Rancher backups to s3 fail

I’m trying to set up rancher backups with no success so far.
I have created s3 bucket and IAM user, assigned it an appropriate policy.
Tested: using these credentials I can upload files to my s3 bucket using API requests (with Postman for example).
So my accesskey and secretkey are OK, permissions are also OK – there cannot be any problem with these.

Following the guidelines I’ve installed with helm backup-crd and backup-operator charts on local cluster. In values.yaml defined my s3 bucket as the default storage location, created kubernetes secret which contains my accesskey/secretkey and pointed to it.

However creating backup doesn’t work, I’m always getting following error:

(of course I’ve changed the real bucket name and amended the credentials a bit in this text)

failed to check s3 bucket:rancher-xxmybucketnamexx, err:Head "https://rancher-xxmybucketnamexx.s3.dualstack.eu-west-1.amazonaws.com/": net/http: invalid header field value "AWS4-HMAC-SHA256 Credential=\x00\xa2\xooH\xa3\x83H\xf2AY0\xb7\xe0\x94\xd2/20210928/eu-west-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=300bd03e6b48bc912a66e8b094e2296cc31f733d8134ea525a9c288e46704c35" for key Authorization

Did anyone encounter this and knows how to go about it?

It looks to me like Rancher operator is doing some malformed API request…

Thank you in advance!

I’ve noticed on IAM user security settings that requests from Rancher backup do not even attempt to use the credentials (last usage timestamp not changing after initiating backup) so it fails even before that.