diff --git a/README.md b/README.md
index 438c4b5..0ad2e9b 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ The region can be empty if you are using some other S3 compatible storage.
 ```bash
 cd deploy/kubernetes
 kubectl create -f provisioner.yaml
-kubectl create -f attacher.yaml
+kubectl create -f driver.yaml
 kubectl create -f csi-s3.yaml
 ```
 
diff --git a/deploy/helm/manifest.yaml b/deploy/helm/manifest.yaml
index cec9cae..d1fa076 100644
--- a/deploy/helm/manifest.yaml
+++ b/deploy/helm/manifest.yaml
@@ -4,7 +4,6 @@ helm_chart:
 requirements:
   k8s_version: ">=1.13"
 images:
-  - full: images.attacher
   - full: images.registrar
   - full: images.provisioner
   - full: images.csi
diff --git a/deploy/helm/templates/attacher.yaml b/deploy/helm/templates/attacher.yaml
deleted file mode 100644
index bf0580f..0000000
--- a/deploy/helm/templates/attacher.yaml
+++ /dev/null
@@ -1,101 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: csi-attacher-sa
-  namespace: {{ .Release.Namespace }}
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: external-attacher-runner
-rules:
-  - apiGroups: [""]
-    resources: ["secrets"]
-    verbs: ["get", "list"]
-  - apiGroups: [""]
-    resources: ["events"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
-    resources: ["persistentvolumes"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
-    resources: ["nodes"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["csinodes"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments"]
-    verbs: ["get", "list", "watch", "update", "patch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments/status"]
-    verbs: ["patch"]
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: csi-attacher-role
-subjects:
-  - kind: ServiceAccount
-    name: csi-attacher-sa
-    namespace: {{ .Release.Namespace }}
-roleRef:
-  kind: ClusterRole
-  name: external-attacher-runner
-  apiGroup: rbac.authorization.k8s.io
----
-# needed for StatefulSet
-kind: Service
-apiVersion: v1
-metadata:
-  name: csi-attacher-s3
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app: csi-attacher-s3
-spec:
-  selector:
-    app: csi-attacher-s3
-  ports:
-    - name: csi-s3-dummy
-      port: 65535
----
-kind: StatefulSet
-apiVersion: apps/v1
-metadata:
-  name: csi-attacher-s3
-  namespace: {{ .Release.Namespace }}
-spec:
-  serviceName: "csi-attacher-s3"
-  replicas: 1
-  selector:
-    matchLabels:
-      app: csi-attacher-s3
-  template:
-    metadata:
-      labels:
-        app: csi-attacher-s3
-    spec:
-      serviceAccount: csi-attacher-sa
-      tolerations:
-        - key: node-role.kubernetes.io/master
-          operator: Exists
-        - key: CriticalAddonsOnly
-          operator: Exists
-      containers:
-        - name: csi-attacher
-          image: {{ .Values.images.attacher }}
-          args:
-            - "--v=4"
-            - "--csi-address=$(ADDRESS)"
-          env:
-            - name: ADDRESS
-              value: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi/csi.sock
-          imagePullPolicy: "IfNotPresent"
-          volumeMounts:
-            - name: socket-dir
-              mountPath: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi
-      volumes:
-        - name: socket-dir
-          hostPath:
-            path: {{ .Values.kubeletPath }}/plugins/ru.yandex.s3.csi
-            type: DirectoryOrCreate
diff --git a/deploy/helm/templates/driver.yaml b/deploy/helm/templates/driver.yaml
new file mode 100644
index 0000000..c3095e6
--- /dev/null
+++ b/deploy/helm/templates/driver.yaml
@@ -0,0 +1,10 @@
+apiVersion: storage.k8s.io/v1
+kind: CSIDriver
+metadata:
+  name: ru.yandex.s3.csi
+spec:
