diff --git a/docs/providers/aws/guide/serverless.yml.md b/docs/providers/aws/guide/serverless.yml.md
index 4cc755f48..1a44a8e0e 100644
--- a/docs/providers/aws/guide/serverless.yml.md
+++ b/docs/providers/aws/guide/serverless.yml.md
@@ -37,6 +37,9 @@ provider:
   deploymentBucket:
     name: com.serverless.${self:provider.region}.deploys # Deployment bucket name. Default is generated by the framework
     serverSideEncryption: AES256 # when using server-side encryption
+    tags: # Tags that will be added to each of the deployment resources
+      key1: value1
+      key2: value2
   deploymentPrefix: serverless # The S3 prefix under which deployed artifacts should be stored. Default is serverless
   role: arn:aws:iam::XXXXXX:role/role # Overwrite the default IAM role which is used for all functions
   cfnRole: arn:aws:iam::XXXXXX:role/role # ARN of an IAM role for CloudFormation service. If specified, CloudFormation uses the role's credentials
diff --git a/docs/providers/aws/guide/services.md b/docs/providers/aws/guide/services.md
index 6f6c79535..6d2618014 100644
--- a/docs/providers/aws/guide/services.md
+++ b/docs/providers/aws/guide/services.md
@@ -109,6 +109,9 @@ provider:
   deploymentBucket:
     name: com.serverless.${self:provider.region}.deploys # Overwrite the default deployment bucket
     serverSideEncryption: AES256 # when using server-side encryption
+    tags: # Tags that will be added to each of the deployment resources
+      key1: value1
+      key2: value2
   deploymentPrefix: serverless # Overwrite the default S3 prefix under which deployed artifacts should be stored. Default is serverless
   versionFunctions: false # Optional function versioning
   stackTags: # Optional CF stack tags
diff --git a/lib/plugins/aws/package/lib/generateCoreTemplate.js b/lib/plugins/aws/package/lib/generateCoreTemplate.js
index 47be04c97..3f99b2060 100644
--- a/lib/plugins/aws/package/lib/generateCoreTemplate.js
+++ b/lib/plugins/aws/package/lib/generateCoreTemplate.js
@@ -24,6 +24,24 @@ module.exports = {
       );
 
     const bucketName = this.serverless.service.provider.deploymentBucket;
+
+    // resource tags support for deployment bucket
+    const deploymentBucketObject = this.serverless.service.provider.deploymentBucketObject;
+    if (!_.isEmpty(deploymentBucketObject) && !_.isEmpty(deploymentBucketObject.tags)) {
+      const tags = deploymentBucketObject.tags;
+      const deploymentBucketLogicalId = this.provider.naming.getDeploymentBucketLogicalId();
+
+      const bucketTags = _.map(_.keys(tags), (key) => ({
+        Key: key,
+        Value: tags[key],
+      }));
+
+      Object.assign(this.serverless.service.provider.compiledCloudFormationTemplate
+        .Resources[deploymentBucketLogicalId].Properties, {
+          Tags: bucketTags,
+        });
+    }
+
     const isS3TransferAccelerationSupported = this.provider.isS3TransferAccelerationSupported();
     const isS3TransferAccelerationEnabled = this.provider.isS3TransferAccelerationEnabled();
     const isS3TransferAccelerationDisabled = this.provider.isS3TransferAccelerationDisabled();
diff --git a/lib/plugins/aws/package/lib/generateCoreTemplate.test.js b/lib/plugins/aws/package/lib/generateCoreTemplate.test.js
index ba46b9647..177693e10 100644
--- a/lib/plugins/aws/package/lib/generateCoreTemplate.test.js
+++ b/lib/plugins/aws/package/lib/generateCoreTemplate.test.js
@@ -72,6 +72,41 @@ describe('#generateCoreTemplate()', () => {
       });
   });
 
+  it('should add resource tags to the bucket if present', () => {
+    const deploymentBucketObject = {
+      tags: {
+        FOO: 'bar',
+        BAZ: 'qux',
+      },
+    };
+
+    awsPlugin.serverless.service.provider.deploymentBucketObject = deploymentBucketObject;
+
+    return expect(awsPlugin.generateCoreTemplate()).to.be.fulfilled.then(() => {
+      expect(
+        awsPlugin.serverless.service.provider.compiledCloudFormationTemplate
+          .Resources.ServerlessDeploymentBucket
+      ).to.be.deep.equal({
+        Type: 'AWS::S3::Bucket',
+        Properties: {
+          BucketEncryption: {
+            ServerSideEncryptionConfiguration: [
+              {
+                ServerSideEncryptionByDefault: {
+                  SSEAlgorithm: 'AES256',
+                },
+              },
+            ],
+          },
+          Tags: [
+            { Key: 'FOO', Value: 'bar' },
+            { Key: 'BAZ', Value: 'qux' },
+          ],
+        },
+      });
+    });
+  });
+
   it('should use a custom bucket if specified, even with S3 transfer acceleration', () => {
     const bucketName = 'com.serverless.deploys';