wordpress-fargate: lock down security group permissions

[jre21]

This change tightens down all the security group definitions. The wordpress security group previously went unused. I've now assigned it to the ecs cluster and reworked the security group rules to correctly model all expected traffic flows. The new logic describes traffic as being allowed between two security groups when one resource needs to communicate with another, instead of assigning every security group to the ecs cluster so that both sides of a connection reside within the same group. I also modified several rules which previously allowed incoming connections on all ports to restrict them to only ports that our intended services are listening on.