diff --git a/k8s/helmfile/env/local/wbaas-backup.values.yaml.gotmpl b/k8s/helmfile/env/local/wbaas-backup.values.yaml.gotmpl
index 8d9459c92..c0a3a82e2 100644
--- a/k8s/helmfile/env/local/wbaas-backup.values.yaml.gotmpl
+++ b/k8s/helmfile/env/local/wbaas-backup.values.yaml.gotmpl
@@ -1,13 +1,20 @@
 image:
-  tag: v0.2.0
+  tag: v0.3.0
 
 job:
   failedJobsHistoryLimit: 1
   successfulJobsHistoryLimit: 1
   cronSchedule: "* * 1 1 *"
 
+scratchDiskSpace: 4Gi
+
+restorePodRunning: false
+
 storage:
-  scratchDiskSpace: 4Gi
-  gcs:
-    bucketName: nacho-cheese
-    uploadToBucket: false
+  bucketName: backups
+  uploadToBucket: true
+  accessKeySecretName: minio-credentials
+  accessKeySecretKey: rootUser
+  secretKeySecretName: minio-credentials
+  secretKeySecretKey: rootPassword
+  endpoint: http://minio.default.svc.cluster.local:9000
diff --git a/k8s/helmfile/env/staging/wbaas-backup.values.yaml.gotmpl b/k8s/helmfile/env/staging/wbaas-backup.values.yaml.gotmpl
index 945dc42f1..42c45112f 100644
--- a/k8s/helmfile/env/staging/wbaas-backup.values.yaml.gotmpl
+++ b/k8s/helmfile/env/staging/wbaas-backup.values.yaml.gotmpl
@@ -1,7 +1,8 @@
 image:
-  tag: v0.2.0
+  tag: v0.3.0
+
+scratchDiskSpace: 8Gi
 
 storage:
-  scratchDiskSpace: 8Gi
-  gcs:
-    bucketName: wikibase-dev-sql-backup
+  bucketName: wikibase-dev-sql-backup
+  uploadToBucket: true
diff --git a/k8s/helmfile/helmfile.yaml b/k8s/helmfile/helmfile.yaml
index ed216170a..29385a439 100644
--- a/k8s/helmfile/helmfile.yaml
+++ b/k8s/helmfile/helmfile.yaml
@@ -211,7 +211,7 @@ releases:
   - name: wbaas-backup
     namespace: default
     chart: wbstack/wbaas-backup
-    version: 0.0.6
+    version: {{ ternary "0.1.0" "0.0.6" (ne .Environment.Name "production") }}
     <<: *default_release
 
   - name: kube-prometheus-stack
diff --git a/tf/env/staging/secrets-gcs.tf b/tf/env/staging/secrets-gcs.tf
new file mode 100644
index 000000000..11c96c170
--- /dev/null
+++ b/tf/env/staging/secrets-gcs.tf
@@ -0,0 +1,24 @@
+resource "google_service_account" "dev-backup-upload" {
+  account_id = "dev-backup-upload"
+}
+
+resource "google_storage_hmac_key" "dev-backup-upload-key" {
+  service_account_email = google_service_account.dev-backup-upload.email
+}
+
+resource "google_project_iam_member" "dev-backup-upload" {
+  role    = "roles/storage.admin"
+  member  = "serviceAccount:${google_service_account.dev-backup-upload.email}"
+  project = local.project_id
+}
+
+resource "kubernetes_secret" "gcs-hmac-key" {
+  provider = kubernetes.wbaas-2
+  metadata {
+    name = "gcs-hmac-key"
+  }
+  data = {
+    "access-key" = google_storage_hmac_key.dev-backup-upload-key.access_id
+    "secret-key" = google_storage_hmac_key.dev-backup-upload-key.secret
+  }
+}
diff --git a/tf/env/staging/serviceaccount.tf b/tf/env/staging/serviceaccount.tf
index 3d4c554df..421e3c42e 100644
--- a/tf/env/staging/serviceaccount.tf
+++ b/tf/env/staging/serviceaccount.tf
@@ -32,4 +32,4 @@ resource "google_service_account_key" "dev-api" {
     keepers = {
         rotate = 1
     }
-}
\ No newline at end of file
+}