Why do I keep getting a ForbiddenException while using my AWS Lambda function to send MQTT messages?

🙃 Off Topic
1

How can I use a lambda function in node.js 16.x to publish to an AWS IoT mqtt topic?

I developed a lambda function that will broadcast mqtt messages when the AWS cloudwatch event occurs. I attached the AWSIoTDataAccess policy to provide full access to the AWS IoT messaging activities and grant the lambda function authority to publish mqtt messages.

import AWS from "aws-sdk";
var iotdata = new AWS.IotData({
  endpoint: "xxxxxxxxxxxxxxxx.iot.amazonaws.com",
  region: "ca-central-1",
});

export async function handler(event, context) {
    /* do something */
    await requestHB(inactiveDevices);
}

async function requestHB(inactiveDevices) {
  if (inactiveDevices == null) return;
  const publishPromises = inactiveDevices.map(async (element) => {
    var params = {
      topic: "device/inactive",
      payload: JSON.stringify({ type: 0, imei: String(element.imei) }),
      qos: 0,
    };

    try {
      await iotdata.publish(params).promise();
      console.log("Message published successfully");
    } catch (error) {
      console.error("Error publishing message:", error);
    }
  });

  await Promise.all(publishPromises);
}

I get the following error notice when using the code above.

2023-05-29T17:49:01.024Z    5208a53c-f0f8-409f-a64b-9e901be9aa80    ERROR   Error publishing message: ForbiddenException: null
    at Object.extractError (/var/task/node_modules/aws-sdk/lib/protocol/json.js:61:27)
    at Request.extractError (/var/task/node_modules/aws-sdk/lib/protocol/rest_json.js:61:8)
    at Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/var/task/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/var/task/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/var/task/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /var/task/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:688:12) {
  code: 'ForbiddenException',
  time: 2023-05-29T17:49:01.023Z,
  requestId: '0779829a-7f5d-d298-f9da-08f1b6d83753',
  statusCode: 403,
  retryable: false,
  retryDelay: 24.36546771452397
}

The client submitting the request does not have the requisite permissions to carry out the action, according to statuscode 403. What am I missing, though, as I’ve previously submitted a full access policy?