Question
As CDK is becoming more complete and robust as the time goes, we are now replacing our Serverless code to CDK.
While developing we've noticed that to handle retention for lambda with CDK, it's creating a custom resource to handle it.
Code Snippet
const lambdaFn = new lambda.Function(this, 'FuncName', {
functionName: `lambda-${props?.appCode}-FuncName-${props?.stage}`,
runtime: lambda.Runtime.NODEJS_12_X,
code: lambda.Code.asset('lambdas/FuncName'),
handler: 'index.handler',
logRetention: 14,
role: lambdaRole,
timeout: cdk.Duration.seconds(60),
});
In our case, we're only allowing lambda having a specific name pattern in our DEVOPS chain. This means that to successfully deploy our stack we have to add the following permission to our "deployer role" :
"arn:aws:lambda:\*:${AWS::AccountId}:function:stack-${VAR}-*"
I don't know if there is other use cases where CDK is creating custom lambda so we left "stack-${VAR}-*" to prevent us from having this issue. As of today, we haven't find a way to manage it other way.
At the end of the day, both are generating CloudFormation stack. Before, we were handling it by directly configuring the log retention within the logGroup with the native attributes. (cf https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) I trust that there is a reason for this implementation or that we're missing something.
Is there a way to configure the name of the custom ressource or is it planned to be implemented? Or better, that the retention option is taken into account with having the need of a custom lambda?
Thanks in advance for your insights!
Environment
CDK CLI Version: CDK Version: 1.57.0 (build 2ccfc50) OS: all Language: TypeScript
