diff --git a/deploy/objectstorage/Kubefile b/deploy/objectstorage/Kubefile
index 2a16caeeb6e..c8de4664538 100644
--- a/deploy/objectstorage/Kubefile
+++ b/deploy/objectstorage/Kubefile
@@ -11,5 +11,6 @@ ENV minioStorageSize=${minioStorageSize:-1Gi}
 ENV promStorageSize=${promStorageSize:-1Gi}
 ENV minioAdminUser=${minioAdminUser:-"username"}
 ENV minioAdminPassword=${minioAdminPassword:-"passw0rd"}
+ENV minioKubeblocksPassword=${minioAdminPassword:-"kubeblocks"}
 
 CMD ["bash scripts/init.sh"]
diff --git a/deploy/objectstorage/README.md b/deploy/objectstorage/README.md
index a4a7eb4e12e..a7c9bd9c561 100644
--- a/deploy/objectstorage/README.md
+++ b/deploy/objectstorage/README.md
@@ -1,6 +1,12 @@
 # sealos cloud object storage cluster image
-## prepare
 
-1. install minio operator
-2. install prometheus operator
-3. run object storage cluster image
\ No newline at end of file
+## version
+
+date: 2024.9.10
+
+## components
+
+1. minio
+2. minio monitor service
+3. objectstorage controller
+4. objectstorage frontend
\ No newline at end of file
diff --git a/deploy/objectstorage/etc/minio/policy/kubeblocks.json b/deploy/objectstorage/etc/minio/policy/kubeblocks.json
index ad32526b1ca..f8693ef60ac 100644
--- a/deploy/objectstorage/etc/minio/policy/kubeblocks.json
+++ b/deploy/objectstorage/etc/minio/policy/kubeblocks.json
@@ -39,6 +39,26 @@
       "Resource": [
         "arn:aws:s3:::file-backup/*"
       ]
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:DeleteObject",
+        "s3:GetBucketTagging",
+        "s3:GetObject",
+        "s3:ListBucket",
+        "s3:PutBucketTagging",
+        "s3:AbortMultipartUpload",
+        "s3:CreateBucket",
+        "s3:GetBucketLocation",
+        "s3:GetBucketPolicy",
+        "s3:ListBucketMultipartUploads",
+        "s3:ListMultipartUploadParts",
+        "s3:PutObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::cockroaches-*"
+      ]
     }
   ]
 }
\ No newline at end of file
diff --git a/deploy/objectstorage/manifests/minio/deploy.yaml.tmpl b/deploy/objectstorage/manifests/minio/deploy.yaml.tmpl
index b98eb33c778..f42ea242ca2 100644
--- a/deploy/objectstorage/manifests/minio/deploy.yaml.tmpl
+++ b/deploy/objectstorage/manifests/minio/deploy.yaml.tmpl
@@ -115,6 +115,7 @@ metadata:
   name: object-storage-api
   namespace: objectstorage-system
   annotations:
+    higress.io/response-header-control-update: Content-Disposition attachment
     kubernetes.io/ingress.class: nginx
     nginx.ingress.kubernetes.io/proxy-body-size: 3g
     nginx.ingress.kubernetes.io/server-snippet: |
diff --git a/deploy/objectstorage/scripts/minio.sh b/deploy/objectstorage/scripts/minio.sh
index 68eab45f217..2e01d44d293 100644
--- a/deploy/objectstorage/scripts/minio.sh
+++ b/deploy/objectstorage/scripts/minio.sh
@@ -55,7 +55,7 @@ function init_minio() {
       mc admin policy create objectstorage userNormal etc/minio/policy/user_normal.json
       mc admin policy create objectstorage userDenyWrite etc/minio/policy/user_deny_write.json
       mc admin policy create objectstorage kubeblocks etc/minio/policy/kubeblocks.json
-      mc admin user add objectstorage kubeblocks sealos.12345
+      mc admin user add objectstorage kubeblocks ${minioKubeblocksPassword}
       mc admin user add objectstorage testuser sealos2023
       mc admin group add objectstorage userNormal testuser
       mc admin group add objectstorage userDenyWrite testuser