This is not a function that Jamf Pro, and much less Jamf Connect (the channel you posted in) are able to do. The reason you did not see Apple Documentation is because it's not possible to do with MDM. Firewall controls could possibly block this. Even though Apple has some firewall controls in the MDM framework that Jamf Pro can use, its nothing compared to what Firewall controls apple has in the security framework. Be aware, if you block any functions of Dictation don't expect any of it to work correctly. 

Jamf Safe Internet may be able to block the hosts/ports that the Dictation function use, but I would suggest using a tool specifically designed for TLS filtering like Forcepoint, Zscaler, or any of the many other network security tools out there. You may be able to use 

TL;DR: Use the right tool for the job or have a bad time. You need a network security tool, and to evaluate if it's even possible to provide the features your client wants while maintaining their security posture.

Possible to achieve by combining Jamf Connect with a VPN gateway that has firewall to block all traffic unless whitelisted?

Jamf connect is an authentication tool, it basically enables on demand account creation based on IDP credentials and access. Jamf Connect is not a device management or MDM tool in any way shape or form.

Your VPN could open up options depending on what your internal firewall configurations are, I suggest reaching out to the VPN and Firewall vendor for a list of possibilities. Just remember, blocking any of the Dictation traffic can cause the entire feature to not work so keep your expectations in line with that.