For VMware administrators, managing multiple teams, departments, or customers in a private cloud has always required careful planning and extra licensing. The challenge you wanted to solve is finding a balance between isolation and flexibility without adding operational complexity or costs.
vSphere has no native equivalent for true multi-tenancy. vCenter folders and resource pools provide organizational grouping, but they don’t enforce quotas across compute, storage, and networking together, and they don’t provide self-service portals. Getting that level of tenant isolation and governance in VMware required Aria Automation (formerly vRealize Automation) and additional licensing.
Private Cloud Director’s multi-tenancy doesn’t require additional licensing or managing another application. It’s a core product offering and serves as the foundational component that provides the flexibility, security, and extensibility that enterprises and cloud service providers require.
Platform9: Multi-Tenancy by Design
Private Cloud Director builds upon familiar logical constructs while introducing a cloud-native, multi-tenant approach that aligns with more modern infrastructure patterns. Multi-tenancy is built from four constructs: two on the identity side (domains, tenants) and two on the infrastructure side (regions, clusters).
- Domains: Domains are the identity namespace and have their own users, groups, tenants, and authentication configuration (for example, its own SSO integration). Tenant, user, and group names are unique within a domain, not globally. Tenants do not cross domain boundaries. A new deployment ships with a “default” domain, which is sufficient for most organizations. Additional domains separate identity across business units or, in the cloud service provider (CSP) case, across end customers.
- Tenants: The unit of resource ownership and quota governance. All resources in PCD (VMs, volumes, networks, security groups, images) are owned by a tenant. Each tenant has enforced quotas across compute, storage, and networking, plus its own RBAC policies. Administrators create tenants self-service from the PCD UI. Use tenants to separate departments, teams, or application environments.
- Regions: The physical and deployment boundary. A region is a data center site that contains hypervisors, virtualized clusters, and networks. Compute, Networking, Block Storage, and Image APIs are region-scoped. A tenant identity can have workloads in any region available to the deployment. Regions are set up during onboarding; adding regions requires working with Platform9.
- Clusters: Within each region, one or more virtualized clusters group hypervisor hosts together. Clusters are the fault domain for VM HA and DRR, and they present aggregated CPU, memory, and GPU as a single resource pool. Use clusters to separate hardware types (GPU-enabled, high-memory) and to provide separate fault domains for different workload tiers. Within a cluster, host aggregates let you steer specific workloads to specific hosts (for example, hosts licensed for Oracle).
Relationships between Multi-Tenant Constructs
An important relationship to understand: identity and infrastructure are orthogonal layers. Domains and tenants live in the identity layer. Regions and clusters live in the infrastructure layer. A tenant defines who owns resources and how much can be consumed. A region defines where those resources physically run. The same tenant identity can hold workloads in multiple regions, and the same region serves tenants from any domain authorized to use it.
You have flexibility with how you choose to define your tenants. A well-structured multi-tenancy model helps you ensure:
- Clear separation of workloads – Prevents cross-tenant data exposure and accidental access.
- Resource efficiency – Enables fair distribution and prevents performance bottlenecks
- Compliance alignment – Supports industry regulations requiring strict tenant separation.
Private Cloud Director brings these capabilities into a unified private cloud platform that delivers the multi-tenancy VMware users have been asking for without requiring third-party extensions or additional licensing costs.
Private Cloud Director Identity Service: Access & Control
At the core of Private Cloud Director’s multi-tenancy capabilities is its Identity Service. This service provides your user, group, role, and tenant options. Private Cloud Director Identity Service will manage your authentication and authorization.
Authentication Methods Supported by Private Cloud Director
- Local User Accounts – Built-in authentication managed within Private Cloud Director.
- Enterprise Single Sign-On (SSO) via SAML 2.0 – Seamlessly integrates with corporate identity providers such as Okta and Microsoft Entra ID.
- Multi-Factor Authentication (MFA) – Adds an additional layer of security to user authentication.
Role-Based Access Control (RBAC)
Private Cloud Director enforces least-privilege access using predefined roles:
- Administrator – Full control over domains, tenants, and infrastructure.
- Self-Service User – Permissions are limited to what has been granted in the tenant.
- Read Only User – Can view configurations but cannot make changes.
Example: Assigning Role-Based Access in Private Cloud Director
A DevOps engineer needs access to both the Development and QA tenants. To assign scoped permissions:
- From the Private Cloud Director dashboard, click the Settings icon, and then choose Tenants and Users.
- Select and edit the user, then assign the necessary tenant roles.
- Verify that the assigned permissions prevent unauthorized access.
We designed Private Cloud Director identity management to be intuitive while making sure that you get comprehensive access control you need. It’s about making every part of the workflow smoother to reduce the friction to getting applications deployed.
Multi-Tenancy Use Case: Enterprise Departmental Cloud
Let’s run through a quick scenario. You are the administrator for a global enterprise that needs to isolate workloads across HR, Finance, and Engineering. All three departments are part of the same organization, so they operate within the default domain. The isolation happens at the tenant level.
Private Cloud Director provides a straightforward way for you to get the logical isolation and organization you need.
Step 1: Define Tenants
- HR Tenant – Restricted to HR personnel, ensuring employee data remains secure.
- Finance Tenant – Dedicated to financial applications, preventing unauthorized access.
- Engineering Tenant – A sandbox for developers to test and deploy without impacting production.
Each tenant gets its own quotas for compute (cores, RAM, VMs), storage (volumes, capacity), and networking (networks, routers, floating IPs). This prevents any single department from consuming more than its share of resources.
If the enterprise also operates in multiple data center locations, those are represented as regions. The Engineering tenant identity exists across all regions, so the same users and tenant assignments apply everywhere. Resources (VMs, volumes, networks) are region-local, so the team manages each region’s footprint independently while authenticating once.
Step 2: Assign Users & Teams with Role-Based Access
- HR, Finance, and Engineering teams have Self-Service access within their respective tenants, with access to OS images and networks as defined by an administrator.
- The Engineering tenant has increased quotas and a VM lease policy enabled, allowing a larger number of workloads but restricting their lifecycles through a lease.
Step 3: Enforce Security & Compliance Policies
- RBAC – Ensures users can only access assigned tenants with built-in and customizable roles.
- SAML 2.0 SSO – Strengthens authentication consistency and integrates to your enterprise directory service.
- Network Segmentation – Prevents unauthorized cross-tenant traffic and maintains logical separation of resources.
Identity Service provides you with a cloud tenancy model with enterprise authentication integration so you can scale your private cloud while maintaining compliance, security, and control.
Additional Private Cloud Director Identity Capabilities
Beyond tenant isolation, Private Cloud Director offers granular controls to enhance security and governance. Some of the key capabilities that you gain include:
- Built-in Network Segmentation – Ensures strict tenant traffic isolation.
- Quotas & Limits – Prevents resource monopolization by any single tenant, with enforcement across compute, storage, and networking.
- VM Leases – Automatically power off or delete VMs after a configurable time period, useful for dev/test environments.
- Audit Logging – Tracks API events across Identity, Compute, and Networking services for compliance and troubleshooting.
Unlocking Multi-Tenancy for VMware Users
Private Cloud Director was built to provide a simple, flexible, and cost-effective private cloud. The goal is to extend capabilities while also providing a familiar experience for folks who are coming from VMware. There are also many features you’ve not had before with VMware vSphere and vCenter, like true cloud-native multi-tenancy with enforced quotas, self-service portals, and built-in identity management.
Private Cloud Director empowers IT teams to modernize your infrastructure while maintaining the control and efficiency you expect.
Want to experience the benefits of multi-tenancy with Private Cloud Director? Start your journey today.
