diff --git a/solutions/oss/eks-infra/v3.0.0/iac/cdk.json b/solutions/oss/eks-infra/v3.0.0/iac/cdk.json
index 5b0b34896..057f1ad50 100644
--- a/solutions/oss/eks-infra/v3.0.0/iac/cdk.json
+++ b/solutions/oss/eks-infra/v3.0.0/iac/cdk.json
@@ -21,31 +21,28 @@
     "fluxRepository": {
       "name": "grafana-dashboards",
       "namespace": "grafana-operator",
-      "repository": {
-        "repoUrl": "https://github.com/aws-observability/observability-best-practices",
-        "name": "grafana-dashboards",
-        "targetRevision": "main",
-        "path": "./solutions/oss/eks-infra/v3.0.0/infrastructure"
-      },
+      "bucketName": "aws-observability-solutions",
+      "bucketRegion": "us-east-1",
+      "prefixPath": "EKS/OSS/CDK/v3.0.0",
       "values": {
-        "GRAFANA_CLUSTER_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/cluster.json",
-        "GRAFANA_KUBELET_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/kubelet.json",
-        "GRAFANA_NSWRKLDS_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/namespace-workloads.json",
-        "GRAFANA_NODEEXP_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/nodeexporter-nodes.json",
-        "GRAFANA_NODES_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/nodes.json",
-        "GRAFANA_WORKLOADS_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/workloads.json",
-        "GRAFANA_FLEET_DASH_URL": "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/fleet-monitoring.json",
-        "GRAFANA_LOGS_DASH_URL": "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/infrastructure/logs.json",
-        "GRAFANA_APISERVER_BASIC_DASH_URL": "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/apiserver/apiserver-basic.json",
-        "GRAFANA_APISERVER_ADVANCED_DASH_URL": "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/apiserver/apiserver-advanced.json",
-        "GRAFANA_APISERVER_TROUBLESHOOTING_DASH_URL": "https://raw.githubusercontent.com/aws-observability/observability-best-practices/main/solutions/oss/eks-infra/v3.0.0/grafana-dashboards/apiserver/apiserver-troubleshooting.json"
+        "GRAFANA_CLUSTER_DASH_URL" : "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/cluster.json",
+        "GRAFANA_KUBELET_DASH_URL" : "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/kubelet.json",
+        "GRAFANA_NSWRKLDS_DASH_URL" : "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/namespace-workloads.json",
+        "GRAFANA_NODEEXP_DASH_URL" : "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/nodeexporter-nodes.json",
+        "GRAFANA_NODES_DASH_URL" : "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/nodes.json",
+        "GRAFANA_WORKLOADS_DASH_URL" : "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/workloads.json",
+        "GRAFANA_FLEET_DASH_URL": "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/fleet-monitoring.json",
+        "GRAFANA_LOGS_DASH_URL": "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/infrastructure/logs.json",
+        "GRAFANA_APISERVER_BASIC_DASH_URL": "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/apiserver/apiserver-basic.json",
+        "GRAFANA_APISERVER_ADVANCED_DASH_URL": "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/apiserver/apiserver-advanced.json",
+        "GRAFANA_APISERVER_TROUBLESHOOTING_DASH_URL": "https://aws-observability-solutions.s3.amazonaws.com/EKS/OSS/CDK/v3.0.0/grafana-dashboards/apiserver/apiserver-troubleshooting.json"
       },
       "kustomizations": [
         {
-          "kustomizationPath": "./solutions/oss/eks-infra/v3.0.0/infrastructure"
+          "kustomizationPath": "EKS/OSS/CDK/v3.0.0/infrastructure"
         },
         {
-          "kustomizationPath": "./solutions/oss/eks-infra/v3.0.0/apiserver"
+          "kustomizationPath": "EKS/OSS/CDK/v3.0.0/apiserver"
         }
       ]
     },
diff --git a/solutions/oss/eks-infra/v3.0.0/iac/lib/existing-eks-opensource-observability-pattern/index.ts b/solutions/oss/eks-infra/v3.0.0/iac/lib/existing-eks-opensource-observability-pattern/index.ts
index f490d9360..c83141178 100644
--- a/solutions/oss/eks-infra/v3.0.0/iac/lib/existing-eks-opensource-observability-pattern/index.ts
+++ b/solutions/oss/eks-infra/v3.0.0/iac/lib/existing-eks-opensource-observability-pattern/index.ts
@@ -9,6 +9,8 @@ import * as eks from 'aws-cdk-lib/aws-eks';
 import * as iam from 'aws-cdk-lib/aws-iam';
 import { AmpClient, TagResourceCommand } from "@aws-sdk/client-amp";
 import * as regionInfo from 'aws-cdk-lib/region-info';
+import {PolicyDocument, PolicyStatement} from "aws-cdk-lib/aws-iam";
+import {ICluster, ServiceAccount} from "aws-cdk-lib/aws-eks";
 
