Lambda invocation failed with status: 403 on new AWS region

Hi,

I believe that API GTW and Lambda must be in same region (but not necessarily in same account).

So, you can create a proxy Lambda that will get the input payload from Account A in Region 1 to call Lambda in region 2. You can go with a direct Lamdda invoke() from the proxy Lambda to call the real one.

Best,

Didier

Hi, Check IAM Roles and Policies: Ensure that the IAM role attached to your Lambda function has the necessary permissions to be invoked by API Gateway. Specifically, make sure that the IAM role has permissions for the lambda:InvokeFunction action.

API Gateway Integration: Double-check the integration settings for your API Gateway. Make sure that the integration is correctly configured to invoke the Lambda function in the other region.

Cross-Region Invocation: Confirm that cross-region invocation is allowed in your AWS configuration. Sometimes, there might be restrictions or configurations that prevent Lambda functions in one region from being invoked by services in another region.

API Gateway Endpoint Configuration: Verify that your API Gateway endpoint is correctly configured to communicate with the Lambda function in the other region. Ensure that the endpoint URL is correctly set up and that there are no typos or mistakes in the configuration.

CloudWatch Logs: Continue monitoring CloudWatch logs for any additional error messages or insights. The error message you provided indicates a 403 status code, which typically indicates a permissions issue.

Test with Different Methods: Try invoking the Lambda function directly using the AWS CLI or SDK from the Frankfurt region to see if the issue is specific to API Gateway or if it's a broader problem with the Lambda function's configuration.