diff --git a/.changeset/wicked-lions-repeat.md b/.changeset/wicked-lions-repeat.md
new file mode 100644
index 0000000000..c48545c6bc
--- /dev/null
+++ b/.changeset/wicked-lions-repeat.md
@@ -0,0 +1,6 @@
+---
+'@techdocs/cli': minor
+'@backstage/plugin-techdocs-node': minor
+---
+
+Added support for an HTTPS proxy for techdocs AWS S3 requests
diff --git a/packages/techdocs-cli/cli-report.md b/packages/techdocs-cli/cli-report.md
index 846ccc88ca..556068de85 100644
--- a/packages/techdocs-cli/cli-report.md
+++ b/packages/techdocs-cli/cli-report.md
@@ -77,6 +77,7 @@ Options:
   --azureAccountKey <AZURE ACCOUNT KEY>
   --awsRoleArn <AWS ROLE ARN>
   --awsEndpoint <AWS ENDPOINT>
+  --awsProxy <HTTPS Proxy>
   --awsS3sse <AWS SSE>
   --awsS3ForcePathStyle
   --awsBucketRootPath <AWS BUCKET ROOT PATH>
diff --git a/packages/techdocs-cli/src/commands/index.ts b/packages/techdocs-cli/src/commands/index.ts
index 102e6d87de..98816a6b32 100644
--- a/packages/techdocs-cli/src/commands/index.ts
+++ b/packages/techdocs-cli/src/commands/index.ts
@@ -173,6 +173,10 @@ export function registerCommands(program: Command) {
       '--awsEndpoint <AWS ENDPOINT>',
       'Optional AWS endpoint to send requests to.',
     )
+    .option(
+      '--awsProxy <HTTPS Proxy>',
+      'Optional Proxy to use for AWS requests.',
+    )
     .option('--awsS3sse <AWS SSE>', 'Optional AWS S3 Server Side Encryption.')
     .option(
       '--awsS3ForcePathStyle',
diff --git a/packages/techdocs-cli/src/lib/PublisherConfig.ts b/packages/techdocs-cli/src/lib/PublisherConfig.ts
index 0ef6b66eaf..803e40308b 100644
--- a/packages/techdocs-cli/src/lib/PublisherConfig.ts
+++ b/packages/techdocs-cli/src/lib/PublisherConfig.ts
@@ -94,6 +94,7 @@ export class PublisherConfig {
         ...(opts.awsEndpoint && { endpoint: opts.awsEndpoint }),
         ...(opts.awsS3ForcePathStyle && { s3ForcePathStyle: true }),
         ...(opts.awsS3sse && { sse: opts.awsS3sse }),
+        ...(opts.awsProxy && { httpsProxy: opts.awsProxy }),
       },
     };
   }
diff --git a/plugins/techdocs-node/package.json b/plugins/techdocs-node/package.json
index 4f458c4fff..2b9e74a359 100644
--- a/plugins/techdocs-node/package.json
+++ b/plugins/techdocs-node/package.json
@@ -42,6 +42,7 @@
     "@aws-sdk/client-s3": "^3.208.0",
     "@aws-sdk/credential-providers": "^3.208.0",
     "@aws-sdk/lib-storage": "^3.208.0",
+    "@aws-sdk/node-http-handler": "^3.208.0",
     "@aws-sdk/types": "^3.208.0",
     "@azure/identity": "^2.1.0",
     "@azure/storage-blob": "^12.5.0",
@@ -58,6 +59,7 @@
     "express": "^4.17.1",
     "fs-extra": "10.1.0",
     "git-url-parse": "^13.0.0",
+    "hpagent": "^1.2.0",
     "js-yaml": "^4.0.0",
     "json5": "^2.1.3",
     "mime-types": "^2.1.27",
diff --git a/plugins/techdocs-node/src/stages/publish/awsS3.ts b/plugins/techdocs-node/src/stages/publish/awsS3.ts
index 6b528cfd30..679e9bf7c9 100644
--- a/plugins/techdocs-node/src/stages/publish/awsS3.ts
+++ b/plugins/techdocs-node/src/stages/publish/awsS3.ts
@@ -32,8 +32,10 @@ import {
   S3Client,
 } from '@aws-sdk/client-s3';
 import { fromTemporaryCredentials } from '@aws-sdk/credential-providers';
+import { NodeHttpHandler } from '@aws-sdk/node-http-handler';
 import { Upload } from '@aws-sdk/lib-storage';
 import { AwsCredentialIdentityProvider } from '@aws-sdk/types';
+import { HttpsProxyAgent } from 'hpagent';
 import express from 'express';
 import fs from 'fs-extra';
 import JSON5 from 'json5';
@@ -150,6 +152,11 @@ export class AwsS3Publish implements PublisherBase {
       'techdocs.publisher.awsS3.endpoint',
     );
 
+    // AWS HTTPS proxy is an optional config. If missing, no proxy is used
+    const httpsProxy = config.getOptionalString(
+      'techdocs.publisher.awsS3.httpsProxy',
+    );
+
     // AWS forcePathStyle is an optional config. If missing, it defaults to false. Needs to be enabled for cases
     // where endpoint url points to locally hosted S3 compatible storage like Localstack
     const forcePathStyle = config.getOptionalBoolean(
@@ -162,6 +169,11 @@ export class AwsS3Publish implements PublisherBase {
       ...(region && { region }),
       ...(endpoint && { endpoint }),
       ...(forcePathStyle && { forcePathStyle }),
+      ...(httpsProxy && {
+        requestHandler: new NodeHttpHandler({
+          httpsAgent: new HttpsProxyAgent({ proxy: httpsProxy }),
+        }),
+      }),
     });
 
     const legacyPathCasing =
diff --git a/yarn.lock b/yarn.lock
index 544b7beec4..934bf0d7e0 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1211,7 +1211,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@aws-sdk/node-http-handler@npm:3.272.0":
+"@aws-sdk/node-http-handler@npm:3.272.0, @aws-sdk/node-http-handler@npm:^3.208.0":
   version: 3.272.0
   resolution: "@aws-sdk/node-http-handler@npm:3.272.0"
   dependencies:
@@ -8516,6 +8516,7 @@ __metadata:
     "@aws-sdk/client-s3": ^3.208.0
     "@aws-sdk/credential-providers": ^3.208.0
     "@aws-sdk/lib-storage": ^3.208.0
+    "@aws-sdk/node-http-handler": ^3.208.0
     "@aws-sdk/types": ^3.208.0
     "@azure/identity": ^2.1.0
     "@azure/storage-blob": ^12.5.0
@@ -8540,6 +8541,7 @@ __metadata:
     express: ^4.17.1
     fs-extra: 10.1.0
     git-url-parse: ^13.0.0
+    hpagent: ^1.2.0
     js-yaml: ^4.0.0
     json5: ^2.1.3
     mime-types: ^2.1.27