Dear community, I am trying to achieve the following: - create a regular user in oVirt environment; [DONE] - grant full access to a particular VM; [DONE] - grant privileges to create new VMs; [NOT OK] What I observe currently: - user sees his VM on "VM Portal" page and can edit its settings, this is fine; - user can not suspend the VM with the following error in engine.log: 2020-02-04 13:48:25,473Z INFO [org.ovirt.engine.core.bll.HibernateVmCommand] (default task-95) [d43167ef-894f-4281-9100-578bac65a3bb] Running command: HibernateVmCommand internal: false. Entities affected : ID: 85e560ed-a010-4f95-b4e4-43d2e741b51e Type: VMAction group HIBERNATE_VM with role type USER 2020-02-04 13:48:25,486Z INFO [org.ovirt.engine.core.bll.storage.disk.AddDiskCommand] (default task-95) [d43167ef-894f-4281-9100-578bac65a3bb] Running command: AddDiskCommand internal: true. Entities affected : ID: 0a2174b2-1e22-41e7-b3c1-48ff22d6486e Type: StorageAction group CREATE_DISK with role type USER 2020-02-04 13:48:25,491Z WARN [org.ovirt.engine.core.bll.storage.disk.image.AddImageFromScratchCommand] (default task-95) [d43167ef-894f-4281-9100-578bac65a3bb] Validation of action 'AddImageFromScratch' failed for user pavel@internal-authz. Reasons: VAR__TYPE__STORAGE__DOMAIN,NON_ADMIN_USER_NOT_AUTHORIZED_TO_PERFORM_ACTION_ON_HE 2020-02-04 13:48:25,496Z ERROR [org.ovirt.engine.core.bll.HibernateVmCommand] (default task-95) [d43167ef-894f-4281-9100-578bac65a3bb] Command 'org.ovirt.engine.core.bll.HibernateVmCommand' failed: EngineException: Failed to create disk! vm-pavel_hibernation_memory (Failed with error ENGINE and code 5001) Similar error can be found here: https://lists.ovirt.org/archives/list/users@ovirt.org/thread/HC33LVIWZPPO... What permissions have to be granted to a user to be able to create disks? oVirt engine package version: 4.3.7.2-1.el7 --- WBR, Pavel