resp = grpResp.getResponses().get(0);
         Set<String> policyNames = resp.getPolicyList();
         assertEquals("There should be 2 policies in the group", 2, policyNames.size());
         assertTrue("policy1 should be assigned to the group", policyNames.contains("policy1"));
@@ -253,9 +255,9 @@ public class AclApiServiceTest {
         // remove "policy2" from group1
         policyIds.remove(1);
         policies.remove(policy2);
-        when(_iamSrv.removeAclPoliciesFromGroup(policyIds, groupId)).thenReturn(group);
-        _aclSrv.removeAclPoliciesFromGroup(policyIds, groupId);
-        grpResp = _aclSrv.listAclGroups(null, "group1", callerDomainId, 0L, 20L);
+        when(_iamSrv.removeIAMPoliciesFromGroup(policyIds, groupId)).thenReturn(group);
+        _aclSrv.removeIAMPoliciesFromGroup(policyIds, groupId);
+        grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", grpResp.getCount() == 1);
         resp = grpResp.getResponses().get(0);
         policyNames = resp.getPolicyList();
@@ -265,37 +267,41 @@ public class AclApiServiceTest {
 
     @Test
     public void addRemovePermissionToPolicyTest() {
-        AclPolicy policy = new AclPolicyVO("policy1", "tester policy1");
-        List<AclPolicy> policies = new ArrayList<AclPolicy>();
+        IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
+        List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
         policies.add(policy);
         Long policyId = policy.getId();
         Long resId = 200L;
         Class clz = ListVMsCmd.class;
         when(_apiServer.getCmdClass("listVirtualMachines")).thenReturn(clz);
         when(
-                _iamSrv.addAclPermissionToAclPolicy(policyId, IAMEntityType.VirtualMachine.toString(), PermissionScope.RESOURCE.toString(), resId, "listVirtualMachines",
+                _iamSrv.addIAMPermissionToIAMPolicy(policyId, IAMEntityType.VirtualMachine.toString(),
+                        PermissionScope.RESOURCE.toString(), resId, "listVirtualMachines",
                         AccessType.UseEntry.toString(), Permission.Allow, false)).thenReturn(policy);
-        _aclSrv.addAclPermissionToAclPolicy(policyId, IAMEntityType.VirtualMachine.toString(), PermissionScope.RESOURCE, resId, "listVirtualMachines", Permission.Allow, false);
-        Pair<List<AclPolicy>, Integer> policyList = new Pair<List<AclPolicy>, Integer>(policies, 1);
-        List<AclPolicyPermission> policyPerms = new ArrayList<AclPolicyPermission>();
-        AclPolicyPermission perm = new AclPolicyPermissionVO(policyId, "listVirtualMachines", IAMEntityType.VirtualMachine.toString(), AccessType.UseEntry.toString(),
+        _aclSrv.addIAMPermissionToIAMPolicy(policyId, IAMEntityType.VirtualMachine.toString(),
+                PermissionScope.RESOURCE, resId, "listVirtualMachines", Permission.Allow, false);
+        Pair<List<IAMPolicy>, Integer> policyList = new Pair<List<IAMPolicy>, Integer>(policies, 1);
+        List<IAMPolicyPermission> policyPerms = new ArrayList<IAMPolicyPermission>();
+        IAMPolicyPermission perm = new IAMPolicyPermissionVO(policyId, "listVirtualMachines",
+                IAMEntityType.VirtualMachine.toString(), AccessType.UseEntry.toString(),
                 PermissionScope.RESOURCE.toString(),
                 resId, Permission.Allow, false);
         policyPerms.add(perm);
-        when(_iamSrv.listAclPolicies(null, "policy1", callerDomainPath, 0L, 20L)).thenReturn(policyList);
+        when(_iamSrv.listIAMPolicies(null, "policy1", callerDomainPath, 0L, 20L)).thenReturn(policyList);
         when(_iamSrv.listPolicyPermissions(policyId)).thenReturn(policyPerms);
-        ListResponse<AclPolicyResponse> policyResp = _aclSrv.listAclPolicies(null, "policy1", callerDomainId, 0L, 20L);
+        ListResponse<IAMPolicyResponse> policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", policyResp.getCount() == 1);
-        AclPolicyResponse resp = policyResp.getResponses().get(0);
-        Set<AclPermissionResponse> permList = resp.getPermissionList();
+        IAMPolicyResponse resp = policyResp.getResponses().get(0);
+        Set<IAMPermissionResponse> permList = resp.getPermissionList();
         assertTrue("Permission list should not be empty", permList != null && permList.size() > 0);
-        AclPermissionResponse permResp = permList.iterator().next();
+        IAMPermissionResponse permResp = permList.iterator().next();
         assertEquals("There should be one permission for listVirtualMachines", "listVirtualMachines", permResp.getAction());
 
         //remove permission from policy
         policyPerms.remove(perm);
-        _aclSrv.removeAclPermissionFromAclPolicy(policyId, IAMEntityType.VirtualMachine.toString(), PermissionScope.RESOURCE, resId, "listVirtualMachines");
-        policyResp = _aclSrv.listAclPolicies(null, "policy1", callerDomainId, 0L, 20L);
+        _aclSrv.removeIAMPermissionFromIAMPolicy(policyId, IAMEntityType.VirtualMachine.toString(),
+                PermissionScope.RESOURCE, resId, "listVirtualMachines");
+        policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
         assertTrue("No. of response items should be one", policyResp.getCount() == 1);
         resp = policyResp.getResponses().get(0);
         permList = resp.getPermissionList();
@@ -307,7 +313,7 @@ public class AclApiServiceTest {
     }
 
     @Configuration
-    @ComponentScan(basePackageClasses = {AclApiServiceImpl.class}, includeFilters = {@Filter(value = TestConfiguration.Library.class, type = FilterType.CUSTOM)}, useDefaultFilters = false)
+    @ComponentScan(basePackageClasses = {IAMApiServiceImpl.class}, includeFilters = {@Filter(value = TestConfiguration.Library.class, type = FilterType.CUSTOM)}, useDefaultFilters = false)
     public static class TestConfiguration extends SpringUtils.CloudStackTestConfiguration {
 
         @Bean
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/api/AclGroup.java b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMGroup.java
similarity index 91%
rename from services/iam/server/src/org/apache/cloudstack/iam/api/AclGroup.java
rename to services/iam/server/src/org/apache/cloudstack/iam/api/IAMGroup.java
index 2bdddf76105..868d0a0d449 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/api/AclGroup.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMGroup.java
@@ -1,37 +1,37 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.api;
-
-import org.apache.cloudstack.api.Identity;
-import org.apache.cloudstack.api.InternalIdentity;
-
-public interface AclGroup extends InternalIdentity, Identity {
-
-    String getName();
-
-    String getDescription();
-
-    @Override
-    long getId();
-
-    @Override
-    String getUuid();
-
-    String getPath();
-
-    long getAccountId();
-}
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.api;
+
+import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.api.InternalIdentity;
+
+public interface IAMGroup extends InternalIdentity, Identity {
+
+    String getName();
+
+    String getDescription();
+
+    @Override
+    long getId();
+
+    @Override
+    String getUuid();
+
+    String getPath();
+
+    long getAccountId();
+}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/api/AclPolicy.java b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMPolicy.java
similarity index 91%
rename from services/iam/server/src/org/apache/cloudstack/iam/api/AclPolicy.java
rename to services/iam/server/src/org/apache/cloudstack/iam/api/IAMPolicy.java
index 302bbf37eeb..e6daeb11c68 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/api/AclPolicy.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMPolicy.java
@@ -1,41 +1,41 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.api;
-
-import org.apache.cloudstack.api.Identity;
-import org.apache.cloudstack.api.InternalIdentity;
-
-public interface AclPolicy extends InternalIdentity, Identity {
-
-    String getName();
-
-    String getDescription();
-
-    public enum PolicyType {
-        Static, Dynamic
-    }
-
-    @Override
-    long getId();
-
-    @Override
-    String getUuid();
-
-    String getPath();
-
-    long getAccountId();
-}
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.api;
+
+import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.api.InternalIdentity;
+
+public interface IAMPolicy extends InternalIdentity, Identity {
+
+    String getName();
+
+    String getDescription();
+
+    public enum PolicyType {
+        Static, Dynamic
+    }
+
+    @Override
+    long getId();
+
+    @Override
+    String getUuid();
+
+    String getPath();
+
+    long getAccountId();
+}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/api/AclPolicyPermission.java b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMPolicyPermission.java
similarity index 97%
rename from services/iam/server/src/org/apache/cloudstack/iam/api/AclPolicyPermission.java
rename to services/iam/server/src/org/apache/cloudstack/iam/api/IAMPolicyPermission.java
index f0352bcf959..b91086fc869 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/api/AclPolicyPermission.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMPolicyPermission.java
@@ -17,7 +17,7 @@
 package org.apache.cloudstack.iam.api;
 
 
-public interface AclPolicyPermission {
+public interface IAMPolicyPermission {
 
     String getAction();
 
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
index 3957b622200..6eb61fac277 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
@@ -18,75 +18,75 @@ package org.apache.cloudstack.iam.api;
 
 import java.util.List;
 
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 
 import com.cloud.utils.Pair;
 
 public interface IAMService {
 
     /* ACL group related interfaces */
-    AclGroup createAclGroup(String aclGroupName, String description, String path);
+    IAMGroup createAclGroup(String aclGroupName, String description, String path);
 
     boolean deleteAclGroup(Long aclGroupId);
 
-    List<AclGroup> listAclGroups(long accountId);
+    List<IAMGroup> listAclGroups(long accountId);
 
-    AclGroup addAccountsToGroup(List<Long> acctIds, Long groupId);
+    IAMGroup addAccountsToGroup(List<Long> acctIds, Long groupId);
 
-    AclGroup removeAccountsFromGroup(List<Long> acctIds, Long groupId);
+    IAMGroup removeAccountsFromGroup(List<Long> acctIds, Long groupId);
 
     List<Long> listAccountsByGroup(long groupId);
 
-    Pair<List<AclGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize);
+    Pair<List<IAMGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize);
 
     /* ACL Policy related interfaces */
-    AclPolicy createAclPolicy(String aclPolicyName, String description, Long parentPolicyId, String path);
+    IAMPolicy createAclPolicy(String aclPolicyName, String description, Long parentPolicyId, String path);
 
     boolean deleteAclPolicy(long aclPolicyId);
 
-    List<AclPolicy> listAclPolicies(long accountId);
+    List<IAMPolicy> listAclPolicies(long accountId);
 
-    List<AclPolicy> listAclPoliciesByGroup(long groupId);
+    List<IAMPolicy> listAclPoliciesByGroup(long groupId);
 
-    Pair<List<AclPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize);
+    Pair<List<IAMPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize);
 
-    AclGroup attachAclPoliciesToGroup(List<Long> policyIds, Long groupId);
+    IAMGroup attachAclPoliciesToGroup(List<Long> policyIds, Long groupId);
 
-    AclGroup removeAclPoliciesFromGroup(List<Long> policyIds, Long groupId);
+    IAMGroup removeAclPoliciesFromGroup(List<Long> policyIds, Long groupId);
 
     void attachAclPolicyToAccounts(Long policyId, List<Long> acctIds);
 
     void removeAclPolicyFromAccounts(Long policyId, List<Long> acctIds);
 
-    AclPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    IAMPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
             String action, String accessType, Permission perm, Boolean recursive);
 
-    AclPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    IAMPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
             String action);
 
     void removeAclPermissionForEntity(final String entityType, final Long entityId);
 
-    AclPolicy getResourceGrantPolicy(String entityType, Long entityId, String accessType, String action);
+    IAMPolicy getResourceGrantPolicy(String entityType, Long entityId, String accessType, String action);
 
-    AclPolicy getResourceOwnerPolicy();
+    IAMPolicy getResourceOwnerPolicy();
 
-    List<AclPolicyPermission> listPolicyPermissions(long policyId);
+    List<IAMPolicyPermission> listPolicyPermissions(long policyId);
 
-    List<AclPolicyPermission> listPolicyPermissionsByScope(long policyId, String action, String scope);
+    List<IAMPolicyPermission> listPolicyPermissionsByScope(long policyId, String action, String scope);
 
-    List<AclPolicyPermission> listPolicyPermissionByActionAndEntity(long policyId, String action, String entityType);
+    List<IAMPolicyPermission> listPolicyPermissionByActionAndEntity(long policyId, String action, String entityType);
 
-    boolean isActionAllowedForPolicies(String action, List<AclPolicy> policies);
+    boolean isActionAllowedForPolicies(String action, List<IAMPolicy> policies);
 
     List<Long> getGrantedEntities(long accountId, String action, String scope);
 
-    AclPolicy resetAclPolicy(long aclPolicyId);
+    IAMPolicy resetAclPolicy(long aclPolicyId);
 
-    List<AclPolicyPermission> listPolicyPermissionByAccessAndEntity(long policyId, String accessType,
+    List<IAMPolicyPermission> listPolicyPermissionByAccessAndEntity(long policyId, String accessType,
             String entityType);
 
-    List<AclGroup> listParentAclGroups(long groupId);
+    List<IAMGroup> listParentAclGroups(long groupId);
 
-    List<AclPolicy> listRecursiveAclPoliciesByGroup(long groupId);
+    List<IAMPolicy> listRecursiveAclPoliciesByGroup(long groupId);
 
 }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/AclAccountPolicyMapVO.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java
similarity index 91%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/AclAccountPolicyMapVO.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java
index b491e6e2628..8f3ac7d6222 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/AclAccountPolicyMapVO.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java
@@ -28,8 +28,8 @@ import javax.persistence.Table;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
-@Table(name = ("acl_account_policy_map"))
-public class AclAccountPolicyMapVO {
+@Table(name = ("iam_account_policy_map"))
+public class IAMAccountPolicyMapVO {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     @Column(name = "id")
@@ -47,10 +47,10 @@ public class AclAccountPolicyMapVO {
     @Column(name = GenericDao.CREATED_COLUMN)
     private Date created;
 
-    public AclAccountPolicyMapVO() {
+    public IAMAccountPolicyMapVO() {
     }
 
-    public AclAccountPolicyMapVO(long accountId, long aclPolicyId) {
+    public IAMAccountPolicyMapVO(long accountId, long aclPolicyId) {
         this.accountId = accountId;
         this.aclPolicyId = aclPolicyId;
     }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupAccountMapVO.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupAccountMapVO.java
similarity index 91%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupAccountMapVO.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupAccountMapVO.java
index d39317afa0f..dac7d35ef67 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupAccountMapVO.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupAccountMapVO.java
@@ -28,8 +28,8 @@ import javax.persistence.Table;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
-@Table(name = ("acl_group_account_map"))
-public class AclGroupAccountMapVO {
+@Table(name = ("iam_group_account_map"))
+public class IAMGroupAccountMapVO {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     @Column(name = "id")
@@ -47,10 +47,10 @@ public class AclGroupAccountMapVO {
     @Column(name = GenericDao.CREATED_COLUMN)
     private Date created;
 
-    public AclGroupAccountMapVO() {
+    public IAMGroupAccountMapVO() {
     }
 
-    public AclGroupAccountMapVO(long aclGroupId, long accountId) {
+    public IAMGroupAccountMapVO(long aclGroupId, long accountId) {
         this.aclGroupId = aclGroupId;
         this.accountId = accountId;
     }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupPolicyMapVO.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupPolicyMapVO.java
similarity index 91%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupPolicyMapVO.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupPolicyMapVO.java
index 0dfef09181f..946d1f796a2 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupPolicyMapVO.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupPolicyMapVO.java
@@ -29,8 +29,8 @@ import javax.persistence.Table;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
-@Table(name = ("acl_group_policy_map"))
-public class AclGroupPolicyMapVO {
+@Table(name = ("iam_group_policy_map"))
+public class IAMGroupPolicyMapVO {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     @Column(name = "id")
@@ -48,10 +48,10 @@ public class AclGroupPolicyMapVO {
     @Column(name = GenericDao.CREATED_COLUMN)
     private Date created;
 
-    public AclGroupPolicyMapVO() {
+    public IAMGroupPolicyMapVO() {
     }
 
-    public AclGroupPolicyMapVO(long aclGroupId, long aclPolicyId) {
+    public IAMGroupPolicyMapVO(long aclGroupId, long aclPolicyId) {
         this.aclGroupId = aclGroupId;
         this.aclPolicyId = aclPolicyId;
     }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupVO.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupVO.java
similarity index 92%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupVO.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupVO.java
index bdb85e8a568..80edb8977a7 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/AclGroupVO.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMGroupVO.java
@@ -26,13 +26,13 @@ import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
-import org.apache.cloudstack.iam.api.AclGroup;
+import org.apache.cloudstack.iam.api.IAMGroup;
 
 import com.cloud.utils.db.GenericDao;
 
 @Entity
-@Table(name = ("acl_group"))
-public class AclGroupVO implements AclGroup {
+@Table(name = ("iam_group"))
+public class IAMGroupVO implements IAMGroup {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     @Column(name = "id")
@@ -59,11 +59,11 @@ public class AclGroupVO implements AclGroup {
     @Column(name = GenericDao.CREATED_COLUMN)
     private Date created;
 
-    public AclGroupVO() {
+    public IAMGroupVO() {
         uuid = UUID.randomUUID().toString();
     }
 
-    public AclGroupVO(String name, String description) {
+    public IAMGroupVO(String name, String description) {
         this.name = name;
         this.description = description;
         uuid = UUID.randomUUID().toString();
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/AclPolicyPermissionVO.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMPolicyPermissionVO.java
similarity index 94%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/AclPolicyPermissionVO.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/IAMPolicyPermissionVO.java
index 5d2a36b9294..13d6b814e53 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/AclPolicyPermissionVO.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMPolicyPermissionVO.java
@@ -27,12 +27,12 @@ import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
-@Table(name = ("acl_policy_permission"))
-public class AclPolicyPermissionVO implements AclPolicyPermission {
+@Table(name = ("iam_policy_permission"))
+public class IAMPolicyPermissionVO implements IAMPolicyPermission {
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
@@ -70,11 +70,11 @@ public class AclPolicyPermissionVO implements AclPolicyPermission {
     @Column(name = GenericDao.CREATED_COLUMN)
     private Date created;
 
-    public AclPolicyPermissionVO() {
+    public IAMPolicyPermissionVO() {
 
     }
 
-    public AclPolicyPermissionVO(long aclPolicyId, String action, String entityType, String accessType, String scope,
+    public IAMPolicyPermissionVO(long aclPolicyId, String action, String entityType, String accessType, String scope,
             Long scopeId, Permission permission, Boolean recursive) {
         this.aclPolicyId = aclPolicyId;
         this.action = action;
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/AclPolicyVO.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMPolicyVO.java
similarity index 87%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/AclPolicyVO.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/IAMPolicyVO.java
index 16fbf808194..25ebd011f39 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/AclPolicyVO.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMPolicyVO.java
@@ -28,13 +28,13 @@ import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.Table;
 
-import org.apache.cloudstack.iam.api.AclPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicy;
 
 import com.cloud.utils.db.GenericDao;
 
 @Entity
-@Table(name = ("acl_policy"))
-public class AclPolicyVO implements AclPolicy {
+@Table(name = ("iam_policy"))
+public class IAMPolicyVO implements IAMPolicy {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     @Column(name = "id")
@@ -63,17 +63,17 @@ public class AclPolicyVO implements AclPolicy {
 
     @Column(name = "policy_type")
     @Enumerated(value = EnumType.STRING)
-    private AclPolicy.PolicyType policyType;
+    private IAMPolicy.PolicyType policyType;
 
-    public AclPolicyVO() {
+    public IAMPolicyVO() {
         uuid = UUID.randomUUID().toString();
     }
 
-    public AclPolicyVO(String name, String description) {
+    public IAMPolicyVO(String name, String description) {
         this.name = name;
         this.description = description;
         uuid = UUID.randomUUID().toString();
-        policyType = AclPolicy.PolicyType.Static;
+        policyType = IAMPolicy.PolicyType.Static;
     }
 
     @Override
@@ -127,11 +127,11 @@ public class AclPolicyVO implements AclPolicy {
         this.accountId = accountId;
     }
 
-    public AclPolicy.PolicyType getPolicyType() {
+    public IAMPolicy.PolicyType getPolicyType() {
         return policyType;
     }
 
-    public void setPolicyType(AclPolicy.PolicyType policyType) {
+    public void setPolicyType(IAMPolicy.PolicyType policyType) {
         this.policyType = policyType;
     }
 
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
index c20989c937f..02da7c36d18 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
@@ -25,17 +25,17 @@ import javax.inject.Inject;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.acl.PermissionScope;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 import org.apache.cloudstack.iam.api.IAMService;
-import org.apache.cloudstack.iam.server.dao.AclAccountPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupAccountMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyPermissionDao;
+import org.apache.cloudstack.iam.server.dao.IAMAccountPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupAccountMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyPermissionDao;
 
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.utils.Pair;
@@ -62,37 +62,37 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     private String _name;
 
     @Inject
-    AclPolicyDao _aclPolicyDao;
+    IAMPolicyDao _aclPolicyDao;
 
     @Inject
-    AclGroupDao _aclGroupDao;
+    IAMGroupDao _aclGroupDao;
 
     @Inject
     EntityManager _entityMgr;
 
     @Inject
-    AclGroupPolicyMapDao _aclGroupPolicyMapDao;
+    IAMGroupPolicyMapDao _aclGroupPolicyMapDao;
 
