Which AWS service or feature enables users to encrypt data at rest in Amazon S3?

Explanations:

IAM policies are used for managing access permissions to AWS resources but do not provide encryption for data at rest.

Server-side encryption in Amazon S3 automatically encrypts data at rest using various encryption keys, ensuring the data is secured while stored.

Amazon GuardDuty is a threat detection service that monitors for malicious activity but does not encrypt data at rest.

Client-side encryption involves encrypting data before it is sent to Amazon S3, but it is not a built-in AWS feature like server-side encryption.