(opensearch) LogGroupResourcePolicy AwsCustomResource log retention is set to never expire with no clear way to override #18902
Labels
@aws-cdk/aws-opensearch
Related to the @aws-cdk/aws-opensearchservice package
closed-for-staleness
This issue was automatically closed because it hadn't received any attention in a while.
effort/small
Small work item – less than a day of effort
feature-request
A feature should be added or improved.
good first issue
Related to contributions. See CONTRIBUTING.md
p2
General Issue
@aws-cdk/aws-opensearchservice LogGroupResourcePolicy AwsCustomResource log retention is set to never expire with no clear way to override
The Question
We noticed that the Domain construct is creating an AwsCustomResource to provision the LogGroupResourcePolicy. This particular AwsCustomResource implementation is using the default retention period of "Never Expire" with no apparent way to override it. This isn't super great because we end up with all these never expiring log groups in our AWS account during development where we might destroy and recreate stacks often.
Can something be done to address the never expiring log groups for this AwsCustomResource when creating an OpenSearch Domain?
CDK CLI Version
2.12.0
Framework Version
No response
Node.js Version
No response
OS
No response
Language
Typescript
Language Version
No response
Other information
Upon further research, it looks like LogGroupResourcePolicy is an AwsCustomResource because of CloudFormation not supporting the ability to create it in the past:
#5343
#17015 - (yay it's fixed)
Where the Domain Construct creates the AwsCustomResource:
aws-cdk/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts
Line 1487 in 9975ec8
Perhaps one way to fix the issue is to implement the new way of creating the LogGroupResourcePolicy as seen in #17015.
Another way without moving from a CustomResource would be to allow setting a retention period or have a more reasonable default.
The text was updated successfully, but these errors were encountered: