When using aws_ec2/aws_ecs/aws_ecs_patterns can you limit which ECS service security groups are altered to allow connections from the load balancer

Question

We're using the pattern whereby a dependency creates "client" security groups to grant access by other resources.

For example we have a database and message queue. Their cdk stacks create a db-client-sg and mq-client-sg security group. We give resources that need access to the database the db-client-sg security group and resources that need access to the message queue the mq-client-sg security group.

We're adding an ECS service in a cluster that needs access to the db and mq. It has its own app-sg security group but also the db-client-sg and mq-client-sg. When I use the CDK constructs, either ApplicationLoadBalancedFargateService or FargateService with ApplicationLoadBalancer, CDK grants the load balancer inbound access on all three security groups. This is bad because db-client-sg and mq-client-sg are shared across multiple services.

        const engine = new ecsPatterns.ApplicationLoadBalancedFargateService(this, `app-lb-service`, {
            …                       
            securityGroups: [
                appSecurityGroup,
                dbClientSecurityGroup,
                mqClientSecurityGroup
            ],
            …
        });

Is there any way to use these CDK constructs and limit the load balancer access to only the app-sg security group?