diff --git a/changelogs/fragments/aws_s3_decryption_fix.yaml b/changelogs/fragments/aws_s3_decryption_fix.yaml
new file mode 100644
index 0000000000..27034e8504
--- /dev/null
+++ b/changelogs/fragments/aws_s3_decryption_fix.yaml
@@ -0,0 +1,3 @@
+---
+bugfixes:
+- fix decrypting vault files for the aws_s3 module (https://github.com/ansible/ansible/pull/39634)
diff --git a/lib/ansible/plugins/action/aws_s3.py b/lib/ansible/plugins/action/aws_s3.py
index 860fb96aec..a2ee822ad3 100644
--- a/lib/ansible/plugins/action/aws_s3.py
+++ b/lib/ansible/plugins/action/aws_s3.py
@@ -47,7 +47,7 @@ class ActionModule(ActionBase):
                 # For backward compatibility check if the file exists on the remote; it should take precedence
                 if not self._remote_file_exists(source):
                     try:
-                        source = self._loader.get_real_file(self._find_needle('files', source))
+                        source = self._loader.get_real_file(self._find_needle('files', source), decrypt=False)
                         new_module_args['src'] = source
                     except AnsibleFileNotFound as e:
                         # module handles error message for nonexistent files