     @Inject
-    AclAccountPolicyMapDao _aclAccountPolicyMapDao;
+    IAMAccountPolicyMapDao _aclAccountPolicyMapDao;
 
     @Inject
-    AclGroupAccountMapDao _aclGroupAccountMapDao;
+    IAMGroupAccountMapDao _aclGroupAccountMapDao;
 
     @Inject
-    AclPolicyPermissionDao _policyPermissionDao;
+    IAMPolicyPermissionDao _policyPermissionDao;
 
     @DB
     @Override
-    public AclGroup createAclGroup(String aclGroupName, String description, String path) {
+    public IAMGroup createAclGroup(String aclGroupName, String description, String path) {
         // check if the group is already existing
-        AclGroup grp = _aclGroupDao.findByName(path, aclGroupName);
+        IAMGroup grp = _aclGroupDao.findByName(path, aclGroupName);
         if (grp != null) {
             throw new InvalidParameterValueException(
                     "Unable to create acl group with name " + aclGroupName
                     + " already exisits for path " + path);
         }
-        AclGroupVO rvo = new AclGroupVO(aclGroupName, description);
+        IAMGroupVO rvo = new IAMGroupVO(aclGroupName, description);
         rvo.setPath(path);
 
         return _aclGroupDao.persist(rvo);
@@ -102,7 +102,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     @Override
     public boolean deleteAclGroup(final Long aclGroupId) {
         // get the Acl Group entity
-        final AclGroup grp = _aclGroupDao.findById(aclGroupId);
+        final IAMGroup grp = _aclGroupDao.findById(aclGroupId);
         if (grp == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + aclGroupId
                     + "; failed to delete acl group.");
@@ -112,17 +112,17 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             @Override
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove this group related entry in acl_group_role_map
-                List<AclGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByGroupId(grp.getId());
+                List<IAMGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByGroupId(grp.getId());
                 if (groupPolicyMap != null) {
-                    for (AclGroupPolicyMapVO gr : groupPolicyMap) {
+                    for (IAMGroupPolicyMapVO gr : groupPolicyMap) {
                         _aclGroupPolicyMapDao.remove(gr.getId());
                     }
                 }
 
                 // remove this group related entry in acl_group_account table
-                List<AclGroupAccountMapVO> groupAcctMap = _aclGroupAccountMapDao.listByGroupId(grp.getId());
+                List<IAMGroupAccountMapVO> groupAcctMap = _aclGroupAccountMapDao.listByGroupId(grp.getId());
                 if (groupAcctMap != null) {
-                    for (AclGroupAccountMapVO grpAcct : groupAcctMap) {
+                    for (IAMGroupAccountMapVO grpAcct : groupAcctMap) {
                         _aclGroupAccountMapDao.remove(grpAcct.getId());
                     }
                 }
@@ -137,9 +137,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclGroup> listAclGroups(long accountId) {
+    public List<IAMGroup> listAclGroups(long accountId) {
 
-        GenericSearchBuilder<AclGroupAccountMapVO, Long> groupSB = _aclGroupAccountMapDao.createSearchBuilder(Long.class);
+        GenericSearchBuilder<IAMGroupAccountMapVO, Long> groupSB = _aclGroupAccountMapDao.createSearchBuilder(Long.class);
         groupSB.selectFields(groupSB.entity().getAclGroupId());
         groupSB.and("account", groupSB.entity().getAccountId(), Op.EQ);
         SearchCriteria<Long> groupSc = groupSB.create();
@@ -147,9 +147,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         List<Long> groupIds = _aclGroupAccountMapDao.customSearch(groupSc, null);
 
-        SearchBuilder<AclGroupVO> sb = _aclGroupDao.createSearchBuilder();
+        SearchBuilder<IAMGroupVO> sb = _aclGroupDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
-        SearchCriteria<AclGroupVO> sc = sb.create();
+        SearchCriteria<IAMGroupVO> sc = sb.create();
         sc.setParameters("ids", groupIds.toArray(new Object[groupIds.size()]));
         @SuppressWarnings("rawtypes")
         List groups = _aclGroupDao.search(sc, null);
@@ -158,9 +158,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclGroup addAccountsToGroup(final List<Long> acctIds, final Long groupId) {
+    public IAMGroup addAccountsToGroup(final List<Long> acctIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to add accounts to acl group.");
@@ -172,10 +172,10 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
                 // add entries in acl_group_account_map table
                 for (Long acctId : acctIds) {
                     // check account permissions
-                    AclGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
+                    IAMGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
                     if (grMap == null) {
                         // not there already
-                        grMap = new AclGroupAccountMapVO(groupId, acctId);
+                        grMap = new IAMGroupAccountMapVO(groupId, acctId);
                         _aclGroupAccountMapDao.persist(grMap);
                     }
                 }
@@ -186,9 +186,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclGroup removeAccountsFromGroup(final List<Long> acctIds, final Long groupId) {
+    public IAMGroup removeAccountsFromGroup(final List<Long> acctIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to remove accounts from acl group.");
@@ -199,7 +199,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove entries from acl_group_account_map table
                 for (Long acctId : acctIds) {
-                    AclGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
+                    IAMGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
                     if (grMap != null) {
                         // not removed yet
                         _aclGroupAccountMapDao.remove(grMap.getId());
@@ -212,35 +212,35 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     public List<Long> listAccountsByGroup(long groupId) {
-        List<AclGroupAccountMapVO> grpAcctMap = _aclGroupAccountMapDao.listByGroupId(groupId);
+        List<IAMGroupAccountMapVO> grpAcctMap = _aclGroupAccountMapDao.listByGroupId(groupId);
         if (grpAcctMap == null || grpAcctMap.size() == 0) {
             return new ArrayList<Long>();
         }
 
         List<Long> accts = new ArrayList<Long>();
-        for (AclGroupAccountMapVO grpAcct : grpAcctMap) {
+        for (IAMGroupAccountMapVO grpAcct : grpAcctMap) {
             accts.add(grpAcct.getAccountId());
         }
         return accts;
     }
 
     @Override
-    public Pair<List<AclGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize) {
+    public Pair<List<IAMGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize) {
         if (aclGroupId != null) {
-            AclGroup group = _aclGroupDao.findById(aclGroupId);
+            IAMGroup group = _aclGroupDao.findById(aclGroupId);
             if (group == null) {
                 throw new InvalidParameterValueException("Unable to find acl group by id " + aclGroupId);
             }
         }
 
-        Filter searchFilter = new Filter(AclGroupVO.class, "id", true, startIndex, pageSize);
+        Filter searchFilter = new Filter(IAMGroupVO.class, "id", true, startIndex, pageSize);
 
-        SearchBuilder<AclGroupVO> sb = _aclGroupDao.createSearchBuilder();
+        SearchBuilder<IAMGroupVO> sb = _aclGroupDao.createSearchBuilder();
         sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
         sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE);
         sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
 
-        SearchCriteria<AclGroupVO> sc = sb.create();
+        SearchCriteria<IAMGroupVO> sc = sb.create();
 
         if (aclGroupName != null) {
             sc.setParameters("name", aclGroupName);
@@ -252,13 +252,13 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         sc.setParameters("path", path + "%");
 
-        Pair<List<AclGroupVO>, Integer> groups = _aclGroupDao.searchAndCount(sc, searchFilter);
-        return new Pair<List<AclGroup>, Integer>(new ArrayList<AclGroup>(groups.first()), groups.second());
+        Pair<List<IAMGroupVO>, Integer> groups = _aclGroupDao.searchAndCount(sc, searchFilter);
+        return new Pair<List<IAMGroup>, Integer>(new ArrayList<IAMGroup>(groups.first()), groups.second());
     }
 
     @Override
-    public List<AclGroup> listParentAclGroups(long groupId) {
-        AclGroup group = _aclGroupDao.findById(groupId);
+    public List<IAMGroup> listParentAclGroups(long groupId) {
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group by id " + groupId);
         }
@@ -277,45 +277,45 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
         }
 
         if (pathList.isEmpty()) {
-            return new ArrayList<AclGroup>();
+            return new ArrayList<IAMGroup>();
         }
 
-        SearchBuilder<AclGroupVO> sb = _aclGroupDao.createSearchBuilder();
+        SearchBuilder<IAMGroupVO> sb = _aclGroupDao.createSearchBuilder();
         sb.and("paths", sb.entity().getPath(), SearchCriteria.Op.IN);
 
-        SearchCriteria<AclGroupVO> sc = sb.create();
+        SearchCriteria<IAMGroupVO> sc = sb.create();
         sc.setParameters("paths", pathList.toArray());
 
-        List<AclGroupVO> groups = _aclGroupDao.search(sc, null);
+        List<IAMGroupVO> groups = _aclGroupDao.search(sc, null);
 
-        return new ArrayList<AclGroup>(groups);
+        return new ArrayList<IAMGroup>(groups);
 
     }
 
     @DB
     @Override
-    public AclPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId, final String path) {
+    public IAMPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId, final String path) {
 
         // check if the policy is already existing
-        AclPolicy ro = _aclPolicyDao.findByName(aclPolicyName);
+        IAMPolicy ro = _aclPolicyDao.findByName(aclPolicyName);
         if (ro != null) {
             throw new InvalidParameterValueException(
                     "Unable to create acl policy with name " + aclPolicyName
                     + " already exisits");
         }
 
-        AclPolicy role = Transaction.execute(new TransactionCallback<AclPolicy>() {
+        IAMPolicy role = Transaction.execute(new TransactionCallback<IAMPolicy>() {
             @Override
-            public AclPolicy doInTransaction(TransactionStatus status) {
-                AclPolicyVO rvo = new AclPolicyVO(aclPolicyName, description);
+            public IAMPolicy doInTransaction(TransactionStatus status) {
+                IAMPolicyVO rvo = new IAMPolicyVO(aclPolicyName, description);
                 rvo.setPath(path);
 
-                AclPolicy role = _aclPolicyDao.persist(rvo);
+                IAMPolicy role = _aclPolicyDao.persist(rvo);
                 if (parentPolicyId != null) {
                     // copy parent role permissions
-                    List<AclPolicyPermissionVO> perms = _policyPermissionDao.listByPolicy(parentPolicyId);
+                    List<IAMPolicyPermissionVO> perms = _policyPermissionDao.listByPolicy(parentPolicyId);
                     if (perms != null) {
-                        for (AclPolicyPermissionVO perm : perms) {
+                        for (IAMPolicyPermissionVO perm : perms) {
                             perm.setAclPolicyId(role.getId());
                             _policyPermissionDao.persist(perm);
                         }
@@ -333,7 +333,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     @Override
     public boolean deleteAclPolicy(final long aclPolicyId) {
         // get the Acl Policy entity
-        final AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        final IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to delete acl policy.");
@@ -343,25 +343,25 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             @Override
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove this role related entry in acl_group_role_map
-                List<AclGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByPolicyId(policy.getId());
+                List<IAMGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByPolicyId(policy.getId());
                 if (groupPolicyMap != null) {
-                    for (AclGroupPolicyMapVO gr : groupPolicyMap) {
+                    for (IAMGroupPolicyMapVO gr : groupPolicyMap) {
                         _aclGroupPolicyMapDao.remove(gr.getId());
                     }
                 }
 
