Template changes account-wide settings of API Gateway Logging

[rrehbein]

Describe the bug
API Gateway logging is disabled when the stack defined by the template is deleted.

To Reproduce

1. Setup API Gateway with logging
2. Create a WAF stack with BadBotProtection enabled
3. Delete a WAF stack

Expected behavior
Account wide settings for API Gateway to remain functioning.

Actual behavior
API Gateway Account's CloudWatchRoleArn references a deleted role that was defined by the template.

Please complete the following information about the solution:

• Version: [v3.2.0]

Additional context

It appears to be due to including a resource Type: AWS::ApiGateway::Account in https://github.com/awslabs/aws-waf-security-automations/blob/main/deployment/aws-waf-security-automations.template#L1935

Previewing the solution or testing this solution without a dedicated account results in silently breaking api gateway logging when cleaning up.

[aijunpeng]

Thanks for opening the issue. Can you please share the screenshots of your API GateWay logging prior to deploying WAF stack, after deploying the stack and after deleting the stack? Also any error screenshots?

[aijunpeng]

We have provided a workaround by accepting an user-defined IAM role at stack creation/update in version >=4.0.0.