diff --git a/getting-started/ozone/README.md b/getting-started/ozone/README.md
index ebf1ee4387..10333e9cf1 100644
--- a/getting-started/ozone/README.md
+++ b/getting-started/ozone/README.md
@@ -49,13 +49,16 @@ bin/spark-sql \
     --conf spark.sql.catalog.polaris.warehouse=quickstart_catalog \
     --conf spark.sql.catalog.polaris.scope=PRINCIPAL_ROLE:ALL \
     --conf spark.sql.catalog.polaris.credential=root:s3cr3t \
-    --conf spark.sql.catalog.polaris.client.region=irrelevant
+    --conf spark.sql.catalog.polaris.client.region=us-west-2 \
+    --conf spark.sql.catalog.polaris.s3.access-key-id=polaris_root \
+    --conf spark.sql.catalog.polaris.s3.secret-access-key=polaris_pass
 ```
 
 Note: `s3cr3t` is defined as the password for the `root` user in the `docker-compose.yml` file.
 
-Note: The `client.region` configuration is required for the AWS S3 client to work, but it is not used in
-this example since Ozone does not require a specific region.
+Note: The `client.region`, `s3.access-key-id`, and `s3.secret-access-key` configuration are required
+for the AWS S3 client to work, but they are not used in this example since Ozone does not require them
+when securing S3 is not enabled.
 
 ## Running Queries
 
@@ -87,11 +90,8 @@ The lack of STS API is represented in the Catalog storage configuration by the
 
 ## S3 Credentials
 
-In this example Ozone does not require credentials for accessing its S3 API. Therefore, neither 
-Polaris, not Spark use any S3 access keys.
-
-If Ozone were configured to require credentials, Spark and Polaris would have to their own separate
-S3 access key / secret properties because credential vending is not possible with Ozone 2.0.0.
+In this example Ozone does not have securing S3 enabled for accessing its S3 API. Therefore, use
+any AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY will work for accessing S3 API.
 
 ## S3 Endpoints
 
diff --git a/getting-started/ozone/docker-compose.yml b/getting-started/ozone/docker-compose.yml
index 297ee51f10..3649e42627 100644
--- a/getting-started/ozone/docker-compose.yml
+++ b/getting-started/ozone/docker-compose.yml
@@ -37,6 +37,7 @@ services:
       OZONE-SITE.XML_ozone.scm.client.address: "ozone-scm"
       OZONE-SITE.XML_ozone.scm.datanode.id.dir: "/data/metadata"
       OZONE-SITE.XML_ozone.scm.names: "ozone-scm"
+      OZONE-SITE.XML_hdds.scm.safemode.min.datanode: "1"
       no_proxy: "ozone-om,ozone-recon,ozone-scm,ozone-s3g,localhost,127.0.0.1"
   ozone-om:
     image: *ozone-image
@@ -83,8 +84,8 @@ services:
       JAVA_DEBUG: true
       JAVA_DEBUG_PORT: "*:5005"
       AWS_REGION: us-west-2
-      AWS_ACCESS_KEY_ID: minio_root
-      AWS_SECRET_ACCESS_KEY: m1n1opwd
+      AWS_ACCESS_KEY_ID: polaris_root
+      AWS_SECRET_ACCESS_KEY: polaris_pass
       POLARIS_BOOTSTRAP_CREDENTIALS: POLARIS,root,s3cr3t
       polaris.realm-context.realms: POLARIS
       quarkus.otel.sdk.disabled: "true"
@@ -112,7 +113,7 @@ services:
         /assets/cloud_providers/await-s3.sh http://ozone-s3g:9878/ ;
         source /assets/polaris/obtain-token.sh;
         echo Creating bucket...;
-        curl -X PUT --user "invalidKey:secret" --aws-sigv4 "aws:amz:us-west-1:s3" \
+        curl -X PUT --user "polaris_root:polaris_pass" --aws-sigv4 "aws:amz:us-west-2:s3" \
           http://ozone-s3g:9878/bucket123 ;
         echo Creating catalog...;
         export STORAGE_CONFIG_INFO='{"storageType":"S3",