                 // remove this policy related entry in acl_account_policy_map table
-                List<AclAccountPolicyMapVO> policyAcctMap = _aclAccountPolicyMapDao.listByPolicyId(policy.getId());
+                List<IAMAccountPolicyMapVO> policyAcctMap = _aclAccountPolicyMapDao.listByPolicyId(policy.getId());
                 if (policyAcctMap != null) {
-                    for (AclAccountPolicyMapVO policyAcct : policyAcctMap) {
+                    for (IAMAccountPolicyMapVO policyAcct : policyAcctMap) {
                         _aclAccountPolicyMapDao.remove(policyAcct.getId());
                     }
                 }
 
                 // remove this policy related entry in acl_policy_permission table
-                List<AclPolicyPermissionVO> policyPermMap = _policyPermissionDao.listByPolicy(policy.getId());
+                List<IAMPolicyPermissionVO> policyPermMap = _policyPermissionDao.listByPolicy(policy.getId());
                 if (policyPermMap != null) {
-                    for (AclPolicyPermissionVO policyPerm : policyPermMap) {
+                    for (IAMPolicyPermissionVO policyPerm : policyPermMap) {
                         _policyPermissionDao.remove(policyPerm.getId());
                     }
                 }
@@ -377,13 +377,13 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicy> listAclPolicies(long accountId) {
+    public List<IAMPolicy> listAclPolicies(long accountId) {
 
         // static policies of the account
-        SearchBuilder<AclGroupAccountMapVO> groupSB = _aclGroupAccountMapDao.createSearchBuilder();
+        SearchBuilder<IAMGroupAccountMapVO> groupSB = _aclGroupAccountMapDao.createSearchBuilder();
         groupSB.and("account", groupSB.entity().getAccountId(), Op.EQ);
 
-        GenericSearchBuilder<AclGroupPolicyMapVO, Long> policySB = _aclGroupPolicyMapDao.createSearchBuilder(Long.class);
+        GenericSearchBuilder<IAMGroupPolicyMapVO, Long> policySB = _aclGroupPolicyMapDao.createSearchBuilder(Long.class);
         policySB.selectFields(policySB.entity().getAclPolicyId());
         policySB.join("accountgroupjoin", groupSB, groupSB.entity().getAclGroupId(), policySB.entity().getAclGroupId(),
                 JoinType.INNER);
@@ -393,16 +393,16 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         List<Long> policyIds = _aclGroupPolicyMapDao.customSearch(policySc, null);
         // add policies directly attached to the account
-        List<AclAccountPolicyMapVO> acctPolicies = _aclAccountPolicyMapDao.listByAccountId(accountId);
-        for (AclAccountPolicyMapVO p : acctPolicies) {
+        List<IAMAccountPolicyMapVO> acctPolicies = _aclAccountPolicyMapDao.listByAccountId(accountId);
+        for (IAMAccountPolicyMapVO p : acctPolicies) {
             policyIds.add(p.getAclPolicyId());
         }
         if (policyIds.size() == 0) {
-            return new ArrayList<AclPolicy>();
+            return new ArrayList<IAMPolicy>();
         }
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
         sc.setParameters("ids", policyIds.toArray(new Object[policyIds.size()]));
         @SuppressWarnings("rawtypes")
         List policies = _aclPolicyDao.customSearch(sc, null);
@@ -413,20 +413,20 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicy> listAclPoliciesByGroup(long groupId) {
-        List<AclGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
+    public List<IAMPolicy> listAclPoliciesByGroup(long groupId) {
+        List<IAMGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
         if (policyGrpMap == null || policyGrpMap.size() == 0) {
-            return new ArrayList<AclPolicy>();
+            return new ArrayList<IAMPolicy>();
         }
 
         List<Long> policyIds = new ArrayList<Long>();
-        for (AclGroupPolicyMapVO pg : policyGrpMap) {
+        for (IAMGroupPolicyMapVO pg : policyGrpMap) {
             policyIds.add(pg.getAclPolicyId());
         }
 
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
         sc.setParameters("ids", policyIds.toArray(new Object[policyIds.size()]));
         @SuppressWarnings("rawtypes")
         List policies = _aclPolicyDao.customSearch(sc, null);
@@ -436,26 +436,26 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicy> listRecursiveAclPoliciesByGroup(long groupId) {
-        List<AclGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
+    public List<IAMPolicy> listRecursiveAclPoliciesByGroup(long groupId) {
+        List<IAMGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
         if (policyGrpMap == null || policyGrpMap.size() == 0) {
-            return new ArrayList<AclPolicy>();
+            return new ArrayList<IAMPolicy>();
         }
 
         List<Long> policyIds = new ArrayList<Long>();
-        for (AclGroupPolicyMapVO pg : policyGrpMap) {
+        for (IAMGroupPolicyMapVO pg : policyGrpMap) {
             policyIds.add(pg.getAclPolicyId());
         }
 
-        SearchBuilder<AclPolicyPermissionVO> permSb = _policyPermissionDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyPermissionVO> permSb = _policyPermissionDao.createSearchBuilder();
         permSb.and("isRecursive", permSb.entity().isRecursive(), Op.EQ);
 
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
         sb.join("recursivePerm", permSb, sb.entity().getId(), permSb.entity().getAclPolicyId(),
                 JoinBuilder.JoinType.INNER);
 
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
         sc.setParameters("ids", policyIds.toArray(new Object[policyIds.size()]));
         sc.setJoinParameters("recursivePerm", "isRecursive", true);
 
@@ -468,23 +468,23 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public Pair<List<AclPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize) {
+    public Pair<List<IAMPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize) {
 
         if (aclPolicyId != null) {
-            AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+            IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
             if (policy == null) {
                 throw new InvalidParameterValueException("Unable to find acl policy by id " + aclPolicyId);
             }
         }
 
-        Filter searchFilter = new Filter(AclPolicyVO.class, "id", true, startIndex, pageSize);
+        Filter searchFilter = new Filter(IAMPolicyVO.class, "id", true, startIndex, pageSize);
 
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
         sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE);
         sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
 
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
 
         if (aclPolicyName != null) {
             sc.setParameters("name", aclPolicyName);
@@ -496,17 +496,17 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         sc.setParameters("path", path + "%");
 
-        Pair<List<AclPolicyVO>, Integer> policies = _aclPolicyDao.searchAndCount(sc, searchFilter);
+        Pair<List<IAMPolicyVO>, Integer> policies = _aclPolicyDao.searchAndCount(sc, searchFilter);
         @SuppressWarnings("rawtypes")
         List policyList = policies.first();
-        return new Pair<List<AclPolicy>, Integer>(policyList, policies.second());
+        return new Pair<List<IAMPolicy>, Integer>(policyList, policies.second());
     }
 
     @DB
     @Override
-    public AclGroup attachAclPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
+    public IAMGroup attachAclPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to add roles to acl group.");
@@ -517,16 +517,16 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_policy_map table
                 for (Long policyId : policyIds) {
-                    AclPolicy policy = _aclPolicyDao.findById(policyId);
+                    IAMPolicy policy = _aclPolicyDao.findById(policyId);
                     if (policy == null) {
                         throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                                 + "; failed to add policies to acl group.");
                     }
 
-                    AclGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
+                    IAMGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
                     if (grMap == null) {
                         // not there already
-                        grMap = new AclGroupPolicyMapVO(groupId, policyId);
+                        grMap = new IAMGroupPolicyMapVO(groupId, policyId);
                         _aclGroupPolicyMapDao.persist(grMap);
                     }
                 }
@@ -538,9 +538,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclGroup removeAclPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
+    public IAMGroup removeAclPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to remove roles from acl group.");
@@ -551,13 +551,13 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_role_map table
                 for (Long policyId : policyIds) {
-                    AclPolicy policy = _aclPolicyDao.findById(policyId);
+                    IAMPolicy policy = _aclPolicyDao.findById(policyId);
                     if (policy == null) {
                         throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                                 + "; failed to add policies to acl group.");
                     }
 
-                    AclGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
+                    IAMGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
                     if (grMap != null) {
                         // not removed yet
                         _aclGroupPolicyMapDao.remove(grMap.getId());
@@ -571,7 +571,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     public void attachAclPolicyToAccounts(final Long policyId, final List<Long> acctIds) {
-        AclPolicy policy = _aclPolicyDao.findById(policyId);
+        IAMPolicy policy = _aclPolicyDao.findById(policyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                     + "; failed to add policy to account.");
@@ -582,10 +582,10 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_policy_map table
                 for (Long acctId : acctIds) {
-                    AclAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
+                    IAMAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
                     if (acctMap == null) {
                         // not there already
-                        acctMap = new AclAccountPolicyMapVO(acctId, policyId);
+                        acctMap = new IAMAccountPolicyMapVO(acctId, policyId);
                         _aclAccountPolicyMapDao.persist(acctMap);
                     }
                 }
@@ -595,7 +595,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     public void removeAclPolicyFromAccounts(final Long policyId, final List<Long> acctIds) {
-        AclPolicy policy = _aclPolicyDao.findById(policyId);
+        IAMPolicy policy = _aclPolicyDao.findById(policyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                     + "; failed to add policy to account.");
@@ -606,10 +606,10 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_policy_map table
                 for (Long acctId : acctIds) {
-                    AclAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
+                    IAMAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
                     if (acctMap == null) {
                         // not there already
-                        acctMap = new AclAccountPolicyMapVO(acctId, policyId);
+                        acctMap = new IAMAccountPolicyMapVO(acctId, policyId);
                         _aclAccountPolicyMapDao.remove(acctMap.getId());
                     }
                 }
@@ -619,20 +619,20 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    public IAMPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
             String action, String accessType, Permission perm, Boolean recursive) {
         // get the Acl Policy entity
-        AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to add permission to policy.");
         }
 
         // add entry in acl_policy_permission table
-        AclPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, perm);
+        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, perm);
         if (permit == null) {
             // not there already
-            permit = new AclPolicyPermissionVO(aclPolicyId, action, entityType, accessType, scope, scopeId, perm,
+            permit = new IAMPolicyPermissionVO(aclPolicyId, action, entityType, accessType, scope, scopeId, perm,
                     recursive);
             _policyPermissionDao.persist(permit);
         }
@@ -642,16 +642,16 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    public IAMPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
             String action) {
         // get the Acl Policy entity
-        AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to revoke permission from policy.");
         }
         // remove entry from acl_entity_permission table
-        AclPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, Permission.Allow);
+        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, Permission.Allow);
         if (permit != null) {
             // not removed yet
             _policyPermissionDao.remove(permit.getId());
@@ -666,8 +666,8 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             @Override
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove entry from acl_entity_permission table
-                List<AclPolicyPermissionVO> permitList = _policyPermissionDao.listByEntity(entityType, entityId);
-                for (AclPolicyPermissionVO permit : permitList) {
+                List<IAMPolicyPermissionVO> permitList = _policyPermissionDao.listByEntity(entityType, entityId);
+                for (IAMPolicyPermissionVO permit : permitList) {
                     long policyId = permit.getAclPolicyId();
                     _policyPermissionDao.remove(permit.getId());
 
