diff --git a/terraform/main.tf b/terraform/main.tf
index 4d5dac4..b2a944c 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -22,6 +22,10 @@ terraform {
       source  = "hashicorp/archive"
       version = "~> 2.0"
     }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2.30"
+    }
   }
 }
 # backend 설정은 backend.tf 참고
@@ -34,17 +38,27 @@ locals {
   eks_cluster_name = "${var.project_name}-eks"
 }
 
-#provider "helm" {
-#  kubernetes {
-#    host                   = aws_eks_cluster.main.endpoint
-#    cluster_ca_certificate = base64decode(aws_eks_cluster.main.certificate_authority[0].data)
-#    exec {
-#      api_version = "client.authentication.k8s.io/v1beta1"
-#      command     = "aws"
-#      args        = ["eks", "get-token", "--cluster-name", local.eks_cluster_name, "--region", var.aws_region]
-#    }
-#  }
-#}
+provider "helm" {
+  kubernetes {
+    host                   = aws_eks_cluster.main.endpoint
+    cluster_ca_certificate = base64decode(aws_eks_cluster.main.certificate_authority[0].data)
+    exec {
+      api_version = "client.authentication.k8s.io/v1beta1"
+      command     = "aws"
+      args        = ["eks", "get-token", "--cluster-name", local.eks_cluster_name, "--region", var.aws_region]
+    }
+  }
+}
+
+provider "kubernetes" {
+  host                   = aws_eks_cluster.main.endpoint
+  cluster_ca_certificate = base64decode(aws_eks_cluster.main.certificate_authority[0].data)
+  exec {
+    api_version = "client.authentication.k8s.io/v1beta1"
+    command     = "aws"
+    args        = ["eks", "get-token", "--cluster-name", local.eks_cluster_name, "--region", var.aws_region]
+  }
+}
 
 # ──────────────────────────────────────────
 # VPC
diff --git a/terraform/storage.tf b/terraform/storage.tf
new file mode 100644
index 0000000..a964243
--- /dev/null
+++ b/terraform/storage.tf
@@ -0,0 +1,39 @@
+# ──────────────────────────────────────────
+# gp3 StorageClass (default)
+# ──────────────────────────────────────────
+resource "kubernetes_storage_class" "gp3" {
+  metadata {
+    name = "gp3"
+    annotations = {
+      "storageclass.kubernetes.io/is-default-class" = "true"
+    }
+  }
+
+  storage_provisioner    = "ebs.csi.aws.com"
+  reclaim_policy         = "Delete"
+  volume_binding_mode    = "WaitForFirstConsumer"
+  allow_volume_expansion = true
+
+  parameters = {
+    type   = "gp3"
+    fsType = "ext4"
+  }
+
+  depends_on = [aws_eks_addon.ebs_csi]
+}
+
+# ──────────────────────────────────────────
+# 기존 gp2 SC에서 default 표시 제거 (drift 해소)
+# ──────────────────────────────────────────
+resource "kubernetes_annotations" "gp2_not_default" {
+  api_version = "storage.k8s.io/v1"
+  kind        = "StorageClass"
+  metadata {
+    name = "gp2"
+  }
+  annotations = {
+    "storageclass.kubernetes.io/is-default-class" = "false"
+  }
+
+  depends_on = [kubernetes_storage_class.gp3]
+}