feat(apigateway): set RestApi CloudWatchRole and Account retention policy (#26836)

Adds a `cloudWatchRoleRemovalPolicy` property to `RestApiBaseProps` that allows to specify a custom retention policy for CloudWatchRole and Account.
Defaults to `RemovalPolicy.RETAIN`.

Closes #26827.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Author: lpizzinidev

packages/@aws-cdk-testing/framework-integ/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets.json

@@ -0,0 +1,19 @@
+{
+  "version": "33.0.0",
+  "files": {
+    "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
+      "source": {
+        "path": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-current_region": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
+          "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
+        }
+      }
+    }
+  },
+  "dockerImages": {}
+}

packages/@aws-cdk-testing/framework-integ/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.template.json

@@ -0,0 +1,36 @@
+{
+ "Parameters": {
+  "BootstrapVersion": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/cdk-bootstrap/hnb659fds/version",
+   "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+  }
+ },
+ "Rules": {
+  "CheckBootstrapVersion": {
+   "Assertions": [
+    {
+     "Assert": {
+      "Fn::Not": [
+       {
+        "Fn::Contains": [
+         [
+          "1",
+          "2",
+          "3",
+          "4",
+          "5"
+         ],
+         {
+          "Ref": "BootstrapVersion"
+         }
+        ]
+       }
+      ]
+     },
+     "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+    }
+   ]
+  }
+ }
+}

packages/@aws-cdk-testing/framework-integ/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/cdk.out

@@ -0,0 +1 @@
+{"version":"33.0.0"}

packages/@aws-cdk-testing/framework-integ/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/integ.json

@@ -0,0 +1,12 @@
+{
+  "version": "33.0.0",
+  "testCases": {
+    "apigateway-restapi-cloudwatch-removal-policy/DefaultTest": {
+      "stacks": [
+        "test-apigateway-restapi-cloudwatch-removal-policy"
+      ],
+      "assertionStack": "apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert",
+      "assertionStackName": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A"
+    }
+  }
+}

packages/@aws-cdk-testing/framework-integ/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/manifest.json

@@ -0,0 +1,147 @@
+{
+  "version": "33.0.0",
+  "artifacts": {
+    "test-apigateway-restapi-cloudwatch-removal-policy.assets": {
+      "type": "cdk:asset-manifest",
+      "properties": {
+        "file": "test-apigateway-restapi-cloudwatch-removal-policy.assets.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+      }
+    },
+    "test-apigateway-restapi-cloudwatch-removal-policy": {
+      "type": "aws:cloudformation:stack",
+      "environment": "aws://unknown-account/unknown-region",
+      "properties": {
+        "templateFile": "test-apigateway-restapi-cloudwatch-removal-policy.template.json",
+        "validateOnSynth": false,
+        "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
+        "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
+        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ad0976eb05657cb79673c3a947078cdcaaac49665eb861a3a4d2e6eeb5774489.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
+        "additionalDependencies": [
+          "test-apigateway-restapi-cloudwatch-removal-policy.assets"
+        ],
+        "lookupRole": {
+          "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}",
+          "requiresBootstrapStackVersion": 8,
+          "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+        }
+      },
+      "dependencies": [
+        "test-apigateway-restapi-cloudwatch-removal-policy.assets"
+      ],
+      "metadata": {
+        "/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "myapi4C7BF186"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/my-api/CloudWatchRole/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "myapiCloudWatchRole095452E5"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Account": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "myapiAccountEC421A0A"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Deployment/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "myapiDeployment92F2CB4972a890db5063ec679071ba7eefc76f2a"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/my-api/DeploymentStage.prod/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "myapiDeploymentStageprod298F01AF"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Endpoint": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "myapiEndpoint3628AFE3"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/my-api/Default/GET/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "myapiGETF990CE3C"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/BootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "BootstrapVersion"
+          }
+        ],
+        "/test-apigateway-restapi-cloudwatch-removal-policy/CheckBootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "CheckBootstrapVersion"
+          }
+        ]
+      },
+      "displayName": "test-apigateway-restapi-cloudwatch-removal-policy"
+    },
+    "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets": {
+      "type": "cdk:asset-manifest",
+      "properties": {
+        "file": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+      }
+    },
+    "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A": {
+      "type": "aws:cloudformation:stack",
+      "environment": "aws://unknown-account/unknown-region",
+      "properties": {
+        "templateFile": "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.template.json",
+        "validateOnSynth": false,
+        "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
+        "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
+        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
+        "additionalDependencies": [
+          "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets"
+        ],
+        "lookupRole": {
+          "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}",
+          "requiresBootstrapStackVersion": 8,
+          "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+        }
+      },
+      "dependencies": [
+        "apigatewayrestapicloudwatchremovalpolicyDefaultTestDeployAssert35AFDA9A.assets"
+      ],
+      "metadata": {
+        "/apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert/BootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "BootstrapVersion"
+          }
+        ],
+        "/apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert/CheckBootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "CheckBootstrapVersion"
+          }
+        ]
+      },
+      "displayName": "apigateway-restapi-cloudwatch-removal-policy/DefaultTest/DeployAssert"
+    },
+    "Tree": {
+      "type": "cdk:tree",
+      "properties": {
+        "file": "tree.json"
+      }
+    }
+  }
+}

packages/@aws-cdk-testing/framework-integ/test/aws-apigateway/test/integ.restapi-cloudwatch-removal-policy.js.snapshot/test-apigateway-restapi-cloudwatch-removal-policy.assets.json

@@ -0,0 +1,19 @@
+{
+  "version": "33.0.0",
+  "files": {
+    "ad0976eb05657cb79673c3a947078cdcaaac49665eb861a3a4d2e6eeb5774489": {
+      "source": {
+        "path": "test-apigateway-restapi-cloudwatch-removal-policy.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-current_region": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
+          "objectKey": "ad0976eb05657cb79673c3a947078cdcaaac49665eb861a3a4d2e6eeb5774489.json",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
+        }
+      }
+    }
+  },
+  "dockerImages": {}
+}