diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
new file mode 100644
index 0000000..82473e2
--- /dev/null
+++ b/docker-entrypoint.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+set -euo pipefail
+set -o errexit
+set -o errtrace
+IFS=$'\n\t'
+
+export S3_ACL=${S3_ACL:-private}
+
+mkdir -p ${MNT_POINT}
+
+if [ "$IAM_ROLE" == "none" ]; then
+  export AWSACCESSKEYID=${AWSACCESSKEYID:-$AWS_KEY}
+  export AWSSECRETACCESSKEY=${AWSSECRETACCESSKEY:-$AWS_SECRET_KEY}
+
+  echo "${AWS_KEY}:${AWS_SECRET_KEY}" > /etc/passwd-s3fs
+  chmod 0400 /etc/passwd-s3fs
+
+  echo 'IAM_ROLE is not set - mounting S3 with credentials from ENV'
+  /usr/bin/s3fs  ${S3_BUCKET} ${MNT_POINT} -d -d -f -o endpoint=${S3_REGION},allow_other,retries=5
+  echo 'started...'
+else
+  echo 'IAM_ROLE is set - using it to mount S3'
+  /usr/bin/s3fs ${S3_BUCKET} ${MNT_POINT} -d -d -f -o endpoint=${S3_REGION},iam_role=${IAM_ROLE},allow_other,retries=5
+fi