Customer is using EC2 instances for their Quay deployment which have the following IAM roles attached:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": "*"
        }
    ]
}

This allows these EC2 instances to access S3 storage without using any sort of credentials. Quay 3.4.0 validator fails to validate the config.yaml file if credentials are missing so it doesn't start Quay without 'IGNORE_VALIDATION=true' on the startup command. It also fails validation in the configuration portion of the config tool, which again should not happen. Customer is adamant that this worked with Quay 3.3 and earlier.

Please check!