diff --git a/charts/eks/templates/_helpers.tpl b/charts/eks/templates/_helpers.tpl
index 50f08d6f93..fa306fa1d2 100644
--- a/charts/eks/templates/_helpers.tpl
+++ b/charts/eks/templates/_helpers.tpl
@@ -55,7 +55,7 @@ Whether to create a cluster role or not
     .Values.proxy.metricsServer.nodes.enabled
     .Values.multiNamespaceMode.enabled
     .Values.coredns.plugin.enabled -}}
-{{- true -}}
+{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}}
 {{- end -}}
 {{- end -}}
 
diff --git a/charts/eks/values.yaml b/charts/eks/values.yaml
index f883075108..8b5192d5d7 100644
--- a/charts/eks/values.yaml
+++ b/charts/eks/values.yaml
@@ -333,6 +333,10 @@ serviceAccount:
   # imagePullSecrets:
   #   - name: my-pull-secret
 
+# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If 
+# not set or false, a ClusterRole and ClsterRoleBinding will be created if needed
+suppressClusterRoleCreation: false
+
 # Service account that should be used by the pods synced by vcluster
 workloadServiceAccount:
   # This is not supported in multi-namespace mode
diff --git a/charts/k0s/templates/_helpers.tpl b/charts/k0s/templates/_helpers.tpl
index 50f08d6f93..fa306fa1d2 100644
--- a/charts/k0s/templates/_helpers.tpl
+++ b/charts/k0s/templates/_helpers.tpl
@@ -55,7 +55,7 @@ Whether to create a cluster role or not
     .Values.proxy.metricsServer.nodes.enabled
     .Values.multiNamespaceMode.enabled
     .Values.coredns.plugin.enabled -}}
-{{- true -}}
+{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}}
 {{- end -}}
 {{- end -}}
 
diff --git a/charts/k0s/values.yaml b/charts/k0s/values.yaml
index 04f4ae4f93..df8b6b327b 100644
--- a/charts/k0s/values.yaml
+++ b/charts/k0s/values.yaml
@@ -215,6 +215,10 @@ serviceAccount:
   # imagePullSecrets:
   #   - name: my-pull-secret
 
+# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If 
+# not set or false, a ClusterRole and ClusterRoleBinding will be created if needed
+suppressClusterRoleCreation: false
+
 # Service account that should be used by the pods synced by vcluster
 workloadServiceAccount:
   # This is not supported in multi-namespace mode
diff --git a/charts/k3s/templates/_helpers.tpl b/charts/k3s/templates/_helpers.tpl
index 50f08d6f93..fa306fa1d2 100644
--- a/charts/k3s/templates/_helpers.tpl
+++ b/charts/k3s/templates/_helpers.tpl
@@ -55,7 +55,7 @@ Whether to create a cluster role or not
     .Values.proxy.metricsServer.nodes.enabled
     .Values.multiNamespaceMode.enabled
     .Values.coredns.plugin.enabled -}}
-{{- true -}}
+{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}}
 {{- end -}}
 {{- end -}}
 
diff --git a/charts/k3s/values.yaml b/charts/k3s/values.yaml
index 70bdbf2b5d..2cb3b2d4a0 100644
--- a/charts/k3s/values.yaml
+++ b/charts/k3s/values.yaml
@@ -235,6 +235,10 @@ serviceAccount:
   # imagePullSecrets:
   #   - name: my-pull-secret
 
+# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If 
+# not set or false, a ClusterRole and ClusterRoleBinding will be created if needed
+suppressClusterRoleCreation: false
+
 # Service account that should be used by the pods synced by vcluster
 workloadServiceAccount:
   # This is not supported in multi-namespace mode
diff --git a/charts/k8s/templates/_helpers.tpl b/charts/k8s/templates/_helpers.tpl
index 50f08d6f93..fa306fa1d2 100644
--- a/charts/k8s/templates/_helpers.tpl
+++ b/charts/k8s/templates/_helpers.tpl
@@ -55,7 +55,7 @@ Whether to create a cluster role or not
     .Values.proxy.metricsServer.nodes.enabled
     .Values.multiNamespaceMode.enabled
     .Values.coredns.plugin.enabled -}}
-{{- true -}}
+{{- .Values.suppressClusterRoleCreation | ternary "" "true" -}}
 {{- end -}}
 {{- end -}}
 
diff --git a/charts/k8s/values.yaml b/charts/k8s/values.yaml
index 1e9c15547f..01411a439e 100644
--- a/charts/k8s/values.yaml
+++ b/charts/k8s/values.yaml
@@ -271,6 +271,10 @@ serviceAccount:
   # imagePullSecrets:
   #   - name: my-pull-secret
 
+# Prevent Creation of ClusterRole and ClusterRoleBinding by setting this to true. If 
+# not set or false, a ClusterRole and ClsterRoleBinding will be created if needed
+suppressClusterRoleCreation: false
+
 # Service account that should be used by the pods synced by vcluster
 workloadServiceAccount:
   # This is not supported in multi-namespace mode