(opensearch) LogGroupResourcePolicy AwsCustomResource log retention is set to never expire with no clear way to override #18902
Description
General Issue
@aws-cdk/aws-opensearchservice LogGroupResourcePolicy AwsCustomResource log retention is set to never expire with no clear way to override
The Question
We noticed that the Domain construct is creating an AwsCustomResource to provision the LogGroupResourcePolicy. This particular AwsCustomResource implementation is using the default retention period of "Never Expire" with no apparent way to override it. This isn't super great because we end up with all these never expiring log groups in our AWS account during development where we might destroy and recreate stacks often.
Can something be done to address the never expiring log groups for this AwsCustomResource when creating an OpenSearch Domain?
CDK CLI Version
2.12.0
Framework Version
No response
Node.js Version
No response
OS
No response
Language
Typescript
Language Version
No response
Other information
Upon further research, it looks like LogGroupResourcePolicy is an AwsCustomResource because of CloudFormation not supporting the ability to create it in the past:
#5343
#17015 - (yay it's fixed)
Where the Domain Construct creates the AwsCustomResource:
Perhaps one way to fix the issue is to implement the new way of creating the LogGroupResourcePolicy as seen in #17015.
Another way without moving from a CustomResource would be to allow setting a retention period or have a more reasonable default.