Mounts are global to all clusters but as a best practice, you can use IAM roles to prevent access tot he underlying data.
To take this one step further, you can use IAM credential passthrough rather than instance profile because instance profile can be associated with only one IAM role so all users on the clusters have to share that role and the data policies of that role.
doc -https://docs.databricks.com/security/credential-passthrough/iam-passthrough.html