fix(aws-logs): include new policy.ts exports in index.ts exports

packages/@aws-cdk/aws-logs/lib/index.ts

@@ -5,6 +5,7 @@ export * from './metric-filter';
 export * from './pattern';
 export * from './subscription-filter';
 export * from './log-retention';
+export * from './policy';
 
 // AWS::Logs CloudFormation Resources:
 export * from './logs.generated';

packages/@aws-cdk/aws-logs/lib/policy.ts

@@ -11,7 +11,7 @@ export interface ResourcePolicyProps {
    * Name of the log group resource policy
    * @default - Uses a unique id based on the construct path
    */
-  readonly policyName?: string;
+  readonly resourcePolicyName?: string;
 
   /**
    * Initial statements to add to the resource policy
@@ -31,15 +31,19 @@ export class ResourcePolicy extends Resource {
   public readonly document = new PolicyDocument();
 
   constructor(scope: Construct, id: string, props?: ResourcePolicyProps) {
-    super(scope, id);
-    new CfnResourcePolicy(this, 'Resource', {
+    super(scope, id, {
+      physicalName: props?.resourcePolicyName,
+    });
+
+    new CfnResourcePolicy(this, 'ResourcePolicy', {
       policyName: Lazy.string({
-        produce: () => props?.policyName ?? Names.uniqueId(this),
+        produce: () => props?.resourcePolicyName ?? Names.uniqueId(this),
       }),
       policyDocument: Lazy.string({
         produce: () => JSON.stringify(this.document),
       }),
     });
+
     if (props?.policyStatements) {
       this.document.addStatements(...props.policyStatements);
     }

packages/@aws-cdk/aws-logs/test/policy.test.ts

@@ -0,0 +1,52 @@
+import '@aws-cdk/assert-internal/jest';
+import { PolicyStatement, ServicePrincipal } from '@aws-cdk/aws-iam';
+import { Stack } from '@aws-cdk/core';
+import { LogGroup, ResourcePolicy } from '../lib';
+
+describe('resource policy', () => {
+  test('ResourcePolicy is added to stack, when .addToResourcePolicy() is provided a valid Statement', () => {
+    // GIVEN
+    const stack = new Stack();
+    const logGroup = new LogGroup(stack, 'LogGroup');
+
+    // WHEN
+    logGroup.addToResourcePolicy(new PolicyStatement({
+      actions: ['logs:CreateLogStream'],
+      resources: ['*'],
+    }));
+
+    // THEN
+    expect(stack).toHaveResource('AWS::Logs::ResourcePolicy', {
+      PolicyName: 'LogGroupPolicy643B329C',
+      PolicyDocument: JSON.stringify({
+        Statement: [
+          {
+            Action: 'logs:CreateLogStream',
+            Effect: 'Allow',
+            Resource: '*',
+          },
+        ],
+        Version: '2012-10-17',
+      }),
+    });
+  });
+
+  test('ResourcePolicy is added to stack, when created manually/directly', () => {
+    // GIVEN
+    const stack = new Stack();
+    const logGroup = new LogGroup(stack, 'LogGroup');
+
+    // WHEN
+    const resourcePolicy = new ResourcePolicy(stack, 'ResourcePolicy');
+    resourcePolicy.document.addStatements(new PolicyStatement({
+      actions: ['logs:CreateLogStream', 'logs:PutLogEvents'],
+      principals: [new ServicePrincipal('es.amazonaws.com')],
+      resources: [logGroup.logGroupArn],
+    }));
+
+    // THEN
+    expect(stack).toHaveResource('AWS::Logs::ResourcePolicy', {
+      PolicyName: 'ResourcePolicy',
+    });
+  });
+});