diff --git a/minio/justfile b/minio/justfile
index 22d3a2d..3b1b676 100644
--- a/minio/justfile
+++ b/minio/justfile
@@ -3,6 +3,7 @@ set fallback := true
 export MINIO_NAMESPACE := env("MINIO_NAMESPACE", "minio")
 export MINIO_CHART_VERSION := env("MINIO_CHART_VERSION", "5.4.0")
 export MINIO_OIDC_CLIENT_ID := env("MINIO_OIDC_CLIENT_ID", "minio")
+export MINIO_STORAGE_SIZE := env("MINIO_STORAGE_SIZE", "50Gi")
 export KEYCLOAK_REALM := env("KEYCLOAK_REALM", "buunstack")
 export K8S_VAULT_NAMESPACE := env("K8S_VAULT_NAMESPACE", "vault")
 export EXTERNAL_SECRETS_NAMESPACE := env("EXTERNAL_SECRETS_NAMESPACE", "external-secrets")
@@ -64,11 +65,18 @@ create-root-credentials:
 
 # Add Keycloak policy and mapper
 add-keycloak-minio-policy:
-    KEYCLOAK_ADMIN_USER=$(just keycloak::admin-username) \
-        KEYCLOAK_ADMIN_PASSWORD=$(just keycloak::admin-password) \
-        KEYCLOAK_REALM=${KEYCLOAK_REALM} \
-        MINIO_OIDC_CLIENT_ID=${MINIO_OIDC_CLIENT_ID} \
-        dotenvx run -f ../.env.local -- tsx ./scripts/add-minio-policy.ts
+    #!/bin/bash
+    set -euo pipefail
+    POLICY_VALUE="${MINIO_POLICY:-readwrite}"
+    echo "Setting MinIO policy attribute with default value: ${POLICY_VALUE}"
+    just keycloak::add-attribute-mapper \
+        "${MINIO_OIDC_CLIENT_ID}" \
+        "minioPolicy" \
+        "MinIO Policy" \
+        "minioPolicy" \
+        "readwrite,readonly,writeonly" \
+        "${POLICY_VALUE}" \
+        "MinIO Policy"
 
 # Install MinIO
 install:
@@ -140,6 +148,21 @@ create-bucket bucket='':
         bash -c "mc alias set local http://localhost:9000 ${ROOT_USER} ${ROOT_PASSWORD} && \
         mc mb --ignore-existing local/${bucket}"
 
+# Check if a bucket exists (returns exit code 0 if exists, 1 if not)
+[no-exit-message]
+bucket-exists bucket:
+    #!/bin/bash
+    set -euo pipefail
+    ROOT_USER=$(just root-username)
+    ROOT_PASSWORD=$(just root-password)
+    if kubectl -n ${MINIO_NAMESPACE} exec -it deploy/minio -- \
+        bash -c "mc alias set local http://localhost:9000 ${ROOT_USER} ${ROOT_PASSWORD} >/dev/null 2>&1 && \
+        mc ls local/{{ bucket }} >/dev/null 2>&1"; then
+        exit 0  # Bucket exists
+    else
+        exit 1  # Bucket does not exist
+    fi
+
 # Create MinIO user
 create-user user='' bucket='':
     #!/bin/bash
@@ -247,18 +270,3 @@ grant-policy user='' policy='readwrite':
         mc admin policy attach local ${POLICY} --user=${USER}"
 
     echo "✅ Policy ${POLICY} granted to user ${USER}"
-
-# Check if a bucket exists (returns exit code 0 if exists, 1 if not)
-[no-exit-message]
-bucket-exists bucket:
-    #!/bin/bash
-    set -euo pipefail
-    ROOT_USER=$(just root-username)
-    ROOT_PASSWORD=$(just root-password)
-    if kubectl -n ${MINIO_NAMESPACE} exec -it deploy/minio -- \
-        bash -c "mc alias set local http://localhost:9000 ${ROOT_USER} ${ROOT_PASSWORD} >/dev/null 2>&1 && \
-        mc ls local/{{ bucket }} >/dev/null 2>&1"; then
-        exit 0  # Bucket exists
-    else
-        exit 1  # Bucket does not exist
-    fi
diff --git a/minio/minio-values.gomplate.yaml b/minio/minio-values.gomplate.yaml
index 9059a6c..ca71106 100644
--- a/minio/minio-values.gomplate.yaml
+++ b/minio/minio-values.gomplate.yaml
@@ -15,7 +15,7 @@ oidc:
   displayName: "Login with Keycloak"
 
 persistence:
-  size: 50Gi
+  size: {{ .Env.MINIO_STORAGE_SIZE }}
 
 ingress:
   enabled: true
diff --git a/minio/scripts/add-minio-policy.ts b/minio/scripts/add-minio-policy.ts
deleted file mode 100644
index 4e2466a..0000000
--- a/minio/scripts/add-minio-policy.ts
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/env node
-
-// This script is a wrapper for add-attribute-mapper.ts specifically for MinIO policy configuration
-// It sets the appropriate environment variables and calls the generic script
-
-import { spawn } from "node:child_process";
-import invariant from "tiny-invariant";
-
-const main = async () => {
-  // Validate MinIO-specific environment variables
-  const minioClientId = process.env.MINIO_OIDC_CLIENT_ID;
-  invariant(minioClientId, "MINIO_OIDC_CLIENT_ID environment variable is required");
-
-  const policyValue = process.env.MINIO_POLICY || "readwrite";
-  console.log(`Setting MinIO policy attribute with default value: ${policyValue}`);
-
-  // Set up environment variables for the generic script
-  const env = {
-    ...process.env,
-    CLIENT_ID: minioClientId,
-    ATTRIBUTE_NAME: "minioPolicy",
-    ATTRIBUTE_DISPLAY_NAME: "MinIO Policy",
-    ATTRIBUTE_CLAIM_NAME: "minioPolicy",
-    ATTRIBUTE_OPTIONS: "readwrite,readonly,writeonly",
-    ATTRIBUTE_DEFAULT_VALUE: policyValue,
-    MAPPER_NAME: "MinIO Policy",
-  };
-
-  // Call the generic add-attribute-mapper script
-  const child = spawn("npx", ["tsx", "../../keycloak/scripts/add-attribute-mapper.ts"], {
-    cwd: __dirname,
-    env,
-    stdio: "inherit",
-  });
-
-  child.on("error", (error) => {
-    console.error("Failed to execute add-attribute-mapper.ts:", error);
-    process.exit(1);
-  });
-
-  child.on("exit", (code) => {
-    process.exit(code || 0);
-  });
-};
-
-main();