 export default class ExistingEksOpenSourceobservabilityPattern {
     async buildAsync(scope: cdk.App, _id: string) {
@@ -47,7 +49,7 @@ export default class ExistingEksOpenSourceobservabilityPattern {
         });
 
         // All Grafana Dashboard URLs from `cdk.json` if present
-        const fluxRepository: blueprints.FluxGitRepo = utils.valueFromContext(scope, "fluxRepository", undefined);
+        const fluxRepository: blueprints.FluxBucketRepo = utils.valueFromContext(scope, "fluxRepository", undefined);
         fluxRepository.values!.AMG_AWS_REGION = region;
         fluxRepository.values!.AMP_ENDPOINT_URL = ampEndpoint;
         fluxRepository.values!.AMG_ENDPOINT_URL = amgEndpointUrl;
@@ -96,7 +98,7 @@ export default class ExistingEksOpenSourceobservabilityPattern {
             new blueprints.KubeStateMetricsAddOn(),
             new blueprints.MetricsServerAddOn(),
             new blueprints.PrometheusNodeExporterAddOn(),
-            new blueprints.FluxCDAddOn({ "repositories": [fluxRepository] }),
+            new blueprints.FluxCDAddOn({ "buckets": [fluxRepository] }),
             new blueprints.CloudWatchInsights(CloudWatchInsightsAddOnProps),
             new GrafanaOperatorSecretAddon(),
         ];
@@ -128,6 +130,12 @@ export default class ExistingEksOpenSourceobservabilityPattern {
             description: 'Deployed by AWS Managed OSS EKS Infrastructure Observability Solution'
         });
 
+        const s3Policy = new iam.ManagedPolicy(stack, 'fluxCD-addon-managed-policy', {
+            document: s3ReadPolicy(fluxRepository.bucketName)
+        });
+
+        createS3ReadServiceAccountWithPolicy(obs.getClusterInfo().cluster, "source-controller", "flux-system", s3Policy)
+
         new eks.CfnAccessEntry(stack, 'MyCfnAccessEntry', {
             clusterName: clusterName,
             principalArn: clusterRole.roleArn,
@@ -217,3 +225,39 @@ function getAmpWorkspaceEndpointFromArn(arn: string): string {
 
     return `https://aps-workspaces.${ampRegion}.amazonaws.com/workspaces/${ampWorkspaceId}`;
 }
+
+export function s3ReadPolicy(bucketName: string): PolicyDocument {
+    return new PolicyDocument({
+        statements: [
+            new PolicyStatement({
+                actions: [
+                    's3:ListBucket',
+                ],
+                resources: ['arn:aws:s3:::'.concat(bucketName)]
+            }),
+            new PolicyStatement({
+                actions: [
+                    's3:GetObject',
+                ],
+                resources: ['arn:aws:s3:::'.concat(bucketName).concat("/*")]
+            })
+        ]
+    });
+}
+
+export function createS3ReadServiceAccountWithPolicy(cluster: ICluster, name: string, namespace: string, ...policies: iam.IManagedPolicy[]): ServiceAccount {
+    const sa = cluster.addServiceAccount(`${name}-sa`, {
+        name: name,
+        namespace: namespace,
+        annotations: {
+            "meta.helm.sh/release-name": "blueprints-fluxcd-addon",
+            "meta.helm.sh/release-namespace": "flux-system"
+        },
+        labels: {
+            "app.kubernetes.io/managed-by": "Helm"
+        }
+    });
+
+    policies.forEach(policy => sa.role.addManagedPolicy(policy));
+    return sa;
+}