Feed
To answer my own question, and for anyone else that runs into this problem, the LogRetention class is the way to go. docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aโฆ "Creates a custom resource to control the retention policy of a CloudWatch Logs log group. The log group is created if it doesn't already exist." This lets you manage the auto-created ones that already exist as well as create new ones that don't. It goes in cleanly and does the job. :)
Derek Murawsky
This is awesome, and was a very helpful writeup in helping me understand aspects. Thank you! Unfortunately, the logging solution does not work for existing lambdas because they already have a log group created. I can't think of a good way of handling that other than changing the settings on the lambda function itself. A custom construct might be a better approach for that?