Document networking security approach #6413
Description
Under epic:
We'd like to document our approach to how we handle network security.
For example, we intend to configure all security groups explicitly rather than ever use the default security group for the VPC. We expect the default security group to deny all incoming or outgoing traffic.
We'd like to add some pointers in the developer documentation for where security groups are configured, including both in the CDK and in the code that starts ECS tasks.