Skip to main content
NetApp Solutions


Contributors ac-ntap banum-netapp

For any multitenant solution, no user can have access to more cluster resources than is required. So, the entire set of resources that are to be configured as part of the multitenancy configuration is divided between cluster-admin, storage-admin, and developers working on each project.

The following table outlines the different tasks to be performed by different users:

Role Tasks


Create projects for different applications or workloads

Create ClusterRoles and RoleBindings for storage-admin

Create Roles and RoleBindings for developers assigning access to specific projects

[Optional] Configure projects to schedule pods on specific nodes


Create SVMs on NetApp ONTAP

Create Trident backends

Create StorageClasses

Create storage ResourceQuotas


Validate access to create or patch PVCs or pods in assigned project

Validate access to create or patch PVCs or pods in another project

Validate access to view or edit Projects, ResourceQuotas, and StorageClasses