Review log volume attack vector and mitigation measures

Description

Ensure both container and full deployment paved paths include either guidance or tooling/measures to limit attacks that would cause excessive bills based on log volume. Favouring opt-out tooling/measures over guidance.

Discuss with team as necessary, if multiple options available.

Possible measures

• container/code rate limiting
• GCP/Cloud run based rate limiting
• GCP load balancer rate limiting
• API Gateway based rate limiting
• GCP billing quota

Acceptance criteria

• clear strategy defined in docs and/or code
  • Implement any code changes in an MR
  • Document in issue comments any expected infrastructure requirements
  • Document strategy for deployments in README
• sign off from @ek599