Required IAM permissions are missing

The following instructions will not create a fully functional AWS user for the serverless functionality.

### Setting Up AWS

1. Create AWS credentials including the following IAM policies: `AWSLambdaFullAccess`, `AmazonAPIGatewayAdministrator` and `AWSCloudFormationFullAccess`.
1. Set the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` variables in the GitLab CI/CD settings. `Settings > CI/CD > Variables`.

This results in the following error:

An error occurred: IamRoleLambdaExecution - API: iam:CreateRole User: arn:aws:iam::685551156602:user/gitlab-serverless is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::685551156602:role/test-example-production-us-east-1-lambdaRole

The serverless script attempts to create a new role on its first run and it will fail to do so without the following permissions:

  "iam:CreateRole",
  "iam:DeleteRole",
  "iam:DeleteRolePolicy",
  "iam:GetRole",
  "iam:PassRole",
  "iam:PutRolePolicy",

I'd propose either telling the users to add these as an inline policy for the user they create, or suggesting iam:* for brevity, or telling them to attach the IAMFullAccess policy.

The former may complicate the otherwise simple setup instructions, but the later may be overly permissive. I'd like someone to advise before making the proposed change.