[Design] Remove default security groups

Proposal for #3387

Use `deny_default_security_group` key to indicate service should not use default security group.

Example:
```
    network:
      vpc:
        placement: 'private'
        security_groups: ['sg-xxxxxxxxxxxxxxxxx']
        deny_default_security_group: true

```
```
    network:
      vpc:
        deny_default_security_group: true
```

- When `deny_default_security_group` is `false`, Current behavior is not modified and Default EnvironmentSecurityGroup is applied.
- When `deny_default_security_group` or `vpc` OR `network` keys are not present in yaml, `deny_default_security_group` is `false` by default. Current behavior is not modified, and Default EnvironmentSecurityGroup is applied.
- When `deny_default_security_group` is `true`, Default EnvironmentSecurityGroup is NOT applied.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Design] Remove default security groups #3664

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development