When launching a sst.aws.Task using the provided task.run SDK, the task security group is set to the default VPC one instead of the NAT one.

This makes the task inaccessible even if publicIp: true.

I've only tested this in staging when nat: "ec2". If I run the task manually using the correct security group, the task is publicly accessible via its IP address.