diff --git a/data/yam/agama/auto/lib/storage.libsonnet b/data/yam/agama/auto/lib/storage.libsonnet
index c753715839fa..2833799ba807 100644
--- a/data/yam/agama/auto/lib/storage.libsonnet
+++ b/data/yam/agama/auto/lib/storage.libsonnet
@@ -1,5 +1,5 @@
 {
-  lvm: {
+  lvm(encryption=false): {
     drives: [
       {
         alias: 'pvs-disk',
@@ -12,13 +12,15 @@
       {
         name: 'system',
         physicalVolumes: [
-          { generate: ['pvs-disk'] },
+          { generate: ['pvs-disk'],
+            [if encryption == true then 'encryption']: { luks2: { password: "nots3cr3t" } }
+          },
         ],
         logicalVolumes: [
           { generate: 'default' },
         ],
       },
-    ],
+    ]
   },
   root_filesystem_ext4: {
     drives: [
diff --git a/data/yam/agama/auto/template.jsonnet b/data/yam/agama/auto/template.jsonnet
index ff02908b3eb5..6645950c6b5a 100644
--- a/data/yam/agama/auto/template.jsonnet
+++ b/data/yam/agama/auto/template.jsonnet
@@ -1,13 +1,13 @@
 local lib = import 'lib/base.libsonnet';
 
-function(storage='default', product='SLES', scripts='default') {
+function(storage='default', product='SLES', scripts='default', encryption=false) {
   product: lib.getProduct(product),
   user: lib['user'],
   root: lib['root'],
   [if scripts == 'multipath' then 'scripts']: lib.scripts['multipath'],
   [if scripts == 'default' then 'scripts']: lib.scripts['default'],
 
-  [if storage == 'lvm' then 'storage']: lib.storage['lvm'],
+  [if storage == 'lvm' then 'storage']: lib.storage.lvm(encryption),
   [if storage == 'root_filesystem_ext4' then 'storage']: lib.storage['root_filesystem_ext4'],
   [if storage == 'root_filesystem_xfs' then 'storage']: lib.storage['root_filesystem_xfs'],
 }