diff --git a/project-x-infra-live/development/us-gov-east-1/vpc/platform-test-x/eks-kiali.disable/terragrunt.hcl.disable b/project-x-infra-live/development/us-gov-east-1/vpc/platform-test-x/eks-kiali.disable/terragrunt.hcl
similarity index 100%
rename from project-x-infra-live/development/us-gov-east-1/vpc/platform-test-x/eks-kiali.disable/terragrunt.hcl.disable
rename to project-x-infra-live/development/us-gov-east-1/vpc/platform-test-x/eks-kiali.disable/terragrunt.hcl
diff --git a/project-x-infra-live/terragrunt.hcl b/project-x-infra-live/terragrunt.hcl
index 1c510ae..504e9d4 100644
--- a/project-x-infra-live/terragrunt.hcl
+++ b/project-x-infra-live/terragrunt.hcl
@@ -83,14 +83,17 @@ remote_state {
     if_exists = "overwrite_terragrunt"
   }
   config = {
-    bucket                   = "${local.state_bucket_prefix}-${local.account_id}"
-    dynamodb_table           = "${local.state_table_name}"
-    key                      = "${trimprefix(replace(run_cmd("realpath", get_original_terragrunt_dir()), dirname(get_repo_root()), ""), "/")}"
-    profile                  = "${local.profile}"
-    region                   = "${local.region}"
-    skip_bucket_enforced_tls = true
-    skip_bucket_root_access  = true
-    skip_bucket_ssencryption = true
+    bucket                             = "${local.state_bucket_prefix}-${local.account_id}"
+    dynamodb_table                     = "${local.state_table_name}"
+    key                                = "${trimprefix(replace(run_cmd("realpath", get_original_terragrunt_dir()), dirname(get_repo_root()), ""), "/")}/terraform.tfstate"
+    profile                            = "${local.profile}"
+    region                             = "${local.region}"
+    skip_bucket_enforced_tls           = true # use only if you need to access the S3 bucket without TLS being enforced
+    skip_bucket_public_access_blocking = true
+    skip_bucket_root_access            = true  # use only if the AWS account root user should not have access to the remote state bucket for some reason
+    skip_bucket_ssencryption           = true # use only if non-encrypted OpenTofu/Terraform State is required and/or the object store does not support server-side encryption
+    skip_bucket_versioning             = false # use only if the object store does not support versioning
+    enable_lock_table_ssencryption     = false # use only if non-encrypted DynamoDB Lock Table for the OpenTofu/Terraform State is required and/or the NoSQL database service does not support server-side encryption
   }
 }