diff --git a/app/controllers/v3/deployments_controller.rb b/app/controllers/v3/deployments_controller.rb
index 1945d99ae9b..d5cbeb5459f 100644
--- a/app/controllers/v3/deployments_controller.rb
+++ b/app/controllers/v3/deployments_controller.rb
@@ -33,7 +33,7 @@ def create
     unprocessable!(message.errors.full_messages) unless message.valid?
 
     app = AppModel.find(guid: message.app_guid)
-    unprocessable!('Unable to use app. Ensure that the app exists and you have access to it.') unless app && permission_queryer.can_write_to_space?(app.space.guid)
+    unprocessable!('Unable to use app. Ensure that the app exists and you have access to it.') unless app && permission_queryer.untrusted_can_write_to_space?(app.space.guid)
     unprocessable!('Cannot create deployment from a revision for an app without revisions enabled') if message.revision_guid && !app.revisions_enabled
 
     begin
diff --git a/spec/request/deployments_spec.rb b/spec/request/deployments_spec.rb
index 38a609df09b..20406ba95b0 100644
--- a/spec/request/deployments_spec.rb
+++ b/spec/request/deployments_spec.rb
@@ -21,25 +21,8 @@
 
   describe 'POST /v3/deployments' do
     context 'when a droplet is not supplied with the request' do
-      let(:create_request) do
+      let(:expected_response) {
         {
-          relationships: {
-            app: {
-              data: {
-                guid: app_model.guid
-              }
-            },
-          }
-        }
-      end
-
-      it 'should create a deployment object using the current droplet from the app' do
-        post '/v3/deployments', create_request.to_json, user_header
-        expect(last_response.status).to eq(201)
-
-        deployment = VCAP::CloudController::DeploymentModel.last
-
-        expect(parsed_response).to be_a_response_like({
           'guid' => deployment.guid,
           'status' => {
             'value' => VCAP::CloudController::DeploymentModel::ACTIVE_STATUS_VALUE,
@@ -85,7 +68,41 @@
               'method' => 'POST'
             }
           }
-        })
+        }
+      }
+      let(:create_request) do
+        {
+          relationships: {
+            app: {
+              data: {
+                guid: app_model.guid
+              }
+            },
+          }
+        }
+      end
+      let(:deployment) {
+        VCAP::CloudController::DeploymentModel.last
+      }
+
+      context 'as a SpaceDeveloper' do
+        it 'should create a deployment object using the current droplet from the app' do
+          post '/v3/deployments', create_request.to_json, user_header
+          expect(last_response.status).to eq(201)
+
+          expect(parsed_response).to be_a_response_like(expected_response)
+        end
+      end
+
+      context 'as a SpaceApplicationSupporter' do
+        let(:user) { make_application_supporter_for_space(space) }
+
+        it 'should create a deployment object using the current droplet from the app' do
+          post '/v3/deployments', create_request.to_json, user_header
+          expect(last_response.status).to eq(201)
+
+          expect(parsed_response).to be_a_response_like(expected_response)
+        end
       end
     end
 
@@ -908,12 +925,14 @@
       }
     }
 
-    it 'should get and display the deployment' do
-      get "/v3/deployments/#{deployment.guid}", nil, user_header
-      expect(last_response.status).to eq(200)
+    context 'as a SpaceDeveloper' do
+      it 'should get and display the deployment' do
+        get "/v3/deployments/#{deployment.guid}", nil, user_header
+        expect(last_response.status).to eq(200)
 
-      parsed_response = MultiJson.load(last_response.body)
-      expect(parsed_response).to be_a_response_like(expected_response)
+        parsed_response = MultiJson.load(last_response.body)
+        expect(parsed_response).to be_a_response_like(expected_response)
+      end
     end
 
     context 'as a SpaceApplicationSupporter' do