Just noticed that the /api/v2/recordings/search endpoint returns a 403 Forbidden for interactions routed through our AP-1 BYOC trunks, while PSTN routes succeed. The IAM roles are identical across regions, yet the BYOC metadata seems to trigger a permission mismatch in the analytics layer.