How to scale and manage IAM roles and policies in CDK without running into size limits?

Question

Issue

So in our CDK code we basically create roles and then assign them policies via .grant() or .grant<something>() function of the respective component (e.g. an SQS Queue):

import iam from "@aws-cdk/aws-iam";
import sqs from "@aws-cdk/aws-sqs";

declare const fooRole: iam.Role;
declare const barQueue: sqs.Queue;
declare const bazDlq: sqs.Queue;

barQueue.grantSendMessages(role);
bazDlq.grant(role, "sqs:ListDeadLetterSourceQueues");

For an admin-like role this can pretty fast be a problem since admin-like roles get a lot of grants from various components, which lead to a policy size limit error on AWS side:

Maximum policy size of 10240 bytes exceeded for role my-admin-role-SOMEHASH (Service: AmazonIdentityManagement; Status Code: 409; Error Code: LimitExceeded; Request ID: 6206d0f5-e107-4c4a-a452-0e1cbc7868d6; Proxy: null)

Luckily there is a feature flag to enable minification of policies:

{
  "app": "...",
  "context": {
    "@aws-cdk/aws-iam:minimizePolicies": true
}

This helped me to reduce the size of policy JSONs, but we plan to add much more resources (for example SQS queues) which the admin role needs access to.

Question

What would be the best way to manage IAM roles and policies so they are able to scale with the actual application?