[aws-rds] When moving from DatabaseCluster to DatabaseClusterFromSnapshot, lose ability to rotate master passwords

If I start with a DatabaseCluster and then need to switch it to DatabaseClusterFromSnapshot, I am forced to weaken security because DatabaseClusterFromSnapshot does not have addRotationSingleUser().

Reproduction Steps

Starting point was:

const vpc = ...
const cluster = new DatabaseCluster(this, 'Database', {
    engine: DatabaseClusterEngine.auroraPostgres({ version: AuroraPostgresEngineVersion.VER_11_9 }),
    instanceProps: {
        vpc: vpc,
    },
})
cluster.addRotationSingleUser({ automaticallyAfter: Duration.days(2) })

Then, after removing the cluster (which creates a snapshot) and recreating it with:

const vpc = ...
const cluster = new DatabaseClusterFromSnapshot(this, 'Database', {
    snapshotIdentifier: "",
    engine: DatabaseClusterEngine.auroraPostgres({ version: AuroraPostgresEngineVersion.VER_11_9 }),
    instanceProps: {
        vpc: vpc,
    },
})
// The next line fails to compile!
cluster.addRotationSingleUser({ automaticallyAfter: Duration.days(2) })

the last line cannot be used.

What did you expect to happen?

I expected DatabaseClusterFromSnapshot to have the same API as DatabaseCluster.

What actually happened?

error TS2339: Property 'addRotationSingleUser' does not exist on type 'DatabaseClusterFromSnapshot'.

Environment

• CDK CLI Version : 1.88.0 (build f65009b)
• Framework Version: aws-cli/2.1.8 Python/3.7.3 Linux/4.19.128-microsoft-standard exe/x86_64.ubuntu.18 prompt/off
• Node.js Version: v12.20.1
• OS : Ubuntu 18.04 on WSL 2
• Language (Version): TypeScript 3.9.7

Other

I would suggest pulling DatabaseCluster.addRotationSingleUser and DatabaseCluster.addRotationMultiUser up into DatabaseClusterNew (which is the shared superclass of DatabaseClusterFromSnapshot)

This is 🐛 Bug Report