diff --git a/charts/supabase/templates/secrets/_helpers.tpl b/charts/supabase/templates/secrets/_helpers.tpl
index 1b167a8ca7100ba45d3a04a9e1c6223468b8f681..61d74eccbcd042fb926efbd809382893daa8841c 100644
--- a/charts/supabase/templates/secrets/_helpers.tpl
+++ b/charts/supabase/templates/secrets/_helpers.tpl
@@ -39,3 +39,19 @@ Expand the name of the s3 secret.
 {{- define "supabase.secret.s3" -}}
 {{- printf "%s-s3" (include "supabase.fullname" .) }}
 {{- end -}}
+
+{{/*
+Check if both s3 keys are valid
+*/}}
+{{- define "supabase.secret.s3.isValid" -}}
+{{- $isValid := "false" -}}
+{{- if .Values.secret.s3.keyId -}}
+{{- if .Values.secret.s3.accessKey -}}
+{{- printf "true" -}}
+{{- else -}}
+{{- printf "false" -}}
+{{- end -}}
+{{- else -}}
+{{- printf "false" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/supabase/templates/storage/deployment.yaml b/charts/supabase/templates/storage/deployment.yaml
index 4b93977602617f0ada76ed5e107f63bd50e979f5..b0454297f999ffc70419c6f08bf4197e9a2bc438 100644
--- a/charts/supabase/templates/storage/deployment.yaml
+++ b/charts/supabase/templates/storage/deployment.yaml
@@ -170,17 +170,27 @@ spec:
             - name: IMGPROXY_URL
               value: http://{{ include "supabase.imgproxy.fullname" . }}:{{ .Values.imgproxy.service.port | int }}
             {{- end }}
-            {{- if .Values.secret.s3 }}
+            {{- if eq (include "supabase.secret.s3.isValid" .) "true" }}
             - name: AWS_ACCESS_KEY_ID
               valueFrom:
                 secretKeyRef:
+                {{- if .Values.secret.s3.secretRef }}
+                  name: {{ .Values.secret.s3.secretRef }}
+                  key: {{ .Values.secret.s3.secretRefKey.keyId | default "keyId" }}
+                {{- else }}
                   name: {{ include "supabase.secret.s3" . }}
                   key: keyId
+                {{- end }}
             - name: AWS_SECRET_ACCESS_KEY
               valueFrom:
                 secretKeyRef:
+                {{- if .Values.secret.s3.secretRef }}
+                  name: {{ .Values.secret.s3.secretRef }}
+                  key: {{ .Values.secret.s3.secretRefKey.keyId | default "accessKey" }}
+                {{- else }}
                   name: {{ include "supabase.secret.s3" . }}
                   key: accessKey
+                {{- end }}
             {{- end }}
             {{- if .Values.minio.enabled }}
             - name: GLOBAL_S3_ENDPOINT
diff --git a/charts/supabase/values.example.yaml b/charts/supabase/values.example.yaml
index 835c8b1673f7a60e55c643d8dbf79c8cdcb39ea4..c8f46e056b0afbaf4e3c8dde902c6ac5f72940a7 100644
--- a/charts/supabase/values.example.yaml
+++ b/charts/supabase/values.example.yaml
@@ -138,6 +138,9 @@ vector:
       path: /health
       port: 9001
     initialDelaySeconds: 3
+  ## Vector requires logs from the control plane to function.
+  ## This is normally stored in /var/log/pods
+  ## Modify these values according to your environment.
   volumeMounts:
     - name: pod-logs
       mountPath: /var/log/pods