Error when custom authorizer's policyResource is 'arn:aws:execute-api:*'

[G-Rath]

Bug Report

Current Behavior

An error is thrown by the parseResource function:

TypeError: object null is not iterable (cannot read property Symbol(Symbol.iterator))

Sample Code

• file: serverless.yml

service: my-service

plugins:
  - serverless-offline

provider:
  runtime: nodejs18.x
  stage: dev

functions:
  api:
    handler: ${self:custom.outDir}/api/index.handler
    events:
      - http:
          path: /
          method: get
          authorizer:
            name: authorizer
            type: request

  authorizer:
    handler: ${self:custom.outDir}/authorizer/index.handler

• file: handler.js

export const handler: APIGatewayRequestAuthorizerHandler = async event => {
  return {
    Version: '2012-10-17',
    Statement: [
      {
        Effect: 'Allow',
        Action: ['execute-api:Invoke'],
        Resource: ['arn:aws:execute-api:ap-southeast-2:*']
      }
    ]
  };
};

Expected behavior/code

That there isn't an error, since this is a valid ARN per the docs:

If the wildcard (*) is the last character of a resource ARN segment, it can expand to match beyond colon boundaries

(I've also been using this for a while without any errors or warnings)

Environment

• serverless version: 3.38.0
• serverless-offline version: 13.6.0
• node.js version: v20
• OS: Ubuntu via WSLv2

Possible Solution

Modify the code to check to handle the above, with an optional region check.

Additional context/Screenshots

This was hard to debug because the whole authorizer block is wrapped in a big try/catch which doesn't actually print the error and returns unauthorized - I think ideally that should be changed to 1. print the error and 2. return 500, as that better matches what API Gateway will do.

I'm a bit stretched for time and couldn't easily tell if this had already been reported - I'll try doing PRs for both of these soon; if people are happy for PRs without tests I should be able to chuck some up in the next week or so.