diff --git a/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java b/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java
index 61b6481..2a764bf 100644
--- a/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java
+++ b/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java
@@ -53,6 +53,7 @@
 import software.amazon.awssdk.auth.credentials.AwsCredentials;
 import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
 import software.amazon.awssdk.auth.credentials.AwsSessionCredentials;
+import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
 import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
 import software.amazon.awssdk.awscore.exception.AwsServiceException;
 import software.amazon.awssdk.core.exception.SdkException;
@@ -169,7 +170,12 @@ public boolean requiresToken() {
     public AwsCredentials resolveCredentials() {
 
         if (StringUtils.isBlank(iamRoleArn)) {
-            return AwsBasicCredentials.create(accessKey, secretKey.getPlainText());
+            if (StringUtils.isBlank(accessKey) && StringUtils.isBlank(secretKey.getPlainText())) {
+                // fall back to default credentials of node
+                return DefaultCredentialsProvider.builder().build().resolveCredentials();
+            } else {
+                return AwsBasicCredentials.create(accessKey, secretKey.getPlainText());
+            }
         } else {
             AwsCredentialsProvider baseProvider;
             // Handle the case of delegation to instance profile