I just upgraded to Serverless 1.53.0 and deployed a very simple project (1 Lambda and API Gateway). I noticed a new Lambda was created [service]-[stage]-custom-resource-apigw-cw-role. What is this Lambda and what does it do? How often is it executed, memory usage etc…
From what I gather it’s a lambda function used to dynamically define the “CloudWatch log role ARN” property (as part of CloudFormation custom resources feature). This property seems to be an account property (can be controlled in the web console under API Gateway > Settings.
I didn’t find yet how to disable its creation or control it. This is left as a question to the audience.
I’d personally rather not have it run nor created, and in the process avoid giving the serverless user/role too many permissions.