@Eduards Thanks for posting in our Q&A. From your description, I know that you want to get a role that only see Android Dedicated devices and operate only with them. If there is any misunderstanding, feel free to let us know.
For the user can only manage the test device in Intune portal, here are the detailed steps for a reference:
1.Create a user group and add a test user to this user group A.
2.Create a device group and add the target device to this device group B.
3.Create a scope tag in Tenant Administrator > Roles > Scope (Tags) and assign to the device group B
4.Create a custom role in Tenant Administrator > Roles > All roles, set Permission for this role, choose Scope tags.
5.Choose the custom role we created, select Assignments to add Role Assignment, configure Admin Groups, users in these group will have permissions to manage users/devices in the Scope (Groups), configure Scope groups and select scope tags
6.When I login intune portal with the test user, I only see this target device.
The following link for the reference:
https://learn.microsoft.com/en-us/mem/intune/fundamentals/scope-tags
Hope it can help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.