Description of problem: users with UserRole whom are added to a quota as consumers are unable to create disks for their vm's and defiantly cannot create a vm. we have to give the users UserVmManager on domain or DC to be able to create a vm/disk to their own vm and since the permissions are inherited we are giving these permissions to all other vm's under the domain/DC. even if I give UserVmManager to the specific vm only I cannot see any of the domains and so I cannot create a disk for the vm. as a result - the quota is not functional for users without domain/DC permissions. Version-Release number of selected component (if applicable): si12 How reproducible: 100% Steps to Reproduce: 1. add a quota on a domain 2. create a user + vm + quota and add user to the vm permissions as UserRole/UserVmManager and to the consumer list under the quota 3. log in to the user portal and try to create a disk for the vm Actual results: we cannot create a disk for the vm even if we are under the consumer list. user can only create a disk/vm if they are given permissions on the domain or DC (and in which case they can see all vm's under that object) Expected results: user added to the consumer list should be able to create a disk from the quota. Additional info:
Closing, as currently, when working with quota, you still need to set the permissions. The quota will only limit the usage of the DC resources. So, in your case, the user needs to be VmCreator on the DC (which will alow him to create both VMs on all clusters, and disks on all storage domains).