feat: detect if security groups attempt to write more than 60 rules

[nitrocode]

Terraform plan doesn't catch this limitation but it would be nice if tflint could.

[jeohist]

This should be configurable, since security group / security group rule limits are soft limits per account per region.

[nitrocode]

Mind blown https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-security-groups

You can have 60 inbound and 60 outbound rules per security group (making a total of 120 rules). This limit is enforced separately for IPv4 rules and IPv6 rules; for example, a security group can have 60 inbound rules for IPv4 traffic and 60 inbound rules for IPv6 traffic. A rule that references a security group or prefix list ID counts as one rule for IPv4 and one rule for IPv6. A limit change applies to both inbound and outbound rules. This limit multiplied by the limit for security groups per network interface cannot exceed 1000. For example, if you increase this limit to 100, we decrease the limit for your number of security groups per network interface to 10.

[nitrocode]

FYI To get around this limitation, we've configured WAF with an ALB to get around the sg rules limit.

but yes due to the configurable nature of the sg limits, it would be nice if tflint could still catch that limit and that limit was configurable in tflint too to match aws.