POST object upload authentication
A POST object upload request can be authenticated in these ways:
Header authentication
The header can include AWS Signature Version 2 authorization information. Header authentication supports only AWS local user account credentials. Use a header with a value in the format
Authorization: AWS all_users:
for anonymous access, orAuthorization: AWS access-key:signature
for authenticated access.NoteActive Directory, SPNEGO, cookie, and HCP authentication are not supported.In-form authentication
The POST form can contain authentication-related fields. In-form authentication supports only AWS local user account credentials. All authorization-related form fields must be presented for in-form authentication to succeed. If both V2 and V4 authentication form fields are presented, V2 authentication information is used.
Security policy validation
A policy is included in the request. Required if in-form authentication is used. If the policy is missing, HCP returns a status of 400.
For a namespace that does not permit anonymous access (that is, a non-public bucket), either header or in-form authentication is required. (Both can be provided.)