feat: update cloudposse/vpc/aws to 2.3.0 #minor

[public-glueops-renovatebot]

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/vpc/aws (source)	module	minor	2.2.0 -> 2.3.0

---

Release Notes

cloudposse/terraform-aws-vpc (cloudposse/vpc/aws)

v2.3.0

Compare Source

Fixes "Error: no association of default Security Group (sg-XXX) with VPC Endpoint (vpce-YYY)" @​j4zzcat (#​158)

This PR updates the `vpc-endpoints` module to prevent recurring no association of default Security Group (...) with VPC Endpoint (...) errors when managing Interface VPC Endpoints. See also https://github.com/cloudposse-terraform-components/aws-vpc/issues/49.

The issue occurred because AWS automatically attaches the default VPC security group to an Interface endpoint when no SGs are specified at creation. The module previously relied on replace_default_association to swap it out for the desired SG. This worked only on the first run - subsequent runs failed because the default SG was no longer attached.

Changes

1. Attach first SG at creation time
   • Added security_group_ids to aws_vpc_endpoint.interface_endpoint with the first SG from var.interface_vpc_endpoints.
   • Prevents AWS from attaching the default SG and removes the need for replace_default_association.
2. Limit SG associations to index > 0
   • Updated security_group_associations_list and security_group_associations_map locals to only include SGs beyond the first one.
   • Ensures Terraform doesn’t try to re-attach the already-attached first SG.
3. Remove replace_default_association
   • Association resources now only attach additional SGs.
   • Eliminates fragile “replace default” logic that failed on repeated applies.

Benefits

• Idempotent applies — no more failing after the first run.
• Simpler logic — no special-case handling for the default SG.
• Clean AWS state — the default SG is never attached in the first place.

Testing

• Applied changes in a test environment with multiple endpoints and SGs.
• Verified that:
  • First SG is attached at endpoint creation.
  • Additional SGs are attached via association resources.
  • No errors occur on repeated terraform apply runs.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.