Policies are put in place in one fashion or another. You’d do this differently in DynamoDB or Firebase but basically you set up a rule like, users can only update records with a key matching their user ID. So that logic does end up somewhere. Instead of in a Lambda or Cloud Function the logic is “embedded” in the database. IMHO this is an anti pattern but what do I know?
Just because you've never had to overcome or experience the problem, it doesn't mean it doesn't exist.
If you've ever had to develop an MVP from the ground up and build a business around it, services like this are critical to your acceleration, time to market, and budget.
The more experienced the developer, the faster they are. The faster the technology enables you to be, the faster you'll produce something. Both go hand in hand.
An experienced developer would absolutely love Serverless for most problems they face. Having the option of doing as little Ops as possible and just solving problems in software is the very definition of a software developer (which certainly might be changing over time) :)
I still don't see where the savings of time come in. What you lose in "ops" you gain in configuration and assuming you don't have eidetic memory that has a time cost.