[Bug]: zot 2.1.10 configuration for S3 storage and remote cache is not up to date #3571
Description
zot version
v2.1.10
Describe the bug
I have deployed zot with local storage and it worked.
After that I tried to switch to S3 storage + dynamodb cache using the config bellow.
Note: The instuctions for setting up remote cache do not seem to be up to date.
I had several erros that I fixed by adding extra fields (in config).
After disabling remoteCache and removing the cache config, the registry starts.
https://zotregistry.dev/v2.1.10/articles/storage/?h=cache#dynamodb
To reproduce
- Configuration
and the following policy
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads"
],
"Resource": "arn:aws:s3:::zot-storage"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:ListMultipartUploadParts",
"s3:AbortMultipartUpload"
],
"Resource": "arn:aws:s3:::zot-storage/*"
},
{
"Effect": "Allow",
"Action": [
"dynamodb:CreateTable",
"dynamodb:DescribeTable",
"dynamodb:GetItem",
"dynamodb:UpdateItem",
"dynamodb:DeleteItem"
],
"Resource": "arn:aws:dynamodb:*:*:table/zot-*"
}
]
}
{
"distSpecVersion": "1.1.1",
"storage": {
"rootDirectory": "/zot-data/registry",
"commit": true,
"dedupe": true,
"gc": true,
"gcDelay": "1h",
"gcInterval": "24h",
"storageDriver": {
"name": "s3",
"region": "us-east-1",
"bucket": "zot-storage",
"secure": true,
"skipverify": false
},
"remoteCache": true,
"cacheDriver": {
"name": "dynamodb",
"endpoint": "https://dynamodb.us-east-1.amazonaws.com",
"region": "us-east-1",
"cacheTablename": "zot-registry-blob-table",
"repoMetaTablename": "zot-RepoMetadataTable",
"manifestDataTablename": "zot-ManifestDataTable",
"versionTablename": "zot-Version",
"userdatatablename": "zot-userdatatablename",
"apikeytablename": "zot-apikeytablename",
"repoblobsinfotablename": "zot-repoblobsinfotablename",
"imagemetatablename": "zot-imagemetatablename"
}
},
"http": {
"address": "0.0.0.0",
"port": "8080",
"realm": "zot"
},
"log": {
"level": "debug"
},
"extensions": {
"trust": {
"enable": true,
"cosign": true,
"notation": true
},
"scrub": {
"enable": true,
"interval": "24h"
},
"search": {
"enable": true
},
"ui": {
"enable": true
}
}
}
- Client tool used
docker zot image
- Seen error
I have the following error:
zot_zot-registry.1.uf873cyhcc3b@infra5 | {"time":"2025-11-20T19:08:20.811494948Z","level":"info","message":"events disabled in configuration","goroutine":1,"caller":"zotregistry.dev/zot/v2/pkg/extensions/extension_events.go:18","func":"zotregistry.dev/zot/v2/pkg/extensions.NewEventRecorder"}
zot_zot-registry.1.uf873cyhcc3b@infra5 | {"time":"2025-11-20T19:09:41.22844406Z","level":"error","message":"failed to init controller","error":"operation error Secrets Manager: CreateSecret, https response error StatusCode: 404, RequestID: NVAI4CHCA9ATJK0M9NFN1KOJGVVV4KQNSO5AEMVJF66Q9ASUAAJG, deserialization failed, failed to decode response body, invalid character '<' looking for beginning of value","goroutine":1,"caller":"zotregistry.dev/zot/v2/pkg/cli/server/root.go:78","func":"zotregistry.dev/zot/v2/pkg/cli/server.NewServerRootCmd.newServeCmd.func2"}
zot_zot-registry.1.uf873cyhcc3b@infra5 | Error: operation error Secrets Manager: CreateSecret, https response error StatusCode: 404, RequestID: NVAI4CHCA9ATJK0M9NFN1KOJGVVV4KQNSO5AEMVJF66Q9ASUAAJG, deserialization failed, failed to decode response body, invalid character '<' looking for beginning of value
zot_zot-registry.1.uf873cyhcc3b@infra5 | Usage:
zot_zot-registry.1.uf873cyhcc3b@infra5 | zot serve <config> [flags]
zot_zot-registry.1.uf873cyhcc3b@infra5 |
zot_zot-registry.1.uf873cyhcc3b@infra5 | Aliases:
zot_zot-registry.1.uf873cyhcc3b@infra5 | serve, serve
Expected behavior
No response
Screenshots
No response
Additional context
No response