Lambda Permissions required to Resource Group Tag resources?

I have a lambda that leverages Boto3 and specifically the tag_resources api call (https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/resourcegroupstaggingapi/client/tag_resources.html#)

I cannot tag resources without administrator privileges on the lambda execution role, but I have tried to troubleshoot and give the necessary permissions to my Lambda and it's execution role.

Currently it has the following permissions:

            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "tag:DescribeReportCreation",
                "tag:GetComplianceSummary",
                "tag:GetResources",
                "tag:GetTagKeys",
                "tag:GetTagValues",
                "tag:TagResources",
                "lambda:ListTags",
                "lambda:TagResource"
            ],
            "Resource": "*"
        },

Managed Permission: ResourceGroupsandTagEditorFullAccess which is

{
  "Version" : "2012-10-17",
  "Statement" : [
    {
      "Effect" : "Allow",
      "Action" : [
        "tag:getResources",
        "tag:getTagKeys",
        "tag:getTagValues",
        "tag:TagResources",
        "tag:UntagResources",
        "resource-groups:*",
        "cloudformation:DescribeStacks",
        "cloudformation:ListStackResources",
        "cloudformation:ListStacks"
      ],
      "Resource" : "*"
    }
  ]
}

So I'm a bit confused, it seems it should have all the necessary permissions to tag resources. It cannot tag an EC2 instance for example.

edit: I did some further testing on my local, used a role that only has ResourceGroupsandTagEditorFullAccess and chained into that on my local aws config...was able to tag resources without issue. So I'm lost to say the least. Seems like a potential glitch or hiccup with how the permissions are handled by lambda