MOVEit Automation Web Admin Help

Amazon S3 Host Field Descriptions

Save PDF

Amazon S3 Host Field Descriptions

Save PDF

Last Updated: May 18, 2026
2 minute read

MOVEit Automation
Version 2026
Documentation

Prerequisites: To use an Amazon S3 host with MOVEit Automation, you must apply the following permissions for the S3 bucket to the user:

PutObject
GetObject
ListAllMyBuckets (only required to Browse to the Default Bucket Name)
AbortMultipartUpload
ListBucket
DeleteObject
ListMultipartUploadParts
GetBucketLocation

To access this dialog box:

Select HOST > Add Host > Amazon S3

When you create the host, you can set the following properties. To set additional properties, edit the host.

Amazon S3 hosts use virtual addressing, where the bucket name is part of the domain name. For example, https://bucket-name.s3.amazonaws.com

For more information, see Amazon S3 - Additional Properties.

Note: The host's properties page shows the configured settings for each property area. To view all possible settings, click Edit.

Alternate storage provider S3 host (Only available with Access Keys authentication)

MOVEit Automation administrators can create hosts at alternate storage providers that utilize the S3 protocol.

If you select Use alternate S3 provider, this uses non-virtual addressing, where the bucket name is part of the path. For example, https://s3.amazonaws.com/bucket-name

Compatible storage providers must provide the following minimum elements:

An S3 compatible API
The same security mechanism (key, secret)

Note: Alternate S3 storage providers may have different names for the required permissions, and the Access Key ID and Secret Access Key. Consult the vendor documentation for details.

Amazon S3 Host Field

Description

General

Friendly Name

A name for the host. The name you specify appears in the MOVEit Automation user interface.

Description

Optional. Description of the host. This field is informational only, and does not affect the operation of the host.

Authentication

Select Access Keys, AWS Config File, or EC2 Instance Role (IMDS). For more information about each authentication method, see Amazon S3 Authentication.


Access Keys	Access Key ID: The access key ID for your AWS environment. Secret Access Key: The secret access key for your AWS environment.
AWS Config File	Profile Name: The name of the profile in the AWS configuration file used for authentication. Different Amazon S3 hosts can reference different profiles within the same config file. If no profile name is entered for the AWS config file authentication method, the system will use the default profile as supported by Amazon. Note: MOVEit Automation reads the AWS config file at runtime to obtain credentials. Ensure this file is secured and accessible by the account MOVEit Automation runs under.
EC2 Instance Role (IMDS)	Uses credentials provided by the EC2 Instance Metadata Service (IMDS). Note: MOVEit Automation supports both IMDSv1 and IMDSv2. IMDSv2 is strongly recommended due to enhanced security protections. Important: When using EC2 Instance Role authentication, the IAM role should be limited to the minimum Amazon S3 permissions required, such as: `s3:GetObject`, `s3:PutObject`, `s3:DeleteObject` on the target bucket(s) `s3:ListBucket` on the target bucket(s) Avoid granting broad permissions unless explicitly necessary.

Use alternate S3 provider

(Only available with Access Keys authentication)

Check to select a host at an alternate storage provider that utilizes the S3 protocol. This uses the non-virtual addressing mode

URL

The URL of the alternate storage provider.

The URL protocol is based on the Secure Connection with TLS. If secure communication is enabled, the protocol is https://, if secure communication is not enabled, the protocol is http ://

Proxy Server

Type

Type of proxy server with which MOVEit Automation communicates. Available proxy types: None, HTTP, and HTTPS. Default is None.

Hostname/IP Address

The full hostname or IP address of the proxy server to which you want to connect.

Port

The TCP Port of the proxy server.

Username, Password

The credentials for proxy server authentication.

Default Bucket Name

The Default Bucket is applied to the sources and destinations of tasks using this Amazon S3 host.

Note: You can override the host's default bucket name in task sources and destinations.

Secure Connection with TLS

Check to enable secure communication between MOVEit Automation and the remote host.

Test

Click to test your connection.

For more information, see Tests Performed on Hosts.

Note: Amazon Web Services (AWS) uses the Access Key ID and Secret Access Key information from your Amazon.com account to identify you and allow access to AWS. The Access Key ID and Secret Access Key are not the same as the user name and password that you use to access the AWS console. You can create new or access existing AWS access IDs and access keys from the AWS Console. If the Use alternate S3 provider check box is not selected, MOVEit Automation automatically routes to the Amazon endpoint based on the Access Key ID and Secret Access Key. A URL is not required.