The proper way would be to specify unique capabilities when registering the post type, then assigning such capabilities to all applicable roles. With unique capabilities, even admins could not access such posts unless their role contains the related capabilities.
What else users see in their admin view depends on their role’s assigned capabilities. Editors will see much more than subscribers.
Another approach would be to build a front end form for the purpose. The form processing code would be responsible for any security. When it calls
wp_insert_post() no further security checks are performed. Unless the related data is malformed, a post will be created at that point.
@bcworkz my question was confusing, I will post a new one.
The new one for anyone following along: https://wordpress.org/support/topic/how-to-enable-any-loggedin-user-admin-or-not-to-add-a-post-of-a-specific-type/
To keep further replies in one place this topic has been closed.