@@ -682,19 +682,19 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclPolicy resetAclPolicy(long aclPolicyId) {
+    public IAMPolicy resetAclPolicy(long aclPolicyId) {
         // get the Acl Policy entity
-        AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to reset the policy.");
         }
 
-        SearchBuilder<AclPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
         sb.and("policyId", sb.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
         sb.and("scope", sb.entity().getScope(), SearchCriteria.Op.EQ);
         sb.done();
-        SearchCriteria<AclPolicyPermissionVO> permissionSC = sb.create();
+        SearchCriteria<IAMPolicyPermissionVO> permissionSC = sb.create();
         permissionSC.setParameters("policyId", aclPolicyId);
         _policyPermissionDao.expunge(permissionSC);
 
@@ -702,7 +702,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     }
 
     @Override
-    public boolean isActionAllowedForPolicies(String action, List<AclPolicy> policies) {
+    public boolean isActionAllowedForPolicies(String action, List<IAMPolicy> policies) {
 
         boolean allowed = false;
 
@@ -711,19 +711,19 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
         }
 
         List<Long> policyIds = new ArrayList<Long>();
-        for (AclPolicy policy : policies) {
+        for (IAMPolicy policy : policies) {
             policyIds.add(policy.getId());
         }
 
-        SearchBuilder<AclPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
         sb.and("action", sb.entity().getAction(), Op.EQ);
         sb.and("policyId", sb.entity().getAclPolicyId(), Op.IN);
 
-        SearchCriteria<AclPolicyPermissionVO> sc = sb.create();
+        SearchCriteria<IAMPolicyPermissionVO> sc = sb.create();
         sc.setParameters("policyId", policyIds.toArray(new Object[policyIds.size()]));
         sc.setParameters("action", action);
 
-        List<AclPolicyPermissionVO> permissions = _policyPermissionDao.customSearch(sc, null);
+        List<IAMPolicyPermissionVO> permissions = _policyPermissionDao.customSearch(sc, null);
 
         if (permissions != null && !permissions.isEmpty()) {
             allowed = true;
@@ -736,14 +736,14 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     @Override
     public List<Long> getGrantedEntities(long accountId, String action, String scope) {
         // Get the static Policies of the Caller
-        List<AclPolicy> policies = listAclPolicies(accountId);
+        List<IAMPolicy> policies = listAclPolicies(accountId);
         // for each policy, find granted permission within the given scope
         List<Long> entityIds = new ArrayList<Long>();
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermissionVO> pp = _policyPermissionDao.listGrantedByActionAndScope(policy.getId(), action,
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermissionVO> pp = _policyPermissionDao.listGrantedByActionAndScope(policy.getId(), action,
                     scope);
             if (pp != null) {
-                for (AclPolicyPermissionVO p : pp) {
+                for (IAMPolicyPermissionVO p : pp) {
                     if (p.getScopeId() != null) {
                         entityIds.add(p.getScopeId());
                     }
@@ -755,7 +755,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     @SuppressWarnings("unchecked")
-    public List<AclPolicyPermission> listPolicyPermissions(long policyId) {
+    public List<IAMPolicyPermission> listPolicyPermissions(long policyId) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listByPolicy(policyId);
         return pp;
@@ -763,7 +763,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicyPermission> listPolicyPermissionsByScope(long policyId, String action, String scope) {
+    public List<IAMPolicyPermission> listPolicyPermissionsByScope(long policyId, String action, String scope) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listGrantedByActionAndScope(policyId, action, scope);
         return pp;
@@ -771,7 +771,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicyPermission> listPolicyPermissionByActionAndEntity(long policyId, String action,
+    public List<IAMPolicyPermission> listPolicyPermissionByActionAndEntity(long policyId, String action,
             String entityType) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listByPolicyActionAndEntity(policyId, action, entityType);
@@ -780,7 +780,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicyPermission> listPolicyPermissionByAccessAndEntity(long policyId, String accessType,
+    public List<IAMPolicyPermission> listPolicyPermissionByAccessAndEntity(long policyId, String accessType,
             String entityType) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listByPolicyAccessAndEntity(policyId, accessType, entityType);
@@ -788,19 +788,19 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     }
 
     @Override
-    public AclPolicy getResourceOwnerPolicy() {
+    public IAMPolicy getResourceOwnerPolicy() {
         return _aclPolicyDao.findByName("RESOURCE_OWNER");
     }
 
     // search for policy with only one resource grant permission
     @Override
-    public AclPolicy getResourceGrantPolicy(String entityType, Long entityId, String accessType, String action) {
-        List<AclPolicyVO> policyList = _aclPolicyDao.listAll();
-        for (AclPolicyVO policy : policyList){
-            List<AclPolicyPermission> pp = listPolicyPermissions(policy.getId());
+    public IAMPolicy getResourceGrantPolicy(String entityType, Long entityId, String accessType, String action) {
+        List<IAMPolicyVO> policyList = _aclPolicyDao.listAll();
+        for (IAMPolicyVO policy : policyList){
+            List<IAMPolicyPermission> pp = listPolicyPermissions(policy.getId());
             if ( pp != null && pp.size() == 1){
                 // resource grant policy should only have one ACL permission assigned
-                AclPolicyPermission permit = pp.get(0);
+                IAMPolicyPermission permit = pp.get(0);
                 if ( permit.getEntityType().equals(entityType) && permit.getScope().equals(PermissionScope.RESOURCE.toString()) && permit.getScopeId().longValue() == entityId.longValue()){
                     if (accessType != null && permit.getAccessType().equals(accessType)){
                         return policy;
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java
deleted file mode 100644
index 83b814777b3..00000000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.iam.server.AclAccountPolicyMapVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclAccountPolicyMapDao extends GenericDao<AclAccountPolicyMapVO, Long> {
-
-    List<AclAccountPolicyMapVO> listByAccountId(long acctId);
-
-    List<AclAccountPolicyMapVO> listByPolicyId(long policyId);
-
-    AclAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId);
-
-}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java
deleted file mode 100644
index a016fc5537a..00000000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.iam.server.AclGroupPolicyMapVO;
-import com.cloud.utils.db.GenericDao;
-
-public interface AclGroupPolicyMapDao extends GenericDao<AclGroupPolicyMapVO, Long> {
-
-    List<AclGroupPolicyMapVO> listByGroupId(long groupId);
-
-    List<AclGroupPolicyMapVO> listByPolicyId(long policyId);
-
-    AclGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId);
-
-}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java
new file mode 100644
index 00000000000..4caf6590907
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java
@@ -0,0 +1,17 @@
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+
+import org.apache.cloudstack.iam.server.IAMAccountPolicyMapVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMAccountPolicyMapDao extends GenericDao<IAMAccountPolicyMapVO, Long> {
+
+    List<IAMAccountPolicyMapVO> listByAccountId(long acctId);
+
+    List<IAMAccountPolicyMapVO> listByPolicyId(long policyId);
+
+    IAMAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId);
+
+}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
similarity index 67%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDaoImpl.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
index 51091a6f880..883fd5c1b23 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDaoImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
@@ -5,17 +5,17 @@ import java.util.Map;
 
 import javax.naming.ConfigurationException;
 
-import org.apache.cloudstack.iam.server.AclAccountPolicyMapVO;
+import org.apache.cloudstack.iam.server.IAMAccountPolicyMapVO;
 
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 
-public class AclAccountPolicyMapDaoImpl extends GenericDaoBase<AclAccountPolicyMapVO, Long> implements AclAccountPolicyMapDao {
+public class IAMAccountPolicyMapDaoImpl extends GenericDaoBase<IAMAccountPolicyMapVO, Long> implements IAMAccountPolicyMapDao {
 
-    private SearchBuilder<AclAccountPolicyMapVO> ListByAccountId;
-    private SearchBuilder<AclAccountPolicyMapVO> ListByPolicyId;
-    private SearchBuilder<AclAccountPolicyMapVO> findByPolicyAccountId;
+    private SearchBuilder<IAMAccountPolicyMapVO> ListByAccountId;
+    private SearchBuilder<IAMAccountPolicyMapVO> ListByPolicyId;
+    private SearchBuilder<IAMAccountPolicyMapVO> findByPolicyAccountId;
 
     @Override
     public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@@ -38,22 +38,22 @@ public class AclAccountPolicyMapDaoImpl extends GenericDaoBase<AclAccountPolicyM
     }
 
     @Override
-    public List<AclAccountPolicyMapVO> listByAccountId(long acctId) {
-        SearchCriteria<AclAccountPolicyMapVO> sc = ListByAccountId.create();
+    public List<IAMAccountPolicyMapVO> listByAccountId(long acctId) {
+        SearchCriteria<IAMAccountPolicyMapVO> sc = ListByAccountId.create();
         sc.setParameters("accountId", acctId);
         return listBy(sc);
     }
 
     @Override
-    public List<AclAccountPolicyMapVO> listByPolicyId(long policyId) {
-        SearchCriteria<AclAccountPolicyMapVO> sc = ListByPolicyId.create();
+    public List<IAMAccountPolicyMapVO> listByPolicyId(long policyId) {
+        SearchCriteria<IAMAccountPolicyMapVO> sc = ListByPolicyId.create();
         sc.setParameters("policyId", policyId);
         return listBy(sc);
     }
 
     @Override
-    public AclAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId) {
-        SearchCriteria<AclAccountPolicyMapVO> sc = findByPolicyAccountId.create();
+    public IAMAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId) {
+        SearchCriteria<IAMAccountPolicyMapVO> sc = findByPolicyAccountId.create();
         sc.setParameters("policyId", policyId);
         sc.setParameters("accountId", acctId);
         return findOneBy(sc);
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDao.java
similarity index 66%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDao.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDao.java
index 58f69c3341d..a94dbaae9c7 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDao.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDao.java
@@ -18,23 +18,23 @@ package org.apache.cloudstack.iam.server.dao;
 
 import java.util.List;
 
-import org.apache.cloudstack.iam.server.AclGroupAccountMapVO;
+import org.apache.cloudstack.iam.server.IAMGroupAccountMapVO;
 
 import com.cloud.utils.db.GenericDao;
 
