Does velero not support EKS roles for Service Accounts?

[ghost]

I could only get velero working with IAM user and id/secret. I tried to use the "role" method (similar to how it's done with kube2iam); but slightly adjusted to create my own role (with proper policy permissions) and just passed it via the service account but kept getting permission denied errors from velero pod.

Details on what I'm talking about is here

Basically:

1. Create a role and attach it to the cluster via namespace/user
2. Deploy the pod/deployment in the namespace with the service account

This method is how I deploy autoscaler, external-dns, etc; so it not working weakens security footprint of our cluster (we only use roles and no kube2iam).

[ghost]

I was able to get it working after following this post that uses IAM Role for Service Account:

https://www.fourco.nl/blogs/backup-and-restore-a-kubernetes-cluster-with-velero/