Feature: Preserve event source permissions

[ProTip]

I think it would be great if we could preserve the default permissions required to hook the lambda up to the specified event sources. This would reduce config bloat as well as ease migrating from global statements; currently an update with the missing permissions will cause the Lambda's to silently disable.

I'm open to looking into this if I get the opportunity. I'm not sure how much work is involved as I'm not familiar with how serverless composes/exposes these statements on the backend..

[theburningmonk]

The plugin does it for Kinesis/DynamoDB streams and SNS DLQ already, might be missing SQS since that's also a poll-based event source. Can copy what the serverless framework does already.

Is SQS the only event source that's missing relevant permissions?