Wrong execution role for custom resources function?

I would like to use s3 event with an existing s3 bucket, so I added existing: true to the serverless.yml according to the docs. My service uses custom IAM roles for lambda execution and deployment (so the serverless.yml has filled provider.role and provider.cfnRole).

But the deployment fails on a weird error that the Cloudformation role is trying to assume itself. See the screenshot:

After some debugging I found out that the cfnRole is passed as execution role of the custom lambda function: https://github.com/serverless/serverless/blob/master/lib/plugins/aws/customResources/index.js#L171
Isn’t that a bug? I would say that there should be serverless.service.provider.role instead. Or am I wrong?