+  attachRequired: false
+  podInfoOnMount: true
+  fsGroupPolicy: File # added in Kubernetes 1.19, this field is GA as of Kubernetes 1.23
+  volumeLifecycleModes: # added in Kubernetes 1.16, this field is beta
+    - Persistent
diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
index e62fb09..38534db 100644
--- a/deploy/helm/values.yaml
+++ b/deploy/helm/values.yaml
@@ -1,7 +1,5 @@
 ---
 images:
-  # Source: quay.io/k8scsi/csi-attacher:v3.0.1
-  attacher: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-attacher:v3.0.1
   # Source: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0
   registrar: cr.yandex/crp9ftr22d26age3hulg/yandex-cloud/csi-s3/csi-node-driver-registrar:v1.2.0
   # Source: quay.io/k8scsi/csi-provisioner:v2.1.0
diff --git a/deploy/kubernetes/attacher.yaml b/deploy/kubernetes/attacher.yaml
deleted file mode 100644
index b70a222..0000000
--- a/deploy/kubernetes/attacher.yaml
+++ /dev/null
@@ -1,101 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: csi-attacher-sa
-  namespace: kube-system
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: external-attacher-runner
-rules:
-  - apiGroups: [""]
-    resources: ["secrets"]
-    verbs: ["get", "list"]
-  - apiGroups: [""]
-    resources: ["events"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
-    resources: ["persistentvolumes"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
-    resources: ["nodes"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["csinodes"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments"]
-    verbs: ["get", "list", "watch", "update", "patch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments/status"]
-    verbs: ["patch"]
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: csi-attacher-role
-subjects:
-  - kind: ServiceAccount
-    name: csi-attacher-sa
-    namespace: kube-system
-roleRef:
-  kind: ClusterRole
-  name: external-attacher-runner
-  apiGroup: rbac.authorization.k8s.io
----
-# needed for StatefulSet
-kind: Service
-apiVersion: v1
-metadata:
-  name: csi-attacher-s3
-  namespace: kube-system
-  labels:
-    app: csi-attacher-s3
-spec:
-  selector:
-    app: csi-attacher-s3
-  ports:
-    - name: csi-s3-dummy
-      port: 65535
----
-kind: StatefulSet
-apiVersion: apps/v1
-metadata:
-  name: csi-attacher-s3
-  namespace: kube-system
-spec:
-  serviceName: "csi-attacher-s3"
-  replicas: 1
-  selector:
-    matchLabels:
-      app: csi-attacher-s3
-  template:
-    metadata:
-      labels:
-        app: csi-attacher-s3
-    spec:
-      serviceAccount: csi-attacher-sa
-      tolerations:
-        - key: node-role.kubernetes.io/master
-          operator: Exists
-        - key: CriticalAddonsOnly
-          operator: Exists
-      containers:
-        - name: csi-attacher
-          image: quay.io/k8scsi/csi-attacher:v3.0.1
-          args:
-            - "--v=4"
-            - "--csi-address=$(ADDRESS)"
-          env:
-            - name: ADDRESS
-              value: /var/lib/kubelet/plugins/ru.yandex.s3.csi/csi.sock
-          imagePullPolicy: "IfNotPresent"
-          volumeMounts:
-            - name: socket-dir
-              mountPath: /var/lib/kubelet/plugins/ru.yandex.s3.csi
-      volumes:
-        - name: socket-dir
-          hostPath:
-            path: /var/lib/kubelet/plugins/ru.yandex.s3.csi
-            type: DirectoryOrCreate
diff --git a/deploy/kubernetes/driver.yaml b/deploy/kubernetes/driver.yaml
new file mode 100644
index 0000000..86004cc
--- /dev/null
+++ b/deploy/kubernetes/driver.yaml
@@ -0,0 +1,7 @@
+apiVersion: storage.k8s.io/v1
+kind: CSIDriver
+metadata:
+  name: ru.yandex.s3.csi
+spec:
+  attachRequired: false
+  podInfoOnMount: true