Could someone clarify why the Architect Data Action consistently returns a 403 Forbidden error when attempting to invoke a specific Lambda function via an IAM role? The Angular service in the Genesys Cloud Premium App framework successfully triggers the flow, but the backend integration fails at the execution step.
- Genesys Cloud Region: US-EAST
- Architect Data Action Type: Invoke AWS Lambda
- IAM Role: Attached to the Genesys Cloud service principal with
lambda:InvokeFunctionpermission
The JSON response payload contains the following error structure:
{
"error": "AccessDeniedException",
"message": "User: arn:aws:sts::123456789012:assumed-role/GC-Integration-Role/... is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:us-east-1:123456789012:function:MyTargetFunction"
}
The IAM policy explicitly allows this action. Is there a specific resource ARN format required in the Architect configuration?