diff --git a/src/Fs.php b/src/Fs.php
index 526b88d..f141c0f 100644
--- a/src/Fs.php
+++ b/src/Fs.php
@@ -50,6 +50,10 @@ class Fs extends FlysystemFs
     public const STORAGE_REDUCED_REDUNDANCY = 'REDUCED_REDUNDANCY';
     public const STORAGE_STANDARD_IA = 'STANDARD_IA';
 
+    protected const SERVER_SIDE_ENCRYPTION = [
+        'S3_MANAGED' => 'AES256',
+    ];
+
     /**
      * Cache key to use for caching purposes
      */
@@ -145,6 +149,11 @@ public static function displayName(): string
      */
     protected array $pathsToInvalidate = [];
 
+    /**
+     * @var string The server-side encryption header to use for storing the object in S3. ('' or 'S3_MANAGED').
+     */
+    public string $serverSideEncryption = '';
+
     // Public Methods
     // =========================================================================
 
@@ -181,6 +190,7 @@ public function behaviors(): array
                 'subfolder',
                 'cfDistributionId',
                 'cfPrefix',
+                'serverSideEncryption'
             ],
         ];
         return $behaviors;
@@ -281,7 +291,14 @@ public function getRootUrl(): ?string
     protected function createAdapter(): FilesystemAdapter
     {
         $client = static::client($this->_getConfigArray(), $this->_getCredentials());
-        return new AwsS3V3Adapter($client, Craft::parseEnv($this->bucket), $this->_subfolder(), new PortableVisibilityConverter($this->visibility()), null, [], false);
+
+        $forwardedOptions = [];
+
+        if (array_key_exists($this->serverSideEncryption, self::SERVER_SIDE_ENCRYPTION)) {
+            $forwardedOptions['ServerSideEncryption'] = self::SERVER_SIDE_ENCRYPTION[$this->serverSideEncryption];
+        }
+
+        return new AwsS3V3Adapter($client, Craft::parseEnv($this->bucket), $this->_subfolder(), new PortableVisibilityConverter($this->visibility()), null, $forwardedOptions, false);
     }
 
     /**
@@ -363,10 +380,10 @@ public function purgeQueuedPaths(): void
                         'DistributionId' => Craft::parseEnv($this->cfDistributionId),
                         'InvalidationBatch' => [
                             'Paths' =>
-                                [
-                                    'Quantity' => count($items),
-                                    'Items' => $items,
-                                ],
+                            [
+                                'Quantity' => count($items),
+                                'Items' => $items,
+                            ],
                             'CallerReference' => 'Craft-' . StringHelper::randomString(24),
                         ],
                     ]
diff --git a/src/templates/fsSettings.html b/src/templates/fsSettings.html
index 9143eae..004ebda 100644
--- a/src/templates/fsSettings.html
+++ b/src/templates/fsSettings.html
@@ -176,4 +176,23 @@
     errors: fs.getErrors('cfPrefix')
 }) }}
 
+{% set sseInput %}
+    {{ forms.select({
+        name: 'serverSideEncryption',
+        options: [
+            { label: 'None', value: '' },
+            { label: 'S3 Managed', value: 'S3_MANAGED' }
+        ],
+        value: fs.serverSideEncryption
+    }) }}
+{% endset %}
+
+{{ forms.field({
+    label: "Server-side encryption"|t('aws-s3'),
+    id: 'serverSideEncryption',
+    instructions: "Specifies which type of server-side encryption the object must be stored with in S3.",
+    required: false,
+    errors: fs.getErrors('serverSideEncryption'),
+}, sseInput) }}
+
 {% do view.registerAssetBundle("craft\\awss3\\AwsS3Bundle") %}