[ApiGateway] RestApi updates account level role used for ApiGateway CloudWatch logging

This code in RestApi

https://github.com/aws/aws-cdk/blob/71aa4b61363ad43af34bcc83d11fa80490e48eac/packages/%40aws-cdk/aws-apigateway/lib/restapi.ts#L485

will update the account level role for cloudwatch logging used for all ApiGateways.

The problem we are seeing is that each new API we create will replace the role used for the account with the new role created.

If the stack that last updated the account level role gets deleted for some reason then the account level role will no longer exist and all apigateway cloudwatch logging is broken for the account 😱

Reproduction Steps

1. create a new RestApi without passing a cloudWatchRole prop
2. Deploy the new API - see the account level role change to the role associated with this new API
3. Delete the stack
4. All account level API logging no longer works because the role is deleted.

What did you expect to happen?

I would expect each apigateway logging role to be only used for a given API Gateway

or I would want the apigateway account level role to be rolled back to the previous role on deletion

What actually happened?

Described above

Environment

• CLI Version :
• Framework Version:
• Node.js Version:
• OS :
• Language (Version):

Other

Is passing a role into each API the best option to resolve this?

This is 🐛 Bug Report