diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 000000000..5b64495ab
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,54 @@
+# CHANGELOG
+Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
+
+## [Unreleased]
+### Added
+- Add release details to releasing.md ([319](https://github.com/opensearch-project/opensearch-js/pull/319))
+- Allow overriding the aws service identifier in AwsSigv4Signer ([333](https://github.com/opensearch-project/opensearch-js/pull/333))
+- Added skip-changelog label ([339](https://github.com/opensearch-project/opensearch-js/pull/339))
+- Added jsdoc for documentation generation ([#335](https://github.com/opensearch-project/opensearch-js/issues/335))
+- Documented Transport#request ([#335](https://github.com/opensearch-project/opensearch-js/issues/335))
+- Documented all API methods ([#335](https://github.com/opensearch-project/opensearch-js/issues/335))
+- Added point in time APIs ([#348](https://github.com/opensearch-project/opensearch-js/pull/348))
+- Added support for Amazon OpenSearch Serverless ([#356](https://github.com/opensearch-project/opensearch-js/issues/356))
+
+### Dependencies
+- Bumps `xmlbuilder2` from 2.4.1 to 3.0.2
+- Bumps `minimatch` from 3.0.4 to 3.1.2
+- Bumps `eslint` from 8.30.0 to 8.32.0
+- Bumps `eslint` from 7.32.0 to 8.32.0
+- Replaced `babel-eslint` with `@babel/eslint-parser`
+- Bumps `eslint-plugin-prettier` from 4.0.0 to 4.2.1
+- Bumps `minimist` from 1.2.6 to 1.2.7
+- Bumps `@aws-sdk/types` from 3.190.0 to 3.226.0
+- Bumps `json5` from 2.2.0 to 2.2.3
+- Bumps `split2` from 3.2.2 to 4.1.0
+- Bumps `@types/node` from 15.14.7 to 18.11.18
+- Bumps `prettier` from 2.7.1 to 2.8.3
+- Bumps `hpagent` from 0.1.2 to 1.2.0
+- Bumps `eslint-config-prettier` from 8.5.0 to 8.6.0
+- Bumps `rimraf` from 3.0.2 to 4.1.1
+
+### Dependencies
+### Changed
+- Remove test artifacts from gh_pages workflow ([#335](https://github.com/opensearch-project/opensearch-js/issues/335))
+### Deprecated
+### Removed
+### Fixed
+### Security
+- [CVE-2022-25912] Bumps simple-git from 3.4.0 to 3.15.0 ([#341](https://github.com/opensearch-project/opensearch-js/pull/341))
+
+## [2.1]
+### Added
+- Github workflow for changelog verification ([#306](https://github.com/opensearch-project/opensearch-js/pull/306))
+- Add GitHub and Jenkins release workflow ([#317](https://github.com/opensearch-project/opensearch-js/pull/317))
+
+### Dependencies
+- Bumps `tsd` from 0.22.0 to 0.24.1
+- Bumps `semver` from 7.3.7 to 7.3.8
+
+### Fixed
+- Fix mutability of connection headers ([#291](https://github.com/opensearch-project/opensearch-js/issues/291))
+
+[2.1]: https://github.com/opensearch-project/opensearch-js/releases/tag/2.1.0
+[Unreleased]: https://github.com/opensearch-project/opensearch-js/compare/2.1...HEAD
diff --git a/lib/aws/AwsSigv4Signer.js b/lib/aws/AwsSigv4Signer.js
index 7e0c7c614..e90739f25 100644
--- a/lib/aws/AwsSigv4Signer.js
+++ b/lib/aws/AwsSigv4Signer.js
@@ -14,6 +14,7 @@ const Connection = require('../Connection');
 const Transport = require('../Transport');
 const aws4 = require('aws4');
 const AwsSigv4SignerError = require('./errors');
+const crypto = require('crypto');
 
 function AwsSigv4Signer(opts) {
   const credentialsState = {
@@ -31,7 +32,12 @@ function AwsSigv4Signer(opts) {
     request.region = opts.region;
     request.headers = request.headers || {};
     request.headers['host'] = request.hostname;
-    return aws4.sign(request, credentialsState.credentials);
+    const signed = aws4.sign(request, credentialsState.credentials);
+    signed.headers['x-amz-content-sha256'] = crypto
+      .createHash('sha256')
+      .update(request.body || '', 'utf8')
+      .digest('hex');
+    return signed;
   }
 
   class AwsSigv4SignerConnection extends Connection {
diff --git a/test/unit/lib/aws/awssigv4signer.test.js b/test/unit/lib/aws/awssigv4signer.test.js
index c895c4915..95161ac4a 100644
--- a/test/unit/lib/aws/awssigv4signer.test.js
+++ b/test/unit/lib/aws/awssigv4signer.test.js
@@ -17,7 +17,7 @@ const { Connection } = require('../../../../index');
 const { Client, buildServer } = require('../../../utils');
 
 test('Sign with SigV4', (t) => {
-  t.plan(2);
+  t.plan(4);
 
   const mockCreds = {
     accessKeyId: uuidv4(),
@@ -51,6 +51,11 @@ test('Sign with SigV4', (t) => {
   const signedRequest = auth.buildSignedRequestObject(request);
   t.hasProp(signedRequest.headers, 'X-Amz-Date');
   t.hasProp(signedRequest.headers, 'Authorization');
+  t.same(
+    signedRequest.headers['x-amz-content-sha256'],
+    'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
+  );
+  t.same(signedRequest.service, 'es');
 });
 
 test('Sign with SigV4 failure (with empty region)', (t) => {