fix: Limited permission for authorizers

[pmuens]

What did you implement

Fixes a permission issue when using custom authorizers for API Gateways.

❗️ NOTE: Note entirely sure about the impact, but thus could result in a breaking change... ❗️

How can we verify it

The easiest way would be to run the integration tests. Other than that you could use this service config (provided by @glb):

service: test

provider:
  name: aws
  runtime: nodejs10.x

functions:
  example:
    role: exampleRole
    handler: bin/example
    events:
      - http:
          path: /echo
          method: GET
          authorizer:
            name: authorizer
            arn: arn:aws:lambda:us-east-1:111111111111:function:sample

Todos

• Write and run all tests
• Enable "Allow edits from maintainers" for this PR
• Update the messages below

Is this ready for review?: NO
Is it a breaking change?: MAYBE

[codecov-io]

Codecov Report

Merging #7300 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #7300   +/-   ##
=======================================
  Coverage   88.12%   88.12%           
=======================================
  Files         239      239           
  Lines        8833     8833           
=======================================
  Hits         7784     7784           
  Misses       1049     1049

Impacted Files	Coverage Δ
...ckage/compile/events/apiGateway/lib/permissions.js	87.5% <ø> (ø)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 33291c8...12f7c29. Read the comment docs.

[pmuens]

Thanks for reporting @glb 👍

Could you please review and test this PR to see if it fixes your problem? Thanks!

/cc @medikoo

[medikoo]

@pmuens thanks for looking into that. Looks great to me!

[pmuens]

Thanks for the review @medikoo 👍

I rebased the branch so that it's in sync with master and it can be merged.

For some reason I couldn't run the integration tests locally. Could you run them and report back if the all pass? I was just testing this manually. Thanks!

@medikoo do you think this is a breaking change as the permissions are stricter compared to the way we handled it before?

[medikoo]

@medikoo do you think this is a breaking change as the permissions are stricter compared to the way we handled it before?

If someone relied on it, I don't think it could have been conscious. I wouldn't treat it as breaking change (assuming we don't break resource relations in context of deployed service)

[medikoo]

If it'll go de-sync again. I think it's fine, if you force merge it after rebasing

[pmuens]

Thanks for the review @medikoo 👍