How to pass IAM role to invoke Authorizer lambda w/o modifying resource policy?

Hi there!

We use an authorizer function per environment (dev/staging/live) and we want all our endpoints have protected. But each new APIGW with auth add a new statement to the Auth lambda resource policy. This policy has a hard limit 20kb. So, we are already ran out from this limit and now blocked. As I got from AWS docs I’m able to set managedExternally: true parameter and the pass IAM role to APIGW which grants access to invoke auth lambda. But I didn’t find how to pass this role via serverless.yml file.
Here is the example from AWS Docs AWS::ApiGateway::Authorizer - AWS CloudFormation

Could somebody help me to figure this out, please?

Thanks and have a nice day!