In recent years, Cloud computing has been receiving great attention from various business and research organizations as it promises to provide large storage facilities and highly managed remote Services. However, at the same time, it faces many technical challenges like privacy, reliability, security, etc. Insider threat is one of the most critical security threats for any Industry. Many researchers have been done and are being carried out in the field of cybersecurity for malicious insider attacks. Thus, the first element of such an attack is the internal user. Self-adaptive systems have shown to be able to provide an appropriate solution to treat these problems due to their efficiency and effectiveness. PERMIS role-based authorization infrastructure along with its conceptual authorization, access control, and trust models. It supports history-based decision making but PERMIS does not provide any authentication mechanism but leaves it up to the application to determine what to use. Applying SAAF to OpenStack would require considerable refactoring because OpenStack components that are responsible for dealing with authorization issues based on the Role Based Access Control (RBAC) model. OpenStack Keystone is quite different from that of PERMIS, The applicability of the proposed architecture is exemplified by means of possible responses to the insider threats scenarios. Responses are captured and incorporated into the MAPEK controller of the proposed architecture. The responses may have a different level of impact over the user, the role, or the service being accessed. It is possible that some of the responses may disrupt access to legitimate users whilst removing access to insider threats.