diff --git a/main.tf b/main.tf
index 78ec8df3..cd0e295b 100644
--- a/main.tf
+++ b/main.tf
@@ -175,6 +175,7 @@ resource "aws_s3_object" "lambda_package" {
   storage_class = var.s3_object_storage_class
 
   server_side_encryption = var.s3_server_side_encryption
+  kms_key_id             = var.s3_kms_key_id
 
   tags = var.s3_object_tags_only ? var.s3_object_tags : merge(var.tags, var.s3_object_tags)
 
diff --git a/variables.tf b/variables.tf
index a3215394..ad0541d7 100644
--- a/variables.tf
+++ b/variables.tf
@@ -678,6 +678,12 @@ variable "s3_server_side_encryption" {
   default     = null
 }
 
+variable "s3_kms_key_id" {
+  description = "Specifies a custom KMS key to use for S3 object encryption."
+  type        = string
+  default     = null
+}
+
 variable "source_path" {
   description = "The absolute path to a local file or directory containing your Lambda source code"
   type        = any # string | list(string | map(any))