Error: no association of default Security Group (sg-XXX) with VPC Endpoint (vpce-YYY)

[j4zzcat]

Hello,

I’m trying to provision a VPC with an interface endpoint, but I keep getting the error: Error: no association of default Security Group (sg-XXX) with VPC Endpoint (vpce-YYY). The same issue occurs even if I split the process into two stages — first creating only the VPC, and then adding the interface endpoint.

Here's my component mgmt.yaml.tmpl:

components:
  terraform:
    qh/di/aws-vpc/mgmt:
      metadata:
        component: cloudposse/aws-vpc
      vars:
        name: mgmt
        ipv4_primary_cidr_block: "{{ .ipv4_primary_cidr_block }}"

        availability_zones:
          - "a"
          - "b"
        max_subnet_count: 2
        public_subnets_enabled: false
        nat_gateway_enabled: false
        nat_instance_enabled: false
        subnet_type_tag_key: "quanthealth.cloud/subnet/type"
        vpc_flow_logs_enabled: true
        vpc_flow_logs_bucket_component_name: "cloudposse/aws-vpc-flow-logs-bucket"
        vpc_flow_logs_bucket_tenant_name: core
        vpc_flow_logs_bucket_stage_name: audit
        vpc_flow_logs_bucket_environment_name: use1
        vpc_flow_logs_log_destination_type: s3
        vpc_flow_logs_traffic_type: "ALL"

        interface_vpc_endpoints:
          - "ssmmessages"
        gateway_vpc_endpoints:
          - "s3"

And here's the complete error message:

│ Error: no association of default Security Group (sg-XXX) with VPC Endpoint (vpce-YYY)
│
│   with module.vpc_endpoints.aws_vpc_endpoint_security_group_association.interface["ssmmessages[0]"],
│   on .terraform/modules/vpc_endpoints/modules/vpc-endpoints/main.tf line 123, in resource "aws_vpc_endpoint_security_group_association" "interface":
│  123: resource "aws_vpc_endpoint_security_group_association" "interface" {
│

[j4zzcat]

Fixed in cloudposse/terraform-aws-vpc#158.