diff --git a/src/future/aws/PhutilAWSEC2Future.php b/src/future/aws/PhutilAWSEC2Future.php
--- a/src/future/aws/PhutilAWSEC2Future.php
+++ b/src/future/aws/PhutilAWSEC2Future.php
@@ -2,6 +2,17 @@
 
 final class PhutilAWSEC2Future extends PhutilAWSFuture {
 
+  private $parameters = array();
+
+  public function setParameters($parameters) {
+    $this->parameters = $parameters;
+    return $this;
+  }
+
+  protected function getParameters() {
+    return $this->parameters;
+  }
+
   public function getServiceName() {
     return 'ec2';
   }
diff --git a/src/future/aws/PhutilAWSFuture.php b/src/future/aws/PhutilAWSFuture.php
--- a/src/future/aws/PhutilAWSFuture.php
+++ b/src/future/aws/PhutilAWSFuture.php
@@ -8,7 +8,6 @@
   private $region;
   private $httpMethod = 'GET';
   private $path = '/';
-  private $params = array();
   private $endpoint;
   private $data = '';
   private $headers = array();
@@ -83,8 +82,7 @@
   }
 
   protected function getParameters() {
-    $params = $this->params;
-    return $params;
+    return array();
   }
 
   public function addHeader($key, $value) {
@@ -131,9 +129,14 @@
       ->setService($this->getServiceName())
       ->setAccessKey($access_key)
       ->setSecretKey($secret_key)
+      ->setSignContent($this->shouldSignContent())
       ->signRequest($future);
   }
 
+  protected function shouldSignContent() {
+    return false;
+  }
+
   protected function didReceiveResult($result) {
     list($status, $body, $headers) = $result;
 
diff --git a/src/future/aws/PhutilAWSS3Future.php b/src/future/aws/PhutilAWSS3Future.php
--- a/src/future/aws/PhutilAWSS3Future.php
+++ b/src/future/aws/PhutilAWSS3Future.php
@@ -63,4 +63,8 @@
     return parent::didReceiveResult($result);
   }
 
+  protected function shouldSignContent() {
+    return true;
+  }
+
 }
diff --git a/src/future/aws/PhutilAWSv4Signature.php b/src/future/aws/PhutilAWSv4Signature.php
--- a/src/future/aws/PhutilAWSv4Signature.php
+++ b/src/future/aws/PhutilAWSv4Signature.php
@@ -5,6 +5,7 @@
   private $accessKey;
   private $secretKey;
   private $signingKey;
+  private $signContent;
 
   private $date;
 
@@ -68,6 +69,15 @@
     return 'AWS4-HMAC-SHA256';
   }
 
+  public function setSignContent($sign_content) {
+    $this->signContent = $sign_content;
+    return $this;
+  }
+
+  public function getSignContent() {
+    return $this->signContent;
+  }
+
   private function getHost(HTTPSFuture $future) {
     $uri = new PhutilURI($future->getURI());
     return $uri->getDomain();
@@ -81,7 +91,10 @@
   public function signRequest(HTTPSFuture $future) {
     $body_signature = $this->getBodySignature($future);
 
-    $future->addHeader('X-Amz-Content-sha256', $body_signature);
+    if ($this->getSignContent()) {
+      $future->addHeader('X-Amz-Content-sha256', $body_signature);
+    }
+
     $future->addHeader('X-Amz-Date', $this->getDate());
 
     $request_signature = $this->getCanonicalRequestSignature(
diff --git a/src/future/aws/__tests__/PhutilAWSv4SignatureTestCase.php b/src/future/aws/__tests__/PhutilAWSv4SignatureTestCase.php
--- a/src/future/aws/__tests__/PhutilAWSv4SignatureTestCase.php
+++ b/src/future/aws/__tests__/PhutilAWSv4SignatureTestCase.php
@@ -19,6 +19,7 @@
     $signature = id(new PhutilAWSv4Signature())
       ->setAccessKey($access_key)
       ->setSecretKey(new PhutilOpaqueEnvelope($secret_key))
+      ->setSignContent(true)
       ->setDate($date)
       ->setRegion($region)
       ->setService($service);
@@ -55,6 +56,7 @@
     $signature = id(new PhutilAWSv4Signature())
       ->setAccessKey($access_key)
       ->setSecretKey(new PhutilOpaqueEnvelope($secret_key))
+      ->setSignContent(true)
       ->setDate($date)
       ->setRegion($region)
       ->setService($service);
@@ -88,6 +90,7 @@
     $signature = id(new PhutilAWSv4Signature())
       ->setAccessKey($access_key)
       ->setSecretKey(new PhutilOpaqueEnvelope($secret_key))
+      ->setSignContent(true)
       ->setDate($date)
       ->setRegion($region)
       ->setService($service);
@@ -121,6 +124,7 @@
     $signature = id(new PhutilAWSv4Signature())
       ->setAccessKey($access_key)
       ->setSecretKey(new PhutilOpaqueEnvelope($secret_key))
+      ->setSignContent(true)
       ->setDate($date)
       ->setRegion($region)
       ->setService($service);
@@ -138,6 +142,38 @@
     $this->assertSignature($expect, $future);
   }
 
+  public function testAWSv4SignaturesVanillaQuery() {
+    $access_key = 'AKIDEXAMPLE';
+    $secret_key = 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY';
+    $date = '20150830T123600Z';
+    $region = 'us-east-1';
+    $service = 'service';
+    $uri = 'https://example.amazonaws.com/?Param2=value2&Param1=value1';
+    $method = 'GET';
+
+    $future = id(new HTTPSFuture($uri))
+      ->setMethod($method);
+
+    $signature = id(new PhutilAWSv4Signature())
+      ->setAccessKey($access_key)
+      ->setSecretKey(new PhutilOpaqueEnvelope($secret_key))
+      ->setSignContent(false)
+      ->setDate($date)
+      ->setRegion($region)
+      ->setService($service);
+
+    $signature->signRequest($future);
+
+    $expect = <<<EOSIGNATURE
+AWS4-HMAC-SHA256
+
+Credential=AKIDEXAMPLE/20150830/us-east-1/service/aws4_request,
+SignedHeaders=host;x-amz-date,
+Signature=b97d918cfa904a5beff61c982a1b6f458b799221646efd99d3219ec94cdf2500
+EOSIGNATURE;
+
+    $this->assertSignature($expect, $future);
+  }
 
   private function assertSignature($expect, HTTPSFuture $signed) {
     $authorization = null;