-public interface AclGroupAccountMapDao extends GenericDao<AclGroupAccountMapVO, Long> {
+public interface IAMGroupAccountMapDao extends GenericDao<IAMGroupAccountMapVO, Long> {
 
-    List<AclGroupAccountMapVO> listByGroupId(long groupId);
+    List<IAMGroupAccountMapVO> listByGroupId(long groupId);
 
-    List<AclGroupAccountMapVO> listByAccountId(long accountId);
+    List<IAMGroupAccountMapVO> listByAccountId(long accountId);
 
-    AclGroupAccountMapVO findAccountInAdminGroup(long accountId);
+    IAMGroupAccountMapVO findAccountInAdminGroup(long accountId);
 
-    AclGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId);
+    IAMGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId);
 
     void removeAccountFromGroups(long accountId);
 
-    AclGroupAccountMapVO findAccountInDomainAdminGroup(long accountId);
+    IAMGroupAccountMapVO findAccountInDomainAdminGroup(long accountId);
 
-    AclGroupAccountMapVO findAccountInUserGroup(long accountId);
+    IAMGroupAccountMapVO findAccountInUserGroup(long accountId);
 }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDaoImpl.java
similarity index 72%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDaoImpl.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDaoImpl.java
index 32ce64ab369..4bb5d1a59fb 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDaoImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDaoImpl.java
@@ -21,7 +21,7 @@ import java.util.Map;
 
 import javax.naming.ConfigurationException;
 
-import org.apache.cloudstack.iam.server.AclGroupAccountMapVO;
+import org.apache.cloudstack.iam.server.IAMGroupAccountMapVO;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
 
@@ -31,12 +31,12 @@ import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 
 @Component
-public class AclGroupAccountMapDaoImpl extends GenericDaoBase<AclGroupAccountMapVO, Long> implements AclGroupAccountMapDao {
-    private SearchBuilder<AclGroupAccountMapVO> ListByGroupId;
-    private SearchBuilder<AclGroupAccountMapVO> ListByAccountId;
-    private SearchBuilder<AclGroupAccountMapVO> _findByAccountAndGroupId;
+public class IAMGroupAccountMapDaoImpl extends GenericDaoBase<IAMGroupAccountMapVO, Long> implements IAMGroupAccountMapDao {
+    private SearchBuilder<IAMGroupAccountMapVO> ListByGroupId;
+    private SearchBuilder<IAMGroupAccountMapVO> ListByAccountId;
+    private SearchBuilder<IAMGroupAccountMapVO> _findByAccountAndGroupId;
 
-    public static final Logger s_logger = Logger.getLogger(AclGroupAccountMapDaoImpl.class.getName());
+    public static final Logger s_logger = Logger.getLogger(IAMGroupAccountMapDaoImpl.class.getName());
 
     @Override
     public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@@ -61,46 +61,46 @@ public class AclGroupAccountMapDaoImpl extends GenericDaoBase<AclGroupAccountMap
     }
 
     @Override
-    public List<AclGroupAccountMapVO> listByGroupId(long groupId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = ListByGroupId.create();
+    public List<IAMGroupAccountMapVO> listByGroupId(long groupId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = ListByGroupId.create();
         sc.setParameters("groupId", groupId);
         return listBy(sc);
     }
 
     @Override
-    public List<AclGroupAccountMapVO> listByAccountId(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = ListByAccountId.create();
+    public List<IAMGroupAccountMapVO> listByAccountId(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = ListByAccountId.create();
         sc.setParameters("accountId", accountId);
         return listBy(sc);
     }
 
     @Override
-    public AclGroupAccountMapVO findAccountInAdminGroup(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+    public IAMGroupAccountMapVO findAccountInAdminGroup(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
         sc.setParameters("accountId", accountId);
         sc.setParameters("groupId", 2);
         return findOneBy(sc);
     }
 
     @Override
-    public AclGroupAccountMapVO findAccountInDomainAdminGroup(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+    public IAMGroupAccountMapVO findAccountInDomainAdminGroup(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
         sc.setParameters("accountId", accountId);
         sc.setParameters("groupId", 3);
         return findOneBy(sc);
     }
 
     @Override
-    public AclGroupAccountMapVO findAccountInUserGroup(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+    public IAMGroupAccountMapVO findAccountInUserGroup(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
         sc.setParameters("accountId", accountId);
         sc.setParameters("groupId", 1);
         return findOneBy(sc);
     }
 
     @Override
-    public AclGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+    public IAMGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
         sc.setParameters("accountId", acctId);
         sc.setParameters("groupId", groupId);
         return findOneBy(sc);
@@ -108,7 +108,7 @@ public class AclGroupAccountMapDaoImpl extends GenericDaoBase<AclGroupAccountMap
 
     @Override
     public void removeAccountFromGroups(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = ListByAccountId.create();
+        SearchCriteria<IAMGroupAccountMapVO> sc = ListByAccountId.create();
         sc.setParameters("accountId", accountId);
 
         int rowsRemoved = remove(sc);
@@ -116,4 +116,4 @@ public class AclGroupAccountMapDaoImpl extends GenericDaoBase<AclGroupAccountMap
             s_logger.debug("Removed account id=" + accountId + " from " + rowsRemoved + " groups");
         }
     }
-}
+}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDao.java
similarity index 80%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDao.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDao.java
index aa62a0b558d..54408a6d390 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDao.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDao.java
@@ -16,13 +16,13 @@
 // under the License.
 package org.apache.cloudstack.iam.server.dao;
 
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.server.AclGroupVO;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.server.IAMGroupVO;
 
 import com.cloud.utils.db.GenericDao;
 
-public interface AclGroupDao extends GenericDao<AclGroupVO, Long> {
+public interface IAMGroupDao extends GenericDao<IAMGroupVO, Long> {
 
-    AclGroup findByName(String path, String groupName);
+    IAMGroup findByName(String path, String groupName);
 
 }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDaoImpl.java
similarity index 82%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDaoImpl.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDaoImpl.java
index e091574c6b5..45be0b3f21c 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDaoImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDaoImpl.java
@@ -20,8 +20,8 @@ import java.util.Map;
 
 import javax.naming.ConfigurationException;
 
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.server.AclGroupVO;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.server.IAMGroupVO;
 import org.springframework.stereotype.Component;
 
 
@@ -30,8 +30,8 @@ import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 
 @Component
-public class AclGroupDaoImpl extends GenericDaoBase<AclGroupVO, Long> implements AclGroupDao {
-    private SearchBuilder<AclGroupVO> nameSearch;
+public class IAMGroupDaoImpl extends GenericDaoBase<IAMGroupVO, Long> implements IAMGroupDao {
+    private SearchBuilder<IAMGroupVO> nameSearch;
 
     @Override
     public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@@ -47,8 +47,8 @@ public class AclGroupDaoImpl extends GenericDaoBase<AclGroupVO, Long> implements
     }
 
     @Override
-    public AclGroup findByName(String path, String name) {
-        SearchCriteria<AclGroupVO> sc = nameSearch.create();
+    public IAMGroup findByName(String path, String name) {
+        SearchCriteria<IAMGroupVO> sc = nameSearch.create();
         sc.setParameters("name", name);
         if (path != null) {
             sc.setParameters("path", path);
@@ -56,4 +56,4 @@ public class AclGroupDaoImpl extends GenericDaoBase<AclGroupVO, Long> implements
         return findOneBy(sc);
     }
 
-}
+}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java
new file mode 100644
index 00000000000..6a2df89ab75
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java
@@ -0,0 +1,16 @@
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+
+import org.apache.cloudstack.iam.server.IAMGroupPolicyMapVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMGroupPolicyMapDao extends GenericDao<IAMGroupPolicyMapVO, Long> {
+
+    List<IAMGroupPolicyMapVO> listByGroupId(long groupId);
+
+    List<IAMGroupPolicyMapVO> listByPolicyId(long policyId);
+
+    IAMGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId);
+
+}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDaoImpl.java
similarity index 66%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDaoImpl.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDaoImpl.java
index 3ce2b8a4b56..95b6bac3712 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDaoImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDaoImpl.java
@@ -5,17 +5,17 @@ import java.util.Map;
 
 import javax.naming.ConfigurationException;
 
-import org.apache.cloudstack.iam.server.AclGroupPolicyMapVO;
+import org.apache.cloudstack.iam.server.IAMGroupPolicyMapVO;
 
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 
-public class AclGroupPolicyMapDaoImpl extends GenericDaoBase<AclGroupPolicyMapVO, Long> implements AclGroupPolicyMapDao {
+public class IAMGroupPolicyMapDaoImpl extends GenericDaoBase<IAMGroupPolicyMapVO, Long> implements IAMGroupPolicyMapDao {
 
-    private SearchBuilder<AclGroupPolicyMapVO> ListByGroupId;
-    private SearchBuilder<AclGroupPolicyMapVO> ListByPolicyId;
-    private SearchBuilder<AclGroupPolicyMapVO> findByPolicyGroupId;
+    private SearchBuilder<IAMGroupPolicyMapVO> ListByGroupId;
+    private SearchBuilder<IAMGroupPolicyMapVO> ListByPolicyId;
+    private SearchBuilder<IAMGroupPolicyMapVO> findByPolicyGroupId;
 
     @Override
     public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@@ -38,22 +38,22 @@ public class AclGroupPolicyMapDaoImpl extends GenericDaoBase<AclGroupPolicyMapVO
     }
 
     @Override
-    public List<AclGroupPolicyMapVO> listByGroupId(long groupId) {
-        SearchCriteria<AclGroupPolicyMapVO> sc = ListByGroupId.create();
+    public List<IAMGroupPolicyMapVO> listByGroupId(long groupId) {
+        SearchCriteria<IAMGroupPolicyMapVO> sc = ListByGroupId.create();
         sc.setParameters("groupId", groupId);
         return listBy(sc);
     }
 
     @Override
-    public List<AclGroupPolicyMapVO> listByPolicyId(long policyId) {
-        SearchCriteria<AclGroupPolicyMapVO> sc = ListByPolicyId.create();
+    public List<IAMGroupPolicyMapVO> listByPolicyId(long policyId) {
+        SearchCriteria<IAMGroupPolicyMapVO> sc = ListByPolicyId.create();
         sc.setParameters("policyId", policyId);
         return listBy(sc);
     }
 
     @Override
-    public AclGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId) {
-        SearchCriteria<AclGroupPolicyMapVO> sc = findByPolicyGroupId.create();
+    public IAMGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId) {
+        SearchCriteria<IAMGroupPolicyMapVO> sc = findByPolicyGroupId.create();
         sc.setParameters("policyId", policyId);
         sc.setParameters("groupId", groupId);
         return findOneBy(sc);
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDao.java
similarity index 81%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDao.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDao.java
index a61c5de051b..ace7d8585ac 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDao.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDao.java
@@ -16,13 +16,13 @@
 // under the License.
 package org.apache.cloudstack.iam.server.dao;
 
