http/auth.md: mention AWS sigv4

Fixes #472
curl · Dec 30, 2024 · 26a730b · 26a730b
1 parent 564674b
commit 26a730b
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 0 deletions.
diff --git a/http/auth.md b/http/auth.md
@@ -55,3 +55,29 @@ ask for those methods too specifically:
     curl --digest --user daniel:secret http://example.com/
     curl --negotiate --user daniel:secret http://example.com/
     curl --ntlm --user daniel:secret http://example.com/
+
+## AWS sigv4
+
+The defacto authentication standard *AWS sigv4* is a little different than the
+other HTTP authentication mechnisms and thus you also use it differently.
+
+This option takes an additional string argument where you provide one or more
+data fields for the operation, separated by colons: *provider 1*, *provider
+2*, *region* and *service*.
+
+- *provider* are strings used by the algorithm when creating outgoing
+  authentication headers.
+
+- *region* is a name that points to a geographic area of a resource collection
+(region-code) when the region name is omitted from the endpoint.
+
+- *service* is a string that points to a function provided by a cloud
+(service-code) when the service name is omitted from the endpoint.
+
+Only the *provider 1* is mandatory to provide. The others are otherwise
+extracted from the hostname used in the URL.
+
+Example:
+
+    curl --aws-sigv4 "aws:amz:us-east-2:es" --user "key:secret" \
+        https://example.com
diff --git a/index-words b/index-words
@@ -2,6 +2,7 @@
 --alt-svc
 --anyauth
 --append
+--aws-sigv4
 --basic
 --ca-native
 --compressed
@@ -120,6 +121,7 @@
 ALPN
 apt
 Arch Linux
+AWS sigv4
 BearSSL
 bindings
 BoringSSL