diff --git a/terraform/environments/corporate-staff-rostering/locals_security_groups.tf b/terraform/environments/corporate-staff-rostering/locals_security_groups.tf
index e1358aefed9..2635a3d3a2c 100644
--- a/terraform/environments/corporate-staff-rostering/locals_security_groups.tf
+++ b/terraform/environments/corporate-staff-rostering/locals_security_groups.tf
@@ -152,14 +152,14 @@ locals {
           security_groups = ["load-balancer"]
           # NOTE: will need to be changed to point to client access possibly
         }
-        #rpc_tcp_web = { # typo in name - this is for UDP but can't easily be changed
-        #  description     = "135: UDP MS-RPC allow ingress from app and db servers"
-        #  from_port       = 135
-        #  to_port         = 135
-        #  protocol        = "UDP"
-        #  security_groups = ["app", "database"]
-        #  # NOTE: csr_clientaccess will need to be added here to cidr_blocks
-        #}
+        rpc_tcp_web = { # typo in name - this is for UDP but can't easily be changed
+          description     = "135: UDP MS-RPC allow ingress from app and db servers"
+          from_port       = 135
+          to_port         = 135
+          protocol        = "UDP"
+          security_groups = ["app", "database"]
+          # NOTE: csr_clientaccess will need to be added here to cidr_blocks
+        }
         #rpc_tcp_web2 = {
         #  description     = "135: TCP MS-RPC allow ingress from app and db servers"
         #  from_port       = 135
@@ -288,14 +288,14 @@ locals {
         }
         # IMPORTANT: check if an 'allow all from load-balancer' rule is required
         # IMPORTANT: check whether http/https traffic is still needed? It's in the original but not used at an app level
-        #rpc_tcp_app = { # typo in name - this is for UDP but can't easily be changed
-        #  description     = "135: UDP MS-RPC allow ingress from app and db servers"
-        #  from_port       = 135
-        #  to_port         = 135
-        #  protocol        = "UDP"
-        #  security_groups = ["web", "database"]
-        #  # NOTE: csr_clientaccess will need to be added here to cidr_blocks
-        #}
+        rpc_tcp_app = { # typo in name - this is for UDP but can't easily be changed
+          description     = "135: UDP MS-RPC allow ingress from app and db servers"
+          from_port       = 135
+          to_port         = 135
+          protocol        = "UDP"
+          security_groups = ["web", "database"]
+          # NOTE: csr_clientaccess will need to be added here to cidr_blocks
+        }
         #rpc_tcp_app2 = {
         #  description     = "135: TCP MS-RPC allow ingress from app and db servers"
         #  from_port       = 135