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.server.AclPolicyVO;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.server.IAMPolicyVO;
 
 import com.cloud.utils.db.GenericDao;
 
-public interface AclPolicyDao extends GenericDao<AclPolicyVO, Long> {
+public interface IAMPolicyDao extends GenericDao<IAMPolicyVO, Long> {
 
-    AclPolicy findByName(String policyName);
+    IAMPolicy findByName(String policyName);
 
 }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDaoImpl.java
similarity index 82%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDaoImpl.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDaoImpl.java
index a1a81e68bc9..293cf6f59ee 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDaoImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDaoImpl.java
@@ -20,8 +20,8 @@ import java.util.Map;
 
 import javax.naming.ConfigurationException;
 
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.server.AclPolicyVO;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.server.IAMPolicyVO;
 import org.springframework.stereotype.Component;
 
 import com.cloud.utils.db.GenericDaoBase;
@@ -29,8 +29,8 @@ import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 
 @Component
-public class AclPolicyDaoImpl extends GenericDaoBase<AclPolicyVO, Long> implements AclPolicyDao {
-    private SearchBuilder<AclPolicyVO> nameSearch;
+public class IAMPolicyDaoImpl extends GenericDaoBase<IAMPolicyVO, Long> implements IAMPolicyDao {
+    private SearchBuilder<IAMPolicyVO> nameSearch;
 
     @Override
     public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@@ -47,11 +47,11 @@ public class AclPolicyDaoImpl extends GenericDaoBase<AclPolicyVO, Long> implemen
     }
 
     @Override
-    public AclPolicy findByName(String name) {
-        SearchCriteria<AclPolicyVO> sc = nameSearch.create();
+    public IAMPolicy findByName(String name) {
+        SearchCriteria<IAMPolicyVO> sc = nameSearch.create();
         sc.setParameters("name", name);
 
         return findOneBy(sc);
     }
 
-}
+}
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDao.java
similarity index 67%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDao.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDao.java
index 2a492430098..cdcb02b1dee 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDao.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDao.java
@@ -17,23 +17,23 @@
 package org.apache.cloudstack.iam.server.dao;
 import java.util.List;
 
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
-import org.apache.cloudstack.iam.server.AclPolicyPermissionVO;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
+import org.apache.cloudstack.iam.server.IAMPolicyPermissionVO;
 
 import com.cloud.utils.db.GenericDao;
 
-public interface AclPolicyPermissionDao extends GenericDao<AclPolicyPermissionVO, Long> {
+public interface IAMPolicyPermissionDao extends GenericDao<IAMPolicyPermissionVO, Long> {
 
-    List<AclPolicyPermissionVO> listByPolicy(long policyId);
+    List<IAMPolicyPermissionVO> listByPolicy(long policyId);
 
-    AclPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
+    IAMPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
             String action, Permission perm);
 
-    List<AclPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope);
+    List<IAMPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope);
 
-    List<AclPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType);
+    List<IAMPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType);
 
-    List<AclPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType, String entityType);
+    List<IAMPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType, String entityType);
 
-    List<AclPolicyPermissionVO> listByEntity(String entityType, Long entityId);
+    List<IAMPolicyPermissionVO> listByEntity(String entityType, Long entityId);
 }
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDaoImpl.java
similarity index 77%
rename from services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDaoImpl.java
rename to services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDaoImpl.java
index 054c8f1f745..3f976cfefce 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDaoImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDaoImpl.java
@@ -21,20 +21,20 @@ import java.util.Map;
 
 import javax.naming.ConfigurationException;
 
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
-import org.apache.cloudstack.iam.server.AclPolicyPermissionVO;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
+import org.apache.cloudstack.iam.server.IAMPolicyPermissionVO;
 
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 
-public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissionVO, Long> implements
-        AclPolicyPermissionDao {
+public class IAMPolicyPermissionDaoImpl extends GenericDaoBase<IAMPolicyPermissionVO, Long> implements
+        IAMPolicyPermissionDao {
 
-    private SearchBuilder<AclPolicyPermissionVO> policyIdSearch;
-    private SearchBuilder<AclPolicyPermissionVO> fullSearch;
-    private SearchBuilder<AclPolicyPermissionVO> actionScopeSearch;
-    private SearchBuilder<AclPolicyPermissionVO> entitySearch;
+    private SearchBuilder<IAMPolicyPermissionVO> policyIdSearch;
+    private SearchBuilder<IAMPolicyPermissionVO> fullSearch;
+    private SearchBuilder<IAMPolicyPermissionVO> actionScopeSearch;
+    private SearchBuilder<IAMPolicyPermissionVO> entitySearch;
 
     @Override
     public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@@ -70,16 +70,16 @@ public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissi
     }
 
     @Override
-    public List<AclPolicyPermissionVO> listByPolicy(long policyId) {
-        SearchCriteria<AclPolicyPermissionVO> sc = policyIdSearch.create();
+    public List<IAMPolicyPermissionVO> listByPolicy(long policyId) {
+        SearchCriteria<IAMPolicyPermissionVO> sc = policyIdSearch.create();
         sc.setParameters("policyId", policyId);
         return listBy(sc);
     }
 
     @Override
-    public AclPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
+    public IAMPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
             String action, Permission perm) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
+        SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
         sc.setParameters("policyId", policyId);
         sc.setParameters("entityType", entityType);
         sc.setParameters("scope", scope);
@@ -90,8 +90,8 @@ public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissi
     }
 
     @Override
-    public List<AclPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope) {
-        SearchCriteria<AclPolicyPermissionVO> sc = actionScopeSearch.create();
+    public List<IAMPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope) {
+        SearchCriteria<IAMPolicyPermissionVO> sc = actionScopeSearch.create();
         sc.setParameters("policyId", policyId);
         sc.setParameters("action", action);
         sc.setParameters("scope", scope);
@@ -100,8 +100,8 @@ public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissi
     }
 
     @Override
-    public List<AclPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
+    public List<IAMPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType) {
+        SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
         sc.setParameters("policyId", policyId);
         sc.setParameters("entityType", entityType);
         sc.setParameters("action", action);
@@ -109,9 +109,9 @@ public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissi
     }
 
     @Override
-    public List<AclPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType,
+    public List<IAMPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType,
             String entityType) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
+        SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
         sc.setParameters("policyId", policyId);
         sc.setParameters("entityType", entityType);
         sc.setParameters("accessType", accessType);
@@ -119,11 +119,11 @@ public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissi
     }
 
     @Override
-    public List<AclPolicyPermissionVO> listByEntity(String entityType, Long entityId) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
+    public List<IAMPolicyPermissionVO> listByEntity(String entityType, Long entityId) {
+        SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
         sc.setParameters("entityType", entityType);
         sc.setParameters("scopeId", entityId);
         return listBy(sc);
     }
 
-}
+}
diff --git a/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java b/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
index 01eab61ded3..8760199a13b 100644
--- a/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
+++ b/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
@@ -45,18 +45,18 @@ import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.support.AnnotationConfigContextLoader;
 
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
 import org.apache.cloudstack.iam.api.IAMService;
-import org.apache.cloudstack.iam.server.AclGroupVO;
-import org.apache.cloudstack.iam.server.AclPolicyVO;
+import org.apache.cloudstack.iam.server.IAMGroupVO;
+import org.apache.cloudstack.iam.server.IAMPolicyVO;
 import org.apache.cloudstack.iam.server.IAMServiceImpl;
-import org.apache.cloudstack.iam.server.dao.AclAccountPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupAccountMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyPermissionDao;
+import org.apache.cloudstack.iam.server.dao.IAMAccountPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupAccountMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyPermissionDao;
 import org.apache.cloudstack.test.utils.SpringUtils;
 
 import com.cloud.exception.InvalidParameterValueException;
@@ -72,22 +72,22 @@ public class IAMServiceUnitTest {
     IAMService _iamService;
 
     @Inject
-    AclPolicyDao _aclPolicyDao;
+    IAMPolicyDao _aclPolicyDao;
 
     @Inject
-    AclGroupDao _aclGroupDao;
+    IAMGroupDao _aclGroupDao;
 
     @Inject
     EntityManager _entityMgr;
 
     @Inject
-    AclGroupPolicyMapDao _aclGroupPolicyMapDao;
+    IAMGroupPolicyMapDao _aclGroupPolicyMapDao;
 
     @Inject
-    AclGroupAccountMapDao _aclGroupAccountMapDao;
+    IAMGroupAccountMapDao _aclGroupAccountMapDao;
 
     @Inject
-    AclPolicyPermissionDao _policyPermissionDao;
+    IAMPolicyPermissionDao _policyPermissionDao;
 
     @BeforeClass
     public static void setUpClass() throws ConfigurationException {
@@ -96,15 +96,15 @@ public class IAMServiceUnitTest {
     @Before
     public void setUp() {
         ComponentContext.initComponentsLifeCycle();
-        AclGroupVO group = new AclGroupVO("group1", "my first group");
-        Mockito.when(_aclGroupDao.persist(Mockito.any(AclGroupVO.class))).thenReturn(group);
-        List<AclGroupVO> groups = new ArrayList<AclGroupVO>();
+        IAMGroupVO group = new IAMGroupVO("group1", "my first group");
+        Mockito.when(_aclGroupDao.persist(Mockito.any(IAMGroupVO.class))).thenReturn(group);
+        List<IAMGroupVO> groups = new ArrayList<IAMGroupVO>();
         groups.add(group);
         when(_aclGroupDao.search(Mockito.any(SearchCriteria.class), Mockito.any(com.cloud.utils.db.Filter.class)))
                 .thenReturn(groups);
 
-        AclPolicyVO policy = new AclPolicyVO("policy1", "my first policy");
-        Mockito.when(_aclPolicyDao.persist(Mockito.any(AclPolicyVO.class))).thenReturn(policy);
+        IAMPolicyVO policy = new IAMPolicyVO("policy1", "my first policy");
+        Mockito.when(_aclPolicyDao.persist(Mockito.any(IAMPolicyVO.class))).thenReturn(policy);
 
     }
 
@@ -114,13 +114,13 @@ public class IAMServiceUnitTest {
 
     @Test(expected = InvalidParameterValueException.class)
     public void createAclGroupTest() {
-        AclGroup group = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
+        IAMGroup group = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
         assertNotNull("Acl group 'group1' failed to create ", group);
 
-        AclGroupVO group2 = new AclGroupVO("group1", "my second group");
+        IAMGroupVO group2 = new IAMGroupVO("group1", "my second group");
         when(_aclGroupDao.findByName(eq("/root/mydomain"), eq("group1"))).thenReturn(group2);
 
-        AclGroup group3 = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
+        IAMGroup group3 = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
     }
 
