docs: add references to new security dev guide (#23234)

This adds some references to the new [Security and Safety Dev Guide](https://github.com/aws/aws-cdk/wiki/Security-And-Safety-Dev-Guide)


----

### All Submissions:

* [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)

### Adding new Construct Runtime Dependencies:

* [ ] This PR adds new construct runtime dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-construct-runtime-dependencies)

### New Features

* [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
	* [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

packages/@aws-cdk/aws-iam/README.md

@@ -11,6 +11,21 @@
 
 <!--END STABILITY BANNER-->
 
+## Security and Safety Dev Guide
+
+For a detailed guide on CDK security and safety please see the [CDK Security And
+Safety Dev Guide](https://github.com/aws/aws-cdk/wiki/Security-And-Safety-Dev-Guide)
+
+The guide will cover topics like:
+
+* What permissions to extend to CDK deployments
+* How to control the permissions of CDK deployments via IAM identities and policies
+* How to use CDK to configure the IAM identities and policies of deployed applications
+* Using Permissions Boundaries with CDK
+
+## Overview
+
+
 Define a role and add permissions to it. This will automatically create and
 attach an IAM policy to the role:
 
@@ -230,6 +245,9 @@ iam.Role.customizeRoles(stack, {
 });
 ```
 
+For more information on configuring permissions see the [Security And Safety Dev
+Guide](https://github.com/aws/aws-cdk/wiki/Security-And-Safety-Dev-Guide)
+
 #### Generating a permissions report
 
 It is also possible to generate the report _without_ preventing the role/policy creation.
@@ -504,6 +522,9 @@ new Stack(prodStage, 'ProdStack', {
 });
 ```
 
+For more information on configuring permissions see the [Security And Safety Dev
+Guide](https://github.com/aws/aws-cdk/wiki/Security-And-Safety-Dev-Guide)
+
 ### Custom Permissions Boundary
 
 It is possible to attach Permissions Boundaries to all Roles created in a construct

packages/aws-cdk/README.md

@@ -588,7 +588,13 @@ Out of the box customization options are also available as arguments. To use a p
 - `--example-permissions-boundary` indicates the example permissions boundary, supplied by CDK
 - `--custom-permissions-boundary` specifies, by name a predefined, customer maintained, boundary
 
-A few notes to add at this point. The CDK supplied permissions boundary policy should be regarded as an example. Edit the content and reference the example policy if you're testing out the feature, turn it into a new policy for actual deployments (if one does not already exist). The concern here is drift as, most likely, a permissions boundary is maintained and has dedicated conventions, naming included.
+A few notes to add at this point. The CDK supplied permissions boundary policy should be regarded as
+an example. Edit the content and reference the example policy if you're testing out the feature, turn
+it into a new policy for actual deployments (if one does not already exist). The concern here is drift
+as, most likely, a permissions boundary is maintained and has dedicated conventions, naming included.
+
+For more information on configuring permissions, including using permissions
+boundaries see the [Security And Safety Dev Guide](https://github.com/aws/aws-cdk/wiki/Security-And-Safety-Dev-Guide)
 
 ### `cdk doctor`