We’re hitting a 403 Access Denied when our Architect Data Action tries to invoke an AWS Lambda. The IAM role has the lambda:InvokeFunction permission, and the trust policy allows the Genesys Cloud service principal, but the call still fails. Here’s the JSON mapping we’re using for the external integration:
{
"method": "POST",
"url": "https://lambda.us-east-1.amazonaws.com/2015-03-31/function/arn:aws:lambda:us-east-1:123456789:function:myFunc",
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{token}}"
},
"body": "{}"
}
The error response body just says User: arn:aws:iam::123456789:role/GC_Lambda_Role is not authorized to perform: lambda:InvokeFunction. We’ve checked the region and ARN multiple times. Missing something obvious here?