diff --git a/cli/cmd/content_library_internal_test.go b/cli/cmd/content_library_internal_test.go
index 1b22fb780..d52f02856 100644
--- a/cli/cmd/content_library_internal_test.go
+++ b/cli/cmd/content_library_internal_test.go
@@ -311,7 +311,7 @@ func TestLoadLCLNotFound(t *testing.T) {
 	_, err := cli.LoadLCL()
 	assert.Equal(
 		t,
-		"unable to load Lacework Content Library: component not installed",
+		"unable to load Lacework Content Library: Lacework Content Library is not installed",
 		err.Error(),
 	)
 }
diff --git a/integration/aws_generation_test.go b/integration/aws_generation_test.go
index 911b0906f..b5028af54 100644
--- a/integration/aws_generation_test.go
+++ b/integration/aws_generation_test.go
@@ -159,6 +159,8 @@ func TestGenerationAwsNoninteractive(t *testing.T) {
 		aws.WithCloudtrailUseExistingTrail(true),
 		aws.WithCloudtrailName(cloudtrailName),
 		aws.WithExistingCloudtrailBucketArn(s3BucketArn),
+		aws.WithBucketEncryptionEnabled(true),
+		aws.WithBucketSSEKeyArn(kmsArn),
 		aws.WithCloudtrailUseExistingSNSTopic(true),
 		aws.WithExistingSnsTopicArn(snsTopicArn),
 		aws.WithSnsTopicEncryptionEnabled(true),
diff --git a/lwgenerate/aws/aws.go b/lwgenerate/aws/aws.go
index 4b30618fc..e188a7ed6 100644
--- a/lwgenerate/aws/aws.go
+++ b/lwgenerate/aws/aws.go
@@ -1058,14 +1058,14 @@ func createCloudtrail(args *GenerateAwsTfConfigurationArgs) (*hclwrite.Block, er
 			if args.BucketName != "" {
 				attributes["bucket_name"] = args.BucketName
 			}
-			if args.BucketEncryptionEnabledSet {
-				if args.BucketEncryptionEnabled {
-					if args.BucketSseKeyArn != "" {
-						attributes["bucket_sse_key_arn"] = args.BucketSseKeyArn
-					}
-				} else {
-					attributes["bucket_encryption_enabled"] = false
+		}
+		if args.BucketEncryptionEnabledSet {
+			if args.BucketEncryptionEnabled {
+				if args.BucketSseKeyArn != "" {
+					attributes["bucket_sse_key_arn"] = args.BucketSseKeyArn
 				}
+			} else {
+				attributes["bucket_encryption_enabled"] = false
 			}
 		}
 		if args.S3BucketNotification {