Neutron does not have rbac rule support for quota in neutron policy.json >> https://github.com/openstack/neutron/blob/master/etc/policy.json . The rbac validations are programmatically hardcoded in the neutron quota api flow >> https://github.com/openstack/neutron/blob/master/neutron/pecan_wsgi/controllers/quota.py . For this reason, we currently do not have a mechanism to configure this in neutron policy.json.
All REST api CRUD calls should have role based access control in place and OpenStack uses oslo_policy and policy.json files for this. There are rbac rules that are defined in the policy.json (one for each REST api CRUD operation) that can be used to configure the roles that can access the REST api. The neutron quota REST api however does not have this in place. For eg. cinder policy.json has the below rules that can be used to configure RBAC on cinder quotas:
"volume_extension:quotas:show": "",
"volume_extension:quotas:update": "rule:admin_api",
"volume_extension:quotas:delete": "rule:admin_api",
https://github.com/openstack/cinder/blob/master/etc/cinder/policy.json#L44
Please describe exactly what you try to achieve here. Do you want to limit the number of RBAC policy resources per tenant? Or do you want to be able to expose some API requests that are currently not exposable? Which of them then?