Role based permission to create work item in RTC

create another Role entry, then in the Process Configuration for this project, set the Team permissions to deny 'Create workitem' for that role

then u will have to disable workitem create for all existing roles.

Sam is on the right track, but you want to create a role for user(s) who are allowed to create work items and make sure that Work Item Creation is allowed (not denied) for that role. Add that role to the appropriate user(s). For all roles that should not be allowed to create work items, disable this (via Team Configuration->Permissions->Work Items->Save Work Item->Create a work item). Permissions can be configured per work item type, so you could still allow creation of some types by all or certain roles and restrict others as needed.