Share `Role`s across functions (and maybe services and tasks)

[lukehoban]

Today - we create a Role per Function, along with N RolePolicyAttachments.

All of these Roles are actually given the same privileges, so we could just create one and use it across all Lambdas. This would drastically reduce the total number of resources we create in common cases.

This may require adding some caching in the aws.serverless.Function layer, as currently that is where these roles are allocated, and at that layer it is not safe to assume we want to share the same Role across functions - that is only a safe assumption given the current definition of our @pulumi/cloud abstractions.

We may also be able to share across container-based compute in a similar way.