From bc26507ccd40c3713006777f0aed1f16951be8ac Mon Sep 17 00:00:00 2001
From: Garland Kan <garland@managedkube.com>
Date: Fri, 11 Feb 2022 06:29:39 -0800
Subject: [PATCH] MSK CRL enable (#253)

* MSK CRL enable

* Removing comments
---
 terraform-modules/aws/msk/main.tf | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/terraform-modules/aws/msk/main.tf b/terraform-modules/aws/msk/main.tf
index 5b7b1a2fc..195f23eb5 100644
--- a/terraform-modules/aws/msk/main.tf
+++ b/terraform-modules/aws/msk/main.tf
@@ -103,9 +103,7 @@ resource "aws_acmpca_certificate_authority" "this" {
   revocation_configuration {
     crl_configuration {
       custom_cname       = "crl.${var.common_name}"
-      # Disabling the CRL b/c the S3 bucket requirements are weird.  When creating the CA resource
-      # it keeps on complaining about the S3 bucket permissions is not set correctly.
-      enabled            = false
+      enabled            = true
       expiration_in_days = var.expiration_in_days
       s3_bucket_name     = aws_s3_bucket.this.id
     }