Authorizer and user parmission/profie

Hello guys.
I am planning to migrate an API that I have to AWS Lambda.
In the API uses JWT tokens for users with profiles, so an Admin User can perform some specific actions that other users can’t (for instance, just an admin can add a new user, etc).
Is there a way to do the same on Serverless?
Can I specify it per function? (something like to run putUser Function the JWT token must have a Admin profile?

JWT token has a “profile” claim that is an array of strings.

I already created a authorize function where I am checking if the token is valid, but now I want to check if user has permission to that specific “route”.