What’s the exact IAM trust policy required for Genesys Cloud to invoke a Node.js Lambda via a Data Action? We’ve got the endpoint working locally but the flow fails with a 403 Forbidden when the platform tries to trigger the function.
The Lambda is public, but the trust relationship only allows lambda.amazonaws.com. Do we need to add platform-api.genesys.cloud or a specific account ID to the principal? Here’s the current policy snippet we’re testing with.