The server_side_encryption_configuration attribute is deprecated. See aws_s3_bucket_server_side_encryption_configuration for examples with server side encryption configured.

なので、SSEは別ブロックで対応する。

デフォルトだとこういう感じな書き方。

resource "aws_s3_bucket_server_side_encryption_configuration" "sse" {
  bucket = xxxxxxxxxxxxxxxxxxxxxxxxxxxx

  rule {
    bucket_key_enabled = true
    apply_server_side_encryption_by_default {
      sse_algorithm = "AES256"
    }
  }
}

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration