Module doesn't work with subnet_ids

[markl11]

When I deploy version 0.3.0 with subnet_ids (which i need in order to ensure that endpoints are actually deployed into private subnets), I get an error:

module "ssm-session-manager" {
source = "bridgecrewio/session-manager/aws"
version = "0.3.0"
bucket_name = "my-session-logs"
access_log_bucket_name = "my-session-access-logs"
vpc_id = "vpc-XXXXXXXXXXXXXX"
subnet_ids = ["subnet-XXXXXXXXXXXXXX"]
tags = {
Function = "ssm"
}
enable_log_to_s3 = true
enable_log_to_cloudwatch = true
vpc_endpoints_enabled = true
}

│ Error: query returned no results. Please change your search criteria and try again
│
│ with module.ssm-session-manager.data.aws_route_table.selected[0],
│ on .terraform/modules/ssm-session-manager/vpce.tf line 11, in data "aws_route_table" "selected":
│ 11: data "aws_route_table" "selected" {

Would appreciate your help in resolving this.

Thanks,

[markl11]

Just to add - this Terraform module creates the VPC endpoints but does not actually select Subnet IDs to put the VPC endpoint interfaces into.

So, it doesn't work at all when you want to use SSM Session Manager with EC2 instances in private subnets if those private subnets which is an extremely common deployment type for EC2 instances (ref: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-systems-manager-vpc-endpoints/).

I thought that the 'subnet_ids' parameter would help but unfortunately (as you can see above) using this just causes errors.

UPDATE I have found that the module doesn't work with 'subnet_ids' optional parameter if the subnets are using the default 'main' route table. But it will work IF you create a new route table for the subnets.

Perhaps you can update the module such that it works even if the 'main' route table is used with the subnets specified in the 'subnet_ids' parameter? thanks.