     @Test(expected = InvalidParameterValueException.class)
@@ -132,7 +132,7 @@ public class IAMServiceUnitTest {
     @Test
     public void accountGroupMaptest() {
         // create group
-        AclGroupVO group = new AclGroupVO("group1", "my first group");
+        IAMGroupVO group = new IAMGroupVO("group1", "my first group");
 
         // add account to group
         List<Long> accountIds = new ArrayList<Long>();
@@ -145,10 +145,10 @@ public class IAMServiceUnitTest {
 
     @Test(expected = InvalidParameterValueException.class)
     public void createAclPolicyTest() {
-        AclPolicy policy = _iamService.createAclPolicy("policy1", "my first policy", null, "/root/mydomain");
+        IAMPolicy policy = _iamService.createAclPolicy("policy1", "my first policy", null, "/root/mydomain");
         assertNotNull("Acl policy 'policy1' failed to create ", policy);
 
-        AclPolicyVO rvo = new AclPolicyVO("policy2", "second policy");
+        IAMPolicyVO rvo = new IAMPolicyVO("policy2", "second policy");
         when(_aclPolicyDao.findByName(eq("policy2"))).thenReturn(rvo);
 
         _iamService.createAclPolicy("policy2", "second policy", null, "/root/mydomain");
@@ -165,13 +165,13 @@ public class IAMServiceUnitTest {
     public static class TestConfiguration extends SpringUtils.CloudStackTestConfiguration {
 
         @Bean
-        public AclPolicyDao aclPolicyDao() {
-            return Mockito.mock(AclPolicyDao.class);
+        public IAMPolicyDao aclPolicyDao() {
+            return Mockito.mock(IAMPolicyDao.class);
         }
 
         @Bean
-        public AclGroupDao aclGroupDao() {
-            return Mockito.mock(AclGroupDao.class);
+        public IAMGroupDao aclGroupDao() {
+            return Mockito.mock(IAMGroupDao.class);
         }
 
         @Bean
@@ -180,23 +180,23 @@ public class IAMServiceUnitTest {
         }
 
         @Bean
-        public AclGroupPolicyMapDao aclGroupPolicyMapDao() {
-            return Mockito.mock(AclGroupPolicyMapDao.class);
+        public IAMGroupPolicyMapDao aclGroupPolicyMapDao() {
+            return Mockito.mock(IAMGroupPolicyMapDao.class);
         }
 
         @Bean
-        public AclGroupAccountMapDao aclGroupAccountMapDao() {
-            return Mockito.mock(AclGroupAccountMapDao.class);
+        public IAMGroupAccountMapDao aclGroupAccountMapDao() {
+            return Mockito.mock(IAMGroupAccountMapDao.class);
         }
 
         @Bean
-        public AclAccountPolicyMapDao aclAccountPolicyMapDao() {
-            return Mockito.mock(AclAccountPolicyMapDao.class);
+        public IAMAccountPolicyMapDao aclAccountPolicyMapDao() {
+            return Mockito.mock(IAMAccountPolicyMapDao.class);
         }
 
         @Bean
-        public AclPolicyPermissionDao aclPolicyPermissionDao() {
-            return Mockito.mock(AclPolicyPermissionDao.class);
+        public IAMPolicyPermissionDao aclPolicyPermissionDao() {
+            return Mockito.mock(IAMPolicyPermissionDao.class);
         }
 
         public static class Library implements TypeFilter {
diff --git a/setup/db/db/schema-430to440.sql b/setup/db/db/schema-430to440.sql
index 4ce7ba9fe86..917a954b1fb 100644
--- a/setup/db/db/schema-430to440.sql
+++ b/setup/db/db/schema-430to440.sql
@@ -447,7 +447,7 @@ CREATE VIEW `cloud`.`user_vm_view` AS
         `cloud`.`user_vm_details` `custom_ram_size`  ON (((`custom_ram_size`.`vm_id` = `cloud`.`vm_instance`.`id`) and (`custom_ram_size`.`name` = 'memory')));
 
 -- ACL DB schema        
-CREATE TABLE `cloud`.`acl_group` (
+CREATE TABLE `cloud`.`iam_group` (
   `id` bigint unsigned NOT NULL UNIQUE auto_increment,
   `name` varchar(255) NOT NULL,
   `description` varchar(255) default NULL,
@@ -458,23 +458,23 @@ CREATE TABLE `cloud`.`acl_group` (
   `removed` datetime COMMENT 'date the group was removed',
   `created` datetime COMMENT 'date the group was created',
   PRIMARY KEY  (`id`),
-  INDEX `i_acl_group__removed`(`removed`),
-  CONSTRAINT `uc_acl_group__uuid` UNIQUE (`uuid`)  
+  INDEX `i_iam_group__removed`(`removed`),
+  CONSTRAINT `uc_iam_group__uuid` UNIQUE (`uuid`)  
 ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
 
-CREATE TABLE `cloud`.`acl_group_account_map` (
+CREATE TABLE `cloud`.`iam_group_account_map` (
   `id` bigint unsigned NOT NULL auto_increment,
   `group_id` bigint unsigned NOT NULL,
   `account_id` bigint unsigned NOT NULL,
   `removed` datetime COMMENT 'date the account was removed from the group',
   `created` datetime COMMENT 'date the account was assigned to the group',  
   PRIMARY KEY  (`id`),
-  CONSTRAINT `fk_acl_group_vm_map__group_id` FOREIGN KEY(`group_id`) REFERENCES `acl_group` (`id`) ON DELETE CASCADE,
-  CONSTRAINT `fk_acl_group_vm_map__account_id` FOREIGN KEY(`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE
+  CONSTRAINT `fk_iam_group_vm_map__group_id` FOREIGN KEY(`group_id`) REFERENCES `iam_group` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `fk_iam_group_vm_map__account_id` FOREIGN KEY(`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;        
 
 
-CREATE TABLE `cloud`.`acl_policy` (
+CREATE TABLE `cloud`.`iam_policy` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
   `name` varchar(255) NOT NULL,
   `description` varchar(255) DEFAULT NULL,
@@ -486,37 +486,37 @@ CREATE TABLE `cloud`.`acl_policy` (
   `policy_type` varchar(64) DEFAULT 'Static' COMMENT 'Static or Dynamic',
   PRIMARY KEY (`id`),
   UNIQUE KEY `id` (`id`),
-  UNIQUE KEY `uc_acl_policy__uuid` (`uuid`),
-  KEY `i_acl_policy__removed` (`removed`)
+  UNIQUE KEY `uc_iam_policy__uuid` (`uuid`),
+  KEY `i_iam_policy__removed` (`removed`)
 ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
 
-CREATE TABLE `cloud`.`acl_group_policy_map` (
+CREATE TABLE `cloud`.`iam_group_policy_map` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
   `group_id` bigint(20) unsigned NOT NULL,
   `policy_id` bigint(20) unsigned NOT NULL,
   `removed` datetime DEFAULT NULL COMMENT 'date the policy was revoked from the group',
   `created` datetime DEFAULT NULL COMMENT 'date the policy was attached to the group',
   PRIMARY KEY (`id`),
-  KEY `fk_acl_group_policy_map__group_id` (`group_id`),
-  KEY `fk_acl_group_policy_map__policy_id` (`policy_id`),
-  CONSTRAINT `fk_acl_group_policy_map__group_id` FOREIGN KEY (`group_id`) REFERENCES `acl_group` (`id`) ON DELETE CASCADE,
-  CONSTRAINT `fk_acl_group_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `acl_policy` (`id`) ON DELETE CASCADE
+  KEY `fk_iam_group_policy_map__group_id` (`group_id`),
+  KEY `fk_iam_group_policy_map__policy_id` (`policy_id`),
+  CONSTRAINT `fk_iam_group_policy_map__group_id` FOREIGN KEY (`group_id`) REFERENCES `iam_group` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `fk_iam_group_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `iam_policy` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
-CREATE TABLE `cloud`.`acl_account_policy_map` (
+CREATE TABLE `cloud`.`iam_account_policy_map` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
   `account_id` bigint(20) unsigned NOT NULL,
   `policy_id` bigint(20) unsigned NOT NULL,
   `removed` datetime DEFAULT NULL COMMENT 'date the policy was revoked from the account',
   `created` datetime DEFAULT NULL COMMENT 'date the policy was attached to the account',
   PRIMARY KEY (`id`),
-  KEY `fk_acl_account_policy_map__account_id` (`account_id`),
-  KEY `fk_acl_account_policy_map__policy_id` (`policy_id`),
-  CONSTRAINT `fk_acl_account_policy_map__account_id` FOREIGN KEY (`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE,
-  CONSTRAINT `fk_acl_account_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `acl_policy` (`id`) ON DELETE CASCADE
+  KEY `fk_iam_account_policy_map__account_id` (`account_id`),
+  KEY `fk_iam_account_policy_map__policy_id` (`policy_id`),
+  CONSTRAINT `fk_iam_account_policy_map__account_id` FOREIGN KEY (`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `fk_iam_account_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `iam_policy` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
-CREATE TABLE `cloud`.`acl_policy_permission` (
+CREATE TABLE `cloud`.`iam_policy_permission` (
   `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
   `policy_id` bigint(20) unsigned NOT NULL,
   `action` varchar(100) NOT NULL,
@@ -530,30 +530,30 @@ CREATE TABLE `cloud`.`acl_policy_permission` (
   `created` datetime DEFAULT NULL COMMENT 'date the permission was granted',
   PRIMARY KEY (`id`),
   UNIQUE KEY `id` (`id`),
-  KEY `fk_acl_policy_permission__policy_id` (`policy_id`),
-  CONSTRAINT `fk_acl_policy_permission__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `acl_policy` (`id`) ON DELETE CASCADE
+  KEY `fk_iam_policy_permission__policy_id` (`policy_id`),
+  CONSTRAINT `fk_iam_policy_permission__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `iam_policy` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
 
 
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (1, 'NORMAL', 'Domain user role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (2, 'ADMIN', 'Root admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 'Resource owner role', UUID(), '/', 1, Now(), 'Dynamic');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (1, 'NORMAL', 'Domain user role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (2, 'ADMIN', 'Root admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 'Resource owner role', UUID(), '/', 1, Now(), 'Dynamic');
 
 
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (1, 'NORMAL', 'Domain user group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (2, 'ADMIN', 'Root admin group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (1, 'NORMAL', 'Domain user group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (2, 'ADMIN', 'Root admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin group', UUID(), '/', 1, Now());
 
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(1, 1, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(2, 2, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(3, 3, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(4, 4, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(5, 5, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(1, 1, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(2, 2, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(3, 3, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(4, 4, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(5, 5, Now());
 
 INSERT INTO `cloud`.`configuration`(category, instance, component, name, value, description, default_value) VALUES ('NetworkManager', 'DEFAULT', 'management-server', 'vm.network.nic.max.secondary.ipaddresses', NULL, 'Specify the number of secondary ip addresses per nic per vm', '256') ON DUPLICATE KEY UPDATE category='NetworkManager';