Rclone should use try using EKS IRSA role before EC2 role

What is the problem you are having with rclone?

When I run rclone in EKS with IAM Roles for Service accounts it seems that the EC2 role is prioritized and picked before the EKS one. This is problematic in a default EKS setup because all the nodes will have an IAM role and there is seemingly no way to make it use the EKS role instead then.

I would have expected (I think most other tools that I have used does it this way) it to prioritize the EKS role and then use EC2 role as a fallback. Since it is optional to add an EKS IAM role you can always just not do that if you explicitly want to use the EC2 one.

Not sure if this counts as a bug or feature request though. :slight_smile:

What is your rclone version (output from rclone version)


Which OS you are using and how many bits (eg Windows 7, 64 bit)

Bottlerocket Linux 64bit

Which cloud storage system are you using? (eg Google Drive)


The command you were trying to run (eg rclone copy /tmp remote:tmp)

rclone move --buffer-size=0 --error-on-no-transfer --no-check-dest --no-traverse --no-update-modtime --s3-env-auth --s3-no-check-bucket --s3-region=eu-central-1 --use-mmap "$SRC" "s3:$DEST"

The rclone config contents with secrets removed.

No config file, only this env var:


hello and welcome to the fourm,

this should be a feature request, not a bug.
you can edit the topic by clicking the pencil


have you seen this or this

I don't think the EKS role is working at the moment - see

I would appreciate help fixing that as I don't have a proper understanding of all the IAM roles in AWS!