Given cloud-aws:ecsAutoCluster: "true" I'm not able to do any outbound traffic from inside the containers. Is there a way to configure this? Should there be a NAT gateway configured somewhere?

If it's on a private subnet, then you'll need a NAT gateway. The network configuration is determined here https://github.com/pulumi/pulumi-cloud/blob/master/aws/shared.ts#L120
You might find https://aws.amazon.com/blogs/compute/task-networking-in-aws-fargate/ to be a helpful reference.