feat: error if ECS task definition includes awslogs driver running in blocking mode

[MarrickLip]

This PR adds a new test (ECSTaskDefinitionAwslogsDriverNotBlocking) which validates whether there are containers in an ECS task definition which are using the awslogs driver in blocking mode. This is added to the AWS Solutions pack as AwsSolutions-ECS8.

Blocking mode is the default configuration, but it is not recommended ^{1 2} for many workloads as it blocks the container if logs can't be sent to CloudWatch for any reason. This is an availability risk as many applications would rather loose logs during a CloudWatch outage etc. than take downtime.

Footnotes

1. Trusted Advisor check: https://docs.aws.amazon.com/awssupport/latest/user/fault-tolerance-checks.html#amazon-ec2-awslogs-driver-blockingmode ↩

2. Blog post: https://aws.amazon.com/blogs/containers/choosing-container-logging-options-to-avoid-backpressure/ ↩

[dontirun]

This seems like a good rule, however this is not part of the current AwsSolutions guidance. Let's move this to the Additional Rules for now.

I'll reach out to the team that manages AwsSolutions rules and see if they want this included in their set of checks.