fix: Update GuWazuhAccess group description to follow guide

The group description of a security group is stateful.

In order to reduce friction for teams migrating from YAML to GuCDK, change the description to match the user guide.
Else the security group will be replaced, which requires careful orchestration with running instances.

BREAKING CHANGE:
  * Update `GuWazuhAccess` group description to follow guide

See:
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-groupdescription
- https://github.com/guardian/security-hq/blob/main/hq/markdown/wazuh.md#outbound-traffic-on-ports-1514-and-1515

src/constructs/ec2/security-groups/wazuh.test.ts

@@ -18,7 +18,7 @@ describe("The GuWazuhAccess class", () => {
     GuWazuhAccess.getInstance(stack, vpc);
 
     expect(stack).toHaveResource("AWS::EC2::SecurityGroup", {
-      GroupDescription: "Wazuh agent registration and event logging",
+      GroupDescription: "Allow outbound traffic from wazuh agent to manager",
       SecurityGroupEgress: [
         {
           CidrIp: "0.0.0.0/0",

src/constructs/ec2/security-groups/wazuh.ts

@@ -10,8 +10,14 @@ export class GuWazuhAccess extends GuBaseSecurityGroup {
   private constructor(scope: GuStack, vpc: IVpc) {
     super(scope, "WazuhSecurityGroup", {
       vpc,
-      description: "Wazuh agent registration and event logging",
-      overrideId: true,
+
+      /*
+      The group description of a security group is stateful.
+      Be careful about changing this!
+
+      See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html#cfn-ec2-securitygroup-groupdescription
+       */
+      description: "Allow outbound traffic from wazuh agent to manager",
       allowAllOutbound: false,
       egresses: [
         { range: Peer.anyIpv4(), port: 1514, description: "Wazuh event logging" },